Speakers of the conference

 Speaker InformationParticipation in The conference

Craig Davies is the CEO for the Australian Cyber Security Growth Network Ltd (ACSGN). Australia's Cyber Security Strategy, launched in April 2016, committed to establish a Cyber Security Growth Centre to position Australia as an attractive location for cyber security research and innovation. The ACSGN has been created to support the development of a vibrant and globally competitive Australian cyber security industry aimed at enhancing Australia's future economic growth and help protect Australia's interests online.

Prior to joining the ACSGN, Craig was Head of Security for Atlassian where he lead the security program supporting all aspects of Atlassian’s business from product security, to their Cloud operations and the protection of Atlassian itself. Before joining Atlassian, Craig was at CSO of Cochlear Ltd. He started his career in Financial Services, initially with the Commercial Bank of Australia, then Westpac Banking Corporation, where he worked across the organisation in Retail Banking, Legal Services and the Westpac IT Group. Craig is passionate about the importance of people in security programs, and the role of security leaders in delivering pragmatic solutions that support business growth. Craig has 20+ years experience in Cyber security and has worked in a number of fields including Infrastructure operations and management, security architecture, and website development and operations.

Conference Chair

Lukas Rist is a contributing member of the Honeynet Project since 2009, two year member of the board of directors, volunteers as its Chief Research Officer these days. Most of his engagement is focused on working with students, providing project management and incubating ideas. He always had a strong interest in honeypot development, which started in the field of web applications (Glastopf), shifted then into industrial security (Conpot) and focuses currently on generic honeypots (Glutton) and detection technologies (go-dpi) and some reborn love for web apps (Snare).
He worked in the security industry on the detection of malicious samples by sandboxing their execution and classification of their behavior, and ventured recently into the startup world, making sure those (mathematical) tensors keep flowing.

The honeypot, what it was, what is coming

Max Kilger is a Senior Lecturer in the Department of Information Systems & Cyber Security at the University of Texas at San Antonio. Dr. Kilger received his Ph.D. in Social Psychology from Stanford University. He has over seventeen years of experience in the area of information security concentrating on the social and psychological factors motivating malicious online actors, hacking groups and cyberterrorists. Max has written and co-authored a number of journal articles and book chapters on profiling, the social structure of the hacking community, cyberviolence and the emergence of cyberterrorism. He recently co-authored the popular book Reverse Deception: Organized Cyberthreat Counter-Exploitation and with his co-authors has just completed his second book Deception in the Digital Age. Max was a member of a National Academy of Engineering committee dedicated to make recommendations for combating terrorism. He is also a member of a multinational instructional team for a NATO counterterrorism course. He is a frequent national and international speaker to information security forums, federal law enforcement and the intelligence community.

Cyber Jihad and Deception

Natalia Stakhanova is an Assistant Professor and the New Brunswick Innovation Research Chair in Cyber Security at the University of New Brunswick, Canada. Her work revolves around building secure systems and includes mobile security, IoT security, software obfuscation & reverse engineering, and malicious software. Working closely with industry on a variety of R&D projects, she developed a number of technologies that resulted in 3 patents in the field of computer security. Natalia Stakhanova is the recipient of the University of New Brunswick Merit Award, the McCain Young Scholar Award and the Anita Borg Institute Faculty Award. She is a strong advocate of Women in IT and co-founder of CyberLaunch Academy, an initiative that aims to promote science and technology among children.

Deception in malware authorship attribution

Tan Kean Siong is an independent security researcher and active member of The Honeynet Project (under the umbrella of Malaysian Chapter). He is a member of the Board of Directors at The Honeynet Project. By day, he currently works as an Incident Analyst for various advanced and targeted cyber attacks on a global scale. By night, he enjoys reading the backlog of various honeypot sensors over the net, analyzing and hunting for malicious activities. He contributes efforts in open source network honeypot development, including Dionaea, Honeeepi and Glutton. He has presented in conferences e.g. Hack In The Box, HoneyCon Taiwan and other open source community events.

Catching WannaCry using Cyber Deception

Ben Whitham is a cyber security entrepreneur, engineer and the Australian Lead for the Honeynet Project. After a career in the military, Ben worked as a consultant in a number of Australian government and commercial cyber incident response teams. It was during this time he co-founded several companies, including M5 Network Security, were he was co-creator of the Secure Communications Solution, a finalist in the 2012 SC Magazine Mobile Security Product of the Year and winner of the Australian Museum Eureka Award for Outstanding Science in Safeguarding Australia. Now with his new venture, Penten, he continues to consult and design security solutions and has recently completed the work for a Cyber Security Doctorate on implementing a cyber deception system to detect data theft by insiders.

Baiting with realistic and enticing honeyfile content

Felix Leder leads the detection technology research at Symantec. Taking things apart has been a life time passion for him. His hobbies, like collecting bugs in malware and botnet takeovers, have resulted in successful take-downs of large malicious networks. As a member of The Honeynet Project, he is heavily involved in open source security and has been instrumental in developing a number of malware analysis solutions, including Cuckoo box, Norman's Malware Analyzer G2, Blue Coat's MAA, and Symantec's Content Analysis.

Unmasking Deception in Malicious Code and Attacks

Maximilian Hils is a PhD student at the University of Innsbruck, Austria. He is one of the main developers of mitmproxy and actively contributes to several other high-profile open-source projects. Starting as a Google Summer of Code (GSoC) student at The Honeynet Project in 2012, he now leads the GSoC program at Honeynet.

Google Summer of Code Research and Development at the Honeynet Project

Faiz Shuja is a security expert who brings a tremendous amount of designing, implementing, and managing secure infrastructure expertise. He has been involved in intrusion detection/prevention systems, firewalls, honeypots/honeynets, penetration testing, vulnerability analysis, incident handing, and forensics analysis. His specific research interests include enterprise security monitoring and data analysis. Faiz is a well-established entrepreneur with a long track record of success. He’s the CEO of Rewterz, a specialized information security company. He’s also the CEO of The Honeynet Project, a non-profit, all-volunteer organization dedicated to Honeynet research, and the is president of PAKCON, a non-profit organization which organizes yearly cyber security conventions in Pakistan. He has spoken at various conferences and organizations, including US NSA (National Security Agency), US DoD (Department of Defense), IEEE (Institution of Electronic Engineers), FIA (Federal Investigation Agency), and many more.

CEO Comments

Adel Karimi is a security engineer and researcher focused on honeypots, deception based security and active defense. He has been a member and chapter lead at the Honeynet Project since 2010, and recently started Trapbits, an open community of honeypot enthusiasts in Australia. Adel has spoken at several conferences and community events such as BSides and Ruxmon. He earned his MSc in IT engineering from Amirkabir University of Technology in Tehran.

Spreading honey around: Using honeybits to mislead attackers

Jurriaan Bremer joined the project over 5 years ago. He has become lead developer of Cuckoo Sandbox, an open source automated malware analysis system. He runs a small team providing consultancy services in and around Cuckoo and is set out to make Cuckoo the best malware analysis sandbox available.

Enriching Honeypot results with Cuckoo Sandbox

Emil Tan has experience and expertise in many areas. He started his career as a researcher focusing on incident handling and intrusion deception. He later worked in a Security Operations Centre (SOC). Now, he’s working in the governance, risk management and compliance (GRC) industry.
Emil is an active advocate of the infosec community. He founded and leads Edgis, an infosec community group in Singapore. He also leads the Singapore Chapter of The Honeynet Project.

Practical Experience with Honeypots and How to Integrate Them into your Environment

Rusty Bower is an Information Security Engineer and a graduate of the Rochester Institute of Technology. When he is not triaging vulnerabilities, Rusty enjoys speaking about security topics and tinkering with random InfoSec projects in his basement

Running Deception at Scale - Lessons from Implementing HDFS and machine learning to hunt malicious activity

Michel Oosterhof is currently employed as a Staff Sales Engineer at Splunk Inc. Working from Dubai, United Arab Emirates, he covers the Emerging Markets region. He specialises in security analytics and works with a wide variety of customers across the Middle East and Africa and Eastern Europe. Michel holds an MSc in Applied Physics and is certified as a CISSP, CISM, CISA and GCIH. He runs an open source project called Cowrie, a SSH/Telnet honeypot used to gather threat intelligence on various actors on the internet.

Shell Games: Cowrie in the honeypot arms race

Marcin Szymankiewicz is a Lead Cyber Analyst at major global organization. His responsibilities include defending against targeted attacks, incident response and forensics. His area of expertise are network forensics, network traffic anomaly detection, scripting and deep log inspection. He joined the Polish Chapter of The Honeynet Project in 2015.

Reverse Engineering of malicious JavaScript

Incident Response and Analysis

Mahmud Ab Rahman currently works as Information Security Researcher for NetbyteSEC. Prior to that, he worked as an Information Security Specialist Manager at MyCERT department. Currently he is taking in-charge of tracking botnet, android reverse engineering and malicious documents tracking on APT to analyze and dissect information security threats.

His education background comprises of Master Degree in Computer Science from National University of Malaysia in 2006. Prior to that, he obtained a Degree in Computer Science from the same university. Moreover, he is recognized for conducting numbers of training for organizations to talk on advanced security courses. He is a occasional speaker at conferences such as DEFCON (USA), Hack In The Box (MY), HITCON (TW), FIRST Conference (USA), Honeynet Annual Workshop, FIRST-TC (JP,MY) and many more.

Investigating Malicious Office and PDF Documents (Part 1)

Piotr Kijewski works at the non-profit Shadowserver Foundation, where amongst others he helps drive initiatives related to honeypot technologies. Piotr has extensive experience in developing and deploying honeypot based sensor networks on a large scale, which also included installations at a national level in his previous roles at CERT.PL. Active in the worldwide incident response community for the last 15 years, he has orchestrated various botnet disruptions and takedowns. Piotr is the founder of the Polish Chapter of the Honeynet Project.

SpeakerOperating large-scale honeypot sensor networks for fun and (non)profit

Jose Miguel Esparza is a Security Researcher who has been working as a Threat Analyst since 2007, focused on botnets, malware and threat actors. After working at S21sec e-crime for several years, he joined Fox-IT in The Netherlands, where he is currently leading the InTELL team. He is the author of Peepdf and he also writes on eternal-todo.com about security and threats in Internet if time permits. He has taken part in several local and international conferences like RootedCon, Source, Black Hat, Troopers and Botconf, among others. You can easily find him on Twitter, @EternalTodo, talking about security.

Investigating Malicious Office and PDF Documents (Part 2)

Paul Nevin is a career black hat hacker and antidisestablishmentarianist. Having spent the last five years in prison for breaking into Starbucks global payment systems to siphon funds off to impoverished Chilean coffee growers. He was only caught when his associates in Anonymous ratted to police in a plea bargain. As part of his probation requirements he must teach IT security skills to orphans and CEOs. He is on day release to present this talk. You are advised not to approach him carrying any RFID enabled credit cards.

SpeakerThe emergence of commercial cyber deception services to degrade (your) hostile cyber actors

Note: Information about speakers will be updated soon