POSITIVE HACK DAYS

Tech Business Hands-on Labs Fast Track
Young School		 Section Development

May 26

Time Amphitheater Hall Seliger Hall Press Hall Hall A Hall B
9:00 REGISTRATION
10:00-11:00 Today's Russia in Unfriendly Cyberworld

Moderator: Alexey Andreev 		Lock Screen Bypass on Android Devices

Leonid Lukyanenko

The End of Anonymity on Anonymous Networks

Denis Makrushin, Maria Garnaeva

Protecting HART Against Hacker Attacks

Ravil Zulkarnaev

Not by Nmap Alone

Dmitry Boomov 		DGAs and Threat Intelligence

John Bambenek 		Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web Applications

Denis Kolegov, Nikolai Tkachenko		 iOS Application Exploitation

Prateek Gianchandani, Egor Tolstoy
11:00-12:00 Future Technologies for Internal Threat Elimination

Natalya Kaspersky		 GSM Signal Interception Protection

Sergey Kharkov, Artyom Poltorzhitsky

Bootkit via SMS: 4G Access Level Security Assessment

Kirill Nesterov, Timur Yunusov, Alexey Osipov

Yet Another Shodan: Creating a Similar Search Engine

Igor Agievich, Pavel Markov 		ROP Is Not a Problem Anymore: Automatic Shellcode Detection in Network Traffic

Svetlana Gayvoronskaya, Ivan Petrov 		Pig in a Poke: M&A Security Issues

Natalya Kukanova
12:00-13:00 General Pr0ken File System

Felix Wilhelm, Florian Grunow 		Binary Analysis Using Decompilation and LLVM

Lenar Safin, Yaroslav Alexandrov, Alexander Chernov, Katerina Troshina

Don’t Believe Your Own Redirects

Mikhail Bolshov 		Technologies for Protection of ICS Integrity

Andrey Doukhvalov 		SAP Security: Real-life Attacks on Business Processes

Ertunga Arsal
13:00-14:00 Why State-sponsored Malware is Interesting

Alexander Gostev, Vitaly Kamluk 		Circle of Mugging: Identity Theft in Moscow Metro

George Noseevich

Specialized Compiler for Hash Cracking

Alexey Cherepanov

How to Choose WAF

Eldar Beibutov

When File Encryption Helps Password Cracking

Sylvain Pelissier		 Expert Community's Role in Generation of Information Security Threat Databases

FSTEC of Russia		 Fighting Payment Fraud Within Mobile Networks

Denis Gorchakov, Nikolai Goncharov		 Kaspersky Lab’s Solutions for ICS Security

Konstantin Kamanin

Fuzzing Desktop

Alexander Cherepanov
14:00-15:00 The Bazaar, the Maharaja’s Ultimatum, and the Shadow of the Future: Extortion and Cooperation in the Zero-Day Market

Alfonso de Gregorio 		Cyberspace in Outer Space

Moderator: Alexey Andreev 		How to Get the Common Criteria Certificate in Germany and Live to Tell the Tale

Dmitry Kuznetsov 		Chw00t: Breaking Unices’ Chroot Solutions

Balazs Bucsay 		SSL/TLS: History of Vulnerabilities

Vladimir Lepikhin
15:00-16:00 Emerging Trends and Ideas About the Business of Security From a Silicon Valley VC Perspective

Geoffrey Baehr 		Practical Approaches to Automation of Reverse Engineering

Anton Dorfman		 Mobile "Security"

Yaroslav Alexandrov, Lenar Safin, Alexander Chernov, Katerina Troshina
16:00-17:00 Video conference with Whitfield Diffie (Advisor of Almaz Capital). A Long View of Information Security
17:00-18:00 Cryptography in Russia: Is It All That Bleak?

Stanislav Smyshlyaev, Evgeny Alexeev, Sergey Agafin 		Building International White Hat Community Invisible Backdoors In Your Code

Debasis Mohanty 		Calculation, Visualization, and Analysis of Security Metrics in SIEM Systems

Igor Kotenko 		Wireless Arduino-based Spy

Andrey Biryukov

Log Analysis Automation Through Elasticsearch

Vitaly Chetvertakov, Kirill Semyonov

Is There Life Without SIEM?

Igor Gots

Specifics of Data Storage in Popular Messaging Apps on Mobile Devices

Artyom Poltorzhitsky

May 27

Time Amphitheater Hall Seliger Hall Press Hall Hall A Hall B
9:00 REGISTRATION
10:00-11:00 Destroy — Create — Destroy

Alexey Kachalin		 Covert Timing Channels Based on HTTP Cache Headers

Oleg Broslavsky

Breaking a Fully Homomorphic Cryptosystem Based on Factorization

Alina Trepacheva

Modeling Framework for Developing and Testing Network Security Techniques against DDoS Attacks

Konstantin Borisenko

Computer Counter-Forensics in *NIX Systems

Yaroslav Shmelev		 Why IT Security Is Fucked Up

Stefan Schumacher 		Soviet Supercomputer K-340A and Security of Cloud Computing

Sergey Krendelev 		RFID/NFC for the Masses

Nahuel Grisolía
11:00-12:00 Black and White: Underground and Security Trends

Boris Simis, Vladimir Kropotov		 How to Spot Invisible Incidents

Dmitry Kuznetsov 		CAESAR, BRUTUS, and Symmetric Crypto in 2020s

Markku-Juhani Saarinen
12:00-13:00 Social Engineering for Fun and Profit

Chris Hadnagy 		Development of a Service for Access to and Management of the Integrated Vulnerability Database

Andrey Fedorchenko

Hacking the Energy Grid: From Individual Substation to Black-out

Istvan Kiss

Cyber-Physical Systems Security — Experimental Analysis of a Vinyl Acetate Monomer Plant

Alexander Vinnitsky

Firmalice — Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware

Yan Shoshitaishvili 		Attacks on SAP Mobile

Vahagn Vardanyan 		Investments in a Global Development of Security Companies

Moderator: Alexander Galitsky
13:00-14:00 Automated Patching for Vulnerable Source Code

Vladimir Kochetkov 		Security Management: Less Time for Routing, More Time for Creativity

Andrey Likholetov 		Contest Among Startups in IS, Network Technologies, Internet of Things

Moderator: Almaz Capital
14:00-15:00 Handcuffs & Restraints

Robert Pingor 		Конкурс HackQuiz

ATTENTION! The contest starts at 14:30! 		Damn Vulnerable Chemical Process

Marina Krotofil 		Tempesta FW — Open Source Anti-DDoS Web Accelerator

Alexander Krizhanovsky, Andrey Karpov

fuzz.txt

Dmitry Boomov, Oleg Kupreev
15:00-16:00 Compromises in Large Infrastructures: Investigating and Managing Incidents

Moderator: Vladimir Kropotov 		Detecting Network Intrusions With Machine Learning-Based Anomaly Detection Techniques

Clarence Chio		 Information Security: Careers of the Future

Moderator: Evgeny Minkovsky 		Debug Automation in WinDbg

Alexander Tarasenko
16:00-17:00 Memory Corruption: from Sandbox to SMM

Nikita Tarakanov 		Building a Cyber Fortress

Alexander Sverdlov 		Static Analysis of Source Code After 200 Open-Source Projects

Evgeny Ryzhkov, Andrey Karpov

Windows Driver Fuzzing

Lazar Altschuller 		Information Security Market: Novelties, Questions & Answers

Moderator: Oleg Glebov
17:00-18:00 Zero Shades of Grey

Andrey Masalovich 		Hacking a Site on Adobe Experience Manager

Mikhail Egorov

How to Detect Threats in Car Onboard Data Transferring Networks

Nikolai Kalintsev 		GSM Security

Sergey Ponomarev 		SAT Algorithms and Their Application in Cryptanalysis

Alexander Semenov
SPONSORS
MEDIA PARTNERS
FORUM'S FRIENDS
Copyright © 2019 Positive Technologies