---------------------------------------------- *CFP deadline EXTENDED till AUGUST 15TH 2012* ---------------------------------------------- *GreHack 2012* 3rd Call For Papers http://grehack.org GreHack 2012 conference will take place in Grenoble (Alps), France on October 19th-20th 2012 and brings together students, academia, industry and government to exchange knowledge around emerging issues in the security + hacking world. During the night, a Capture The Flag will take place. Each paper is peer reviewed at least 3 times. --------------------- *Suggested Topics (not limited to)* --------------------- http://grehack.org/en/index.php/GreHack_2012-Call_For_Papers-english/ - Track: ethical, legal and philosophical -- greyhat hacking: a consumer advance, or a risk for worldwide security? -- current state of laws relative to cyber-security and hacking + justified suggestions of modifications - Track: technical -- Hadopi: why is it a technical and legal failure? how to exploit in memory vulnerabilities of Hadopi approved software? -- In Memory Vulnerabilities --- Windows 8: heap analysis, kernel structures and new memory protections --- Exploit Corner: come present us your last sploit! -- Hardcore Penetration Testing --- Code obfuscation to complicate Reverse Engineering --- Discrete Attacks (eg: without writing on the filesystem) --- Hypervisor evasion --- Vulnerabilities and exploits on defensive security tools (eg: AntiMalwares, Firewalls, IDS) -- Attacking Infrastructures --- Internet: how to root your ***box? Which security functionalities (and properties) are provided? How to bypass them? --- ipsec, ipv6 --- routing protocols --- wireless: 802.11, réseaux 3G, 4G, WiMAX, RFID --- sensor networks -- Malwares and Botnets --- state of the art of botnets redundancy mechanism --- self-code modification (polymorphism) of malwares --- ability of antimalwares to detect slighly mutated samples --- vulnerabilities in antimalwares drivers - Track: research -- Learning and Offensive Security --- static and dynamic analysis --- dumb/simple/basic fuzzing and smart-fuzzing for automating vulnerability detection --- metrics for exploitability of vulns (in memory, web) --- model checking --- advances in reverse-engineering automation and model inference --- concolic execution -- Hardware Attacks --- nanotechnology --- fault injection in memory via laser --- smart cards --- transportations --- medical tools --- embedded malwares -- Cryptology --- influence of the environment on PRNG entropy --- mathematic aspects in current cryptology -- Defensive Security --- Trust Based Computing --- New Access Control Models for processes isolation --- New H/W + S/W for increasing the cost of exploitation *Remark* - We highly encourage original topics that break with traditional research directions - We will favor presentations with tools demonstrations or results --------------------- *Important Dates* --------------------- - CFP Opens: 1st May 2012 - CFP Closing Date: EXTENDED to 15th August 2012 (due to several requests. was initially 15th July 2012) - Final speakers List online: 09 September 2012 - Conference Dates: 19 October 2012 9am-7pm - Capture The Flag: night (19 October 2012 9pm till 20 October 2012 6am Paris time :) --------------------- *Program Committee* --------------------- - Florent Autreau (Mataru) - Claude Castelluccia (INRIA) - Fabien Duchene (LIG) - Philippe Elbaz-Vincent (UJF) - Karim Hossen (LIG) - Pascal Lafoucarde (VERIMAG) - Arnaud Maillet (Evidian R&D, Ensimag student) - Pascal Malterre (CEA) - Guillaume Touron (Ensimag student) - Marie-Laure Potet (VERIMAG) - anonymous researcher (private company in vulnerability research) --------------------- *Invited Talks* --------------------- - Eric Freyssinet (Botnet): From Observation to Investigation - Christophe Devine (ANSSI) mobile telephony security: a compared study. till what degree can we trust mobile operating systems and radio protocols? - Philippe Elbaz-Vincent (UJF) attacks on randomness of hardware Prime Random Number Generator - Regis Leveugle (TIMA) attacks on secure hardware - Kostya Kortchinsky (Microsoft ; former of Immunity Inc.) - TBA --------------------- *Speaker Benefits* --------------------- - Free pass to the conference - Accommodation during the Conference (1 night) - GreHack will participate to travel expenses (limited budget) --------------------- *Submission Guidelines* --------------------- Call for Papers is open till 15th August 2012. Consider submitting even if your topic is not listed above. http://grehack.org/index.php/GreHack_2012-Call_For_Papers-english send your submission to: grehack-program_committee _A_T_ car-online.fr --------------------- *Capture The Flag* --------------------- http://grehack.org/index.php/GreHack-2012-Capture_The_Flag_rules-english
