VB2013 last-minute papers and keynote announced

Posted by   Virus Bulletin on   Sep 13, 2013

Hot topics to be covered at VB conference in Berlin.

We thought that the 45 previously announced VB2013 papers, together with the panel discussion, already made for a really interesting conference programme, but this week has seen the addition of seven more exciting and topical presentations.

For the last seven years, we have set aside a section of the VB conference for 'last-minute' papers, the idea being that researchers submit proposals for these presentations very close to the conference itself, thus enabling them to cover topics that are as up-to-the-minute as possible.

The deadline for these papers closed last week - less than four weeks before the start of the conference - and the selection committee performed the non-trivial task of going to the submissions and selecting seven additions to the conference programme. Together they give a good impression of the threats that we as an industry have been fighting in recent months.

A subject that has made the headlines many times this year is DDoS attacks, with the one against Spamhaus perhaps the most prominent. CloudFlare's John Graham-Cumming will discuss this attack and DNS-amplification attacks in general, as well as what can be done to counter them, in his presentation Open DNS resolvers are to DDoS what open SMTP relays are to spam.

Another big DDoS attack took place on 25 June and targeted South Korean government and news websites. It was part of a longer-running and broader attack on the country, the purpose of which appears to have been the wiping of hard drives. Fortinet's Christy Chung and Kyle Yang will discuss these attacks in their presentation Reveal the facts behind the DDoS attack.

Botnets continue to be a problem in 2013 and sinkholing remains a popular way both to research them and to fight them. However, botherders aren't making this an easy task. Ross Gibb and Vikram Thakur, two researchers from Symantec, will talk about how they successfully sinkholed a peer-to-peer botnet in their presentation Lessons learned: sinkholing a peer-to-peer botnet.

Banking trojans do not seem to want to go away either. Hesperbot is a very advanced banking trojan, details on which weren't published until last week. In their presentation Hassle with Hesperbot: a new, sophisticated and very active banking trojan, ESET researchers Robert Lipovsky and Anton Cherepanov will provide the details of this trojan.

Another way in which malware authors make life difficult for researchers is by making their creations and their behaviour look as 'normal' as possible. Sophos researcher Gabor Szappanos will discuss three different ways in which this has been applied in APTs in his presentation Hide and seek - how targeted attacks hide behind clean applications.

In some cases, cybercrooks go even further in making researchers' lives difficult. In their presentation Working together to defeat attacks against AV automation, Microsoft researchers Hong Jia and Dennis Batchelder discuss how their and other AV vendors' automated systems were attacked to generate false positives.

And of course, mobile malware has been in the news throughout the year. In their paper Android - practical security from the ground up (which fittingly follows six other presentations on mobile malware) Google researchers Adrian Ludwig, Eric Davis and Jon Larimer will discuss the way the company tries to secure its Android platform against malware.

But no doubt the biggest security story of the year is the ongoing saga triggered by Edward Snowden's revelations on the mass surveillance programme performed by the NSA and some of their counterparts.

There will be few delegates without strong opinions on the morality of these programs and their implications for privacy and security on the Internet. But for an industry where the sharing of threat information - even among competitors - is second nature, the implications may be even more existential.

Should you share information with those who you know (or suspect) will share with governments? What if a government asks you to share customers' data, or to avoid detection for certain pieces of malware? What if they force you to do so?

We are excited to be welcoming ESET's Andrew Lee to the conference to discuss these and related questions in his keynote address Ethics and the AV industry in the age of WikiLeaks. Andrew is a veteran of the AV industry, but those who have seen him speak before (such as in his presentation on cyberwar at VB2012) will know that he speaks as passionately as if he had just had his computer infected for the very first time.

The full programme for the conference can be found here, and interviews with many of the presenters about their research interests and what they hope to bring to the conference can be read in the 'speaker spotlight' series of blog posts.

VB2013 runs from 2 to 4 October in Berlin, Germany.

Registration is still open, so why not join us for what promises to be an exciting event!

Posted on 13 September 2013 by Martijn Grooten



Latest posts:

Nominations opened for sixth Péter Szőr Award

Virus Bulletin is seeking nominations for the sixth annual Péter Szőr Award.

Haroon Meer and Adrian Sanabria to deliver VB2019 closing keynote

New additions to the VB2019 conference programme include a closing keynote address from Thinkst duo Haroon Meer and Adrian Sanabria and a talk on attacks against payment systems.

Free VB2019 tickets for students

Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we are able to offer 20 free tickets to students who want to attend VB2019.

VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups seen in recent years. At VB2018 ESET researchers Peter Kálnai and Michal Poslušný presented a paper looking at the group's various…

Book your VB2019 ticket now for a chance to win a ticket for BSides London

Virus Bulletin is proud to sponsor this year's BSides London conference, which will take place next week, and we have a number of tickets to give away.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.