Program

Day 1: Thursday 1 May 2008

08.00 - 09.00 Extended Breakfast Buffet and Registration

09.00 - 09.15 Welcome: Righard J. Zwienenberg, Norman, The Netherlands

09.15 - 10.00 Keynote: Setting industry standards for good and bad coding practices, Paul Ducklin, Sophos Pty Ltd, Australia

10.00 - 10.45 Emulation: how low will you go..., Kurt Natvig, Norman ASA, Norway

10.45 - 11.00 Culinary Break: tea, coffee, juices and luxury pastries

11.00 - 11.45 Anti-unpacker tricks, Peter Ferrie, Microsoft, USA

11.45 - 12.30 Anti-Emulation Through Time-Lock Puzzles, Tim Ebringer, Witham Laboratories, Australia

12.30 - 13.45 International Lunch

13.45 - 14.30 Hump-and-dump: efficient generic unpacking using an ordered address execution histogram,

Li Sun, RMIT University, Australia and Tim Ebringer, Witham Laboratories, Australia

14.30 - 15.15 Unpacking, an hybrid approach, Mario A. López, Frisk Software Intl., Iceland

15.15 - 15.30 Culinary Break: tea, coffee, juices and amuses

15.30 - 16.15 Gone in (5x) Sixty Seconds, Robert Neumann, Virusbuster Ltd., Hungary

16.15 - 17.00 IDA Pro & obfuscated code, Ilfak Guilfanov, Hex-Rays, Belgium

18.15 - 18.30 Transportation to Dinner Venue

18.30 - 22.00 Dinner + Drinks

22.00 - 22.15 Transportation back to Hotel

Day 2: Friday 2 May 2008

08.30 - 09.45 Extended Breakfast Buffet

09.45 - 10.30 Automatic Browser Script Deobfuscation and Analysis, Jose Nazario, Ph.D., Arbor Networks, USA

10.30 - 11.15 Ways to deobfuscate javascript, Roger Thompson, GriSoft, USA

11.15 - 11.30 Culinary Break: tea, coffee, juices and luxury pastries

11.30 - 12.15 Runtime Packer Testing Experiences, Maik Morgenstern & Andreas Marx, AV-Test.org

12.15 - 13.00 Exepacker blacklisting: theory and experiences, Gabor Szappanos, Virusbuster Ltd., Hungary

13.00 - 14.00 International Lunch

14.00 - 14.45 Packers’ detection: controlling your risk, Gaith Taha, McAfee Avert Labs, USA

14.45 - 15.30 Blacklisting packers, Vitaly Zaytsev, Microsoft, USA

15.30 - 15.45 Culinary Break: tea, coffee, juices and amuses

15.45 - 16.30 Dealing with Virtualization packers, Boris Lau, Sophos Plc, United Kingdom

16.30 - 17.15 Obscurity by Ambiguity, Geok Meng Ong, McAfee Avert Labs, USA

17.15 - 17.30 Closing, Righard J. Zwienenberg, Norman, The Netherlands

17.30 - 18.30 Closing Drinks Reception

Optional Hospitality Program: 18.30 - 01.00

An optional hospitality program has been organized to give workshop participants an insight of the interesting features of Amsterdam. The registration for the hospitality program is now closed. There are a few empty spots left that will be granted on a first come, first served basis. You can still fill your wish to participate with the hospitality program on the registrationform. You will then be contacted with either a positive or a sadly negative answer.

Special notice:

The program is subjected to changes. The workshop organizers will try to maintain the program. However, in the event a speaker is unable to come, or any other unforeseen problems, the program can be changed.

Workshop Chair: Righard J. Zwienenberg, Norman, The Netherlands