2011 Talks

SSL Traffic Analysis Attacks

The talk will focus on modern SSL traffic analysis attacks. Although it has been known and great papers have been published about it most people still are not aware of the length an attacker can go through in order to extract useful information from the SSL sessions. By showing some large targets and some useful progress in that space it is hoped that the audience will gain a better understanding of what SSL traffic analysis is, that it is a real threat (depending on the skills of the assumed adversary), and some knowledge on how to try and avoid these type of attacks.

There will be a bunch of research tools accompanying the talk with at least one being a proof of concept on how to do traffic analysis on Google Maps.

Speaker: Vincent Berg

 After messing around in the security field for a decade, spending several years as a lead architect and software designer, took the jump and turned hobby into work.

As a Senior Security Consultant for IOActive he's been turning his experience towards helping those in the Fortune 500 with source code reviews, reverse engineering and web application security.


Browser GFX Security Browser GFX Security
Mobile and Contactless Payment Security Mobile and Contactless Payment Security