Wednesday 30 September, 2015

Red room

Green room

Small talks

10:50 - 11:30   Wednesday 30 September
Keynote address: The Internet of Bad Things, Observed      
Ross Anderson (University of Cambridge)
(takes place in the Green room)
11:30 - 12:00   Wednesday 30 September
Economic sanctions on malware      
Prof. Igor Muttik (Intel Security)
11:30 - 12:00   Wednesday 30 September
DDoS trojan: a malicious concept that conquered the ELF format         
Peter Kalnai (Avast Software)
Jaromir Horejsi (Avast Software)
11:30 - 12:00   Wednesday 30 September
A timeless watch — ransomware on IoT devices
Candid Wueest (Symantec)
12:00 - 12:30   Wednesday 30 September
Sizing cybercrime: incidents and accidents, hints and allegations         
Stephen Cobb (ESET)
12:00 - 12:30   Wednesday 30 September
Doing more with less: a study of file-less infection attacks         
Benjamin S. Rivera (Trend Micro)
Rhena U. Inocencio (Trend Micro)
12:00 - 12:30   Wednesday 30 September
SSL man-in-the-middle secure solution
Mark Kennedy (Symantec)
Righard Zwienenberg (ESET)
Prof. Igor Muttik (Intel Security)
14:00 - 14:30   Wednesday 30 September
Attack on the drones: security vulnerabilities of unmanned aerial vehicles         
Oleg Petrovsky (HP)
14:00 - 14:30   Wednesday 30 September
It's a file infector... it's ransomware... it's Virlock         
Vlad Craciun (Bitdefender)
Andrei Nacu (Bitdefender)
Mihail Andronic (Bitdefender)
14:30 - 15:00   Wednesday 30 September
Modelling the network behaviour of malware to block malicious patterns. The Stratosphere Project: a behavioural IPS         
Sebastian Garcia (CTU University - Prague)
14:30 - 15:00   Wednesday 30 September
The evolution of ransomware: from CryptoLocker to CryptoWall      
Christy Chung (Fortinet)
Neo Tan (Fortinet)
15:00 - 15:30   Wednesday 30 September
The Kobayashi Maru dilemma         
Morton Swimmer (Trend Micro)
Nick FitzGerald (Independent researcher)
Andrew Lee (ESET)
15:00 - 15:30   Wednesday 30 September
The TAO of .NET and PowerShell malware analysis         
Santiago Pontiroli (Kaspersky Lab)
Roberto Martinez (Kaspersky Lab)
14:00 - 15:30   Wednesday 30 September
Windows 10 and the anti-malware ecosystem   
Dennis Batchelder (Microsoft)
16:00 - 16:30   Wednesday 30 September
Does prevalence matter? Ranking anti-malware products by potential victim impact         
Holly Stewart (Microsoft)
Peter Stelzhammer (AV-Comparatives)
Philippe Rödlach (AV-Comparatives)
Andreas Clementi (AV-Comparatives)
16:00 - 16:30   Wednesday 30 September
Botnet milking: malware freshly served from the source
Moritz Kroll (Avira)
Philipp Wolf (Avira)
Jan-Eric Herting (Avira)
Ayoub Faouzi (Avira)
16:30 - 17:00   Wednesday 30 September
A quantitative examination of the current state of corporate security practices         
Clint Gibler (NCC Group Domain Services)
16:30 - 17:00   Wednesday 30 September
WaveAtlas: surfing through the landscape of current malware packers         
Fanny Lalonde Lévesque (École Polytechnique de Montréal)
Erwann Traourouder (École Polytechnique de Montréal)
François Menet (École Polytechnique de Montréal)
Jean-Yves Marion (Université de Lorraine)
Jose M. Fernandez (École Polytechnique de Montréal)
Joan Calvet (ESET)
16:00 - 17:00   Wednesday 30 September
The Clean Software Alliance, security, and the future of unwanted behaviours
Nav Jagpal (Google)
Barak Shein (Microsoft)

Thursday 1 October, 2015

Red room

Green room

Small talks

09:00 - 09:30   Thursday 1 October
Solving the (in)security of home networked devices         
Pavel Sramek (Avast Software)
Martin Smarda (Avast Software)
09:00 - 09:30   Thursday 1 October
Last-minute paper: We know what you did this summer: Android banking trojan exposing its sins in the cloud      
Stephan Huber (Fraunhofer SIT)
Siegfried Rasthofer (TU Darmstadt / CASED)
Carlos Castillo (Intel Security)
Eric Bodden (TU Darmstadt / Fraunhofer SIT)
Alex Hinchliffe (Intel Security)
09:30 - 10:00   Thursday 1 October
Ubiquity, security and you - malware, security and the Internet of Things         
Heather Goudey (Independent researcher)
Jasmine Sesso (Microsoft)
09:30 - 10:00   Thursday 1 October
Last-minute paper: From Asia with love? Smartphones with pre-installed malware      
Alexander Burris (G Data Software)
10:00 - 10:30   Thursday 1 October
POS fraud - trends and counter-actions to mass fraud      
Ken Dunham (iSIGHT Partners)
10:00 - 10:30   Thursday 1 October
Last-minute paper: Making a dent in Russian mobile banking phishing   
Sebastian Porst (Google)
09:00 - 10:30   Thursday 1 October
Helping the helpless: targeted threats to civil society
Claudio Guarnieri (Independent researcher)
11:00 - 11:30   Thursday 1 October
Speaking Dyreza protocol. Advantages of 'learning' a new language      
Alexandru Maximciuc (Bitdefender)
Cristina Vatamanu (Bitdefender)
11:00 - 11:30   Thursday 1 October
Last-minute paper: Anonymizing VPN services as a botnet monetization strategy — analysing the Bunitu botnet   
Sergei Frankoff (Sentrant)
hasherezade (Malwarebytes)
11:30 - 12:00   Thursday 1 October
Anonymity is king         
Michael John S. Marcos (Trend Micro)
Anthony Joe Melgarejo (Trend Micro)
11:30 - 12:00   Thursday 1 October
Last-minute paper: Duqu 2.0 Win32k exploit analysis   
Jeong Wook Oh (Microsoft)
Elia Florio (Microsoft)
12:00 - 12:30   Thursday 1 October
How malware eats cookies - an empirical study of cookies in malware's communication
Zhaoyan Xu (Palo Alto Networks)
Wei Xu (Palo Alto Networks)
Kyle Sanders (Palo Alto Networks)
12:00 - 12:30   Thursday 1 October
Last-minute paper: Exposing Gatekeeper   
Patrick Wardle (Synack)
11:00 - 12:30   Thursday 1 October
I am the Cavalry   
Claus Cramon Houmann (I am the Cavalry)
14:00 - 14:30   Thursday 1 October
Mobile banking fraud via SMS in North America: who's doing it and how      
Cathal Mc Daid (Adaptive Mobile Security)
14:00 - 14:30   Thursday 1 October
Last-minute paper: Operation Potao Express: analysis of a cyber-espionage toolkit   
Robert Lipovsky (ESET)
Anton Cherepanov (ESET)
14:30 - 15:00   Thursday 1 October
Will Android trojan, worm or rootkit survive in SEAndroid and containerization?         
William Lee (Sophos)
Rowland Yu (Sophos)
14:30 - 15:00   Thursday 1 October
Last-minute paper: Linux/Moose endangered or extinct? An update on this atypical embedded Linux botnet      
Olivier Bilodeau (ESET)
15:00 - 15:30   Thursday 1 October
Dare 'DEVIL': beyond your senses with Dex Visualizer         
Jun Yong Park (AhnLab)
Seolwoo Joo (AhnLab)
15:00 - 15:30   Thursday 1 October
Last-minute paper: The mysterious case of Linux.Wifatch   
Mario Ballano (Symantec)
14:00 - 15:30   Thursday 1 October
Personnel shortage and diversity in IT: Is it truly a problem?
Stephen Cobb (ESET)
Lysa Myers (ESET)
16:00 - 16:30   Thursday 1 October
Android ransomware: turning CryptoLocker into CryptoUnlocker (live demo)         
Alexander Adamov (NioGuard Security Lab)
16:00 - 16:30   Thursday 1 October
Last-minute paper: TurlaSat: The Fault in our Stars      
Kurt Baumgartner (Kaspersky Lab)
16:30 - 17:00   Thursday 1 October
Malware classification meets crowd sourcing (sponsor presentation)
John Park (HP)

Friday 2 October, 2015

Red room

Green room

Small talks

09:30 - 10:00   Friday 2 October
The Volatility Bot-Excavator         
Martin Korman (IBM Trusteer)
09:30 - 10:00   Friday 2 October
The ethics and perils of APT research: an unexpected transition into intelligence brokerage         
Juan Andrés Guerrero-Saade (Kaspersky Lab)
10:00 - 10:30   Friday 2 October
Labeless - no more         
Aliaksandr Chailytko (Check Point)
Aliaksandr Trafimchuk (Check Point)
10:00 - 10:30   Friday 2 October
Effectively testing APT defences         
Simon PG Edwards (Dennis Technology Labs)
Richard Ford (Florida Institute of Technology)
Gabor Szappanos (Sophos)
09:30 - 10:30   Friday 2 October
Lightning talks
Various people ()
11:00 - 11:30   Friday 2 October
Inside recent FQDN (Fully Qualified Domain Name) surges on the Internet   
Erik Wu (Nominum)
11:00 - 11:30   Friday 2 October
Digital 'Bian Lian' (face changing): the skeleton key malware         
Chun Feng (Microsoft)
Michael Cherny (Microsoft)
Tal Be'ery (Microsoft)
Stewart McIntyre (Dell SecureWorks)
11:30 - 12:00   Friday 2 October
Breaking the bank(er): automated configuration data extraction for banking malware         
James Wyke (Sophos)
11:30 - 12:00   Friday 2 October
Catching the silent whisper: understanding the Derusbi family tree      
Neo Tan (Fortinet)
Micky Pun (Fortinet)
Eric Leung (Fortinet)
12:00 - 12:30   Friday 2 October
ROSCO: Repository Of Signed COde         
Dorottya Papp (CrySyS Lab)
Balázs Kócsó (CrySyS Lab)
Tamás Holczer (CrySyS Lab)
Levente Buttyán (CrySyS Lab)
Boldizsár Bencsáth (CrySyS Lab)
12:00 - 12:30   Friday 2 October
C&C-as-a-Service: abusing third-party web services as C&C channels         
Artturi Lehtiö (F-Secure Corporation)
11:00 - 12:30   Friday 2 October
Operation Safety-Net: global best practices provide a secure path forward
Neil Schwartzman (Messaging - Mobile & Malware Anti-Abuse Working Group)
14:00 - 14:30   Friday 2 October
Dead and buried in their crypts: defeating modern ransomware         
Samir Mody (K7 Computing)
Gregory Panakkal (K7 Computing)
14:00 - 14:30   Friday 2 October
The elephant in the room         
Marion Marschalek (Cyphort)
14:00 - 14:30   Friday 2 October
Cross-platform mobile malware: write once run everywhere      
William Lee (Sophos)
Xinran Wu (Sophos)
14:30 - 15:00   Friday 2 October
Building a malware lab in the age of Big Data      
Vanja Svajcer (HP)
14:30 - 15:00   Friday 2 October
The Unbearable Lightness of APTing         
Yaniv Balmas (Check Point Software Technologies)
Shahar Tal (Check Point Software Technologies)
Ron Davidson (Check Point Software Technologies)
14:30 - 15:00   Friday 2 October
Stego-malware in Google Play. Findings and limitations
Alfonso Muñoz (11paths - Telefonica)
Antonio Guzmán (11paths - Telefonica)
15:30 - 16:10   Friday 2 October
Keynote address: One man's anti-malware researcher is...   
Costin Raiu (Kaspersky Lab)
(takes place in the Green room)