[HGI-News-de] SPECIAL HGI Kolloquium Do, 25.3.10

Newsletter des Horst Görtz Instituts hgi-news-deutschland at lists.ruhr-uni-bochum.de
Di Mär 23 11:12:10 CET 2010 

Hallo,

im Rahmen des HGI Kolloquiums "Aktuelle Themen der IT-Sicherheit" findet diesen *Donnerstag* den 25.3.2010 ein besonderes HGI Kolloquium mit Gästen aus Russland statt. Es werden diesmal 4(!) interessante Kurzvortrage über aktuelle Foschungsprojekte von je 10 Minuten Dauer, mit je 5 Minuten Diskussion angeboten.


Termin:
Donnerstag, der 25. März um  11.00 Uhr (*s.t.*)
Raum: IC 4/161

Interessierte sind herzlichst eingeladen!


Sprecher, Titel und Abstracts wie folgt:

1. Sergey Cherementsev
Title: Kernel-level Antirootkit for Linux
Abstract: Nowadays there are no antirootkits, which are able to resist kernel-level rootkits in Linux effectively. I am proposing an antirootkit, which is characterized by the following features:  1) kernel service information integrity control; 2) kernel image control on hard disk; 3) executable kernel code integrity control in RAM; and 4) executable kernel code analysis (searching for branches out of kernel). The first two points can be implemented easily, so the presentation will focus on the latter two.

2. Alexander Vernigora
Title: eToken Smart-Cards in Banking and eCommerce
Abstract: This presentation summarizes my diploma project, which is devoted to smart-cards, particularly the products of "Aladdin" company eToken smart-cards in banking and eCommerce. My goal is to develop a client-server system for eCommerce where eToken smart-cards will perform majority of the protection and cryptographic functions and provide reliability. I will show how it works and discuss its advantages.

3. Ekaterina Shchetkina, Oxana Bulynina
Title: The BIND Birthday Attack
Abstract: To perform this attack, one needs to send a sufficient number of queries to a vulnerable nameserver, while sending an equal number of phony replies at the same time. Because the flaw in the BIND software generates multiple queries for the same domain name at the same time, one encounters statistically improved odds of hitting the exact transaction ID. This is the classic "Birthday Attack", which is derived from the "Birthday Paradox". Our presentation also includes an explanation of Birthday Paradox, paradox application to weak hash-functions, attacks on the basis of paradox are considered.

4. Anton Rechkov
Title: Splitting variables for machine byte code
Abstract: In modern obfuscators one can often find such methods as dead code, transformation cycles, conversion static to procedural data, but splitting variables has not be encountered by me in public sources. I would like to present my decisions for this method.



Informationen über die nächsten geplanten Vorträge im Rahmen des HGI Kolloquiums sind auch im Web zu finden:
http://www.hgi.rub.de/hgi/hgi-seminar/aktuelles


Viele Grüße,
Timo Kasper

Mehr Informationen über die Mailingliste Hgi-News-Deutschland