[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP




             Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP

                       ** http://hackitoergosum.org **

                       7-9 April 2011 / Paris / France


111111111111111111111111111111111111111111111111111111111111111111111111 1111111 111111111111111111111111111111111111111111111111111111111111111111111111 1111111 111111111111111111111111111111111111111111111111111111111111111111111111 1111111 111111111111111111110000000011111111111111111111111000001111111111111111 1111111 111111111111111111110000000011111111111111111111111000001111111111111111 1111111 111111111111111111110000000011111111111111111111111000001111111111111111 1111111 111111111111111111110000000011111111111111111111111000001111111111111111 1111111 111111111111100000000000000000000000000000000000000000000000000011111111 1111111 111111111111100000000000000000000000000000000000000000000000000011111111 1111111 111111111111100000000000000000000000000000000000000000000000000011111111 1111111 111111111111100000000000000000000000000000000000000000000000000011111111 1111111 111110000000000000001111111111111110000000011111111111111100000000000000 0111111 111110000000000000001111111111111110000000011111111111111100000000000000 0111111 111110000000000000001111111111111110000000011111111111111100000000000000 0111111 111110000000000000001111111111111110000000011111111111111100000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000000000000000000000000000000000000000000000000000000000000000 0111111 111110000000011111110000000011111110000000011111111000000011111111000000 0111111 111110000000011111110000000011111110000000011111111000000011111111000000 0111111 111110000000011111110000000011111110000000011111111000000011111111000000 0111111 111110000000011111110000000011111110000000011111111000000011111111000000 0111111 111111111111100000001111111100000000111111100000000111111100000011111111 1111111 111111111111100000001111111100000001111111100000000111111100000011111111 1111111 111111111111100000001111111100000001111111100000000111111100000011111111 1111111 111111111111100000001111111100000001111111100000000111111100000011111111 1111111 111111111111111111111111111111111111111111111111111111111111111111111111 1111111 111111111111111111111111111111111111111111111111111111111111111111111111 1111111
1111111111111111111111111111111111111111111111111
1111111111111111111111111111111111111111111111111        HES 2011
1111111111111111111111111111111111111111111111111  Paris, 7-9 April 2011
1111111111111111111111111111111111111111111111111
111111111111111111111111111111111111111111111111111111111111111111111111 1111111 111111111111111111111111111111111111111111111111111111111111111111111111 1111111




--[ Synopsis:

Hackito Ergo Sum conference will be held from April 7th to the 9th of 2011
in Paris, France.

Following last edition's success, HES2011 will be a bigger event with even more
talks, focusing on hardcore computer & network security, insecurity,
vulnerability analysis, reverse engineering, research and hacking, and will try
to keep the high quality content. Our dear Program Committee is there to
ensure this.

HES will this year be a fully international-oriented conference, 100% in
English, aiming to gather the best security researchers, experts and decision
makers in one room.


--[ Introduction:

The goal of this conference is to promote security research, broaden public
awareness and create an open forum so that communication between the
researchers, the security industry, the experts and the public can happen.

Last year, we pioneered a domain with the first Capture The Flag (CTF) contest on FPGA, with excellent result that exceeded by far our expectations. This year, new contests will run with hopefully even more diverse and new approaches to security. Of course, network-based CTF and lockpicking contest will still
happen.

We will have a specific session for new works, including slots for new
presenters -i.e. typically people whose personal research are extremely
interesting but who do not usually present at conferences- because
security innovations occur at the fringe of the security industry, very often by passionate people, and that's what we are and love. Submissions from students, academics or otherwise passionate people from anywhere on the internet are
therefore most welcome.

We will also have an anonymous side track so that people who wish to present sensitive subjects can do so in total freedom. As we believe the academic system as setup a good precedent with anonymous submissions, review and voting, we wish to pursue this direction by providing researcher a way to share important contribution without being concerned
with politics and other non-research influences.

This conference will try to take into account all voices in order to reach a
balanced position regarding research and security, inviting businesses,
governmental actors, researchers, professionals and the general public to share
concerns, approaches and interests for this topic.

During three days research conferences, solutions presentations, panels and
debates will aim to view and determine the future of IT security.


--[ Content of the Research Track:

We are expecting submissions in English only.
The format will be 45 mins presentation + 10 mins Q&A.

Please note that talks whose content will be judged too commercial or biased
toward a given vendor will be rejected.

For the research track, preference will be given to offensive, innovative and highly technical proposals covering (but not restricted to) the topics below:

 [*] Attacking Software
    * Automating vulnerability discovery
    * The business of the 0-day market
    * Non-x86 exploitation
    * New classes of software vulnerabilities and new methods to detect
      software bugs (source or binary based)
    * Static and Dynamic binary or source-based analysis
* Current exploitation on Gnu/Linux WITH GRsecurity/SElinux/ OpenWall/SSP
      and other current protection methods
    * Kernel land exploits (new architectures or remote only)
    * New advances in Attack frameworks and automation
* Secure Development Life Cycle and real-life development experiences

 [*] Attacking Infrastructures
    * Botnets and C&C abuses
    * Exotic Network Attacks
    * Telecom (from VoIP to SS7 to GSM & 3G/4G RF hacks)
    * Financial and Banking institutions
    * SCADA and the industrial world, applied.
* Governmental firewall and their limits (Australia, French's HADOPI,
      China, Iran, Denmark, Germany, ...)
    * Law enforcement : how to / how to deceive / how to abuse.
    * Satellites, Military, Intelligence data collection backbones
      ("I hacked Echelon and I would like to share")
    * Non-IP (SNA, ISO, make us dream...)
    * M2M
    * Wormable vulnerabilities against protocols & infrastructures

 [*] Attacking Hardware
    * Hardware reverse engineering (and exploitation + backdooring)
    * Femto-cell hacking (3G, LTE, ...)
    * BIOS and otherwise low-level exploitation vectors
* Real-world SMM usage! We know it's vulnerable, now let's do something
    * WiFi drivers and System on Chip (SoC) overflow, exploitation and
      backdooring.
    * Gnu Radio hacking applied to new domains

 [*] Attacking Crypto
    * Practical crypto attacks from the hacker's perspective
      (RCE, algo modeling, bruteforce, FPGA ...)
    * Algorithm strength modeling and evaluation metrics
    * Hashing functions pre-image attacks
    * Crypto where you wouldn't think there is

We highly encourage any other presentation topic that we may not even imagine.

--[ Submissions:

    [*] Required information:

Submitions must (see RFC 2119 for the meaning of this word) contain the
following information:

* Speaker's name or alias
* Biography
* Presentation Title
* Description
* Needs: Internet? Others?
* Company (name) or Independent?
* Address
* Phone
* Email
* Demo (Y/N)

We highly encourage and will favor presentations with a demo.

Submissions may contain the following information:
* Tool
* Slides
* Whitepaper

    [*] How to submit:

Submit your presentation and materials at:
http://hackitoergosum.org/apply/


--[ Workshops:

If you want to organize a workshop or any other activity during the conference,
you are most welcome. Please contact us at:
    hes2011-orga@xxxxxxxxxxxxxxxxxxxxxxxx


--[ Dates:

2010-11-15    Call for Paper
2011-02-20    Submission Deadline
2011-02-21    Acceptance notification
2011-03-01    Program announcement
2011-04-07    Start of conference
2011-04-09    End of conference

--[  Program Committe:

The submissions will be reviewed by the following program committee:
* Tavis Ormandy (Google) @taviso
* Matthew Conover (Symantec) @symcmatt
* Jason Martin (SDNA Consulting, Shakacon)
* Stephen Ridley @s7ephen
* Mark Dowd (AzimuthSecurity) @mdowd
* Tiago Assumpcao
* Alex Rice (Facebook) facebook.com/rice
* Pedram Amini (ZDI) @pedramamini
* Erik Cabetas
* Dino A. Dai Zovi (Trail Of Bits) @dinodaizovi
* Alexander Sotirov @alexsotirov
* Barnaby Jack (IOActive) @barnaby_jack
* Charlie Miller (SecurityEvaluators) @0xcharlie
* David Litchfield (V3rity Software) @dlitchfield
* Lurene Grenier (Harris) @pusscat
* Alex Ionescu @aionescu
* Nico Waisman (Immunity)  @nicowaisman
* Philippe Langlois (P1 Security, TSTF, /tmp/lab) @philpraxis
* Jonathan Brossard (Toucan System, P1 Code Security, /tmp/lab) @endrazine
* Matthieu Suiche (MoonSols) @msuiche
* Piotr Bania @piotrbania
* Laurent Gaffié (Stratsec) @laurentgaffie
* Julien Tinnes (Google)
* Brad Spengler (aka spender) (Grsecurity)
* Silvio Cesare (Deakin University) @silviocesare
* Carlos Sarraute (Core security)
* Cesar Cerrudo (Argeniss) @cesarcer
* Daniel Hodson (aka mercy) (Ruxcon)
* Nicolas Ruff (E.A.D.S) @newsoft
* Julien Vanegue (Microsoft US) @jvanegue
* Itzik Kotler (aka izik) (Security Art) @itzikkotler
* Rodrigo Branco (aka BSDeamon) (Checkpoint) @bsdaemon
* Tim Shelton (aka Redsand) (HAWK Network Defense) @redsandbl4ck
* Ilja Van Sprundel (IOActive)
* Raoul Chiesa (TSTF)
* Dhillon Andrew Kannabhiran (HITB) @hackinthebox
* Philip Petterson (aka Rebel)
* The Grugq (COSEINC) @thegrugq
* Emmanuel Gadaix (TSTF) @gadaix
* Kugg (/tmp/lab)
* Harald  Welte (gnumonks.org) @LaF0rge
* Van Hauser (THC)
* Fyodor Yarochkin (Armorize) @fygrave
* Gamma (THC, Teso)
* Pipacs (Linux Kernel Page Exec Protection)
* Shyama Rose @shazzzam

--[ Fees:

Business-ticket (3 days)                                         120 EUR
Public entrance (3 days)                                         80 EUR
Discount for Students below 26  (3 days)                         40 EUR
Discount for CVE publisher or exploit publisher in 2010-2011(3d) 40 EUR
One-day pass                                                     40 EUR
Volunteers (Must register, see below)  (3 days)                   0 EUR

--[ Trainings

The list of trainings for HES2011 will be announced shortly after CFP publishing. You can still send us training description to hes2011-orga AT_lists.hackitoergosum.org if you want to offer some training. Trainings will happen from Monday 4th of April until
Wednesday 6th of April, just before the conference.

--[ Sponsors:

We are looking for sponsors.
Entrance fees and sponsors fees are used to fund international speakers travel
costs and hosting facility. Please ask for the HES2011 Sponsor Kit at
    hes2011-orga __AT__ lists.hackitoergosum.org.

--[ Volunteers:

Volunteers who sign up before 2011-03-01 get free access and will need to be present onsite two days before (2011-04-05) if no further arrangement is made
with the organization.

--[ Journalists:

Journalists are welcome, but are required to comply with simple rules to ensure the mutual respect among adults we aim to bring in hackito. In particular, filming or taking pictures of attendees without their prior agreement is totally
prohibited. "We shall respect privacy and people" is the only motto.


--[ Greetz:

We would like to thank the HES2010 Team, its reviewing committee and all the
volunteers for their time and dedication in making this event a success.
Thumbs up to the /tmp/lab hackerspace for their support and the final HES
party which was a tremendous success.

We would also like to greet all the speakers of last year's edition for the quality of their presentation and the great time we shared in Paris : you are
all most welcome back in Paris for the 2011 edition.

Likewise, we'd like to thank last year's sponsors for their unconditional
support. Feel free to support us again for this 2011 edition.

Finally, we would like to thank all the people that participated to last years
edition : the conference is the people :) See you all in April !


--[ Contact:

hes2011-orga __AT__ lists.hackitoergosum.org

Hackito Ergo Sum 2011 conference - http://hackitoergosum.org

Hacker Space Festival - http://www.hackerspace.net

-- [ Social Media:
Keep in touch with the HES Organization via Facebook, Twitter and Linkedin !

"Hackito Ergo Sum" on Facebook  -
        http://www.facebook.com/pages/Hackito-Ergo-Sum/376978867704

@HackitoErgoSum on Twitter ! - https://twitter.com/HackitoErgoSum

HackitoErgoSum on Linkedin ! - http://www.linkedin.com/groups? gid=2861584


- [EOF]------------------------------------------------------------------- ---