9/11
直播連結:國際會議廳 R0
第一會議廳 R1
第二會議廳 R2
遠距會議室 R3
交誼廳 R4
報到時間
嘉賓致詞
總召致詞 & Opening
Industrial Cybersecurity Landscape in 2020: Trends, Challenges, and Opportunities
劉榮太
Break
[ HITCON 論壇 ] 金融業如何迎擊數位戰場的第一道烽火
翁浩正 蔡福隆 處長 郭建中 董事長 蘇清偉 資安長 劉培文 執行副總經理
A Million Boluses: Discovery and Disclosure of Vulnerabilities in an Insulin Pump
Julian Suleder
Lunch
[ HITCON 論壇 ] 主動式資安防禦策略,解決 OT 資安相依性風險
毛敬豪 所長 劉榮太 執行長 鄭嘉信 執行長 楊瑞祥 技術長 王仁甫 總監
APT Chimera - Operation targets Semiconductor Vendors
陳仲寬 Inndy Lin JohnThunder
人力徵才
Bug Bounty Competition
Break
[ HITCON 論壇 ] 如何兼顧疫情控制與隱私保護
李柏鋒 OCF 簡宏偉 處長 龐一鳴 處長 劉宇倫 醫師 Sherry Chung MyData Taiwan
網軍內網滲透之奇技淫巧 (Operation: I am Tom)
zha0 Tom Aragorn
Bug Bounty Competition
TDOH Village
Coffee Break
[ HITCON 論壇 ] 疫情後資安人才培育的挑戰與契機
Alan Lee 黃俊穎 博士 Tzong-Chen Wu Seungjoo Kim Kana Shinoda Yan Shoshitaishvili
Reversing In Wonderland: Neural Network Based Malware Detection Techniques
Sheng-Hao Ma Shin-Ming Cheng
Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
Joey Chen
5G Village Session
Break
A CTF-Style Escape Journey on VMware Workstation
Yanyu Zhang
5G Village Session
Closing
9/12
直播連結:國際會議廳 R0
第一會議廳 R1
第二會議廳 R2
遠距會議室 R3
交誼廳 R4
報到時間
Opening
Break
Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot
Cheng-Yu Chao
Bug hunting from zero to 0(day) to ($)0
Anthony Lai Byron Wai Ken Wong
CTI Village
Break
From LNK to RCE: Finding bugs in Windows Shell Link Parser
Lays
Potential Security and Privacy Issues in Novel Taiwanese National eID system
何明洋
First step in the quest for manufacturing cyber-resilient IoT devices
Jun Sato 張智翔
CTI Village
Break
RE: 從零開始的 OOO DEF CON CTF & DEFCON 28 準備與競賽分享
ddaa yuawn
LEAYA: Last Exploitation 絢 - An Embedded System Detection and Response
cp zet freetsubasa
Exploit (Almost) All Xiaomi Routers Using Logical Bugs
Aobo Wang Jihong Zheng
CTI Village
Lunch
協會時間
Break
Development of Signaling Spoofing Attacks Using Function Containerization of Rogue Base Stations
Shin-Ming Cheng Bing-Kai Hong
Guarding the Factory Floor: Catching Insecure Industrial Robot Programs
Federico Maggi Davide Quarta Marcello Pogliani Stefano Zanero Marco Balduzzi
CTI Village
Break
-
Bug Bounty X Router X IP Cam X 電子支付
The Great Hotel Hack: Adventures in attacking hospitality industry
Etizaz Mohsin
CTI Village
Coffee Break
Lightning Talk / 閉幕 / 花絮與展望 HITCON 2021
[ HITCON 論壇 ] 疫情後資安人才培育的挑戰與契機
議程摘要 Abstract
主持人:Alan Lee, Manager of MTK/ HITCON CTF Team Lead, Taiwan
與談人:
- Tzong-Chen Wu, Distinguished Professor, NTUST, Taiwan
- Prof Seungjoo Kim, Korea University, Korea
- Kana Shinoda, Code Blue, Japan
- Yan Shoshitaishvili, DEFCON CTF Organizator/Assistant Professor at Arizona State University, United States
主題:主疫情後資安人才培育的挑戰與契機
主題概述
2020年,因疫情很多事物改變了,不僅上課改遠距,許多重要資安研討會和駭客競賽也都改為線上,這樣的模式會影響資安技術交流嗎?在這場議程討論中,我們邀請許多致力於資安交流和競賽的大神,日本CodeBlue創辦者Kana,Korea University教授Kim,剛剛將DEFCON CTF決賽改為線上的OOO負責人Yan,以及在國內致力推動新一代資安人才培育的吳宗成教授,來談談這場改變造成多大的影響?我們能否將這場危機化為轉機? 把握大神分享世界觀的時機,就在這場"疫情後資安人才培育的挑戰與契機"!
Alan Lee
李倫銓,HITCON CTF 領隊與CTF競賽負責人,曾帶領台灣駭客戰隊取得世界駭客大賽 DEFCON CTF 亞軍,他也協助規劃每年的HITCON CTF競賽並推動其成為DEFCON CTF種子賽事。他也規劃了2017-2019的HITCON Badge活動推動硬體資安人才培育。他目前任職於聯發科技 IT 部門。
黃俊穎 博士
黃俊穎博士目前於交通大學資訊工程學系擔任教授一職。 黃博士的研究興趣包括系統安全及多媒體網路領域。他亦主持或協同主持多件網路與系統安全相關的教學、研究與產學合作計畫, 其中包括教育部資安人才培育計畫(ISIP和AIS3)和科技部交大資通安全教學與研究中心(TWISC@NCTU)。黃博士於2014年獲ACM台灣/台北分會李國鼎青年研究獎,並於2020年獲交大教學優良獎。除了教學和研究工作外,黃博士也熱衷於社群服務。他是交大網路安全策進會(bamboofox)的指導老師之一,目前也擔任中華民國資訊安全學會秘書長。
Tzong-Chen Wu
Seungjoo Kim
Seungjoo (Gabriel) Kim is a professor of School of Cybersecurity, Korea University from 2011 and his research areas focus on security by design, security assessment & authorization, blockchain and crypto engineering.
For the past seven years, he was an associate professor of Sungkyunkwan University and has five years of background of team leader of KISA(Korea Internet & Security Agency).
In addition to being a professor, he is positioning a director of ARC(Army RMF Research Center), a director of CHAOS(Center for High-Assurance Operating Systems), a head of SANE(Security Assessment aNd Engineering) Lab, an adviser of undergraduate hacking club 'CyKor (DEFCON CTF 2015 & 2018 winner)' of Korea University from from 2011 to February 2020, and a founder/advisory director of an international security & hacking conference 'SECUINSIDE'.
His numerous professional focus on a presidential committee member on the 4th industrial revolution and an advisory committee member of several public and private organizations. He also taught at the Korea Military Academy.
Twitter: @skim71 / Homepage: www.KimLab.net
Kana Shinoda
From her various experiences running international conferences such as Black Hat Japan, APWG and others, Ms. Kana Shinoda founded the information security conference “Code Blue” with the purpose of introducing excellent-but-unknown researchers to Japan and the world. The aim of the Code Blue security conference is to create official and unofficial relationships between researchers across borders.
Yan Shoshitaishvili
Yan Shoshitaishvili is an assistant professor at Arizona State University, where he pursues research in automated program analysis and vulnerability identification techniques. As part of this, Yan led Shellphish's participation in the DARPA Cyber Grand Challenge, applying his research to the creation of a fully autonomous hacking system that won third place in the competition. Underpinning this system is angr, an open-source binary analysis project created by Yan (and others!) over the years. When he is not doing research, Yan is pushing the area of cybersecurity competitions into the future from his position on the Order of the Overflow, the organizers of DEF CON CTF. Recently, he launched pwn.college, a cybersecurity education platform to bootstrap the next generation of hackers!