A place: Russia, St. Petersburg, A2 Green Concert
date of: November 12-13, 2019
Conference site: https://zeronights.ru/
We conclude the story about the speakers of ZeroNights 2019 and their reports that are waiting for you very soon – November 12 and 13 – on the main stage of the A2 club in St. Petersburg. The time of each report can be found in conference program.
Maria Nedyak – "Hacking Medical Imaging with DICOM"
At present, DICOM is one of the main components of Machine Learning Medical Imaging technologies, which are becoming more and more popular. The report is devoted to the search for vulnerabilities in the popular software for working with DICOM. The vulnerabilities identified during the security analysis will be examined.
Kai Jern LauNgen An Kuen – “qiling.io: Advanced Binary Emulation framework”
Qiling is a sandbox framework designed to provide access to the low-level Python API. Thanks to this, the user can create flexibly customizable analysis tools on its basis. The report will present a comprehensive analysis of Qiling. Researchers will also talk about all the technical problems they encountered and conduct a live demonstration.
Caesar Serrudo, Esteban Martinez Fayo, Matias Sequira – “Practical LoRaWAN auditing and exploitation”
A significant part of IoT devices are millions of LPWAN sensors (low-power wide-area network). One of the most popular LPWAN technologies is LoRa, which uses LoRaWAN as a network standard (at the MAC level). LoRaWaN is a secure protocol with integrated encryption technology.
The report will describe common security issues found in various LoRaWAN implementations. Researchers will also provide step-by-step recommendations for testing LoRaWAN networks, explain what software and hardware should be used, and show new tools for testing. To top it off, they will share tips for safely implementing LoRaWAN.
Roman Palkin – “Malign Machine Learning Models”
The report will demonstrate and demonstrate examples of using the popular TensorFlow and PyTorch frameworks to create and distribute potentially malicious software and implement covert data transmission channels. The main goal of the report is to draw the attention of the community to the danger of thoughtless use of machine learning models from unreliable sources.
CiscoPangPang – “Cisco to Disco!”
Speakers with a striking nickname, CiscoPangPang, will deliver a no less resounding Cisco to Disco talk. The report will examine the features and internal structure of the Cisco IOS Exploit Framework (a.k.a. DISCO Framework).