Keynotes and Tutorial

  1. Industry Keynote: Rusty Wagner (BinaryNinja – Vector35):
    • Modern Static Analysis of Obfuscated Code
    • Static analysis tools have improved significantly in recent years. This talk is an exploration of how modern static analysis tools analyze binary code and its impact on deobfuscation techniques. Various obfuscation techniques are discussed, including those that have been defeated by modern tools, those that are easier to defeat using the scripting features of these tools, and those that are still very difficult to analyze
  2. Academic Keynote: Stijn Volckaert (KU Leuven):
    • Cheat Protection in Online Games
    • Competitive online video gaming (or eSports for short) is a booming industry. Current estimates predict global revenues of well over 1 billion dollars by 2020, — the largest eSports streaming network — is now one of the biggest sites on the internet, and the International Olympic Committee is even considering to include eSports in the 2024 Summer Olympics. With this rising popularity comes a dark side in the form of cheating, however. Cheaters are willing to subvert the rules of the game by any means necessary. Many of them even pay monthly subscription fees to get access to cheating software created by hackers. In this talk, I will discuss the most prevalent types of cheats and the techniques hackers use to create them. I will then present cheat mitigation strategies that can be incorporated into a game’s design, and finally zoom in on anti-cheat tools that proactively scan for cheats on the player’s machine.

  3. Tutorial: Roman Rohleder (Thales Group):
    • Hands-on Ghidra – A tutorial about the software reverse engineering framework
    • In this tutorial, the Ghidra software reverse engineering framework will be presented,┬áits characteristics highlighted and its features to the hitherto industry standard in reverse engineering tools, IDA – the interactive disassembler, compared against. This framework was released by the National Security Agency under the Apache v2 license and brought with it a powerful decompiler for many different architectures (X86 16/32/64, ARM/AARCH64, Java/DEX bytecode, …), which will be presented and its underlying intermediate language “p-code” and the corresponding “SLEIGH”-format explained. Further, hands-on demonstrations will follow, including the aforementioned SLEIGH-format, the plugin-system and the standalone-mode,showcased on different reverse engineering tasks like binary diffing, code lifting, de-obfuscation and patching