Troopers 2014 – First Round of Talks Selected

We’re delighted to provide the first announcement of talks of next year’s Troopers edition. Looks like it’s going to be a great event again 😉
Here we go:


Toby Kohlenberg: Granular Trust – Making it Work

Over the last 5 years the concept of using dynamic or granular trust models to control access to systems, networks and applications has become well known and is now seeing partial adoption in many places. The challenge is how granular and dynamic can you get and the question is whether it is worth it. As the architect of Intel’s trust model Toby can speak to the entire journey from initial idea through current implementation and the likely road ahead. This talk will include the good, bad and ugly parts of designing a trust model and then implementing it in a Fortune 50 company’s production environment. You will learn from his mistakes so you can make different ones.

Bio: Toby is a senior information security technologist with Intel corporation. He focuses on securing new and emerging technologies and threats. He has been doing this for a long time.
Florian Grunow: How to Own your Heart – Hacking Medical Devices

In the last few years we have seen an increase of high tech medical devices, including all flavors of communication capabilities. The need of hospitals and patients to transfer data from devices to a central health information system makes the use of a wide range of communication protocols absolutely essential. This results in an increasing complexity of these devices which also increases the attack surface of the equipment. Vendors of medical devices put a lot of effort into safety. This is especially true for devices with feedback to the patient, e.g. medical pumps, diagnostic systems and anesthesia machines.
However, it is often forgotten that the security of these devices is a crucial part in also providing safety. An attacker who is able to gain unauthorized access to these devices may be able to endanger the health of patients.
We decided to take a look at a few devices that are deployed in many major hospitals and probably in hospitals around the world. We focus on the security of these devices and the impact on the patient’s safety. The results will be presented in this talk.

Bio: Florian Grunow holds a Bachelor’s degree in Medical Computer Sciences and a Master’s degree in Software Engineering. He used to work in hospitals and got an inside view on how the daily work of healthcare professionals dealing with IT looks like. He now works as a Security Analyst at ERNW in Heidelberg, Germany, with a focus on application security.

Alexander Polyakov & Dimitry Chastuhin: Injecting Evil Code in your SAP J2EE systems – Security of SAP Software Deployment Server

Why break critical systems themselves when we can attack Deployment Server: the core from which all J2EE code spreads into other systems? The core is called SAP Software Deployment Server and consists of many subsystems like SDM, DTR, CMS. They have their own SVN-like subsystem and Build service.
“By offering a single point of entry for all Java development tools and an integration point for all SAP infrastructure components, the SAP NWDS supports you in developing Web Dynpro and J2EE applications. Application developers do not need to switch between different development environments and can develop, build, deploy, and execute applications centrally from the Developer Studio.”
Isn’t it a perfect victim for an attack? Who cares about the security of Deployment Server? That’s why it is full of issues and it is possible to deploy your own code anonymously without having any access to NWDS using architecture flaws. In the end, your evil code will spread to any system you want, giving you the ability to control every business system.
Come and see how we did it in practice and how to prevent the described attacks.
Alexander Polyakov – CTO at ERPScan
Father of ERPScan Security Monitoring Suite for SAP. His expertise covers the security of critical enterprise software like ERP, CRM, SRM, banking and processing software. Manager of EAS-SEC. Well-known expert on the security of enterprise applications, such as SAP and Oracle. Published a significant number of vulnerabilities, frequently receives acknowledgements from SAP. Author of multiple whitepapers and surveys devoted to SAP security research, for example, the award-winning “SAP Security in Figures”. Invited to speak and train at BlackHat, RSA, HITB, and 35 more international conferences around the globe as well as internal workshops for SAP AG and Fortune 500 companies.
Twitter: @sh2kerr

Dimitry Chastuhin — Head of Penetration Testing Department at ERPScan
Dimitry Chastuhin works upon SAP security, particularly upon Web applications and JAVA systems. He has official acknowledgements from SAP for the vulnerabilities found. Dmitriy is also a WEB 2.0 and social network security geek who found several critical bugs in Google, Adobe, Vkontakte, He was a speaker at BlackHat, HITB, ZeroNights, Brucon.
Ivan Pepelnjak: Security and SDN – A perfect fit or oil-and-water?

Software-defined networks have quickly become one of the most overhyped networking concepts, with vendors promising earth-shattering results … and handwaving over scalability, reliability and security issues.
The presentation will briefly introduce the concepts of SDN and OpenFlow (the tool used to build controller-based networks that require low-level network device control), the security aspects of programmable- and controller-based networks and the potential SDN- and OpenFlow-based security use cases, from scale-out IDS clusters to first-hop network security and user authentication/authorization solutions.

BioIvan Pepelnjak, CCIE#1354 Emeritus, is the chief technology advisor at NIL Data Communications. He has been designing and implementing large-scale service provider and enterprise networks as well as teaching and writing books about advanced technologies since 1990. He’s author of several Cisco Press books , prolific blogger and writer, occasional consultant, and author of a series of highly successful webinars.


Sebastian Schrittwieser & Peter Frühwirt: Security Through Obscurity, Powered by HTTPS

Applications on modern smartphone operating systems are protected against analysis and modification through a wide range of security measures such as code signing, encryption, and sandboxing. However, for network-enabled applications effective attack vectors can be found in their communication protocols. Most applications developers hide the implementation details of their protocols inside an HTTPS connection. While HTTPS is able to protect data leakage during transmission, it is an inadequate protection against protocol analysis. The concept of SSL interception applied to smartphone applications allows analysis and modification of transport protocols with endless possibilities: getting paid extras for free, cheating in games, finding design flaws in protocols, etc. In this talk, we demonstrate, based on several live demos, how application developers sometimes try to protect insecure protocols by wrapping them inside an HTTPS connection and show that known countermeasures are rarely used in practice.

Sebastian Schrittwieser is a lecturer and researcher at the University of Applied Sciences St. Pölten, Austria and PhD candidate at the Vienna University of Technology. His research interests include, among others, digital forensics, software protection, code obfuscation, and mobile security. Sebastian received a Dipl.-Ing. (equivalent to MSc) degree in Business Informatics with focus on IT security from the Vienna University of Technology in 2010.

Peter Frühwirt is a researcher at SBA Research, the Austrian non-profit research institute for IT-Security and lecturer at the Vienna University of Technology. Peter received a Dipl. Ing. (equivalent to MSc) degree in Software Engineering and Internet Computing in 2013. His research interests include mobile security and database forensics.


More talks to follow soon, so stay tuned 😉

See you @Troopers & have a great weekend everybody


Leave a Reply

Your email address will not be published. Required fields are marked *