Preliminary Schedule

Please find details for all talks here

Two Days of Trainings (17./18. November)

Workshop 1 Workshop 2 Workshop 3 Workshop 4 Workshop 5
Social Engineering Training for IT Security Professionals - Sharon Conheady & Martin Law (First Defence Information Security)
Security on the GSM Air Interface - David Burgess & Harald Welte (Kestrel Signal Processing, Inc. & HMW-Consulting)
Designing Secure Protocols And Intercepting Secure Communication - Moxie Marlinspike (Institute For Disruptive Studies)
Physical Security - Deviant Ollam & Babak Javadi (
Web 2.0 Security - Advanced Attacks and Defense - Shreeraj Shah & Vimal Patel (Blueinfy Solutions Pvt. Ltd.)
Workshop 6 Workshop 7 Workshop 8
Exploit Analysis and Malware Reverse Engineering - Tillmann Werner & Felix Leder (University of Bonn)
Security Awareness Campaigns - Stefan Schumacher (
The Exploit Laboratory - Saumil Shah (net-square)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (19./20. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Day 1 - Nov 19 Pirouette Riding School
Registration Opens
09:00 - 09:10
Welcome & Introduction
DeepSec Organisation Team (
09:10 - 10:00
Technology won’t save you, only people will
Matt Watchinski (Sourcefire Inc.)
10:00 - 10:50
Top 10 Security Issues Developers Don't Know About
Neelay S. Shah (Foundstone Inc., A Division of McAfee)
USB Device Drivers: A Stepping Stone into your Kernel
Moritz Jodeit, Martin Johns (n.runs AG, University of Passau)
10:50 - 11:10
Coffee Break
11:10 - 12:00
Breaking TOR Sessions with HTML5
Marco Bonetti (CutAway Srl)
Ownage 2.0
Saumil Udayan Shah (Net-Square)
12:00 - 12:50
A Proof-of-Concept Attack on SmartCard-secured Online-Banking
Felix Gröbert and Christoph Wegener (Chair for Network and Data Security, Ruhr-University Bochum)
Dynamic Binary Instrumentation for Deobfuscation and Unpacking
Daniel Reynaud and Jean-Yves Marion (Nancy University - Loria)
12:50 - 14:00
14:00 - 14:50
Cloud Services - still too cloudy for take off?
Kurt Kammerer (regify AG)
Key Management Death Match? Competing KM Standards Technical Deep Dive
Marc Massar (Semtek)
14:50 - 15:40
Get your head out of the clouds: Security in Software-plus-Services
John Walton (Microsoft)
Windows Secure Kernel Development
Fermin J. Serna (Microsoft)
15:40 - 16:00
Coffee Break
16:00 - 16:50
Results of a security assessment of the TCP and IP protocols and common implementation strategies
Fernando Gont (UK CPNI (Centre for the Protection Of National Infrastructure))
eKimono: detecting rootkits inside Virtual Machine
Nguyen Anh Quynh (AIST)
16:50 - 17:40
The Kingdom of the Blind: OSX Incident Response
Morgan Marquis-Boire (Google)
Stoned déjà vu - again
Peter Kleissner (Independent Researcher)
17:40 - 18:40
Night Talk: The Threat Landscape: The Reality vs. The Hype
Toralv Dirro (Avert Labs EMEA, McAfee)
#TwitterRisks: Bot C&C, Data Loss, Intel Collection & More
Ben Feinstein (SecureWorks)
20:00 - 23:59
Speaker's Dinner
Day 2 - Nov 20 Pirouette Riding School
09:00 - 09:50
Attacking SMS
Zane Lackey & Luis Miras (iSEC Partners)
Weapons of Mass Pwnage: Attacking Deployment Solutions
Luke Jennings (MWR InfoSecurity)
09:50 - 10:40
Cracking GSM Encryption
Karsten Nohl (H4RDW4RE)
The Developmental Psychology of Intrusion Detection Systems
Stefan Schumacher (
10:40 - 11:00
Coffee Break
11:00 - 11:50
Keykeriki - Universal Wireless Keyboard Sniffing For The Masses
Thorsten Schröder & Max Moser (
Exploiting Printers by Analyzing Their Firmware
Daniel Fabian (SEC Consult Unternehmensberatung GmbH)
11:50 - 12:40
Hijacking Mobile Data Connections 2.0: Automated and Improved
Roberto Piccirillo & Roberto Gassirà (Mobile Security Lab)
What if? Simulation of a large-scale network under attack
Alexei Kachalin (Calc.Math and Cybernetics Department of Moscow State University)
12:40 - 13:40
13:40 - 14:30
Malware for SoHo Routers
naxxatoe (NNC Security Research)
Ksplice: Patch without disruption
Nelson Elhage (Ksplice, Inc.)
14:30 - 15:20
Malware case study: The ZeuS evolution
Vicente Diaz (S21Sec)
Building the Next IDS Engine
Matt Jonkman (Open Information Security Foundation)
15:20 - 15:40
Coffee Break
15:40 - 16:30
Advanced MySQL Exploitation
Muhaimin Dzulfakar (Independent Security Researcher)
Internet election for the German Bundestag
Lutz Donnerhacke (IKS GmbH, Fitug e.V., Thüringen Netz, Euralo/ICANN)
16:30 - 17:20
Reversing and Exploiting an Apple Firmware Update
K. Chen (Georgia Tech)
A practical DOS attack to the GSM network
Dieter Spaar (Self-employed)
17:20 - 17:40
Closing Ceremony
20:00 -
Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien