[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Keynote Videos Now Available for Download

Day 1 Keynote: Bruce Schneier - Schneier on Security
Day 2 Keynote: Jeremiah Grossman - Hacks Happen

Domingo Montanaro (Manager of Research & Development - Scanit Middle East)

Filed under: Main Page — Administrator @ 9:34 pm

Presentation Title: In-depth Anti-Forensics - Challenges of Steganography & Discovering Hidden Data
Presentation Details:

Steganography has been a popular data-hiding technique for decades, being very effective in covering messages from the world war times until the era of Internet where electronic communications became default for new generations. It’s easy to find public wide-distributed materials that focus on subversion of in-traffic analysis, even those who inspect this traffic in a supposed ‘intelligent’ manner. These techniques rely on encryption + steganography + tunnels to evade information leakage detectors.

The purpose of this presentation is to talk a little bit more of a relatively little-discussed area of Steganography and Computer Forensics, which deals with ways of storing contents, files (or even another filesystem) inside the current “healthy” filesystem of a computer. Hence some issues covering poisoning of current well used file formats in order to store evil data will be demonstrated and also some detection methods using entropy analysis will be covered.

Some awareness about using correct methodology not relying on common file interpreters will be created also, demonstrating some methods and examples that will show how sometimes a Computer Forensics analyst can recover hidden files (for example in slack space) by file carving techniques and state that no “evil” data was found, but inside this file would be possible to have even another filesystem with complete different files and even content.

About Domingo

Information Security Specialist and Computer Forensics Expert, have been working with High Technology crime investigation for private companies including the financial market and also for law enforcement agencies as a Forensics Connoisseur. Currently holding the position of Manager of Research & Development for the Information Security and Computer Forensics Labs of Scanit/Oger Systems. Expertise in Information Leakage, Data Recovery, Incident Handling, Response and Tracking, Evidence Collection, Forensics (also Anti-Forensics) methodology and tools Research & Development. Organizer of H2HC - Hackers 2 Hackers Conference (Latin America most important Hacking conference) . Invited professor of some universities for lessoning about Computer Forensics, author of several articles/papers and Speaker in security related conferences as HackInTheBox Dubai (UAE) 2007,VNSECON Ho Chi Minh City (Vietnam) 2007, XCon Beijing (China) 2007, HackInTheBox Kuala Lumpur (Malaysia) 2007, EkoParty Buenos Aires (Argentina) 2007, H2HC, SSI/ITA. Certifications: GCFA, MCSO

Recent presentations at : http://www.montanaro.com.br/palestras/



Event Organizer


Hack In The Box (M) Sdn. Bhd.

Event Partner


SCANIT ME LLC


OGER SYSTEMS

Supported & Endorsed By


UAE Telecommunications Regulatory Authority (TRA)


Malaysian Communications and Multimedia Commission (MCMC)


Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)


ArgenISS

Gold Sponsors


Google


Microsoft Corporation

Official Media Partner (Magazine)


Network Middle East


Arabian Computer News


ITP Business

Official Airline Partner


Emirates Airlines

Our Speakers are Supported By


Bellua Asia Pacific

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations



CONFidence


ISECOM - Insititue for Security and Open Methodologies


ISACA Malaysia


IT Underground


X-Focus China

Zone-H Defacement Mirror


Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore


Syscan