POSITIVE HACK DAYS



ORGANIZER

Dev

Automated Patching for Vulnerable Source Code

Want to visit   +127

Author: Vladimir Kochetkov

The report describes problems of automated patching based on the results of source code security analysis, as well as possible solutions to them.

  • Language
  • Russian

Vladimir Kochetkov is an expert of Positive Research Center (Positive Technologies). He specializes in application security research and takes part in development of several Application Inspector modules. He is also a developer and administrator of rsdn.ru.

Vladimir Kochetkov Vladimir Kochetkov

Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web Applications

Want to visit   +109

Author: Denis Kolegov

Co-author: Nikolai Tkachenko

The report describes non-invasive methods for elimination of vulnerabilities in logical access control and data stream management systems of web applications. You will learn basic approaches that help implement new access control policy and eliminate some of the most common authorization vulnerabilities without modifying the web application's source code.

  • Language
  • Russian

Denis Kolegov is Candidate of Engineering Sciences, Docent of Information Security and Cryptography Chair at Tomsk State University, a senior security engineer at F5 Networks. He has been a speaker at such IS conferences as PHDays III Young School, PHDays IV, ZeroNights 2014, and Sibecrypt.

Denis Kolegov Denis Kolegov, Nikolai Tkachenko

SAT Algorithms and Their Application in Cryptanalysis

Want to visit   +49

Author: Alexander Semenov

The report is about applying SAT algorithms to cryptanalysis tasks. The speaker will cover the algorithms and techniques that form the basis of modern SAT solvers. The usage of SAT solvers for inversion of cryptographic functions will be demonstrated in the context of solving an A5/1 key stream generator cryptanalysis task, as well as tasks on detecting collisions of MD-family hash functions.

  • Language
  • Russian

Alexander Semenov is Candidate of Engineering Sciences, Docent, Chief of Discrete Analysis and Applied Logic Laboratory at Institute of System Dynamics and Control Theory SB RAS, Irkutsk. Key scientific interests – computational complexity of algorithms, cryptography, cryptanalysis, parallel computation, algorithms for solving SAT.

Alexander Semenov Alexander Semenov