Hitcon2013 overview

HITCON 2013
Overview
Spin Lai
2013年8月30日星期五

HITCON

‣ CHROOT
‣ IRC
‣Wall of Sheep
‣Wargame

Wall of Sheep

Source : http://dougsdevotions.com/2013/07/who-is-going-after-the-lost-sheep-vol-52/

Source : http://www.restkultur.net/gray-wolves-norway.html

‣ July 19 ~ July 20
‣ 3 tracks
‣ 36 speakers
‣ 14 countries

Highlights

‣ Cyberwars
‣APT
‣Vulnerability & Exploit
‣ Mobile

Cyberwars

People’s Republic of Cyber Warfare :
Comparing China, Iran & Russia Militarization of
Cyberspace
駭客人民共和國 : 中國伊朗跟俄羅斯網軍的分析與比較

Global Cyber Espionage and Chinese Hacker
Threats, Internet Surveillance and PRISM
全球間諜 : 互聯網監控全球趨勢, 稜鏡門與中國駭客威脅論

Edward Snowden

How South Korea Makes White-hat Hackers 2013
edition
南韓如何培養白帽駭客?

‣ Government
‣ Industry
‣The Community
Motivation

• North Korea
• Need good hackers
• Support the community (secret)
• Push industry
Government

• Money talks
• Cyber attacks is real
• Strict law
• Result in over 200 security companies
Industry

• Hacking competitions from 1999
• Passionated on Defcon CTF
• Inspired by world class hackers
• Try to make something themselves
The community

‣The Community
‣ Industry
‣Academy
‣ Government
Actions

• Over 10 hacking contests/conferences per year
• http://hackerschool.org
• KOSEC (Korea Security)
• Nurturing for next generation
The community

• Support conferences and hacker’s activity
• Give back to the community
• Work for security company instead of military
service
Industry

• Universities have infosec related majors
• Universities have MOU with Cyber command
• Full scholarship for cyber warfare students
• Go to Army after graduation (for 5 years)
Academy

• Eager to hire skilled hackers
• KISA (Korea Internet & Security Agency)
• NCSC (National Cyber Security Center)
• Cyber command
• BoB (Best of the Best)
Government

Advanced Persistent Threat

‣Targeted
‣ Long-term
‣ Planned
‣ Organized
APT

‣ Dark Seoul (2013/03/20)
‣ Sony PSN (2011/04)
‣ RSA (2011/03/17)
‣ Google (2010/01/12)
Case study

Dark Seoul (2013/03/20)

Sony PSN (2011/04)

RSA (2011/03/17)

Google (2010/01/12)

APT Defense From theView of Security
Architecture
從系統設計建置面談 APT 防禦

Visual Data Analytics - Graphing your indicators
APT 特徵的視覺資料分析法

‣ Huge amount of data
‣The old way
‣ Data visualization
Overview

• Domains
• IP addresses
• Malware strings
• Assembly codes
• Net ﬂows ...
Huge amount of data

The old way

Data visualization

Digital Eagle Eye System : Use Cyber Intelligence
against APT Attacks
數位鷹眼系統 : 以網路數位情資對抗 APT 攻擊

APT Cyber Shuttle : From Automated Analysis to
TTP Observation
APT 網際飛梭 : 從自動化分析到拆解 APT 後台駭客活動

APT1 :Technical Backstage
APT1 : 反攻網軍後台

Light & Shadow about Banking Security@Japan
光與影 : 日本銀行業的資訊安全

‣ Net-banking security practices
‣ Business strategies
‣The result of a Power Balance
‣ Study and solutions
Overview

• Screen keyboards
• Eliminating popup windows
• Password Reminder
• One Time Password (Bingo Card)
• One Time Password (Send by e-mail)
Net-banking security practices

• Net-banking service enabled by default
• Prefer to do what others are doing
• Customer expectation
Business strategies

• Money talks
• Banks became customer of ‘self-consequence’
• Systems Integrators become ‘ingratiating’
• Solutions for delighting banks
• No risk analysis !
The result of a Power Balance

• Convenience is the enemy of security
• Less differentiation, less confusion
• Enable the service when needed
• Use credit card instead of wire transfer
Study and solutions

Vulnerability
&
Exploit

Life of Coder:The adventure through the landscape
of bugs
程序員的蟲洞漂流

Killing AV in x64
戳戳防毒軟體死穴

0-Day Easy Talk - Happy Fuzzing Internet Explorer
0-Day 輕鬆談 - Happy Fuzzing Internet Explorer

How Can I Have 100 0-day for Just 1 Day
超級秘訣 - 一天擁有100個0-day

‣ Fuzzy testing
‣Why ActiveX?
‣ Steps
Overview

• Black-box testing
• Random (Malformed) input data
• Monitoring the exceptions
• Find a exploitable vulnerability
Fuzzy testing

• Each module’s size is small
• Easy to collect ActiveX
• So many vulnerabilities existed
• Damage is huge
Why ActiveX?

Steps

Exploting JRE
JRE安全机制与漏洞挖掘研究

Mobile

Review of SecurityVulnerabilities on the Android
Platform
Android 平台安全性漏洞回顧

Escaping Android Dynamic Analysis; Chinese New
Year Train Ticket Ordering Day
逃離安卓動態檢測 & 訂票助手一日談

Android Hooking Attack

GSM Security Research using Open Soruce Tools
以開源軟體進行GSM安全研究

Others

Breaking image CAPTCHA for fun
CAPTCHA 好好玩

‣ Bypass
‣ Skill
‣ Brute force
CAPTCHA Breaking

• Alternative form
Bypass

• OCR
• Statistic
• Curve-ﬁtting (FFT)
• Analytic
Skill

• Database matching
• Effective brute force
Brute force

‣ FFT
‣ Histogram
‣ Longest path ﬁnding
And more ...

Browser and Local Zone
瀏覽器與本地域

‣What is zone?
‣ Zones in IE
‣Attack types
Overview

• Data separation
• Privilege separation
What is zone?

• Internet
• Local Intranet
• Trusted Sites
• Restricted sites
• Local Computer (hidden)
Zone in IE

• Probe local path/file from the Internet Zone
• Access local file from the Internet Zone
• Access local file from the Local Computer
Zone
Attack types

Conclusion

‣ Government
‣ Organization
‣ Developer
‣ User
What should we do?

Don't be an ostrich

Hitcon2013 overview

Recommended

Recommended

More Related Content

Featured

Featured (20)

Hitcon2013 overview