Category Archives: Career
DEF CON 22 in 2014
Hacking Conference Presentation By Weston Hecker Burner Phone DDOS 2 dollars a day 70
Summary: This talk discussed abut phone DDoS attacks.
Investigating DDOS Architecture Actors and Attribution
The data collection is done through DDoS
They collect the timestamp, source, destination IPs and ports, attack type.
Lessons from Surviving a 300Gbps Denial of Service Attack
Speaker: Matthew Prince, CEO of Cloudflare
Summary: This talk presents how the attackers use DNS open resolver to conduct a DDoS attack of a size larger than 300Gpbs on Spamhaus. The attack is defeated by
A similar but less technical talk was given by the speaker in Defcon at the same year.
Million Browser Botnet
Defcon 21 in 2013
Evil DoS Attacks and Strong Defenses
Summary: This talk presents a DDoS attack based on DNS resolver. It turns out that 0.1% of the DNS resolvers could be able to generate more than 300Gbps attack traffic.
DEFCON 24 in 2016
Karyn Benson – Examining the Internet’s pollution
Analyzing the trash packets on the Internet to find out the attack activity or software bugs. For example, figure out when the attackers are scanning the internet of
Jay Beale and Larry Pesce – Phishing without Failure and Frustration
It discusses how to conduct phishing test in an enterprise.
Shane Steiger Are You Playing with a Full Deck
It discusses how the defenders can act to disrupt the attack life-cycle of attackers. This is exactly what the Moving Target Defense (MTD) is. It is important to figure out the attack patterns in order to decide how the defenders can play
Luke Young – Attacking Network Infrastructure to Generate a 4 Tbs DDoS
This talk exploits the devices with large uplinks to gain root privileges. Then they can launch huge DDoS attacks by sending HTTP requests to the victims. Note that rather than DNS amplification attack which can be easily blocked by firewall, attack traffics with normal http requests are hard to be blocked.
Lucas Lundgren, Neal Hindocha – Light Weight Protocol: Critical Implications
This talk discusses the MQTT protocol and how it can be exploited for critical information. In EQTT, each client is subscribed to several queues for different functions. Each client can listen to what other clients are doing. The attackers can easily change the subscriptions of the devices and to control them. For example, the attackers can issue a software update to the victim devices.
Willa Cassandra Riggins,
This talk discusses how to avoid leaking information via convert channel. It turns out blacklist doesn’t work due to business requirement and the
Kai Zhong – 411: A framework for managing security alerts
Status: 20 minutes
Summary: This talk discusses how they enrich the elastic search framework to have the function to create and notify the alerts.
Joshua Drake, Steve Christey Coley – Vulnerabilities 101
Summary: This talk gives advice and guidance for the newbies on how
Weston Hecker – Hacking Hotel Keys and Point of Sale Systems
Summary: This talk introduces how they hack the hotel keys.
Zack Fasel, Erin Jacobs – Attacks Against Top Consumer Products
Summary: This talk introduces the security issues in blue tooth, cameras.
Dr Phil – Mouse Jiggler: Offense and Defense
Summary: This talk introduces how to defend against mouse
Greg Norcie –
Summary: This talk discusses the difficulty of usable security. In designing the usable software, cognitive
Grant Bugher – Bypassing Captive Portals and Limited Networks
Summary: This talk discusses how to bypass to reach the restricted networks. These networks are usually set by the owners and require payment for access.
Delta Zero, KingPhish3r – Weaponizing Data Science
Summary: This talk presents a recurrent neural network that learns to tweet phishing posts targeting specific users. The model is trained using spear phishing pen-testing data. In order to make a click-through more likely, it is dynamically seeded with topics extracted from timeline posts of both the target and the users they retweet or follow. The performance is measured using click-through rate.
Clarence Chio – Machine Duping 101: Pwning Deep Learning Systems
Summary: This talk presents attacks on the deep learning model by feeding it with adversarial inputs.
It is important to evaluate the robustness of
It also mentioned that in Facebook spam fighting, the spammers try to alter the spam images to bypass detection. Using fuzzy matching would not be enough to cluster similar images together. However, deep learning is a good way to go. In specific, we can train the images using neural networks and compare the 2nd layers to measure the similarities which allow us to neglect some trivial details
Alex Chapman and Paul Stone – Toxic Proxies: Bypassing HTTPS
Summary: This talk presents how the attackers can use new techniques to bypass encryption to monitor your search history and take over your online accounts.
The attackers can extract the information from the users’ searching process. Besides, the CDNs’ only serve contents without encryption, though the URLs are often complicated and are difficult to be guessed, whoever get those URLs would be able to access the resources.
Salvador Mendoza – Samsung Pay: Tokenized Numbers, Flaws and Issues
Summary: This talk presents the attack on Samsung pay.
Background knowledge: when you pay using your card, a token number will be generated which contains service code, transaction id, and a random number.
Flaws: If Samsung generates a token which is not used, it has a blank expiration date.
1. Social engineering to get the token
2. Use the token to do