VB2012 conference programme

ICAL

Wednesday 26 September

Corporate stream Technical stream
08:00 Registration
10:00 Tea and coffee
10:30 - 10:50 Opening address
10:50 - 11:30 Keynote address: The trade in security exploits: free speech or weapons in need of regulation
Christopher Soghoian, American Civil Liberties Union
11:30 - 12:00 Internet background radiation

John Graham-Cumming, CloudFlare
   Defeating anti-forensics in contemporary complex threats

Eugene Rodionov, ESET
Aleksandr Matrosov, ESET
12:00 - 12:30 BYOD:(B)rought (Y)our (O)wn (D)estruction?

Righard Zwienenberg, ESET
   Where do we stand with banking trojans today?

Candid Wüest, Symantec
Lunch
14:00 - 14:30 I am not a number, I am a free man

Vicente Diaz, Kaspersky Lab
   A fast and precise malicious PDF filter

Wei Xu, Palo Alto Networks
Xinran Wang, Palo Alto Networks
Huagang Xie, Palo Alto Networks
Yanxin Zhang, Palo Alto Networks
14:30 - 15:00 Less aggressive, more effective: social engineering with paid archives

Sergey Chernyshev, Microsoft
Daniel Chipiristeanu, Microsoft
   On temporal population drift in malware families

Anshuman Singh, University of Louisiana at Lafayette
Andrew Walenstein, University of Louisiana at Lafayette
Arun Lakhotia, University of Louisiana at Lafayette
15:00 - 15:30 Practise what you preach: a study on tech-savvy readers' immunity to social engineering techniques

Sabina Raluca Datcu, Bitdefender
Ioana Jelea, Bitdefender
   Building a test environment for Android anti-malware tests

Hendrik Pilz, AV-TEST
Tea and coffee
15:50 - 16:20 Evaluating anti-virus products with field studies

Fanny Lalonde Lévesque, École Polytechnique de Montréal
Carlton R. Davis, École Polytechnique de Montréal
José M. Fernandez, École Polytechnique de Montréal
   Seeing through Smoke: analysis of the cheapest loader around

Micky Pun, Fortinet
16:20 - 16:50 How to test properly: comparative web filter tests

Martijn Grooten, Virus Bulletin
   Dorkbot: hunting zombies in Latin America

Pablo Ramos, ESET
16:50 - 17:20 Malware and Mrs Malaprop: what do consumers really know about AV? (sponsor presentation)

Stephen Cobb, ESET
   A little bit about the freemium phenomenon from the proud beer provider (sponsor presentation)

Milos Korenko, AVAST Software
19.30 VB2012 drinks reception

Thursday 27 September

Corporate stream Technical stream
Breakfast
09:00 - 09:30 Malware taking a bit(coin) more than we bargained for

Amir Fouda, Microsoft
   Flashback OS X malware

Broderick Aquilino, F-Secure
09:30 - 10:00 The Carberp crimekit and the reshipping incident

Peter Kruse, CSIS Security Group
   Linux mass infection tools + live demonstration

David Jacoby, Kaspersky Lab
10:00 - 10:30 The tale of one thousand and one ADSL modems

Fabio Assolini, Kaspersky Lab
   Linux mass infection tools + live demonstration (contd.)

David Jacoby, Kaspersky Lab
Tea and coffee
10:50 - 11:20 Nefarious list processing: viruses vs AutoCAD

Jakub Kaminski, Microsoft
Raymond Roberts, Microsoft
   LAST-MINUTE PAPER: Measuring the cost of cybercrime

Tyler Moore, Southern Methodist University
11:20 - 11:50 Android malware exposed - an in-depth look at the evolution of Android malware

Grayson Milbourne, Webroot
Armando Orozco, Webroot
   LAST-MINUTE PAPER: To get your malware noticed: target all the police forces in Europe

Loucif Kharouni, Trend Micro
11:50 - 12:20 Malware analysis: tools and methodologies for Apple Mac OS X and iOS devices

Methusela Cebrian Ferrer, Microsoft
   LAST-MINUTE PAPER: Gataka: a banking trojan ready to take off?

Jean-Ian Boutin, ESET
Lunch
14:00 - 14:30 Identifying socioware (social malware) in Facebook

Md Sazzadur Rahman, UC Riverside
Ting-Kai Huang, UC Riverside
Harsha V. Madhyastha, UC Riverside
Michalis Faloutsos, UC Riverside
   LAST-MINUTE PAPER: ACAD/Medre: industrial espionage in Latin America?

Robert Lipovsky, ESET
Sebastian Bortnik, ESET
14:30 - 15:00 Customer-driven anti-malware signatures

John Alexander, Lockheed Martin
   LAST-MINUTE PAPER: The Adobers - collaborative efforts vs. un-advanced persistent threats

Neil Schwartzman, CAUCE.org
Paul Kincaid-Smith, SendGrid
15:00 - 15:30 Browser add-ons: what do they really add on?

Andrei Cristian Serbanoiu, Bitdefender
   LAST-MINUTE PAPER: Russian hackers, proxy resellers, and rootkits

Joseph Bingham, Symantec
Tea and coffee
15:50 - 16:20 Teaching consumers security habits

Randy Abrams, Independent researcher
   LAST-MINUTE PAPER: Cleaning up the net 2.0 - a success story of cleaning 3000+ websites

Adrian Leuenberger, SWITCH
16:20 - 16:50 A study of malware attacks on online shoppers in China (sponsor presentation)

Royce Lu, Qihoo 360
  

19:30 Pre-dinner drinks followed by gala dinner & cabaret

Friday 28 September

Corporate stream Technical stream
Breakfast
09:30 - 10:00 Using an expert system to provide automated malware analysis for non-experts (or using machines to provide meaningful analysis for humans)

Hermineh Tchagatzbanian, Microsoft
Heather Goudey, Microsoft
   Using clustering to detect and mitigate spam distributions

Andrey Bakhmutov, Kaspersky Lab
10:00 - 10:30 The new wave of 'undetectable' DGA threats

Gunter Ollmann, Damballa
   Correlating sentiments and topics with spam waves on social networks

Daniel Dichiu, Bitdefender
Lucian Lupsescu, Bitdefender
Irina Rancea, Bitdefender
Tea and coffee
10:50 - 11:20 To spam or not to spam?

Evgeny Kolotinsky, Kaspersky Lab
Darya Gudkova, Kaspersky Lab
   Anatomy of Duqu exploit

Ivan Teblin, Kaspersky Lab
11:20 - 11:50 A plan for email over IPv6

Terry Zink, Microsoft
Mukesh Beher, Microsoft
   Security ramifications of Windows Kernel Patch Protection

Denis Nazarov, Kaspersky Lab
Alexey Monastyrsky, Kaspersky Lab
11:50 - 12:20 My PC has 32,539 errors: how telephone support scams really work

David Harley, ESET
Martijn Grooten, Virus Bulletin
Steven Burn, Malwarebytes
Craig Johnston, Independent researcher
   Cracking the encrypted C&C protocol of the ZeroAccess botnet

John Morris, Kindsight
Kevin McNamee, Kindsight
Lunch
14:00 - 14:30 Cyberwar: reality, or a weapon of mass distraction?

Andrew Lee, ESET
   IEEE software taggant system in action

Igor Muttik, McAfee
Mark Kennedy, Symantec
14:30 - 15:00 Who's next? Identifying risk factors for subjects of targeted attacks

Martin Lee, Symantec
   Windows 8 ELAM: too late, too little!

Abhijit P. Kulkarni, Quick Heal Technologies
Prakash D. Jagdale, Quick Heal Technologies
Tea and coffee
15:20 - 16:10 Panel discussion: The value (and danger) of offensive security research
16:10 - 16:20 Conference closing session

Reserve papers

AMTSO update: changes afoot

Richard Ford, Florida Institute of Technology
Online social networks: new heaven for spammers and attackers

Jason Ding, Barracuda Networks
Web malware interesting facts

Alexander Sidorov, Yandex
Quick Links

Poll
Do current laws offer enough protection for ethical ('white-hat') hackers?
Yes, the current laws are fine
No, they prevent responsible disclosure of vulnerabilities
The current laws are too lax, we need to be stricter on hacking
I don't know
Leave a comment
View 4 comments

USENIX ATC

VB100 certification
VB100 This month's VB100 comparative on Windows XP brought something of a mixed bag, as several vendors appear to have decreased support for the platform in favour of the newer Windows 8. John Hawes has the full set of results.
See full results.

Virus Bulletin currently has 227,267 registered users.