Draft 2020 Agenda
Now as official as it gets. Still risky to depend on it.
Last update: 13 Jan 2020 22:10 UTC
Note: All presentations are alloted a maximum of 20 minutes for speaking and a maximum of 10 minutes for setup and transition. Track chairs may modify the schedules and shorten transistion times as required.
Operations Track, Mike Johnson Chair
Date | Time | Authors | Paper |
Tuesday | 12:00 PM | TBD | Intro and Ground Rules |
Tuesday | 12:15 PM | Burbage, Paul K* | Beaconing Malware Adversaries |
Tuesday | 12:45 PM | Amini, Pedram* | Worm Charming: Harvesting Malware Lures for Fun and Profit |
Tuesday | 1:15 PM | McDonald, Rob*; Siglar, Chad |
Self-Protecting Data – A new toolkit for secure sharing with persistent control |
Tuesday | 1:45 PM | Wright, Jordan*; McNiece, Matt; Mooney, Nick | Don’t Let Secrets Git Away: How to Monitor GitHub for Secret Leakage |
Tuesday | 2:45 PM | Owens, Cedric* | Post Infection Analysis on macOS Hosts |
Tuesday | 3:15 PM | BREAK | BREAK |
Tuesday | 3:30 PM | Nunnally, RJ*; Althouse. John | Using active TLS fingerprinting to identify C2 servers. |
Tuesday | 4:00 PM | Wilbanks, Joel* | SOC Analyst Mindset – Using Models and Structure Analysis |
Tuesday | 4:30 PM | Bort, Bryson*; Orchilles, Jorge | The C2 Matrix |
Tuesday | 5:00 PM | Bannat Wala, Fatema* | “Off label” use of DNS – Interesting things to know about DNS! |
Tuesday | 5:30 PM | TBD | WRAP |
Wednesday | 9:00 AM | TBD | Day 2 Start |
Wednesday | 9:15 AM | Lakhotia, Arun* | Machine Learning for Malware Analysis, Revisited |
Wednesday | 9:45 AM | Steindler, Zachary* | Learn Cloud Security by Doing, Without Risking the Business |
Wednesday | 10:15 AM | Althouse, John*; Yu, Caleb | Detection and Fingerprinting on Google’s QUIC Protocol |
Wednesday | 10:45 AM | BREAK | BREAK |
Wednesday | 11:00 AM | Case, Andrew* | Volatility 3 Public Beta: A Peek into the Future of Memory Forensics |
Wednesday | 11:30 AM | Frazier, Tim | Cops and Robbers: Simulating Adversary Techniques for Detection Validation |
Wednesday | 12:00 PM | LUNCH | LUNCH |
Wednesday | 1:00 PM | Bannat Wala, Fatema* | KYD – Know Your Devices, a method for profiling devices using DHCP |
Wednesday | 1:30 PM | Duncan, Brad* | Ursnif malspam and infection traffic |
Wednesday | 2:00 PM | Hernandez, Jose E*; Soto, Rod | A Unified Data Model for Cloud Security |
Wednesday | 2:30 PM | Rickerd, Jacob* | Democratizing Chrome Extension Security |
Wednesday | 3:00 PM | BREAK | BREAK |
Wednesday | 3:30 PM | Burrows, Christian*; Blackmore, Ashley | Regain control, standardize, and level up your alerting pipeline |
Wednesday | 4:00 PM | Stear, Kevin*; Soto, Ellie | Credpocalypse Cometh? |
Wednesday | 4:30 PM | Chalupowski, Lilly* | Finders Keepers (KPot Stealers) & Operation Lawyer Loot |
Wednesday | 5:15 PM | TBD | WRAP |
Thursday | 9:00 AM | TBD | Day 3 Start |
Thursday | 9:15 AM | Zadeh, Joseph*; Soto, Rod | Shining a light in the Shadows: Data Driven Techniques for DeObfuscating Evil on the DeepWeb |
Thursday | 9:45 AM | Greenhagen , Rhett * | Building Art from Noisy Data: Why Noise Is Important |
Thursday | 10:15 AM | Gardner, Philip*; Chamoro, Derek | A Novel SIEM Solution That Doesn’t Cost an Arm and a Leg |
Thursday | 10:45 AM | BREAK | BREAK |
Thursday | 11:00 AM | Crisler, Vincent*; DiGeroLamo, John | Attacking the Gatekeepers |
Thursday | 11:30 AM | Bowling, Jesse* | STINGAR: Lessons Learned a Year In |
Thursday | 12:00 PM | LUNCH | LUNCH |
Thursday | 1:00 PM | Borland, Justin*; Heise, David B | Cyber Saucier – Automating Deobfuscation en masse in near real time |
Thursday | 1:30 PM | Fry, Chris* | Criminals Hate This One Weird Trick – Operationalizing Threat Intelligence |
Thursday | 2:00 PM | Roytman, Michael* | Intelligent Threat Intelligence |
Thursday | 2:30 PM | Smith, Peter*; Seshadri, Nagraj | Mitigating attacks against cloud metadata services (learning from the Capital One-AWS breach) |
Thursday | 3:00 PM | BREAK | BREAK |
Thursday | 3:30 PM | Ragan, Rob*; Salazar, Oscar | Expose Yourself Without Insecurity |
Thursday | 4:00 PM | Lee, David K* | Is your Cyber Threat Intelligence really driving your SOC? |
Thursday | 4:30 PM | LIGHTNING TALKS | LIGHTNING TALKS |
Thursday | 5:00 PM | TBD | WRAP |
Philosophy Track, Sounil Yu Chair
Time | Authors | Paper |
Tue 1/14/2020 12:00 | TBD (joint tracks) | Intro and Ground Rules |
Tue 1/14/2020 12:15 | Evron, Gadi* | A Framework for Engaging in Superbug Eventuality Conflicts (SBEC’s) |
Tue 1/14/2020 12:50 | Schwalbe, Daniel F* | Don’t Cross The Streams”: The battle over the DNS Control-Plane |
Tue 1/14/2020 13:25 | MacVarish, Rich* | Russian Subversion Series: Active Measures – What’s old is new again |
Tue 1/14/2020 14:00 | Givens, Chandler | Alternative and responsible use of security data |
Tue 1/14/2020 14:35 | Spring, Jonathan*; Manion, Art; Householder, Allen | Prioritizing Vulnerability Response with a Stakeholder-Specific Vulnerability Categorization |
Tue 1/14/2020 15:10 | Ross, Guillaume K* | Reliability as a Liability: When something breaking can save us |
Tue 1/14/2020 15:45 | Liston, Kevin* | GEOINT in Distrupting Cyber-Fraud |
Tue 1/14/2020 16:20 | Bambenek, John* | The Difficulties in Cybersecurity Machine Learning |
Tue 1/14/2020 16:55 | Engler, Maggie* | The State of Authentication: A Census-Representative Survey |
Wed 1/15/2020 9:00 | Evron, Gadi* | Building Defensive Mechanisms For Engaging With Disinformation And “Fake News” in the Digital Age |
Wed 1/15/2020 9:35 | Lin, William* | Real-World Applications of the Cyber Defense Matrix |
Wed 1/15/2020 10:10 | Millar, Thomas* | EthicsfIRST: A Step Towards Professionalizing THIRSTy Work |
Wed 1/15/2020 10:45 | MacVarish, Rich* | Russian Subversion Series: Reflexive Control – Perception is not reality… until it is |
Wed 1/15/2020 11:20 | Martinez, Rick* | Open the Gates: Talking Security in your Organization |
Wed 1/15/2020 12:00 | All | Lunch |
Wed 1/15/2020 13:00 | Pargman, Randy J*; Levene, Brandon | Being Dangerous to Threat Actors: Working Together Consequentially |
Wed 1/15/2020 13:35 | Murray, Michael* | Beyond the Operating System – Adventures in Healthcare Security |
Wed 1/15/2020 14:10 | Duksta, John* | Guerrilla GRC: Let’s streamline vendor assessments |
Wed 1/15/2020 15:00 | All | Refinement of presented ideas |
Thu 1/16/2020 9:00 | All | Refinement of presented ideas |
Thu 1/16/2020 13:00 | All | Presentation of refinements |
Special thanks to our sponsors:
Cythereal, Dell, duo, EA Security, Farsight Security,
Scope,
SpyCloud, TachTech, Verisign
Recent Comments