Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP
Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP
** http://hackitoergosum.org **
7-9 April 2011 / Paris / France
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
111111111111111111110000000011111111111111111111111000001111111111111111=20=
1111111
111111111111111111110000000011111111111111111111111000001111111111111111=20=
1111111
111111111111111111110000000011111111111111111111111000001111111111111111=20=
1111111
111111111111111111110000000011111111111111111111111000001111111111111111=20=
1111111
111111111111100000000000000000000000000000000000000000000000000011111111=20=
1111111
111111111111100000000000000000000000000000000000000000000000000011111111=20=
1111111
111111111111100000000000000000000000000000000000000000000000000011111111=20=
1111111
111111111111100000000000000000000000000000000000000000000000000011111111=20=
1111111
111110000000000000001111111111111110000000011111111111111100000000000000=20=
0111111
111110000000000000001111111111111110000000011111111111111100000000000000=20=
0111111
111110000000000000001111111111111110000000011111111111111100000000000000=20=
0111111
111110000000000000001111111111111110000000011111111111111100000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000000000000000000000000000000000000000000000000000000000000000=20=
0111111
111110000000011111110000000011111110000000011111111000000011111111000000=20=
0111111
111110000000011111110000000011111110000000011111111000000011111111000000=20=
0111111
111110000000011111110000000011111110000000011111111000000011111111000000=20=
0111111
111110000000011111110000000011111110000000011111111000000011111111000000=20=
0111111
111111111111100000001111111100000000111111100000000111111100000011111111=20=
1111111
111111111111100000001111111100000001111111100000000111111100000011111111=20=
1111111
111111111111100000001111111100000001111111100000000111111100000011111111=20=
1111111
111111111111100000001111111100000001111111100000000111111100000011111111=20=
1111111
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
1111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111 HES 2011
1111111111111111111111111111111111111111111111111 Paris, 7-9 April 2011
1111111111111111111111111111111111111111111111111
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
111111111111111111111111111111111111111111111111111111111111111111111111=20=
1111111
--[ Synopsis:
Hackito Ergo Sum conference will be held from April 7th to the 9th of =20=
2011
in Paris, France.
Following last edition's success, HES2011 will be a bigger event with =20=
even more
talks, focusing on hardcore computer & network security, insecurity,
vulnerability analysis, reverse engineering, research and hacking, =20
and will try
to keep the high quality content. Our dear Program Committee is there to
ensure this.
HES will this year be a fully international-oriented conference, 100% in
English, aiming to gather the best security researchers, experts and =20
decision
makers in one room.
--[ Introduction:
The goal of this conference is to promote security research, broaden =20
public
awareness and create an open forum so that communication between the
researchers, the security industry, the experts and the public can =20
happen.
Last year, we pioneered a domain with the first Capture The Flag =20
(CTF) contest
on FPGA, with excellent result that exceeded by far our expectations. =20=
This
year, new contests will run with hopefully even more diverse and new =20
approaches
to security. Of course, network-based CTF and lockpicking contest =20
will still
happen.
We will have a specific session for new works, including slots for new
presenters -i.e. typically people whose personal research are extremely
interesting but who do not usually present at conferences- because
security innovations occur at the fringe of the security industry, =20
very often by
passionate people, and that's what we are and love. Submissions from =20
students,
academics or otherwise passionate people from anywhere on the =20
internet are
therefore most welcome.
We will also have an anonymous side track so that people who wish to =20
present sensitive
subjects can do so in total freedom. As we believe the academic =20
system as setup a good
precedent with anonymous submissions, review and voting, we wish to =20
pursue this direction
by providing researcher a way to share important contribution without =20=
being concerned
with politics and other non-research influences.
This conference will try to take into account all voices in order to =20
reach a
balanced position regarding research and security, inviting businesses,
governmental actors, researchers, professionals and the general =20
public to share
concerns, approaches and interests for this topic.
During three days research conferences, solutions presentations, =20
panels and
debates will aim to view and determine the future of IT security.
--[ Content of the Research Track:
We are expecting submissions in English only.
The format will be 45 mins presentation + 10 mins Q&A.
Please note that talks whose content will be judged too commercial or =20=
biased
toward a given vendor will be rejected.
For the research track, preference will be given to offensive, =20
innovative and
highly technical proposals covering (but not restricted to) the =20
topics below:
[*] Attacking Software
* Automating vulnerability discovery
* The business of the 0-day market
* Non-x86 exploitation
* New classes of software vulnerabilities and new methods to detect
software bugs (source or binary based)
* Static and Dynamic binary or source-based analysis
* Current exploitation on Gnu/Linux WITH GRsecurity/SElinux/=20
OpenWall/SSP
and other current protection methods
* Kernel land exploits (new architectures or remote only)
* New advances in Attack frameworks and automation
* Secure Development Life Cycle and real-life development =20
experiences
[*] Attacking Infrastructures
* Botnets and C&C abuses
* Exotic Network Attacks
* Telecom (from VoIP to SS7 to GSM & 3G/4G RF hacks)
* Financial and Banking institutions
* SCADA and the industrial world, applied.
* Governmental firewall and their limits (Australia, French's =20
HADOPI,
China, Iran, Denmark, Germany, ...)
* Law enforcement : how to / how to deceive / how to abuse.
* Satellites, Military, Intelligence data collection backbones
("I hacked Echelon and I would like to share")
* Non-IP (SNA, ISO, make us dream...)
* M2M
* Wormable vulnerabilities against protocols & infrastructures
[*] Attacking Hardware
* Hardware reverse engineering (and exploitation + backdooring)
* Femto-cell hacking (3G, LTE, ...)
* BIOS and otherwise low-level exploitation vectors
* Real-world SMM usage! We know it's vulnerable, now let's do =20
something
* WiFi drivers and System on Chip (SoC) overflow, exploitation and
backdooring.
* Gnu Radio hacking applied to new domains
[*] Attacking Crypto
* Practical crypto attacks from the hacker's perspective
(RCE, algo modeling, bruteforce, FPGA ...)
* Algorithm strength modeling and evaluation metrics
* Hashing functions pre-image attacks
* Crypto where you wouldn't think there is
We highly encourage any other presentation topic that we may not even =20=
imagine.
--[ Submissions:
[*] Required information:
Submitions must (see RFC 2119 for the meaning of this word) contain the
following information:
* Speaker's name or alias
* Biography
* Presentation Title
* Description
* Needs: Internet? Others?
* Company (name) or Independent?
* Address
* Phone
* Email
* Demo (Y/N)
We highly encourage and will favor presentations with a demo.
Submissions may contain the following information:
* Tool
* Slides
* Whitepaper
[*] How to submit:
Submit your presentation and materials at:
http://hackitoergosum.org/apply/
--[ Workshops:
If you want to organize a workshop or any other activity during the =20
conference,
you are most welcome. Please contact us at:
hes2011-orga@lists.hackitoergosum.org
--[ Dates:
2010-11-15 Call for Paper
2011-02-20 Submission Deadline
2011-02-21 Acceptance notification
2011-03-01 Program announcement
2011-04-07 Start of conference
2011-04-09 End of conference
--[ Program Committe:
The submissions will be reviewed by the following program committee:
* Tavis Ormandy (Google) @taviso
* Matthew Conover (Symantec) @symcmatt
* Jason Martin (SDNA Consulting, Shakacon)
* Stephen Ridley @s7ephen
* Mark Dowd (AzimuthSecurity) @mdowd
* Tiago Assumpcao
* Alex Rice (Facebook) facebook.com/rice
* Pedram Amini (ZDI) @pedramamini
* Erik Cabetas
* Dino A. Dai Zovi (Trail Of Bits) @dinodaizovi
* Alexander Sotirov @alexsotirov
* Barnaby Jack (IOActive) @barnaby_jack
* Charlie Miller (SecurityEvaluators) @0xcharlie
* David Litchfield (V3rity Software) @dlitchfield
* Lurene Grenier (Harris) @pusscat
* Alex Ionescu @aionescu
* Nico Waisman (Immunity) @nicowaisman
* Philippe Langlois (P1 Security, TSTF, /tmp/lab) @philpraxis
* Jonathan Brossard (Toucan System, P1 Code Security, /tmp/lab) =20
@endrazine
* Matthieu Suiche (MoonSols) @msuiche
* Piotr Bania @piotrbania
* Laurent Gaffi=E9 (Stratsec) @laurentgaffie
* Julien Tinnes (Google)
* Brad Spengler (aka spender) (Grsecurity)
* Silvio Cesare (Deakin University) @silviocesare
* Carlos Sarraute (Core security)
* Cesar Cerrudo (Argeniss) @cesarcer
* Daniel Hodson (aka mercy) (Ruxcon)
* Nicolas Ruff (E.A.D.S) @newsoft
* Julien Vanegue (Microsoft US) @jvanegue
* Itzik Kotler (aka izik) (Security Art) @itzikkotler
* Rodrigo Branco (aka BSDeamon) (Checkpoint) @bsdaemon
* Tim Shelton (aka Redsand) (HAWK Network Defense) @redsandbl4ck
* Ilja Van Sprundel (IOActive)
* Raoul Chiesa (TSTF)
* Dhillon Andrew Kannabhiran (HITB) @hackinthebox
* Philip Petterson (aka Rebel)
* The Grugq (COSEINC) @thegrugq
* Emmanuel Gadaix (TSTF) @gadaix
* Kugg (/tmp/lab)
* Harald Welte (gnumonks.org) @LaF0rge
* Van Hauser (THC)
* Fyodor Yarochkin (Armorize) @fygrave
* Gamma (THC, Teso)
* Pipacs (Linux Kernel Page Exec Protection)
* Shyama Rose @shazzzam
--[ Fees:
Business-ticket (3 days) 120 EUR
Public entrance (3 days) 80 EUR
Discount for Students below 26 (3 days) 40 EUR
Discount for CVE publisher or exploit publisher in 2010-2011(3d) 40 EUR
One-day pass 40 EUR
Volunteers (Must register, see below) (3 days) 0 EUR
--[ Trainings
The list of trainings for HES2011 will be announced shortly after CFP =20=
publishing.
You can still send us training description to hes2011-orga =20
AT_lists.hackitoergosum.org
if you want to offer some training. Trainings will happen from Monday =20=
4th of April until
Wednesday 6th of April, just before the conference.
--[ Sponsors:
We are looking for sponsors.
Entrance fees and sponsors fees are used to fund international =20
speakers travel
costs and hosting facility. Please ask for the HES2011 Sponsor Kit at
hes2011-orga __AT__ lists.hackitoergosum.org.
--[ Volunteers:
Volunteers who sign up before 2011-03-01 get free access and will =20
need to be
present onsite two days before (2011-04-05) if no further arrangement =20=
is made
with the organization.
--[ Journalists:
Journalists are welcome, but are required to comply with simple rules =20=
to ensure
the mutual respect among adults we aim to bring in hackito. In =20
particular,
filming or taking pictures of attendees without their prior agreement =20=
is totally
prohibited. "We shall respect privacy and people" is the only motto.
--[ Greetz:
We would like to thank the HES2010 Team, its reviewing committee and =20
all the
volunteers for their time and dedication in making this event a success.
Thumbs up to the /tmp/lab hackerspace for their support and the final =20=
HES
party which was a tremendous success.
We would also like to greet all the speakers of last year's edition =20
for the
quality of their presentation and the great time we shared in Paris : =20=
you are
all most welcome back in Paris for the 2011 edition.
Likewise, we'd like to thank last year's sponsors for their =20
unconditional
support. Feel free to support us again for this 2011 edition.
Finally, we would like to thank all the people that participated to =20
last years
edition : the conference is the people :) See you all in April !
--[ Contact:
hes2011-orga __AT__ lists.hackitoergosum.org
Hackito Ergo Sum 2011 conference - http://hackitoergosum.org
Hacker Space Festival - http://www.hackerspace.net
-- [ Social Media:
Keep in touch with the HES Organization via Facebook, Twitter and =20
Linkedin !
"Hackito Ergo Sum" on Facebook -
http://www.facebook.com/pages/Hackito-Ergo-Sum/376978867704
@HackitoErgoSum on Twitter ! - https://twitter.com/HackitoErgoSum
HackitoErgoSum on Linkedin ! - http://www.linkedin.com/groups?=20
gid=3D2861584
-=20
[EOF]-------------------------------------------------------------------=20=
---