(special session in Italian)
Il workshop è dedicato alle aziende che operano nel settore delle infrastrutture critiche, ed è volto a offrire una panoramica completa sulle attuali minacce cyber alle reti di computer utilizzate in ambito di controllo industriale (ICS/SCADA), alle soluzioni tecnologiche e alle metodologie ad oggi impiegate nelle aziende.
Esponenti e rappresentanti di solution provider e vendor di primaria importanza nazionale ed internazionale presenteranno la propria esperienza in merito agli strumenti e le tecniche più efficaci per prevenire le minacce e contrastare e mitigare attacchi cyber.
L’evento sarà moderato dal Professor Dr Sandro Etalle, ordinario della cattedra di Security presso la facoltà di Mathematics and Computer Science della Technical University di Eindhoven (Paesi Bassi).
Di seguito l'agenda provvisoria dell'evento:
La partecipazione al workshop è gratuita, ma è richiesta registrazione.
La partecipazione alla conferenza principale, opzionale, richiede invece una registrazione separata.
Remember to bring your printed (or PDF) ticket at the reception desk.
Abstract: The Equation Group, as far as I know, might have been active for almost two decades. For many years they have interacted with other powerful groups, such as the Stuxnet and Flame groups; always from a position of superiority, as they had access to exploits earlier than the others.
To infect their victims, the Equation Group uses a powerful arsenal of "implants". Still, they have used a very unique technique never seen to run their malware before and that could be considered as invisible to the operating system by directly planting it in the HD firmware.
Speaker Bio: Vicente joined Kaspersky Lab’s Global Research & Analysis Team in November 2010. He specializes in Threat Intelligence and Big Data applied to malware campaigns and advanced cyber espionage threats. In the past he did research in different areas such as banking Trojans, social networking threats, cybercriminal ‘partner networks’ and mobile malware. Prior to joining Kaspersky Lab, Vicente worked as a Software Developer for IT&C and Actaris, after which he took up a research position at the Technical University of Catalonia (UPC). He then entered the field of IT security, working for a number of leading companies for more than 5 years. Vicente is the author of several software tools and is active on the conference circuit. He holds a MsC in Artificial Intelligence.
During this talk we will review the most notable milestones in the evolution of APT attacks, and detail what we consider the probably most advanced threat known to date - courtesy of the Equation Group.
Session chair: Gianluca Stringhini, University College, London
Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks, Amin Kharraz, William Robertson, Davide Balzarotti, Leyla Bilge and Engin Kirda
“Nice Boots!” - A Large-Scale Analysis of Bootkits and New Ways to Stop Them, Bernhard Grill, Andrei Bacs, Christian Platzer and Herbert Bos
C5: Cross-Cores Cache Covert Channel, Clémentine Maurice, Christoph Neumann, Olivier Heen and Aurélien Francillon.
Session chair: Michael Meier, Universität Bonn
Intrusion Detection for Airborne Communication using PHY-Layer Information (short paper), Martin Strohmeier, Vincent Lenders and Ivan Martinovic
That Ain't You: Blocking Spearphishing Through Behavioral Modelling, Gianluca Stringhini and Olivier Thonnard
Robust and Effective Malware Detection through Quantitative Data Flow Graph Metrics, Tobias Wüchner, Martín Ochoa and Alexander Pretschner
Session chair: Manuel Egele, Boston University
Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries, Mario Polino, Andrea Scorti, Federico Maggi and Stefano Zanero
Fine-Grained Control-Flow Integrity Through Binary Hardening, Mathias Payer, Antonio Barresi and Thomas Gross
Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software, Iasonas Polakis, Michalis Diamantaris, Thanasis Petsas, Federico Maggi and Sotiris Ioannidis
The social event will take place at "La Lodovica" Country House, one of the beautiful private houses in the area that every year welcome visitors from all over the World. This year, La Lodovica hosts an exhibition of Leonardo Da Vinci, featuring models of his inventions and replicas of his notes, including the famous "Codici di Leonardo". The social event will begin with a visit of the exhibition and will continue with a nice dinner in the house.
La Lodovica is located in Oreno, a tiny medieval village in the hearth of Brianza, one of the nicest rural areas outside Milano. Despite its small size, Oreno has a very ancient history, beginning from the Roman era, when a small village named "Borgonovo" used to exist. The area was initially occupied by the Celtics and later on was invaded by the Romans, which transformed it from a mostly wooded land to an inhabited environment. After the Celts and Romans invasions, this ancient village was donated to the glorious Captain Ennio Elio, thus renamed Ora Ennii and then Oreno. Few sacred altars and sarcophagus were found to prove the village's origins. Gian Giacomo Caprotti da Oreno, better known as Salaì ("The Devil", lit. "The little unclean one"), was pupil of Leonardo da Vinci from 1490 to 1518. Salaì entered Leonardo's household at the age of 10. He created paintings under the name of Andrea Salaì. He was described as one of Leonardo's students and lifelong servant and is the presumed model for Leonardo's paintings St. John the Baptist and Bacchus. As ages went by, after the Middle Age, the town reached the Aristocratic time, when Carlo Borromeo turned it into a Parish (1567). In mid 1500 the land of the area was cleaned and a lot of clay was discovered under earth. The bricks built with this material firstly served to construct the first old Country House: Cascina La Cavallera. In 1830 Oreno was inhabited by about 1350 people (950 adults and 400 kids). In 1857 the local Church was founded. Finally in 1929 Oreno's municipality was annexed to Vimercate.
Transportation: A private bus will bring the participants to the location from Piazza Leonardo da Vinci 32 at 18:00. If you wish to come on your own, you can find the address on the conference map.
Registration: if you have purchased a "Full Pass" ticket, access to the social event is included. Should you need to purchase extra tickets, choose the "Dinner-only companion ticket" on the registration page.
Speaker: Morgan Marquis-Boire, University of Toronto and First Look Media
Speaker Bio: Morgan Marquis-Boire is a Senior Researcher at the Citizen Lab at the Munk School of Global Affairs, University of Toronto. He is the Director of Security for First Look Media and a contributing writer for The Intercept. Prior to this, he worked on the security team at Google. He is a Special Advisor to the Electronic Frontier Foundation in San Francisco and an Advisor to the United Nations Inter-regional Crime and Justice Research Institute. In addition to this, he serves as a member of the Free Press Foundation advisory board. A native of New Zealand, he was one of the original founders of the KiwiCON Hacker conference. His research on surveillance and the digital targeting of activists and journalists has been featured in numerous print and online publications.
Session chair: Sven Dietrich, John Jay College of Criminal Justice
The Role of Cloud Services in Malicious Software: Trends and Insights, Xiao Han, Nizar Kheir and Davide Balzarotti
Capturing DDoS Attack Dynamics behind the Scenes (short paper), An Wang, Aziz Mohaisen, Wentao Chang and Songqing Chen
Quit Playing Games With My Heart: Understanding Online Dating Scams, Jingmin Huang, Gianluca Stringhini and Peng Yong
Session chair: Jason S. Polakis, Columbia University
More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations, Ethan Shernan, Henry Carter, Dave Tian, Patrick Traynor and Kevin Butler
May I? - Content Security Policy Endorsement for Browser Extensions, Daniel Hausknecht, Jonas Magazinius, Andrei Sabelfeld
On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users, Yanick Fratantonio, Antonio Bianchi, William Robertson, Manuel Egele, Christopher Kruegel, Engin Kirda and Giovanni Vigna
Session chair: Stefano Zanero, Politecnico di Milano
Identifying Intrusion Infections via Probabilistic Inference on Bayesian Network, Yuan Yang, Zhongmin Cai, Weixuan Mao and Zhihai Yang
Controlled Data Sharing for Collaborative Predictive Blacklisting, Julien Freudiger, Emiliano De Cristofaro and Alex Brito
Interested in sponsoring DIMVA? Write us an email!