What is this?

The aim of the workshop

In these days, due to the huge leap regarding the evolution of technology, the Internet has become accessible for anyone. By the wide spreading of social networks, new trends and habits have evolved with less and less attention paid to the security of our own values, namely our personal data.  Meanwhile, the back-end solutions are getting more and more complex in order to satisfy the growing needs of users, protecting complex systems requires more attention from service providers regarding the system maintenance. As it is known, the more extended the system, the greater the chance is to make a mistake enabling a third party individual to take advantage of the system in an unwanted way.

With our workshop we would like to raise attention to the potential risks at which we put our personal data by the lack of caution, if one is not aware enough of the capabilites of those who would like to exploit our data in a harmful sense. Our mission is to motivate the participants of our lectures and practical sessions to act more conciously as well as to encourage the most interested ones to pursue their studies in this exciting and prospective field.

About the workshop

The workshop will consist of four different programme blocks.

Participants will learn about the various areas of IT security during the lectures in the morning. After the free registration, these lectures will be open for Hungarian studens, as well. The early afternoon sessions will provide EESTEC participants with the chance to put their newly gained knowledge into practice by testing their skills in test environment dedicated on purpose to this task. These sessions of late afternoons will include various competitions. The groups of participants will be take part in wargame, computer-forensic excercises and other tasks related to Ethical hacking. In the evenings social events will be organized so that he participants will have the chance to get to know Budapest as well as its impressive sights and wonderful characteristics in the context of cultural programmes.

Number of participants

10 international students will be selected from other EESTEC Local Committees based on prior registration and  knowledge test.

Besides them, 100 Hungarian electrical engineering and IT students with active studtent status will have the chance to attend the morning lectures. They will also be selected based on prior registration.

How can I participate?

International Participants

For International Participants we only accept members of EESTEC. For them we already sent out, the basic informations and the link to the registration sheet through the CP-s mailing list and the event's Facebook group. If you havent got, it ask your local CP or ours at: cp@eestec.hu

The deadline for EESTEC members registration is 2015.02.19.

Hungarian Participants

For Hungarian Participants you only need to register and select the desired days you want to visit the lectures here on this site. Please only select those days, that you will attend, so others can register as well. Only the first 100 registered person can attend the lectures.

Rules

Prizes

CEH course

To beat a hacker, you need to think like one! This is exactly what this class will teach you. It is the pinnacle of the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one.
The definition of an Ethical Hacker is very similar to a Penetration Tester. The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods and techniques as a Hacker.
The Certified Ethical Hacker class will immerse the students into a hands-on environment where they will be shown how to conduct ethical hacking. They will be exposed to an entirely different way of achieving optimal information security posture in their organization; by hacking it! They will scan, test, hack and secure their own systems.

Ethical Hacking Conference tickets

In May, the NetAcademy is organizing its usual spring conference for the 8th time. They are expecting specialists, who aspire a bit-level knowledge on information security. The attending participants should reckon on exciting hands-on labs in the topic of ethical hacking. Up-to-date threats, vulnerabilities as well as live hacking awaits you with contribution of professionalists!

Schedule for the lectures

The lectures will be held through four day (2015.03.23. - 2015.03.27) in four different universities. The order of the sites will be the following:

• 03.23. Monday - BME (I IB025)
• 03.24. Tuesday - OE (KC.2.203-4)
• 03.26. Thursday - ELTE (D 0-805)
• 03.27. Friday - PPKE

Lecturers and Lectures

Monday

How to perform Security Audit on a Web-Application

Andrew is one of the most well-known hackers in Europe, and the founder of Rent-a-Hacker.
In early 2000's when companies were still advocating ISO standards,- Andrew was already defending the worlds biggest commercials sites and actively working on the security controls of the world biggest ISP's,- he also has been a Security Expert of several Fortune 100 companies e.g (Siemens,British Telecom).
On his wide range of completed mission list we may find plenty of mission critical systems from commercial sites up to the Security Test of a Nuclear Power Station.
Industries he worked with include: Telecom, Energy, Banking, Retail.

Tuesday

IT security problems of biometric systems.

The world Trade Center twin towers collapsed on 2001. 09. 11. and as a consequence of this event the world has been changed forever. The main goal of the authorities became to identify terrorist threats, wanted criminals and even suspicious acts by automatic recognition systems. The biometric solutions are spreading as well in the private sector, the security systems are running more and more complex algorithms thus the physical and IT security increasingly converging. Today’s main challenge is the most security manufacturer company have no experience to develop systems that comply with the IT security standards and principles. The physical security professionals must know the possible IT risks to design secure systems.
The main topic of the presentation is to analyze this phenomenon and to discuss the future possibilities.

Security of ePassports

Hungarian passports were changed around 2009 to comply with the regulations of the European Union meaning that they not only store data in printed form but also in electronic form. The main points while creating the standard were rapidity, simplicity and efficiency so the committee decided to use an implementation based on RFID. For some odd reason security wasn’t one of the key points which is unacceptable when designing such a document. The presentation will walk through all the attacks that are known against ePassports: cloning (how to be at multiple places in the same time?) creating a (fake) passport with arbitrary data etc. In the end the currently used countermeasures will be evaluated so you will be able to decide whether your data is protected well enough or not.

Thursday

So you want to be a hacker?

Social Engineering - Fifty Shades of Lie

One of the most important security issues at all business organizations is to improve security awareness level of the employees. Unfortunately, a lot of companies do not consider it to be so critical. Usually they think that technical security solutions, firewall and anti-malware systems are enough to protect the information assets of their company. But there are some attack methods that exploit various deficiencies of the employees’ security awareness and can cause damage and loss not only to the targeted employee, but the whole organization as well. As Johnny Long, author of “No Tech Hacking”, wrote in his book about how to exploit vulnerabilities of human factor, Social Engineering is the most essential weapon in a no-tech hacker’s arsenal. (Long, 2008) In my presentation I would like to introduce the Audience into the world of Social Engineering, and its auditing methods.

Humans and machine in IT security

Friday

Malware Analysis

Social Media Engineering - uncontrolled playground

Nowadays almost everybody use the opportunities of Social Media and have Facebook, LinkedIn or same profile. The main topic of my presentation is the risk inherent in these sites. I will introduce the possible types of human based threats using Social Media, like data leakage, identity theft, spam- and malware-spreading techniques and phishing attacks. Demonstrating the reality of the discussed problems, I will show some examples and best practices from the real life.

Next generation APT-protection with Stormshield Endpoint Security

Stormshield offers next-generation end-to-end security solutions worldwide, certified at the highest level, to protect networks (Stormshield Network Security), workstations (Stormshield Endpoint Security), and data (Stormshield Data Security). In this presentation you will learn about APT attacks (Advanced Persistent Threats) and Stormshield Endpoint Security Systems at work. You will get insight into the APT life cycle and get answers to the question 'Is Antivirus dead?'.

Schedule for International Participants

MAVE – EESTEC LC BUDAPEST is an NGO founded by university students in 1986. The organization was formed with the aim to support the professional development of students attending higher education and help them acquire knowledge that broadens their horizons. As an NGO we have been at work for decades to help the development of connections among students, universities and companies. Our main goal is to help future engineers to do their best both professionally and as human beings as well.

A few examples of the local committee’s activity:

• Challenge24 - International 24-hour Programming Contest
• BeeSmarter - 24-hour Smartphone Programming Team Contest
• 'TANDEM' - Technology AND DEsign in Motion - International workshop
• 'CIS' - Computer Integrated Surgery - International workshop
• Morgan Stanley - Seminar series
• SAP – „Introduction into the mysteries of SAP development” - seminar series
• Oracle - seminar series

MAVE is a founding member of the NGO EESTEC (Electrical Engineering Students’ European assoCiation), which currently consists of 43 local committees across Europe with a membership of 3000 students. Thanks to this we can not only reach Hungarian students, but also numerous talented individuals from other nations in Europe and we already have experience in organizing large-scale international events like the EESTEC Conference such as:

• Android Competition
• Distance Learning
• EESTEC Summer School
• Lykeion
• Open Day

Throughout our history we have collaborated with several Hungarian universities (BUTE, ELTE, MOME, UO, PPCU, SOTE) and our events are periodically supported by various local and international companies (Google, Facebook, Yahoo!, SAP, Hungarian Telekom, Fornax, NNG, Siemens, Skype, EPAM, Ericsson, Morgan Stanley, etc.)

Take a look at the beauties you'll get the chance to see with your very own eyes!

Budapest

Budapest University of Technology and Economics

"The mission of the Budapest University of Technology and Economics is to contribute to Hungary’s economic advancement, effective research, development and innovation through the pursuit of education, learning, and scientific research in the fields of technology, economics, natural and social sciences at the highest levels of excellence. Both as a participant of international research programmes and as a leader of Hungarian research initiatives BME’s activities cover the entire innovation chain: basic and applied research, technological and economical product and service development, complex quality management and utilizing research results."

Eötvös Loránd University

Eötvös Loránd University (ELTE), the longest continuously serving university of Hungary, was founded in 1635 in the city of Nagyszombat (today Trnava, Slovakia) by Cardinal Péter Pázmány, Archbishop of Esztergom. It serves the interests of high quality education and research, building upon the best European traditions. The mission of ELTE is to preserve and enrich national and universal culture, to cultivate science and to pass on academic knowledge, as well as to shape and satisfy the real, long-term needs of Hungarian society and of mankind.

Óbuda University

Óbuda University is a dynamic and thriving institution located in Budapest, heart of Hungary, heart of Europe. For 132 years of existence, the educational excellence has remained paramount. The history of our institution is spanning over three centuries. Óbuda University was established as of 1 January 2010, as a legal successor of Budapest Tech – and its legal predecessors, namely Donát Bánki Technical College, Kálmán Kandó Technical College, and the Technical College of Light Industry. The fundamental mission of the University is to serve science and the future by transferring and developing knowledge at high standards and by research and innovation.

Pázmány Péter Catholic University

Until 1948 Pázmány Péter Catholic University had been the citadel of Hungarian academic education, at which point it was split into three institutions. After more than 40 years, due to the change in the political system in Hungary, this university having only one faculty has been developed into Pázmány Péter Catholic University, by establishing the Faculty of Humanities and later, the Faculty of Law. The Faculty of Information Technology was founded on July 1, 1988 and is located in Budapest. It has been renamed to Faculty of Information Technology and Bionics on May 1, 2013.

The Faculty of Information Technology and Bionics aims at the education of anthropocentric information technology based on a broad spectrum of fundamental subjects incorporating biology, and the constantly renewing state-of-the-art technologies. The Faculty offers an approach to information technology and bioinformatics that on one hand puts man in the focus, and on the other hand is motivated by nature.