Black Hat 2016: Top 5 Talks We’re Excited For

Black Hat 2016

Black Hat 2016 presentations are sure to represent some of the highest quality, most cutting edge research in the security community. The bar for Black Hat talks is higher than other popular information security conferences and as such, some of the most interesting things you’ll hear all year in the infosec community come out of Vegas.

The ZeroFOX Research team will be presenting our own research on weaponizing data science for Twitter spear phishing, which you can check out here, but we wanted to highlight the 5 Black Hat 2016 talks we were most excited about going to. As a group of avid security researchers and data scientists, we appreciate a good technical conference presentation.

In no particular order, our top 5 Black Hat 2016 talks…

AirBnBeware: Short Term Rentals, Long Term Pwnage
Presenter: Jeremy Galloway: Security Intelligence, Atlassian
Date/Time: Thursday, August 4th, 2:10-1:00
Location: South Seas IJ
Why We’re Excited About It
First and foremost, awesome title. Our specialty is social media threats and, in many ways, AirBnb and HomeAway are social networks. We appreciate researchers who understand and grapple with the kind of threats that emerge when cybercriminals can engage with individual users. We’re also not surprised that new vulnerabilities are beginning to arise given that many of these platforms haven’t received the same level of security scrutiny from its users as e-mail or other traditional attack vectors. But we’re excited to learn about some AirBnb TTPs involving configuring home routers into password and PII-siphoning devices, essentially able to pwn either future guests or even the host themselves.  Despite this time-honored problem’s established reputation in the security world, the recent massive uptick in social networking apps like AirBnb means we’ve never been more worried about wifi signals (and that’s saying something).

Exploiting Curiosity and Context: How to Make People Click A Dangerous Link Despite their Security Awareness
Presenter: Zinaida Benenson
Date/Time: Wednesday, August 3rd, 11:3-12:20
Location: South Seas ABE
Why We’re Excited About It
As security people, we think we’re pretty good at not clicking on malicious links. It’s kind of our thing. However, we’re curious to see what tactics Zinaida has had success with while phishing social media users like us — we like seeing other approaches that inform our own process. Though performed on Facebook and not Twitter, the talk will hopefully echo some of the take-home points of ours, including highlighting the relative nonchalant security approach assumed by your typical social media user. Our work differs though as we will use machine learning to automate the spear phishing process, and hence be able to reach out to a wider demographic and vaster audiences.

Blunting the Phisher’s Spear: A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges
Presenter: Arun Vishwanath
Date/Time: Wednesday, August 3rd, 11:3-12:20
Location: South Seas ABE
Why We’re Excited About It
We’re curious to see this talk in contrast to both our talk and the talk above (Exploiting Curiosity and Context). Zinaida Benenson claims she can phish security personnel. Let’s see if Arun’s “risk-based approach” to prioritize personal security education and awareness can stop us.

Applied Machine Learning For Data Exfil And Other Fun Topics
Presenter: Brian Wallace, Matt Wolf, Xuan Zhao (Cylance)
Date/Time: Wednesday, August 3rd, 11:30-12:20pm
Location: South Seas CDF
Why We’re Excited About It
At ZeroFOX, we’re suckers for machine intelligence. We’re also suckers for “other fun topics.” As highlighted by our talk, offensive machine learning is on the rise and will undoubtedly begin to pose increasing risks to organizations and individuals. If the adversary can automate their attack in a data-driven way, the security defenses of the future must be able to flexibly adjust at a faster pace, else be circumvented. Ideally, the security community will be able to adapt to these new techniques and develop countermeasures. Towards this goal, the talk seems to highlight interesting use cases to which machine learning can be applied, which will help prod the community into a machine learning-based mindset, in anticipation of these new and continually evolving capabilities.

An AI Approach To Malware Similarity Analysis: Mapping The Malware Genome With a Deep Neural Network
Presenter: Konstantin Berlin
Date/Time: Thursday, August 4th, 5:00-5:25pm
Location: Lagoon K
Why We’re Excited About It
Promoting a defensively oriented machine learning application, this talk applies state of the art techniques to the classic problem of malware detection. Deep neural networks incorporate brain-like processing capabilities of interacting neurons and synapses, and typically excel when trained with enormously large datasets. Simple mathematical operations are applied in succession in order to transform the input and help the model learn an empirical representation of the data in question, allowing it to accurately generalize to previously unseen examples. The authors claim that applying such powerful techniques to the domain of malware analysis seems to have achieved faster, more reliable, more flexible and more accurate results compared with the stagnant approaches of the past.