Material Archives - List, 2006, 2005, 2004, 2003.
PacSec 2008
Putting an SSH server in your NIC -Arrigo TrulziGone in 900 Seconds, Some Crypto Issues with WPA -Erik Tews
Browser Memory Protection Bypasses: Virtual Machines -Mark Dowd, IBM
Cross domain leakiness: Divulging sensitive information and attacking SSL sessions -Chris Evans & Billy Rios, Google, Microsoft
Flash XSS - Rich Cannings, Google
Malicious origami in PDF -Fredric Raynal, Guillaume Delugre
Security for Virtual and Physical Server Environment -Akiko Takahashi, SCS
Living in the RIA World (Flash/Air, Silverlight, Gears, Prism, BrowserNow, HTML5) -David Thiel, iSec
Understanding Cross-Domain Models and Threats -Peleus Uhley, Adobe
Gaining access through Kerberos -Emmanuel Bouillon
A new web attack vector: Script Fragmentation -Stephan Chenette, WebSense
Countermeasure to SSH Brute Force Attack according to behaviour -Tetsuo Handa, NTT Data
Advances in Automated Attack Planning -Carlos Sarraute & Alejandro David Weil, Core
Inside "Winnyp", Winnyp Internals and Concepts of Network Crawling -Toshiaki Ishiyama, Fourteenforty
PacSec 2007
Programmed I/O accesses: a threat to virtual machine monitors? -Loic DuflotDeveloping Fuzzers with Peach -Michael Eddington, Leviathan Security
Cyber Attacks Against Japan -Hiroshi Kawaguchi, LAC
Windows Localization: Owning Asian Windows Versions -Kostya Kortchinsky,Immunity
TOMOYO Linux -Toshiharu Harada, NTT Data
IPV6 Demystified -Jun-ichiro itojun Hagino , IPv6Samurais
Automated JavaScript Deobfuscation -Alex Rice, Websense Security Labs
Enter Sandman (why you should never go to sleep) -Nicolas Ruff & Matthieu Suiche, EADS
Agent-oriented SQL Abuse -Fernando Russ & Diego Tiscornia, Core
Bad Ideas: Using a JVM/CLR for Intellectual Property Protection -Marc Schoenefeld, University of Bamberg
Heap exploits are dead. Heap exploits remain dead. And we have killed them.-Nicolas Waisman, Immunity
Deploying and operating a Global Distributed Honeynet -David Watson, Honeynet Project
Office 0days and the people who love them -Microsoft
PacSec 2006
Smashing Heap by Free Simulation - Sandip ChaudhariMethods of increasing source code security automatically - Ben Chelf, Coverity
IPTV: Triple Play Triple Threats - YM Chen, McAfee
Mobile IPV6, Les Problemes - Arnaud Ebalard & Guillaume Valadon, EADS, University of Tokyo
Threats against and protection of Microsoft's internal network - Greg Galford, Microsoft
How to secure a networking stack: IPv6 and NetIO - Abolade Gbadegesin, Microsoft
On XSRF(Cross Site Request Forgery) and why you should care - Martin Johns, University of Hamburg
Linux Kernel == Security Nightmare - Marcel Holtmann, Red Hat
hacking fingerprint recognition systems- Jan Krissler, Fraunhofer Institute
OpenOffice/OpenDocument and MS OpenXML security - Philippe Lagadec, CELAR
The Malware Landscape - Adam Overton & Jeff Williams, Microsoft
Strong cryptographic payload obfuscation and encryption - Ariel Waissbein, Core Security Technologies
Undermining Security in Vista WCF - Marc Schoenefeld
Evolving Windows Shellcode - Masaki Suenaga Symantec Security Response Tokyo
IPV6 Mapping - Yuji Ukai, eeye
MSKK Security Fundamentals - Yuji Okuten, Microsoft
PacSec 2005
Andrea Barisani - GentooBuilding a modern LDAP based security framework.
Cédric "Sid" Blancher - EADS
- WiFi traffic injection based attacks
Javier Burroni - CORE SDI
Using Neural Networks for remote OS identification
Maximillian Dornseif - Laboratory for Dependable Distribute Systems
Watching hackers hack - attack visualization
van Hauser - thc
Attacking the IPv6 protocol suite
Adam Jacobs - Oracle
Commercial Software and How Can We Fix It)?
Chris Jordan - Endeavor Security
Writing Better Intrusion Prevention Signatures
Hiroshi Shinotsuka - Symantec
Advances in trojan threats
Ilja van Sprundel - Suresec
Unix Kernel Auditing
Mark Uemura
Fault Redundant IPV6 Wireless Firewalls
Yuji Ukai - eeye
Exploiting Real-Time OS Based Embedded Systems Using the JTAG Emulator
Christian Wieser - Oulu University Secure Programming Group
VoIP: SIP robustness and RTP security
PacSec 2004
George Kurtz -Google Hacking: Searching for ways to stop hackers.
Shane "K2" Macaulay & Dino Dai Zovi - Bloomberg
Wireless vulnerabilities from rogue access points
Nico Fischbach - COLT
Voice Over IP Security
Maximillian Dornseif -
0wn3d by an iPod: Firewire/1394 Issues
Nico Fischbach & Toby Kohlenberg
Best methods for detecting anomalies in global networks
David Meltzer -
Hybrid approaches for optimized network discovery
Nicolas Brulez -
Windows virus executable file infections and heuristic detection
Ivan Arce - CORE SDI
Analyzing exploit code quality.
Hiroaki Eto
Stack Protection Systems (ProPolice, XP SP2...)
Laurent Oudot -
Countering Attack Deception Techniques
Greg Smith
Security Tutorial for Administrators
Ejovi Nuwere
Inside Jyukinet: The Audit
PacSec 2003
Lance Spitzner - Honeypot Technologies Inc.Honeypot technology
Richard Forno - Former InterNIC CSO -
Incident Response
Nicolas Fischbach - COLT Telecom -
Secure Network Infrastructure Deployment
Jose Nazario - Arbor Networks -
Is the future so bleak? An analysis of proposed worm futures
FX - Phenoelit -
Cisco Vulnerabilities: The Past, The Present, and The Future
Jun-ichiro itojun Hagino - Internet Initiative Japan Inc. -
IP Version 6 Security Considerations
Marty Roesch - Sourcefire -
Passive network reconnaissance and intrusion data analysis
Ivan Arce & Gerardo Richarte - Core SDI -
State of the Art Security from an Attacker's Viewpoint.
Dave Aitel - Immunity Inc. -
Modern Exploit Shellcode Generation and Attack Techniques
Theo DeRaadt - OpenBSD -
Advances in OpenBSD
Tom Vogt - SELinux -
Security Enhanced Linux Architecture and Applications
