🎉議程介紹文🎉 這次即將將帶大家來看的議程有
✨Your NAS is not my BOT
✨基於圖特徵惡意軟件檢測器的結構型對抗式樣本
✨Ring0 Rootkit-在 Windows Kernel 與病毒共存
✨Malware Behavior Analysis Acceleration based on Graph Neural Networks
想更加了解今年還有哪些議程嗎🔎
我們將與大家一同來搶先看更多精彩議程,請務必鎖定粉絲專頁👀
—
🔥 趕緊購票一起來參與這場年度盛會 🔥
▌HITCON PEACE 2022
日期:2022.08.19 (五) - 2022.08.20 (六)
地點:南港展覽館 2 館 7 樓
購票連結:https://hitcon.kktix.cc/events/hitcon-peace-2022
—
🎉 We're announcing part 7 of our sessions sneak peek! 🎉
✨Your NAS is not my BOT
✨Structural Adversarial Examples for Graph-Based Malware Detectors
✨Ring0 Rootkit - Coexistence with Viruses in Windows Kernel
✨Malware Behavior Analysis Acceleration based on Graph Neural Networks
Do you want to know more about HITCON 2022's sessions? 🔎
We will be announcing them in upcoming weeks. Make sure to subscribe to our page. 👀
—
🔥Book your tickets to join this grand annual event🔥
▌HITCON PEACE 2022
Time:August 19-20 2022
Location:Online/Onsite in Taipei Nangang Exhibition Center, Hall 2, 7F, Taiwan
Ticket:https://hitcon.kktix.cc/events/hitcon-peace-2022
—
主辦單位:經濟部工業局、社團法人台灣駭客協會
執行單位:社團法人台灣駭客協會、工業技術研究院
【 HITCON PEACE 2022 Agenda|CyberWar: APT Groups Research】
▍Your NAS is not my BOT
NAS 設備不管是企業或是個人用戶,都在全世界被廣泛的使用
隨著一次一次的更新,NAS 現在有各種強大以及方便的功能,因此 NAS 安全相關的議題也是近期漸漸顯露出其重要性的議題!
在這場議程中,講者將會分析近期的 APT 攻擊是如何借用 NAS 相關功能進行攻擊,例如借用 NAS 廠商的 DDNS 的服務來當 C2 Server 等等
最後講者也會進行一些 Case study,讓大家知道 APT 族群是如何濫用這些受感染的設備
想知道你的 NAS 究竟是不是你的 NAS 嗎?請不要錯過這場演講!
官網議程連結 ➡️ https://hitcon.org/2022/agenda/f50a60f5-057f-4df3-84d9-23e7d022ec40
▍Your NAS is not my BOT
NAS is widely adopted by both home and enterprise users around the world. As the development of the product goes, more and more functionalities were added to the product line. Therefore, NAS security has attracted attention in recent years.
In this session, we'll share how recent APT campaigns took advantage of functionalities of NAS devices, such as using DDNS service from the vendor to act as a C2 Server.
Lastly, it'll bring some case studies on how APT groups abuse compromised NASes.
If you want to tell if your NAS is really your NAS, make sure to check out this session.
Link ➡️ https://hitcon.org/2022/agenda/f50a60f5-057f-4df3-84d9-23e7d022ec40
【 HITCON PEACE 2022 Agenda|Automated vulnerability discovery & malware research】
▍基於圖特徵惡意軟件檢測器的結構型對抗式樣本
對於未知的惡意程式偵測一直是資安研究員努力的方向,隨著近年來人工智慧的發展,這塊領域也持續有著突破性的研究,而在機器學習 (Machine Learning, ML) 中,基於控制流程圖 (Control Flow Graph, CFG) 特徵的檢測器,也被普遍視為可以有效檢測的技術
在這場議程中,講者將與大家分享如何以基於此技術的檢測器來檢測出使用對抗式攻擊 (Generative Adversarial Network, GAN) 產生的惡意軟體樣本,而最終結果也呈現出這樣的方法能更精準的偵測!
對於機器學習應用在資安領域的你,這絕對是首選議程!
官網議程連結 ➡️ https://hitcon.org/2022/agenda/2af483f0-722a-44c2-b25f-25258972de65
▍Structural Adversarial Examples for Graph-Based Malware Detectors
To detect an unknown malware is an intensively studied topic. As the development in AI goes, research breakthroughs were made. In the field of machine learning, malware detection methods based on Control Flow Graph (CFG) have been proven effective.
In this session, it will share on how an analyzer based on such a method could detect samples generated with a generative adversarial network (GAN) model, and how it demonstrates more effective detection rates than other methods.
We highly recommend this session for anyone interested in combining machine learning with cybersecurity.
Link ➡️ https://hitcon.org/2022/agenda/2af483f0-722a-44c2-b25f-25258972de65
【 HITCON PEACE 2022 Agenda|Automated vulnerability discovery & malware research】
▍Ring0 Rootkit-在 Windows Kernel 與病毒共存
Kernel Rootkit 是許多 Windows 系統研究員所探討的主題,不過隨著系統保護機制的演進,實作方法也有所改變
在 PatchGuard 問世之後,很多原本的後門都因為會導致系統的不穩定而不再適用,然而 PatchGuard 影響的不僅是攻擊方,防守方的合法防禦方法也受限
在這個議程中,將介紹攻擊方可以如何癱瘓防毒軟體因應 PatchGuard 所開發的自我保護機制,同時攻擊方能怎麼繞過 PatchGuard 來達到惡意利用,最後講者也將展示針對第三方防毒廠商所實作的攻擊 PoC - TamperAV
對於 Windows 系統安全有所研究的你,還不趕快來聽嗎 🥺
官網議程連結 ➡️ https://hitcon.org/2022/agenda/117f12aa-6166-4083-b317-8b994dbf7a96
▍Ring0 Rootkit - Coexistence with Viruses in Windows Kernel
Kernel rootkits were a target of study among Windows security researchers, but as protective mechanisms evolved, implementations of rootkits have also changed.
After PatchGuard was introduced, a large portion of the exploit method would either become unusable or unreliable due to the instability it provides. However, PatchGuard works both ways, it would also prevent some defensive mechanisms from working.
In this session, it will introduce how to crash antivirus softwares via their mitigation against PatchGuard, and how to bypass and then exploit the system with PatchGuard enabled. Lastly, it'll introduce a PoC targeting antivirus software - TamperAV.
Don't miss this session if you're interested in Windows system security.🥺
Link ➡️ https://hitcon.org/2022/agenda/117f12aa-6166-4083-b317-8b994dbf7a96
【 HITCON PEACE 2022 Agenda|Automated vulnerability discovery & malware research】
▍Malware Behavior Analysis Acceleration based on Graph Neural Networks
各領域遭受的駭客攻擊的數量近年來不斷上升,造成各國政府機構、民間企業不小的損失,但然而隨著事件發生的次數增長,而其中成長最多的是檔案類型的惡意軟體,且攻擊的強度使得藍隊們苟延殘喘、難以撥出時間做分析 🥲
而在這場議程中,講者將分享透過使用結合圖神經網路 (Graph Neural Networks, GNN) 的技術,以自動化的方式判斷出樣本是否具有惡意行為,並提供人工分析時可參考的方向,希望透過這樣的工具能加快惡意程式分析的工作
面對無數需要人工分析樣本的你,肯定是非常需要參與這場議程的!
官網議程連結 ➡️ https://hitcon.org/2022/agenda/cf80375d-19db-4c5c-a910-15010a24f692
▍Malware Behavior Analysis Acceleration based on Graph Neural Networks
Cybersecurity attacks have become common and causing losses of government agencies and enterprises. As the number of incidents grows, it also indicates a growing percentage of binary-type malwares. The incidents had already made blue teams extremely occupied, and couldn't afford the time to analyze all of the malwares.🥲
In this session, it'll introduce a method based on Graph Neural Networks (GNN), using automated methods to detect malicious behavior in samples, and provide indications to assist in further manual analysis. Hopefully, this method could aid blue teams in speeding up the whole analysis process.
The session is highly recommended for anyone who needs to analyze malware manually.
Link ➡️ https://hitcon.org/2022/agenda/cf80375d-19db-4c5c-a910-15010a24f692
#HITCON #HITCON2022 #HITCON_PEACE_2022 #HITCON2022_AGENDA
No comments:
Post a Comment