*GreHack 2012* 2nd Call For Papers http://ensiwiki.ensimag.fr/index.php/GreHack-2012-english GreHack 2012 conference will be held in Grenoble (French Alps), France and brings together students, academia, industry and gov in order to exchange knowledge around emerging issues in the security + hacking world. During the night, a Capture The Flag will take place. *Suggested Topics (not limited to)* http://ensiwiki.ensimag.fr/index.php/GreHack_2012-Call_For_Presentation-english - Track: ethical and legal -- greyhat hacking: a consumer advance, or a risque for worlwide security? -- current state of laws relative to cyber-security and hacking + justified suggestions of modifications - Track: technical -- Hadopi: why is it a technical and legal failure? how to exploit in memory vulnerabilities of Hadopi approved software? -- In Memory Vulnerabilities --- Windows 8: heap analysis, kernel structures and new memory protections --- Exploit Corner: come present us your last sploit! -- Hardcore Penetration Testing --- Code obfuscation to complicate Reverse Engineering --- Discrete Attacks (eg: without writing on the filesystem) --- Hypervisor evasion --- Vulnerabilities and exploits on defensive security tools (eg: AntiMalwares, Firewalls, IDS) -- Attacking Infrastructures --- Internet: how to root your ***box? Which security functionalities (and properties) are provided? How to bypass them? --- ipsec, ipv6 --- routing protocols --- wireless: 802.11, réseaux 3G, 4G, WiMAX, RFID --- sensor networks -- Malwares and Botnets --- state of the art of botnets redundancy mechanism --- self-code modification (polymorphism) of malwares --- comparison of antimalwares when mutating malwares - Track: research -- Learning and Offensive Security --- static and dynamic analysis (data tainting) --- dumb/simple/basic fuzzing and smart-fuzzing for automating vulnerability detection --- metrics for exploitability of vulns (in memory, web) --- model checking --- advances in reverse-engineering automation and model inference --- symbolic exection -- Hardware Attacks --- nanotechnology --- fault injection in memory via laser --- smart cards --- transportations --- medical tools --- embedded malwares -- Cryptology --- influence of the environnment on PRNG entropy --- mathematic aspects in current cryptology -- Defensive Security --- Trust Based Computing --- New Access Control Models for processes isolation --- New H/W + S/W for increasing the cost of exploitation *Remark* - We highly encourage original topics that break with traditional research directions - We will favor presentations with tools demonstrations or results *Important Dates* - CFP Opens: 1st May 2012 - CFP Closing Date: 15th July 2012 - Final speakers List online: 09 September 2012 - Conference Dates: 19 October 2012 - Capture The Flag: night (19 October 2012 till 20 October 2012 6am french time :) *Speaker Benefits:* - Free pass to the conference - Accommodation during the Conference - GreHack will participate to travel expenses (up to 100% depending on the cost and our final budget. Contact us for details) Call for Papers is open till 15th July 2012, thus consider submitting even if your topic is not listed above. *Submission Guidelines: http://ensiwiki.ensimag.fr/index.php/GreHack_2012-Call_For_Presentation-english you can Email your submission to: grehack-program_committee _A_T_ car-online.fr *Capture The Flag* http://ensiwiki.ensimag.fr/index.php/GreHack-2012-Capture_The_Flag_rules-english ---- SecurIMAG - (in)security we trust! http://ensiwiki.ensimag.fr/index.php/GreHack-2012-english _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/