First USENIX Workshop on Offensive Technologies (WOOT '07)

Preliminary Workshop Program

Please Note: This workshop is by invitation and/or acceptance of paper submission.

All sessions will take place in Conference Room 2 (5th Floor) of the Sheraton Boston Hotel unless otherwise noted.

Sunday, August 5, 2007

5:00 p.m.–7:00 p.m.    On-site Registration, Constitution Foyer

5:30 p.m.–7:00 p.m.

USENIX Security '07 Welcome Get-Together
Constitution Foyer

Monday, August 6, 2007

7:30 a.m.–5:00 p.m.    On-site Registration, Constitution Foyer

9:00 a.m.–9:15 a.m.

Welcome

9:15 a.m.–10:15 a.m.

Invited Talk
Fast-Flux DNS and Overlay Networks Using Botnets
David Dagon, Georgia Institute of Technology

10:15 a.m.–10:30 a.m.    Break

10:30 a.m.–12:30 p.m.

From the Metal to the Infrastructure

Flayer: Exposing Application Internals
Will Drewry and Tavis Ormandy, Google, Inc.
Read the paper in PDF | HTML
Exploiting Concurrency Vulnerabilities in System Call Wrappers
Robert N. M. Watson, Computer Laboratory, University of Cambridge
Read the paper in PDF
The ND2DB Attack: Database Content Extraction Using Timing Attacks on the Indexing Algorithms
Ariel Futoransky, Damián Saura, and Ariel Waissbein, Core Security Technologies
Read the paper in PDF | HTML
Billing Attacks on SIP-Based VoIP Systems
Ruishan Zhang, Xinyuan Wang, Xiaohui Yang, and Xuxian Jiang, George Mason University
Read the paper in PDF | HTML

12:30 p.m.–1:45 p.m.    Workshop Luncheon, Conference Room 1 (5th Floor)

1:45 p.m.–3:15 p.m.

Sniffing and Scanning

BlueSniff: Eve Meets Alice and Bluetooth
Dominic Spill and Andrea Bittau, University College London
Read the paper in PDF | HTML
Toward Undetected Operating System Fingerprinting
Lloyd G. Greenwald and Tavaris J. Thomas, LGS Bell Labs Innovations
Read the paper in PDF | HTML
Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms
Matt Van Gundy, University of California, Davis; Davide Balzarotti and Giovanni Vigna, University of California, Santa Barbara
Read the paper in PDF | HTML

3:15 p.m.–3:40 p.m.    Break

3:40 p.m.–4:40 p.m.

Hidden Attacks

An Encrypted Exploit Payload Protocol and Target-Side Scripting Engine
Dino A. Dai Zovi, Two Sigma Investments
Read the paper in PDF | HTML
Exploiting Redundancy in Natural Language to Penetrate Bayesian Spam Filters
Christoph Karlberger, Günther Bayler, Christopher Kruegel, and Engin Kirda, Secure Systems Lab, Technical University Vienna
Read the paper in PDF | HTML

4:40 p.m.–5:40 p.m.

Five Minute Madness

Works-in-progress, outrageous opinions, and wild ideas on the future of attacks

Need help? Use our Contacts page.

Last changed: 21 Aug. 2007 jel