LLMpediaThe first transparent, open encyclopedia generated by LLMs

HITCON

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Capture the Flag (CTF) Hop 4
Expansion Funnel Raw 242 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted242
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
HITCON
NameHITCON
StatusActive
GenreInformation security conference
FrequencyAnnual
LocationTaipei
CountryTaiwan
First2004
OrganizerHITCON Foundation

HITCON

HITCON is an annual information security conference held in Taipei that brings together researchers, practitioners, vendors, and enthusiasts from across Asia and globally. It serves as a forum for presenting vulnerability research, exploit development, incident response techniques, and security tools, attracting attendees from technology companies, academic institutions, and public-sector agencies. The conference emphasizes practical demonstrations, capture-the-flag competitions, and community-driven workshops.

Overview

HITCON convenes a wide spectrum of participants including representatives from Google, Microsoft, Apple Inc., Facebook, Amazon (company), Intel, ARM Holdings, Cisco Systems, IBM, Oracle Corporation, Adobe Inc., Samsung Electronics, Qualcomm, Tesla, Inc., NVIDIA, Huawei, Siemens, Sony, Lenovo, Dell Technologies, Hewlett Packard Enterprise, VMware, Red Hat, Canonical (company), Mozilla Foundation, Cloudflare, Palo Alto Networks, Fortinet, Trend Micro, Kaspersky Lab, Check Point Software Technologies, CrowdStrike, FireEye, McAfee, Sophos, Bitdefender, Akamai Technologies, Atlassian, Armstrong, Stripe, PayPal, Square, Inc., LinkedIn, Twitter and attendees from academic labs such as Massachusetts Institute of Technology, Stanford University, University of California, Berkeley, Carnegie Mellon University, National Taiwan University, National Tsing Hua University, National Chiao Tung University, Harvard University, Princeton University, University of Cambridge, University of Oxford, ETH Zurich, Tsinghua University, Peking University, Nanyang Technological University, National University of Singapore, Tokyo Institute of Technology, Seoul National University, KAIST, University of Melbourne, University of Toronto, McGill University, École Polytechnique Fédérale de Lausanne, Technical University of Munich, Imperial College London, Delft University of Technology, University of Washington, University of Michigan, University of Illinois Urbana–Champaign, Georgia Institute of Technology, University of Texas at Austin.

History and Development

HITCON was established by a group of security researchers and practitioners inspired by events such as DEF CON, Black Hat (conference), CanSecWest, Chaos Communication Congress, RSA Conference, Pacific Northwest Cybersecurity Summit, ShmooCon, ToorCon, BruCON, Hack.Lu, ZeroNights, PHDays, SECCON, CODE BLUE (security conference), AusCERT, BSides, Wearable Technology Show, Kaspersky Security Analyst Summit, FIRST Conference, OWASP Global AppSec, EuSecWest, KBCon, REcon, RE100 and other regional gatherings. Early iterations featured local capture-the-flag events influenced by DEF CON CTF, pwn2own, CTFtime, and community workshops modeled after SANS Institute courses and Black Hat Arsenal. Over time the conference expanded partnerships with organizations like Taipei Computer Association, Taiwan Ministry of Economic Affairs, Taipei City Government, Industrial Technology Research Institute, National Applied Research Laboratories, ACM SIGCOMM, IEEE Computer Society, IETF, APNIC, Asia Pacific Network Information Centre, TWNIC, Asia-Pacific Telecommunity, and international sponsors including Intel Capital and regional incubators.

Conference Structure and Events

HITCON programs include keynote addresses, technical tracks, workshops, training sessions, vendor exhibitions, and competitions. Keynotes have mirrored formats used by RSA Conference and Black Hat USA, while technical tracks often parallel themes from Usenix Security Symposium, IEEE Symposium on Security and Privacy, NDSS Symposium, ACM CCS, USENIX Enigma, and CHI Conference on Human Factors in Computing Systems. Workshops cover subjects formerly presented at WOOT (Workshop on Offensive Technologies), REcon, Summercon, BlueHat, Apple WWDC security sessions, and Google I/O security tracks. Competitions include Capture The Flag events compatible with platforms like CTFd, and hardware hacking challenges reminiscent of Hackaday Superconference and ShmooCon's, while disclosure panels echo processes from CERT Coordination Center and VulnHub practices. Vendor villages showcase products from Rapid7, Metasploit Project, Burp Suite, Wireshark, Nmap, Kali Linux, OpenVAS, Snort, Suricata, ELK Stack, Splunk, OSSEC, Tripwire, GnuPG, TrueCrypt, Docker, Inc., Kubernetes, Ansible (software), Terraform (software), HashiCorp tools, and cloud platforms such as Amazon Web Services, Microsoft Azure, Google Cloud Platform.

Notable Talks and Research Contributions

Presentations at HITCON have covered exploit chains, zero-day research, hardware security, firmware analysis, IoT vulnerabilities, mobile platform exploitation, and cloud security. Topics have overlapped with breakthroughs reported at Project Zero, Stuxnet (malware), Equation Group, Shadow Brokers, Vault 7, Operation Aurora, WannaCry attack, NotPetya, Mirai (malware), Row Hammer, Meltdown (security vulnerability), Spectre (security vulnerability), Heartbleed, Shellshock, ROCA (vulnerability), KRACK, BlueBorne, Ghost (security vulnerability), BlackEnergy (malware), Duqu, Flame (malware), Stuxnet-related industrial control system research, and mitigations aligning with guidance from CVE coordination and Common Vulnerabilities and Exposures ecosystems. Peer-reviewed style talks reference methodologies from USENIX FAST, NDSS, ACM SIGSAC, and data from sources like Shodan, Censys, VirusTotal, Malwarebytes Labs, Symantec Threat Intelligence, Cisco Talos, FireEye Threat Research, Kaspersky Threat Intelligence, ESET Research, Palo Alto Unit 42, Microsoft Threat Intelligence, Google TAG, and disclosure frameworks akin to Coordinated Vulnerability Disclosure.

Community and Impact

HITCON has nurtured local and regional talent pipelines feeding into companies like Trend Micro, HTC Corporation, ASUS, Acer Inc., Foxconn, MediaTek, TP-Link, QNAP Systems, D-Link, and contributed to collaborations with incident response teams such as CERT/CC, JPCERT/CC, TW-CERT, SingCERT, US-CERT, CERT-EU, CERT-FR, CERT-IN, CN-CERT, HKCERT, KR-CERT, and law-enforcement cyber units influenced by principles from Interpol, Europol, Federal Bureau of Investigation, Central Intelligence Agency, Ministry of Justice (Taiwan), National Security Agency, Ministry of National Defense (Taiwan). Educational outreach includes university partnerships, student CTFs, and mentoring programs similar to initiatives by Girls Who Code, Code.org, IEEE Computer Society Student Chapters, ACM Student Chapter, Hack Club, Mozilla Developer Network, Linux Foundation training, and regional innovation accelerators.

Organization and Governance

The conference is managed by an organizing committee and volunteer staff drawn from nonprofit and corporate sectors, with governance practices similar to those at Electronic Frontier Foundation, Internet Society, Open Source Initiative, Linux Foundation, Mozilla Foundation, Apache Software Foundation, Creative Commons, ISOC, and standards engagement comparable to IETF working groups. Sponsorship, speaker selection, and code of conduct policies reflect norms used by Black Hat, DEF CON, BSides, RSA Conference, Chaos Computer Club, and academic program committees from ACM, IEEE, and USENIX.

Category:Computer security conferences