C2 Security Workshop
This workshop brings together industry professionals, researchers, and students to learn about the latest trends and solutions in security. Organized by student members of the NYU OSIRIS Lab, C2 is generously sponsored by BAE Systems FAST Labs.
Thursday, November 7, 2019
10:30 am - 4:45 pm
NYU Tandon School of Engineering
6 MetroTech Center, EventSpace
Brooklyn, NY 11201
10:00 - 10:30 am | Guest Check-in
10:30 - 10:45 am | Opening Remarks
10:45 - 11:30 am | Brenda So & Trey Keown, Red Balloon Security, A Year in the Life of an ATM
11:45 am - 12:30 pm | Allyson O’Brien, BAE Systems, Quantum Cybersecurity
12:30 - 1:45 pm | Lunch break
2:00 - 2:30 pm | William Woodruff, Trail of Bits, It's coming from inside the house: kernel space fault injection with KRF
2:40 - 3:10 pm | Jordan Wiens & Rusty Wagner, Vector35, Binary Ninja's approach to Reverse Engineering using ILs
3:20 - 3:50 pm | Jeff Spielberg, River Loop Security, RF Protocol Vulnerabilities – By Design and Implementation
4:00 - 4:30 pm | Brandon Edwards & Nick Gregory, Capsule8, Using the Linux Tracing Subsystem for Security
4:30 - 4:45 pm | Closing Remarks
5:00 - 7:00pm | CSAW Welcome Gathering & Keynote, 5 MTC Pfizer Lobby & Auditorium
Brenda So & Trey Keown, Red Balloon Security | A Year in the Life of an ATM
We all love machines that give you money, especially ones you can find in any New York City bodega. In this talk, we will bring you through a whole year of poking and playing with a real ATM: from hardware teardown to firmware modification, to turning it into a gaming console.
Allyson O’Brien, BAE Systems | Quantum Cybersecurity
Researchers have been working to integrate the unique properties of quantum systems into real-world systems. The resulting capabilities have the potential to outperform even the most advanced non-quantum, or classical, systems. In this brief, we offer a high-level view of how these capabilities will change and/or affect the landscape of cybersecurity. We will discuss threats and opportunities in quantum computing, quantum random number generators (along with other cryptographic primitives), and quantum communications.
William Woodruff, Trail of Bits | It's coming from inside the house: kernel space fault injection with KRF
Fault injection (FI) has become an increasingly popular software testing method, with major players like Netflix, Microsoft, and Google using automated failures to test the end-to-end resiliency of their (geographically, functionally) distributed services.
In this talk, William Woodruff presents a lower-level, vulnerability-first approach: by randomly inducing errors in the system calls made by (targeted) programs, fault injection can be used to discover incorrect and potentially dangerous assumptions. This talk will cover specific classes of dangerous assumptions and their potential for exploitation, all motivated by KRF, a kernelspace fault injector open-sourced by Trail of Bits.
Jordan Wiens & Rusty Wagner, Vector35 | Binary Ninja's approach to Reverse Engineering using IRs
Modern binary analysis, whether for discovering vulnerabilities or analyzing malware, needs automation to deal with the volume of code under inspection. And yet, while Intermediate Languages (ILs) have been used for decades in compiler design and implementation, too few reverse engineers have any experience with them even though many reverse engineering tools (Binary Ninja, Ghidra, IDA) are built on top of ILs. Given that, it's time to demystify this space and make it accessible beyond just computer scientists and researchers. There's many potentially unfamiliar concepts related to ILs: single-static assignment, value-set analysis, three argument form versus tree-based designs, and others. But what matters is how these ILs can help you build better binary analysis tools. This talk not only gives you an overview of existing ILs used in reverse engineering, but more importantly, shows you how your tooling can benefit from them. From cross-platform analysis (follow a botnet from an x86-64 desktop to a mobile arm, to an embedded MIPS), to leveraging existing data-flow capabilities that brings some of the benefits both dynamic and static analysis together, this talk will demonstrate several examples of plugins that leverage ILs to improve your ability to automatically reason over compiled code.
Jeff Spielberg, River Loop Security | RF Protocol Vulnerabilities – By Design and Implementation
We will explore some common issues we see in real world deployments of Zigbee and other RF protocols related to their spec/design, as well as common issues in implementation.
Brandon Edwards & Nick Gregory, Capsule8 |Using the Linux Tracing Subsystem for Security
The tracing subsystem is an often overlooked way to monitor Linux systems, providing detailed information about process behavior, kernel behavior, and overall system performance. In this talk, we’ll discuss at a high level what the tracing subsystem provides, how to use it, and potential applications for security.