N

HITCON議程審稿委員介紹


叢培侃

PK現為奧義智慧科技共同創辦人,專長為惡意程式分析、軟體逆向工程、漏洞分析、程式開發與資安鑑識調查,曾經服務公職於刑事警察局科技犯罪防制中心(制訂國內第一版電腦鑑識報告書)、警政署資訊室及中央研究院計算中心等,之後加入以色列資安公司擔任資安長,且為TWNIC, SyScan, HITCON, BlackHat 與 GovWare 等研討會、課程講師,熟悉政府事務與相關法規,對於資安事件處理與電腦鑑識領域具有近10 年以上經驗,且對進階持續性威脅(APT)有長期研究,熟悉國際資安趨勢發展與應用,近年對於汽車安全、IOT投入研究,並發表汽車ECU安全相關實驗文章,同時擔任多年HITCON 議程主席,負責籌組審稿小組(Review board)擬定會議內容。

Allen Own

戴夫寇爾 DEVCORE 執行長、台灣駭客協會 HITCON 常務理事。曾任 HITCON Community 總召、HITCON 及 Red Team Summit 研討會講師。專長於紅隊演練(Red Team Assessment)、滲透測試、企業資安風險盤點、專業教育訓練。

李倫銓

李倫銓目前是HITCON CTF領隊與競賽負責人,他在Mediatek IT部門任職,協助企業強化系統安全以及處理Cyber Security 問題,並推廣物聯網應用,這之前他服務於中華電信,除了建置資安系統與資安事件處理程序之外,也在雲端部門協助規劃各類雲端服務。

邱銘彰 (Jeremy Chiu)

Jeremy Chiu(Birdman) 目前為新創公司 - 奧義智慧 CyCraft 創辦人。畢業於中央大學、大同資工碩士,是台灣資安界有多次創業經驗的企業家,曾在 2014 年由美國 NASDAQ 上市的以色列資安公司所併購與肯定。專注資安科技研究多年,以開發自動化分析系統,駭客活動分析,惡意程式分析、人工智慧演算法為主要研究範疇,HITCON 台灣駭客協會顧問,並曾在國際知名研討會發表過多項專業的資安技術研究:: Blackhat, DEFCON, SyScan, HITCON, AVTokyo, HTICA 與 OWASP Asia。

鄭振牟

鄭振牟寫程式和教密碼學。他曾任教於國立台灣大學、達姆施塔特工業大學 、 九州大学、大阪大学、以及金沢大学,目前是 BTQ AG, Liechtenstein 的首席科學官(以及金沢大学的兼任教員)。

Chen-yu Dai (GD)

Chen-yu Dai (GD) is a security researcher at Rakuten CERT. Besides incident response and threat hunting roles, he builds in-house systems for Bblue Tteam to deal with unknown cyber threats. He has received some prizes from CTFs, bug bounty programs, and been speaker at several conferences: HITCON, TROOPERS, CODE BLUE, IEEE GCCE, etc.

費爾德

Fyodor Yarochkin is a Senior Researcher, Forward-Looking Threat Research Senior at Trend Micro with a Ph.D. from EE, National Taiwan University. An early Snort Developer and Open Source Evangelist as well as a Programmer, his professional experience includes several years as a threat investigator and over eight years as an Information Security Analyst.

gasgas (ziv_chang)

Gasgas (Ziv Chang, YuMin Chang) is the Sr. Director of CyberSafety Solution Dept in TrendMicro. He is widely recognized for his work in APT campaigns studying, penetration testing, code review, malware analysis, vulnerability research, security architecture and security strategy in Taiwan. Prior to joining TrendMicro, YuMin was the CTO for information Security Service Digital United, a biggest MSSP in Taiwan. YuMin is one of founder of HITCON (Hacks in Taiwan conference) and appear in the keynote of most important conferences in Taiwan (including HITCON 2005,2008,2012,2016, ITHOME 2015,2016, HONEYCON 2014,2015,2016) and also Black Hat Briefings Asia - Singapore 2000. He holds a degree in Mathematics and a Masters in Computer Science from the National Tsing Hua University, Taiwan, where he is also a PhDalso PhD candidate. He holds also certifications of CERT/CC, CISSP, CEH, CHFI and ECSA/LPT.

陳君明

國立臺灣大學數學系學士與碩士、美國 Purdue University 數學博士。任職於臺大數學系、以嵌入式系統安全為核心業務的「銓安智慧科技」。臺大「教學傑出獎」得主,平均每兩百位臺大教師僅一位獲獎。在臺大教授的課程包括:密碼學導論、橢圓曲線密碼學、破密學專題、後量子密碼學、金融科技導論、電資學院微積分、通識課程數學與文明。臺北市臺大校友會高爾夫球隊發起人之一、該球隊現任總幹事。中華民國橋藝協會理事、代表臺灣參加 2016 橋牌世界盃之國家代表隊隊長。

Nanika

Ming-chieh's (Nanika) is Chief Researcher in Team T5 Research. He is a well-known vulnerability researcher, and has been disclosing new vulnerabilities for many years. His major areas of expertise include vulnerability research, exploit techniques, malware detection, and mobile security. He has 10+ years of experience on vulnerability research, especially on Windows platform and malicious document and exploit. He discovered numerous Windows system and document application vulnerabilities, such as Microsoft Office, Adobe PDF, and Flash. In recent years, he started his exploration and discovering problems in Mac OS X. He frequently presents his researches at security conferences, such as Black Hat, HITCON, and Syscan.

陳彥銘

彥銘在資訊安全領域的經驗從保護 Fortune 500 公司開始,以顧問身分在 Foundstone / McAfee / FireEye 等公司從攻擊的角度找出企業網路﹑產品與服務的弱點並且透過教育訓練﹑產品開發等方式建議如何補強。之後協助企業轉型將安全當作 Fortune 500 企業的武器,平衡安全﹑合規﹑服務﹑運營維護等各個不同角度增加應用程式與雲服務的可信度並幫花旗銀行,微軟 Azure 與蘋果提高商業效益。他偶爾會在會議演講,並且參與過 "To The Cloud" 與 "Hacking Exposed" 系列等五本書的著作。同時他也創造了兩個關於 Snort 日誌分析的開源專案。彥銘畢業於中央大學數學系並且在卡內基美隆大學獲得資訊網路碩士學位。

Zuan

Zuan是Chroot讀書會的成員之一,已經擔任 HITCON 工作人員將近十年。他主要擅長軟硬體(嵌入式系統)逆向工程、惡意軟體分析以及密碼學。曾經出過 HITCON 2011 年與 2012 年的 Wargame 題目。另外多年前活耀於Cheat Engine Forum,曾撰寫過當時廣為流傳的兩個遊戲外掛("Zuan Engine" 跟 "MzBot")。

Orange Tsai

DEVCORE / HITCON 成員

講師 - Black Hat, DEFCON, HITCON, HITB, CODEBLUE and WooYun 等研討會講師

電競選手 - 國內外多場 CTF 競賽冠軍, DEFCON CTF 22/25 亞軍

獎金獵人 - 回報過 Facebook, Uber, Apple, GitHub, Yahoo 及 Imgur 的遠端代碼執行漏洞

Blog http://blog.orange.tw

Twitter @orange_8361

陳仲寬(Bletchley)

陳仲寬現為奧義智慧的資深研究員,負責協調資安研究團隊。

他於國立交通大學資訊工程學系學士畢業、並於國立交通大學網路安全實驗室攻讀博士學位。他的研究方向專注於網路攻防、惡意程式分析、漏洞分析與挖掘與自動化攻防。並利用機器學習等技術協助自動攻防系統之設計。在許多非學術技術會議,如:HITCONV, 、VXCON, 、Line Becks, 、FIRST(2020), 、RootCon, 、CodeBlue OpenTalk,積極參與並發表其研究。他發表了多篇學術會議與期刊論文,並參與了許多大型資安研究計畫,主題包含:數位鑑識、事件處理及程式分析。此外,他致力於資安教育,在交大創立交大網路安全策進會,鼓勵並培訓學生參與國際型 CTF 比賽,並有兩次參與世界資安大賽 DEFCON CTF 決賽經驗。 他為台灣資安社群相當活躍的成員,現為 Chroot 成員之一,並擔任 HITCON / 荷蘭 HITB 資安會議的審查委員。於漏動挖掘方面,他帶領 BambooFox 團隊挖掘了 5 個 CVE漏 洞以及數十個交大網路系統的資安漏洞。

Angelboy

Angelboy is a member of chroot and HITCON CTF team. He is researching about binary exploitation, especially in heap related exploitation. He participated in a lot of CTF, such as HITB、DEFCON、Boston key party, won 2nd in DEFCON CTF 25,27 and won 1st in Boston key party 2016, 2017 with HITTICON CTF Team. He is also a speaker at conferences such as HITCON, VXCON, AVTokyo, HITB GSEC.

Hikohiro Y Lin

林彥博 先生 曾在 Panasonic 總部負責產品安全工作超過 15 年,任職期間主導多個產品安全重點項目,包括設計和部署 IoT 設備的安全檢測與風險評估流程,制定產品安全標準規則和指南,構建並組織全球產品安全團隊,制定 Panasonic 總部產品安全策略,創立 Panasonic 網路安全實驗室以進行先進網絡安全研究並建立以產品為中心的安全事件響應團隊 (PSIRT)...等。曾擔任 Panasonic PSIRT 負責人、Panasonic 全球產品安全負責人及 Panasonic 網路安全實驗室主任。

此外,也榮獲過 (ISC)² 亞太區資訊安全領袖成就表彰計劃之高級資訊安全從業人員獎與社群服務之星獎,並在 Black Hat, CODE BLUE 及卡巴斯基安全分析峰會 (SAS)…等國際會議上發表演說,同時也是政府獲邀之圓桌會議成員之一。

林彥博 先生 目前任職於 PwC Consulting LLC Digital Trust, 擔任董事總經理一職。

Miaoski Lin

miaoski 在趨勢科技擔任資深研究員,主要的研究方向是資料分析、4G/5G 核網、自然語言處理、及軟體定義無線電(SDR)。他曾擔任 Open Computing Project 的 BIOS 工程師,業餘喜歡樹莓派和 Arduino 專案。

Chi-en Shen (Ashley)

Chi-en Shen (Ashley) is an information security technical leader at Cisco Talos. She specializes in researching emerging threats, including nation-state targeted attacks, financially motivated crimes, spyware, and exploits carried out by mercenaries. Previously, she worked as a security engineer at Google Threat Analysis Group, where she focused on zero-day exploit hunting and tracking botnets. Prior to that, she was a member of the Mandiant Global Research Team, where she tracked APT groups in APAC and contributed to the development of the Threat Intelligence platform. Passionate about supporting women in InfoSec, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan. Additionally, she serves as an organizer for Rhacklette, a security community for FINTA in Switzerland. To support the security community, Ashley serves as a review board member for Black Hat Asia, Hacks in the Box and HITCON conferences. She has also shared her expertise as a speaker at conferences such as Black Hat, Hack in the Box, HITCON, FIRST, CODE BLUE, Troopers, Confidence, RESET, and others. In her free time, she enjoys playing CTF and providing CTF training within the security community.

Chun-Ying Huang

Chun-Ying Huang is a Professor at the Department of Computer Science, National Yang Ming Chiao Tung University (NYCU). Dr. Huang has broad research interests in the areas of system security. He also served as PIs or co-PIs of several teaching, research, and industrial projects in network and system security areas, including the information security incubation program (ISIP and AIS3) from the Ministry of Education (MoE) and Taiwan information security center program (TWISC) at NYCU from the National Science and Technology Council (NSTC). Dr. Huang won teaching and research awards, including ACM Taipei/Taiwan Chapter K. T. Li Young Researcher Award, NSTC Excellent Young Scholar Grants, and NCTU/NYCU excellent teaching awards. He was a general secretary at the Chinese Cryptology and Information Security Association (CCISA). In addition to research works, Dr. Huang has hosted domestic CTFs for university students since 2014 and advised students to participate in many security competitions, including HTICON, SECCON, and DEFCON CTF Final. He currently serves as the Director of the Institute of Network Engineering at National Yang Ming Chiao Tung University.

zha0

zha0 is a security researcher.

Bugs or wheels? Feedback and support here.

More on contact [email protected]

If you have any privacy or security concern when contacting the HITCON Committee,you can communicate with us through the use of following PGP public key:
Key ID: C60BC4E7 Fingerprint = B3D9 D201 7ABB BD1B 6235 1133 6521 FDFD C60B C4E7 The public key is available at:PublicKey Download