JD-HITB Security Summit – Leaders Day

The Leaders Day of JD-HITBSECCONF2018 BEIJING, a global security leaders summit refocusing on cyber-security, will explore the security threats and technological developments of the future cyber world in terms of AI, IoT, and Blockchain. High-quality issues will cover the technological innovations in multiple cyber-security field.


Agenda – 31st October

08:00 – WELCOME COFFEE

09:00 – 09:10 – JD-HITB Security Summit Welcome Address – Chen Zhang (CTO of JD.COM)

09:10 – 09:30JD-HITB Security Summit Welcome Address – Tony Lee (CISO of JD.COM) & Dhillon Kannabhiran (Founder, HITB)

09:30 – 10:15SmartNIC 对数据中心安全的(未来)影响 – The (Future) Impact of SmartNICs over Data Center Security – Ofir Arkin (Vice President of Israel Engineering and Operations @Forcepoint)

10:15 – 11:00 –  十五载企业安全攻防道:从0到1,从无到有 From 0 to 1, Fifteen Years of Enterprise Security Attack and Defense Experience – Lake Hu (Director of Tencent Security Platform Department)

11:00 – 11:30数字取证和信息加密 – Digital Forensics & Encrypted Messenging Services – Benjamin Kunz (Founder of Vulnerability Lab)

11:30 – 12:00 –  新科技推动网络安全变革 – New Technology Promotes Cybersecurity Change – Tony Lee (CISO of JD.COM)

12:00 – 13:30 – LUNCH BREAK

13:30 – 14:15Exploring the Value of Explainable AI techniques for Security Applications – Xinyu Xing (Security Research Scientist of JD.COM)

14:15 – 15:00Windows的系统安全:过去,现在和未来 – The Past, Present and Future of Windows Security – James Forshaw (Security Researcher of Google Project Zero)

15:00 – 15:45Apple iCloud Security: From Backups to Keychain, From 2FA to Tokens Vladimir Katalov (CEO, ElcomSoft Co.Ltd.)

15:45 – 16:30 – COFFEE BREAK

16:30 – 17:15 – 越狱的简史 – 我破解iOS的方式和原因 – A Brief History of Jailbreaking – How and Why I started Hacking iOS – Nikias Bassen (VP of Platform & Security, CORELLIUM)

17:15 – 18:00PANEL DISCUSSION (TK、韦韬、Jimmy,Vladimir Katalov,Nikias Bassen, & James Forshaw)

18:00 – END


Welcome Address


Chen Zhang (CTO of JD.COM)

Chen Zhang is JD.com’s CTO, in charge of the construction of JD’s R&D system, with a focus on solving the industry’s biggest technology challenges, front-end technology R&D, external collaboration and development of international talent.

Under Chen’s leadership, JD has vastly improved its technical capabilities in the areas of big data, cloud computing, smart logistics, AI and other advanced technologies to drive new business growth. Chen has helped develop a highly team-oriented and transparent technology culture within the company.

Prior to joining JD, Chen worked at Yahoo for 18 years, both in the US and China. He launched and headed the Yahoo Beijing Global Research and Development Center in 2009.

Chen has over 20 years of experience in software development and management. He earned his Master’s Degree in Computer Science from Indiana University Bloomington.

Tony Lee (CISO of JD.COM)

Tony Lee, Chief Information Security Officer of JD.COM . Before joining JD, he was the Chief Architect of Baidu Cloud Security. Before joining Baidu, he was the co-founder and CTO of An Quan Bao, the first SaaS provider in China. During his time in Microsoft, he has developed cloud computing products for enterprise and home users, serving billions individual and enterprise. Tony owns several US and International Cloud Computing patents. He is also the Executive Director of the IEEE International Industry. He graduated from the Department of Electronic Engineering and Computer Science at the University of California, Berkeley and continue master’s degree in Computer Science from the University of California, Los Angeles.

Dhillon Kannabhiran (Founder, HITB)

Dhillon Andrew Kannabhiran (@l33tdawg on Twitter) is the Founder and Chief Executive Officer of Hack in The Box, organiser of the HITBSecConf series of network security conferences which has been held annually for over a decade in various countries including Malaysia, The Netherlands, The UAE and now China!


Speaker Bio and Talks

Ofir Arkin (Vice President of Israel Engineering and Operations @Forcepoint)

Ofir Arkin is the Vice President, Israel Engineering and Operations at Forcepoint where he leads the Israeli R&D Center of the company.

Previously Ofir served as the Vice President of Security at Mellanox Technologies where he was responsible for creating, driving and coordinating the overall vision and product strategy for security across all products.

Prior to his tenure at Mellanox Technologies, Ofir served as Vice President and Chief Architect at Intel Security (McAfee) where he was responsible for driving and coordinating the overall architectural vision across Intel Security products.

Prior to his role as Chief Architect, Ofir served as CTO for the Security Management Business, and was responsible for driving the vision and product strategy for McAfee’s security management business unit.

Joining McAfee as part of the acquisition of Insightix, Ofir pioneered the use of messaging in the field of security to share information in real-time, between different security products and solutions through the use of a single API, to enable an adaptive security infrastructure (also known as the Data Exchange Layer). Ofir led cross-functional teams on the architecture, strategy and execution of this adaptive security infrastructure. His work in this area created the design and accelerated the development of DXL, culminating in the release of McAfee Threat Intelligence Exchange, the first technology fully leveraging DXL.

Prior to his tenure at McAfee, he founded Insightix, an innovator of real-time security intelligence and control solutions where he served as CTO. He has also authored numerous research papers, patents, patent applications, advisories and influential articles covering adaptive security, information warfare, network visibility, access control, VoIP security and remote OS fingerprinting.

Title:  “SmartNIC对数据中心安全的(未来)影响 The (Future) Impact of SmartNICs over Data Center Security”

Abstract:

Data-center security has been forced to reinvent itself as software complexity increases, networking capabilities grow more agile, and attack complexity turns unmanageable. With this change, the need for security policy enforcement to be handled at the edge has pushed functionality onto host compute systems, resulting in inherent performance loss and security weakness due to consolidation of resources.

We will be presenting a SmartNIC-based model for data-center security that solves both the performance problem and the security problems of edge-centric policy models. The model features a more robust isolation of responsibilities, superior offload capabilities, significantly better scaling of policy, and unique visibility opportunities.

To illustrate this, we present a SmartNIC-based reference architecture for network layout, as well as examples of SmartNIC security controls and their resulting threat models.


Lake Hu (Director of Tencent Security Platform Department)

Lake Hu, security expert, with more than 10 years of experience in network security, currently serves as the director of Tencent Security Platform Department, leading researcher of Tencent Blade Team and head of Tencent Security Response Center, the first platform for vulnerability rewarding in China. After joining Tencent in 2007, Lake has been devoted to frontline studies of security attack and defense technologies, hacking and anti-hacking technologies as well as related studies in the fields of Artificial Intelligence, Internet of Things, Mobile Internet and data security. Lake has also been responsible for vulnerability scanning, malicious web site detection, mainframe security, anti-DDoS services, emergency response, vulnerability rewarding and other studies and training programs of security.

Title: “十五载企业安全攻防道:从0到1,从无到有 From 0 to 1, Fifteen Years of Enterprise Security Attack and Defense Experience”

Abstract:

In the past fifteen years, the Internet has witnessed explosive development. While enjoying the opportunities and benefits, Internet enterprises must also face the security challenges brought by development and explore corporate cybersecurity from scratch. This lecture summarizes the major security threats faced by Internet enterprises and their corresponding solutions at different stages over the past fifteen years and, based upon which, looking forward to the future trends of cyber security of the new era while exploring new methodology of security solutions.


Benjamin Kunz (Founder of Vulnerability Lab)

Benjamin Kunz is active as a penetration tester and security analyst for private and public security firms, hosting entities, banks, isp(telecom) and ips. His specialties are security checks(penetration tests) on services, software, applications, malware analysis, underground economy, military intelligence/cyberwar, reverse engineering, lectures and workshops about IT Security. During his work as a penetration tester and vulnerability researcher, many open- or closed source applications, software and services were formed more secure. In 1997, Benjamin K.M. founded a non-commercial and independent security research group called, “Global Evolution – Security Research Group” which is still active today.

From 2010 to 2011, Benjamin M. and Pim C. (Research Team) identified over 300 zero day vulnerabilities in well known products from companies such as DELL, Barracuda, Mozilla, Kaspersky, McAfee, Google, Cyberoam, Safari, Bitdefender, Asterisk, Telecom, PBX & SonicWall. In 2010 he founded the company “Evolution Security”. After the firm’s establishment arose the Vulnerability Lab as the legal european initiative for vulnerability researchers, analysts, penetration testers, and serious hacker groups. Ben is also the leader of the Contest + Vulnerability-Lab Research Team. He have a lot of stable references by solved events or contests like ePost SecCup, SCS2, EH2008, Har2009, Da-op3n & exclusive zero-day exploitation sessions/releases.

Title: 数字取证和信息加密 – Digital Forensics & Encrypted Messenging Services

Abstract:

The speech is about digital forensics for encrypted messenger communication. The talk highlight software vulnerabilities and shows practical issues for digital forensic agencies to assist law enforcements or governemnt institutions. The talk explains basic core problematics of the cipher softwares and the technologie sector. The speech about digital forensics in high encrypted messenger applications will also highlight several zero-day vulnerabilities uncovered by the German vulnerability laboratory core research team.


Tony Lee (CISO of JD.COM)

Tony Lee, Chief Information Security Officer of JD.COM . Before joining JD, he was the Chief Architect of Baidu Cloud Security. Before joining Baidu, he was the co-founder and CTO of An Quan Bao, the first SaaS provider in China. During his time in Microsoft, he has developed cloud computing products for enterprise and home users, serving billions individual and enterprise. Tony owns several US and International Cloud Computing patents. He is also the Executive Director of the IEEE International Industry. He graduated from the Department of Electronic Engineering and Computer Science at the University of California, Berkeley and continue master’s degree in Computer Science from the University of California, Los Angeles.

Title: 新科技推动网络安全变革 – New Technology Promotes Cybersecurity Change

Abstract:

The future is like a train that cannot be stopped, carrying humans to the next station. New technologies such as AI, IoT and Blockchain will be the keys to drive this train. For this train, safety is an important guarantee, but the security threat seems to be a big problem that can never be solved. I believe that “Structural Weakness” are the fundamental cause of security threats. How to solve “Structural Weakness” fundamentally in new technologies will become the key to completely solve security threats in the future. As a social infrastructure service provider for billions of people, JD.COM should shoulder more responsibilities of solving future security problems. For this reason, we are here to discuss “How To Solve Structural Weakness” with the world’s top geeks, and face the future security threat together.


Xinyu Xing (Security Research Scientist of JD.COM)

Xinyu Xing is an Assistant Professor at the Pennsylvania State University, currently working as a research scientist at JD Inc. At JD Inc., his research efforts mainly cover exploring, designing and developing tools to automate vulnerability discovery, failure reproduction, vulnerability diagnosis (and triage) and security patch generation. Recently, he is also working on developing adversary-resistant, interpretable deep learning techniques for various security applications. His past research has been featured by many mainstream medium, such as Technology Review, New Scientists and NYTimes etc. Going beyond academic research, Xinyu Xing and his team also actively host many world-class cybersecurity competitions. In the white-hat hacker community, his research team has already contributed many CVEs for the open source community. The tools his team developed have been downloaded by thousands of developers and security researchers.

Title: Exploring the Value of Explainable AI techniques for Security Applications

Abstract:

With the advance of deep neural networks, AI techniques have been widely adopted in various security applications, such as fake account identification, malware analysis and reverse engineering. However, in comparison with conventional machine learning techniques (e.g., linear regression and decision tree), it is difficult for us to understand the decisions made by deep learning.

Why does deep learning believe there is a cat in an image? Why does it deem a program as malware? How does it tag a user account as malicious? It is obvious that the answer to these questions are extremely critical. In this talk, we will deeply explore and discuss:

  1. How to utilize explainable AI (XAI) techniques to derive interpretation for a decision made by deep learning
  2. How to employ XAI techniques to obtain a better understanding for binary analysis and malware identification
  3. How to use XAI to scrutinize the weakness of a deep learning system
  4. How to leverage XAI to facilitate the remediation of a target deep learning system.

James Forshaw (Security Researcher, Google Project Zero)

James is a security researcher in Google’s Project Zero. He has been involved with computer hardware and software security for over 10 years looking at a range of different platforms and applications. With a great interest in logical vulnerabilities he’s been listed as the #1 researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. He has spoken at a number of security conferences including Black Hat USA, CanSecWest, Bluehat, HITB, and Infiltrate.

Title: Windows的系统安全:过去,现在和未来 – The Past, Present and Future of Windows Security

Abstract:

Microsoft Windows is one of the most important computer platforms available today. It doesn’t just power the desktop but devices ranging from small ARM based IoT through to large cloud services. Its security is of massive importance to millions of commercial enterprises across the world. This talk will go through many of the changes in Windows security over the years, present the current state of security and look forward to where Windows security is heading in the future all from the perspective of a full time Windows security researcher.


Vladimir (CEO, ElcomSoft Co.Ltd.)

Vladimir Katalov is CEO, co-owner and co-founder of ElcomSoft Co.Ltd. Born in 1969 and grew up in Moscow, Russia. He studied Applied Mathematics in Moscow Engineering-Physics Institute (State University); from 1987 to 1989, was sergeant in the Soviet Army. Vladimir works in ElcomSoft from the very beginning (1990); in 1997, he created the first program the password recovery software line has started from: Advanced ZIP Password Recovery. Now he coordinates the software development process inside the company and develops strategic plans for future versions.

Vladimir regularly visits various IT security- related events, conferences and trainings all over the world. He has shared his expertise through dozens of conference sessions. Here is an incomplete list of the events: TechnoSecurity, BlackHat, CEIC, Infosecurity Europe, Infosecurity Russia, Infosecurity Japan, IT Security Area (it-sa), European Police Congress, e-Crime, Troopers, EuroForensics, FT-Day, China Computer Forensic Conference, Ruxcon, Nuit du Hack, Nullcon, CanSecWest, DeepSec, Interpolitex, etc.

Vladimir manages all technical researches and product developments in the company. He regularly presents on various events and also regularly runs it security and computer forensics trainings both for foreign and inner (Russian) computer investigative committees and other organizations.”         Apple iCloud security: from backups to keychain, from 2FA to tokens Each iteration of Apple iOS stores more things in iCloud. Phone backups, photos and videos, contacts and calendars were just the beginning. Today, iPhones share your files, call history, passwords, browsing habits and the content of your SMS and iMessages with iCloud. Much of that information can be obtained from iCloud with just the login and password (and access to the secondary authentication factor) or by using an authentication token. Passwords and messages are notable exceptions, featuring additional encryption and only accessible if you know the passcode of an already enrolled device. Learn what Apple keeps in iCloud and how to access it with or without the password.

Title:  Apple iCloud Security: From Backups to Keychain, From 2FA to Tokens

Abstract:

Each iteration of Apple iOS stores more things in iCloud. Phone backups, photos and videos, contacts and calendars were just the beginning. Today, iPhones share your files, call history, passwords, browsing habits and the content of your SMS and iMessages with iCloud. Much of that information can be obtained from iCloud with just the login and password (and access to the secondary authentication factor) or by using an authentication token. Passwords and messages are notable exceptions, featuring additional encryption and only accessible if you know the passcode of an already enrolled device. Learn what Apple keeps in iCloud and how to access it with or without the password.


Nikias Bassen (VP of Platform & Security, CORELLIUM)

Nikias Bassen (@pimskeks on Twitter) has been into reverse engineering for more than a decade. The breakthrough was back in 2011 when he joined the Chronic-Dev team to work on the iOS 5 + 5.1 jailbreaks. Ongoing research was focusing mostly on iOS, and in early 2013 he became part of the famous @evad3rs who released the evasi0n and evasi0n7 jailbreaks for iOS 6 and 7. He joined Zimperium zLabs (@zLabsProject) back in 2015 to continue his efforts in security research and reverse engineering targeting iOS.

Earlier in 2018, he joined the mobile device virtualization company Corellium (@CorelliumHQ) as VP Platform & Security to focus on providing the next generation platform for security research and mobile development.

Title: 越狱的简史 – 我破解iOS的方式和原因 – A Brief History of Jailbreaking – How and Why I Started Hacking iOS

Abstract:

About 6.5 years ago, the Chronic Dev Team released the Absinthe Jailbreak for iOS 5. A few months later, the next iteration Absinthe 2.0 was released at Hack In The Box 2012 Amsterdam, for iOS 5.1; this is where an interesting journey started. Later that year we founded the infamous evad3rs, releasing the jailbreaks for iOS 6.x and iOS 7. This talk is about how I got into jailbreaking and security research, and where I have landed now.