Security

The theme Security is responsible to analyze and examine the question of whether security offensive (malware, reverse, pentest) or defensive (network, infrastructure, integrity, security model analysis) in relation to the notion of privacy and security on the internet (mobile, certificates, DDoS, PGP ...)

Salle(s) affectée(s) à ce thème

Programme pour ce thème

lundi 7 juillet 2014

mardi 8 juillet 2014

  • 09:30 - 10:10 Thwart DNS poisoners : secure DNS with DNSSEC

    en_US 40 mn Bortzmeyer Stéphane Salle : 31 SC002 Professionnal Confirmed

    DNS poisoning attacks are one of the major threats on the security of DNS. However a solution has been designed many years ago, DNSSEC, which is deployed on the root and all the main TLDs. Around 10% of DNS users in the world use a DNSSEC (...)
  • 10:10 - 10:50 Haka : an open source security oriented language

    en_US 40 mn Mehdi Talbi Salle : 31 SC002 Professionnal Confirmed

    HAKA is a framework which allows to define and apply security policies to network traffic. The objective is to have a powerfull, yet simple, language with high performance. This language can specify protocole, state machine and security rules (...)
  • 11:10 - 11:50 Suricata 2.0, Netfilter and the PRC

    en_US 40 mn Éric Leblond Salle : 31 SC002 Professionnal Confirmed

    This talk goal is to show how you can use several security tools together to detect the specificities of some attacks. It will show in detail the way used to determine that a SSH attack method seems only be used from China located hosts to take (...)
  • 11:50 - 12:10 XP Snort feedback

    en_US 20 mn Christian Perez, Solange Gentil Salle : 31 SC002 Professionnal Beginner

    This conference provides an experience feedback with Snort IDS and its software ecosystem in a french research center context.
  • 14:00 - 14:40 Software obfuscation : know your ennemy

    en_US 40 mn Eyrolles Ninon Salle : 31 SC002 Professionnal Confirmed

    The general purpose of software obfuscation is to make analysis and comprehension of software code as difficult and expensive as possible, while keeping the original behavior of the program. Several tools exist and are frequently used, more or (...)
  • 14:40 - 15:20 Malware analysis based on a free toolbox

    en_US 40 mn Xavier Mertens Salle : 31 SC002 Professionnal Confirmed

    Since a while, malwares have become a plague for private users as well as for businesses. Many commercial products are available to detect and analyze their behavior, but they are often unaffordable for small structures. Learn how it is (...)
  • 15:20 - 16:00 Past and future challenges for Tor

    fr_FR 40 mn Lunar Salle : 31 SC002 Large people Confirmed

    Tor enables users to create anonymous connections and bypass censorship on the Internet. Tor is at the same time a piece of software, a network of relays made of more than 5,000 servers and a project pushed daily by around forty people. Tor has (...)
  • 16:20 - 17:00 Private and secure instant messaging

    fr_FR 40 mn Daniel ".koolfy" Faucon Salle : 31 SC002 Large people Beginner

    We all have heard about NSA surveillance. Some have started encrypting their emails, anonymising their web traffic, finding their ways in Paris with a compas, or taking an appointment with their dentist using smoke signals. But what about (...)

mercredi 9 juillet 2014

  • 09:30 - 10:10 LemonLDAP::NG, something new in SSO area

    en_US 40 mn OUDOT Clément Salle : 31 SC002 Professionnal Confirmed

    LemonLDAP::NG is a Free Software dédicated to SSO and access control, used in numerous french administrations and other organizations. Developped since 10 years, it evolves constantly bringing new features at each version. The 1.2 version has (...)
  • 10:10 - 10:50 Mimikatz, a short journey inside the memory of the Windows Security service !

    en_US 40 mn Benjamin Delpy Salle : 31 SC002 Professionnal Confirmed

    Mimikatz has been created in 2007 in order to study some Windows security components (and also in order for its creator to learn how to develop ;)). It allows to expose some security concepts and to better understand Windows internal behavior. (...)
  • 11:10 - 11:50 Web Security - a snapshot from W3C

    en_US 40 mn Virginie Galindo Salle : 31 SC002 Geek Beginner

    This talk aim to provide with the audience an overview of the activities related to security happening in W3C. It will cover initiatives related to specific security features, such as web crypto API, Encrypted Media Extension API, CORS, but also (...)
  • 11:50 - 12:10 Race condition in WordPress plugin allows php remote code execution

    en_US 20 mn Antoine Cervoise Salle : 31 SC002 Professionnal Confirmed

    After discovering an unofficial bug bounty program concerning some WordPress plugins, I have tried to discover some vulnerabilities in order to understand what is going on behind this program. During my study, I found an interesting and not (...)
  • 14:00 - 14:20 Visual impairment: its impact on security

    en_US 20 mn Sébastien Hinderer Salle : 31 SC002 Professionnal Beginner accessibility

    The glance of a blind man on security...
  • 14:20 - 14:40 Manage password policy in OpenLDAP

    en_US 20 mn OUDOT Clément Salle : 31 SC002 Professionnal Confirmed

    LDAP directories can manage password policy (expiration, complexity, brute-force attack prevention,...), this conference will present how to use it in OpenLDAP.
  • 14:40 - 15:20 Securing your webserver with YubiKey two-factor authentification

    en_US 40 mn Frank Hofmann Salle : 31 SC002 Professionnal Master

    The YubiKey is a small token for two-factor authentification. It helps to secure the access to web-based information systems.
  • 15:20 - 15:40 Discover and use a YubiKey from Yubico

    fr_FR 20 mn Maxime de Roucy Salle : 31 SC002 Large people Beginner

    A Yubikey is a usb device like a flash storage. This is an authentication device that aims to replace the system password commonly used on workstations and on the web. Recognized as a USB keyboard from the system on which it is connected, it can (...)
  • 15:40 - 16:20 Play with Crypto

    fr_FR 40 mn Ange Albertini Salle : 31 SC002 Geek Beginner

    Cryptography is hard. I don't understand much about it, but that doesn't prevent me to have fun! So I'll just introduce some basic concepts, then I'll share a few crypto tricks. IMPORTANT : this talk will not be lived because (...)

jeudi 10 juillet 2014

  • 09:30 - 12:30 Atelier HAKA : un langage open source de sécurité réseau (Atelier / workshop)

    Salle : 31 SC002 Confirmed

    Cet atelier est le pendant pratique de la conférence HAKA. L’atelier donnera l’occasion de manipuler HAKA au travers d’exercice, aussi bien sur du trafic enregistré dans des pcaps que sur du trafic réel. HAKA est un logiciel opensource disponible à http://haka-security.org/

    Atelier donné par un ou deux intervenants parmi : Kévin Denis, Paul Fariello, Mehdi Talbi, Pierre-Sylvain Desse.
amarok apache archlinux arduino bitcoin blender creativecommons cernohl debian chamilo drupal elphel eZ Publish fedoraproject firefox gentoo gimp gnome gnu freebsd freeguppy gnuhealth haiku imagemagick inkscape jabber jenkins joomla kde knoppix lea-linux libreoffice linux mageia mandriva moodle mozilla openarena openbsd Open Street Map opensuse perl php pidgin plone postgresql python ruby rudder scribus spip thunderbird tomcat tryton typo3 ubuntu vlc wikipedia wordpress xfce xonotic