MOUNTAIN VIEW, Calif., Nov 15, 2017 /PRNewswire/ -- Keen Cloud Tech, a global provider of cloud and mobile security, today announced the 2018 GeekPwn Cybersecurity Contest held in Mountain View, CA. The event revealed some of the most advanced technologies, including hacking Google's reCAPTCHA, making fool of visual classification algorithm, and the remote high jacking of TCP. Many AI security research results were presented for the first time at the event.
Since GeekPwn was launched in 2014, it has drawn significant attention from the industry. This year's experts are: Dawn Song, MacArthur Fellow and a professor at The University of California, Berkeley; Alex Kurakin, research software engineer of Google Brain and Ph.D. in Computer Vision and Image Processing; Bo Li, postdoctoral researcher at The University of California, Berkeley; Ian Fischer, machine learning researcher of Google; Nick Stephen, Shellphish CTFer at The University of California, Santa Barbara; Li Shen, senior engineer and security researcher; Weiteng Chen and Dr. Zhiyun Qian, assistant professors at The University of California, Riverside; and Huiming Liu, security researcher of Tencent Xuanwu Lab.
Based on six months of research, Wei Li and Li Shen, two senior security researchers, designed a robot that can automatically predict and identify verification codes. With this robot, they successfully cracked Google's reCAPTCHA in 20 seconds and won the $20,000 GeekPwn prize.
Professor Zhiyun Qian attacked a Wi-Fi vulnerability that is almost unfixable. This vulnerability allows malicious websites to hijack visitors on other sites and the only way to address the vulnerability is for websites to turn to HTTPS. Dr. Qian was awarded the $15,000 GeekPwn prize.
GeekPwn's mission is to safeguard organizations and individuals alike by encouraging hackers to challenge vulnerabilities. Key discussions at the kick-off event included:
- How Does Someone Unlock A Phone with their Nose? (Stephan)
- What's NEW in Adversarial Machine Learning? (Kurakin)
- They've Created Images That Reliably Fool Neural Network (Li)
- The Best Part of GeekPwn Started from 2014 (GeekPwn Lab)
- The Awakening of AI, Friend or Foe? (Fischer)
- What Leaves Attackers Hijack USA Today Site? (Qian)
- Endless Illness to Your Helpless Phone (Liu)
- When Someone Becomes You (Wang)
Additional GeekPwn highlights:
Alex Kurakin, research engineer from Google Brain, shared his latest research results on adversarial machine learning. He pointed out that to properly defend against adversarial attacks, the difference between the black box and white box should be taken into account.
Dr. Bo Li, from UC Berkeley, discussed the effectiveness of adversarial samples in the physical world. In their experiment, they made subtle changes to traffic signs with adversarial samples. The results showed that changes to the angles and distance of stop signs would lead to the misjudgment of machine vision. Next, they are going to test on self-driving cars.
Huiming Liu demonstrated the "Wombie Attack" at GeekPwn, and how the recent KRACK attack about WPA2 would be beneficial if combined with the Wombie Attack.
"While AI is being deployed by attackers, deep learning is improving security capabilities," said Dawn Song, MacArthur Fellow and a professor at The University of California, Berkeley.
"GeekPwn will continue to play a leading role in innovation while encouraging more talented individuals to discover potential problems in their frontline exploration," said Daniel Wang, founder of GeekPwn and CEO of KEEN. "In the future, GeekPwn hopes to shift security discussions so that it becomes a global platform for sharing and information exchange."
After the exciting demonstrations and remarkable keynote speeches, the committee also announced GeekPwn 2018 and a formal request to all top hackers. GeekPwn 2018 will be held on May 12, 2018 in Silicon Valley and will be focused on the topic of AI. Contestants will be required to use AI (various algorithms in computer vision, voice recognition, natural language processing, autonomous driving, etc.) to present all possible risks so that better AI solutions can be developed.
Follow GeekPwn on Social Media
Started by KEEN in 2014, GeekPwn is the world's leading platform for cybersecurity researchers. GeekPwn enables security geeks around the world to exchange their thoughts and research findings. As the most advanced international intelligence security community, GeekPwn aims to exploit unknown vulnerabilities within the cyber world. Together with attendees, we aim to help organizations enhance their security systems for a better, more secure environment.
Keen Cloud Tech endeavors to help the world's leading software manufactures who have adopted advanced cybersecurity engineering methodologies to discover and fix cybersecurity vulnerabilities. Over the last few years, KEEN has discovered and reported hundreds of high-priority vulnerabilities to Microsoft, Apple, and Google, among others. Keen, as the 1st Pwn2Own champion team in Asia and 5 Pwn2Own winners in 3 years, has achieved a sound reputation for its many achievements and innovations.