GeekPwn2017 BRIEFINGS (Nov. 13th)

GeekPwn is coming to Silicon Valley AGAIN! It will be held at Computer History Museum on Nov. 13th, REGISTRATION is still open.

You will not only witness security PWN shows, including cracking Google reCAPTCHA, hijacking TCP, deceiving computer vision and attacking on biometric authentication; but also learn the latest research results on cyber vulnerabilities from top experts, from world-class universities as UC Berkeley, UC Santa Barbara, and Internet titans as Google and Tencent.


09:30-09:50 Opening

Daniel Wang

Dawn Song

09:50-10:00 2018 May 12th Kick-off Ceremony
10:00-10:30 Speech

What’s NEW in Adversarial Machine Learning?

The recent advancement of adversarial machine learning

Alex Kurakin
10:30-11:00 Show

How Does Someone Unlock Your Phone With Nose?

Behind the PWN of the TrustZone

Nick Stephen
11:00-11:30 Pwn

How to Make Your Computer Pass the Turing Test

Cracking Google reCAPTCHA with Deep Learning

Wei Li, Li Shen
11:30-12:00 Speech

They’ve Created Images That Reliably Fool Neural Network

Robust Physical-World Attacks on Machine Learning Models

Bo Li
Lunch Break
13:00-13:20 Show

The Best Part of GeekPwn Started From 2014

GeekPwn Mania

13:20-13:50 Speech

The Awakening of AI, Friend or Foe?

Learning to Attack

Ian Fischer
13:50-14:20 Pwn

Be Careful With Your Click!

A new TCP hijack released at GeekPwn

Weiteng Chen

Zhiyun Qian

14:20-14:50 Show

What Leaves Attacker Hijacking USA Today Site

When TCP meets side channel

Zhiyun Qian
14:50-15:20 Show

Endless Illness to your helpless Phone

“Resident Evil” of SmartPhones–Wombie Attack

Huiming Liu
15:20-15:35 Tea Break
15:35-16:05 Show

When Someone Becomes You…

Attacks on Biometric Authentication at GeekPwn

Haibing Wang
16:05-16:20 Award Ceremony


09:30AM   Opening Talk from GeekPwn Committee


Daniel Wang


Daniel Wang is the initializer and organizer of GeekPwn, founder and CEO of KEEN. He was the first principle security researcher of Microsoft Asia Pacific, and co-founder of China Microsoft Security Response Center (MSRC) which is the the first regional MSRC out of Microsoft headquarter.

Dawn Song

dawn song

Dawn Song is a Professor in the Department of Electrical Engineering and Computer Science at UC Berkeley. Her research interest lies in deep learning and security. She is the recipient of various awards including the MacArthur Fellowship, the Guggenheim Fellowship, the NSF CAREER Award, the Alfred P. Sloan Research Fellowship, the MIT Technology Review TR-35 Award, the Faculty Research Award from IBM, Google and other major tech companies, and Best Paper Awards from top conferences in Computer Security and Deep Learning.

10:00AM   [SPEECH]   The Recent Advancement of Adversarial Machine Learning 


– overview of adversarial examples and why they present a problem for the security

– overview of attacks and defenses.

– overview of the adversarial competition I organized and how results of the competition could provide insight into building robust machine learning classifiers.

– what will be future challenges in this area.

Speaker: Alexey Kurakin


Alexey Kurakin is a research engineer for Google Brain, where his research focuses on various aspects of adversarial machine learning, including the security and robustness of neural networks. Alex holds a PhD in computer vision and image processing from the Moscow Institute of Physics and Technology.

10:30AM   [Show]   Behind the PWN of the TrustZone

Abstract: In GeeekPwn2016 Shanghai, Nick built an Android APP, which can exploit the vulnerabilities in THE Android devices with TrustZone. It can execute arbitrary code with root privilege. In the demo, the fingerprint authentication module is pwned and set to allow any fingerprint to pass.

Speaker: Nick Stephens


Nick is a security researcher and a member of the Shellphish team from UCSB. He has published papers in a number of top-tier computer security conferences as well as disclosed a number of vulnerabilities in various Android phones. He won the biggest prize and the G-Influence Award in GeekPwn2016 Shanghai.

11:00AM   [Pwn]   Cracking Google reCAPTCHA with Deep Learning

Abstract: reCAPTCHA is a free service from Google that protects website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on the sites. But can the challenge of reCAPTCHA be recognized automatically by machine learning? This is what we would like to do in this research.

Contestants:  Li Shen  and Wei Li


Li Shen is a senior engineer and security researcher in Fortune 500. He has been focusing on applying machine learning models to solve security challenges. He worked on various projects such as building trusted execution environment (TEE) using intel SGX and solving google reCAPTCHA with deep learning.


Wei Li is a R&D engineer working for Fortune 500. Current research interest concentrates on combination of deep learning and security topics. He has worked on challenging projects like hacking google reCAPTCHA and encrypted neural network using fully homomorphic encryption.

11:30AM   [Speech]   Robust Physical-World Attacks on Machine Learning Models


Although deep neural networks (DNNs) perform well in a variety of applications, they are vulnerable to adversarial examples resulting from small-magnitude perturbations added to the input data. Inputs modified in this way can be mislabeled as a target class in targeted attacks or as a random class different from the ground truth in untargeted attacks. However, recent studies have demonstrated that such adversarial examples have limited effectiveness in the physical world due to changing physical conditions—they either completely fail to cause misclassification or only work in restricted cases where a relatively complex image is perturbed and printed on paper. In this talk,  Bo Li will introduce a general attack algorithm to take into account the numerous physical conditions and produces robust adversarial perturbations. This method captures a range of diverse physical conditions, including those encountered when images are captured from moving vehicles. We evaluate our physical attacks using this methodology and effectively fool real-world road sign classifiers.

Speaker: Bo Li


Bo Li is a Postdoctoral Researcher in Computer Science and Engineering working with Dr. Dawn Song at the UC Berkeley. Li will join the CS@ILLINOIS faculty in the fall of 2018. Her research focuses on machine learning, security, privacy, game theory, social networks, and adversarial deep learning. She has designed several robust learning algorithms, a scalable framework for achieving robustness for a range of learning methods, and a privacy preserving data publishing system.

Li has received the Symantec Research Labs Graduate Fellowship in 2015 as one of three recipients nationwide of the prestigious fellowship. She received her PhD in Computer Science in 2016 from Vanderbilt University. She has served as program committee for NIPS, ICML, NDSS, IEEE S&P, AAAI, and AAMAS. She has also organized the ML + security workshop in NIPS 2017.

Lunch Time

01:00PM [Show] GeekPwn Mania

01:25PM   [Speech]   Learning to Attack

Abstract: Multiple different approaches of generating adversarial examples have been proposed to attack deep neural networks.These approaches involve either directly computing gradients with respect to the image pixels, or directly solving an optimization on the image pixels. We present a fundamentally new method for generating adversarial examples that is fast to execute and provides exceptional diversity of output. We efficiently train feed-forward neural networks in a self-supervised manner to generate adversarial examples against a target network or set of networks. We call such a network an Adversarial Transformation Network (ATN).

Speaker: Ian Fischer


Ian Fischer is a Machine Learning researcher at Google.  His recent work spans topics in computer vision, adversarial machine learning and robustness, generative models, and reinforcement learning.

01:55PM   [Pwn]   A new TCP hijack released at GeekPwn

Abstract: This project presents a practical off-path TCP-injection attack against connections opened by non-buggy browsers. The attack requires a victim to visit a website owned by an attacker (or a benign website where malicious Javascript can be executed). The end result of the attack is that the web cache for any HTTP-based websites (e.g., banking html page or js) can be poisoned. The malicious objects can be cached for a long period of time, exposing any user of that cache to cross-site scripting, cross-site request forgery and phishing attacks. This demo of the project focus on Mac OS wirelessly connected. Our attack exploits TCP side channel to hijack tcp connections between client and web server.

Contestants: Weiteng Chen and Dr. Zhiyun Qian


Weiteng Chen is a first-year Ph.D. student in computer science and engineering department at University of California, Riverside, where he is working with professor Zhiyun Qian. He is interested in network security and side channel attacks and defenses. His interests also lie in computer system, Android security, binary program analysis and vulnerability discovery. Currently, he is focusing on off-path TCP injection attacks by side channel. Before landing in UCR, he graduated from the CS department of Peking University.


Dr. Zhiyun Qian is an assistant professor at University of California, Riverside. His research interest is on system and network security, including vulnerability discovery, Internet security (e.g., TCP/IP), Android security, side channels. He has published more than a dozen papers at the top security conferences including IEEE Security & Privacy, ACM CCS, USENIX Security, and NDSS. His work has resulted in real-world impact with security patches applied in Linux kernel, Android, and firewall products. His work on TCP side channel attacks won the most creative idea award at GeekPwn 2016. His research is currently supported by 10+ grants and gifts (including the NSF CAREER Award).

02:25PM   [Show]   When TCP Meets Side Channel

Abstract: In GeekPwn2016 Mid-year Contest, doctoral student Cao Yue of Dr.Zhiyun Qian showed ‘TCP hijacking’ attack. This attack can pop up a fishing web page and steal user’s password. This vulnerability in TCP/IP stack exists in almost all Android and Linux editions. Explained by Cao Yue, this vulnerability is found by his director, Mr. Qian found this vulnerability by reviewing Linux kernel source code.

Speaker: Dr. Zhiyun Qian


Dr. Zhiyun Qian is an assistant professor at University of California, Riverside. His research interest is on system and network security, including vulnerability discovery, Internet security (e.g., TCP/IP), Android security, side channels. He has published more than a dozen papers at the top security conferences including IEEE Security & Privacy, ACM CCS, USENIX Security, and NDSS. His work has resulted in real-world impact with security patches applied in Linux kernel, Android, and firewall products. His work on TCP side channel attacks won the most creative idea award at GeekPwn 2016. His research is currently supported by 10+ grants and gifts (including the NSF CAREER Award).

02:55PM   [Show]   “Resident Evil” of SmartPhones–Wombie Attack

Abstract: In this presentation, Huiming Liu, the researcher of Tencent Security Xuanwu Lab, will present an astonishing mobile wireless zombie(Wombie) attack demo — the smartphone viruses spread like zombies in “Resident Evil”, and the technique details will also be explained. The Wombie doesn’t rely on Internet to spread, so it can’t be detected on the internet. Besides, it can serve as an attack amplifier for many other attack methods. For example, the recent KRACK attack about WPA2 will benefit a lot if combined with the Wombie Attack.

Speaker: Huiming Liu


Huiming is a security researcher of Tencent Xuanwu Lab, research interests lie in Android security and network security.

03:25PM Tea Break

03:40PM   [Show]   Attacks on Biometric Authentication at GeekPwn

Abstract: Biometric authentication technologies are used for the machine identification of individuals. Examples include voice, handwriting, face, eye and fingerprint identification. Biometric authentication methods have been widely used to control financial transactions and access to secure areas. Therefore the security of such technologies is very important. In this speech, we look at some hack examples on these Biometric authentication technologies shown in previous GeekPwn events.

Speaker: Haibing Wang


Wang Haibing, Director of GeekPwn Lab. Graduated from Computer Science Department, Fudan University, he got his Master degree. After that, he joined Microsoft China and became an expert of Microsoft firewall product. He has many years of experiences in network security product development and testing. He left Microsoft in 2011 and became one of the founders of KEEN. He is now a technical expert in KEEN and Director of GeekPwn lab.

04:10PM Award Ceremony


Thanks for your reading. The best part of GeekPwn is to be part of it, like our audience[Register].

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s