WOOT '14: Workshop on Offensive Technologies

Progress in the field of computer security is driven by a symbiotic relationship between our understandings of attack and of defense. The 8th USENIX Workshop on Offensive Technologies (WOOT ’14) aims to bring together researchers and practitioners in systems security to present research advancing the understanding of attacks on operating systems, networks, and applications.

The daylong program includes 17 refereed paper presentations on browsers and interwebs, infrastructure insights, embedded and hardware security, and security analysis.

Register today!

WOOT '14 is co-located with the 23rd USENIX Security Symposium.

Tuesday, August 19, 2014

Practical Kleptography

Matthew Green, Johns Hopkins University

• Read MoreAbout Practical Kleptography

Browsers and InterWebs

Clickjacking Revisited: A Perceptual View of UI Security

Devdatta Akhawe, Warren He, Zhiwei Li, Reza Moazzezi, and Dawn Song, University of California, Berkeley

Tick Tock: Building Browser Red Pills from Timing Side Channels

Grant Ho and Dan Boneh, Stanford University; Lucas Ballard and Niels Provos, Google

The End is Nigh: Generic Solving of Text-based CAPTCHAs

Elie Bursztein, Google; Jonathan Aigrain, Stanford University; Angelika Moscicki, Google; John C. Mitchell, Stanford University

Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks

Marc Kührer, Thomas Hupperich, Christian Rossow, and Thorsten Holz, Ruhr-University Bochum

Infrastructure Insights

IPv6 Security: Attacks and Countermeasures in a Nutshell

Johanna Ullrich, Katharina Krombholz, Heidelinde Hobel, Adrian Dabrowski, and Edgar Weippl, SBA Research

Through the Looking-Glass, and What Eve Found There

Luca Bruno, Mariano Graziano, Davide Balzarotti, Aurélien Francillon, EURECOM

Green Lights Forever: Analyzing the Security of Traffic Infrastructure

Branden Ghena, William Beyer, Allen Hillaker, Jonathan Pevarnek, and J. Alex Halderman, University of Michigan

Zippier ZMap: Internet-Wide Scanning at 10 Gbps

David Adrian, Zakir Durumeric, Gulshan Singh, and J. Alex Halderman, University of Michigan

Embedded and Hardware Security

Automated Reverse Engineering using Lego®

Georg Chalupar and Stefan Peherstorfer, University of Applied Sciences Upper Austria; Erik Poll and Joeri de Ruiter, Radboud University Nijmegen

Are Your Passwords Safe: Energy-Efficient Bcrypt Cracking with Low-Cost Parallel Hardware

Katja Malvoni, University of Zagreb; Solar Designer, Openwall; Josip Knezovic, University of Zagreb

Printed Circuit Board Deconstruction Techniques

Joe Grand, Grand Idea Studio, Inc.

Mouse Trap: Exploiting Firmware Updates in USB Peripherals

Jacob Maskiewicz, Benjamin Ellis, James Mouradian, and Hovav Shacham, University of California, San Diego

Lowering the USB Fuzzing Barrier by Transparent Two-Way Emulation

Rijnard van Tonder and Herman Engelbrecht, Stellenbosch University

Security Analysis

Attacking the Linux PRNG On Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy

David Kaplan, Sagi Kedmi, Roee Hay, and Avi Dayan, IBM Security Systems

Security Impact of High Resolution Smartphone Cameras

Tobias Fiebig, Jan Krissler, and Ronny Hänsch, Berlin University of Technology

Inaudible Sound as a Covert Channel in Mobile Devices

Luke Deshotels, North Carolina State University

An Experience Report on Extracting and Viewing Memory Events via Wireshark

Sarah Laing, Michael E. Locasto, and John Aycock, University of Calgary