Presentations

  1. The Caffe Latte Attack, Toorcon 9, San Diego, USA:

    Vivek Ramachandran presented "The Caffe Latte Attack" at the Toorcon conference this year. He discovered this attack along with his colleague MD Sohail Ahmad from Airtight Networks Inc.

    vivek toorcon 9

    The Caffe Latte Attack uses a weakness in the ICV algorithm of WEP and bit flips an ARP Response packet sent by an isolated Client laptop to convert it into an ARP Request packet for the same Client. It then replays this converted packet back to the Client, which then replies back with ARP Replies. An attacker can silently collect this packets to break the WEP key.

    A detailed discussion of the Caffe Latte Attack is available here:

    Below is a 2 minute video of Vivek's presentation shot live at Toorcon 9.


  2. The Emperor Has No Cloak - WEP Cloaking Exposed, Defcon 15, Las Vegas, USA

    vivek defcon 15

    Vivek Ramachandran made this presentation at Defcon 15 in Las Vegas to demonstrate the loopholes in a technology called "WEP Cloaking". WEP Cloaking was a technology aimed at saving legacy hand-held devices in industry such as retail. Vivek proved that the technology was flawed and that WEP was broken beyond repair.

    The entire video of his presentation made at Defcon is available on Google Videos. The embedded player is below. For more info on this presentation, visit here.

     

  3. E-Commerce Web Application Security, 8th International Conference on Information Security, India

    In this presentation Vivek Ramachandran and Sukumar Nandi talk about the security issues in E-Commerce Web Applications such as URL Manipulation, SQL Injection, XSS etc They also discuss secure coding guidelines which developers should follow in order to avoid opening up security holes.

  4. Network Security: Mitigating Hackers, Cisco Systems, India

    Vivek presented this in front of Development and Test teams in the Bangalore Development center of Cisco Systems to educate them about the latest threats in the computer and network security domain. This session also consisted of live demonstration of web application security and reverse engineering demos.

  5. Network Security Basics workshop, IIT Guwahati, India

    In this workshop Vivek taught the basics of network security to the students of IIT Guwahati. The main focus was on the TCP/IP protocol suite and how the lack of authentication of the sender in protocols such TCP, IP, UDP etc open up gaping security holes which can be exploited in wide variety of scenarios.

  6. Network Programming Basics workshop, IIT Guwahati, India

    This workshop was conducted at IIT Guwahati in collaboration with Cepstrum, the IIT-G electronics society. Vivek conducted a hands on session after the theory presentation in which he taught the students how to write simple network programs using sockets.