POSITIVE HACK DAYS

Tech Business Hands-on Labs Fast Track
Young School
Section Development

May 26

Time Amphitheater Hall Seliger Hall Press Hall Hall A Hall B
9:00 REGISTRATION
10:00-11:00 Today's Russia in Unfriendly Cyberworld

Moderator: Alexey Andreev
Lock Screen Bypass on Android Devices

Leonid Lukyanenko


The End of Anonymity on Anonymous Networks

Denis Makrushin, Maria Garnaeva


Protecting HART Against Hacker Attacks

Ravil Zulkarnaev


Not by Nmap Alone

Dmitry Boomov
DGAs and Threat Intelligence

John Bambenek
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web Applications

Denis Kolegov, Nikolai Tkachenko
iOS Application Exploitation

Prateek Gianchandani, Egor Tolstoy
11:00-12:00 Future Technologies for Internal Threat Elimination

Natalya Kaspersky
GSM Signal Interception Protection

Sergey Kharkov, Artyom Poltorzhitsky


Bootkit via SMS: 4G Access Level Security Assessment

Kirill Nesterov, Timur Yunusov, Alexey Osipov


Yet Another Shodan: Creating a Similar Search Engine

Igor Agievich, Pavel Markov
ROP Is Not a Problem Anymore: Automatic Shellcode Detection in Network Traffic

Svetlana Gayvoronskaya, Ivan Petrov
Pig in a Poke: M&A Security Issues

Natalya Kukanova
12:00-13:00 General Pr0ken File System

Felix Wilhelm, Florian Grunow
Binary Analysis Using Decompilation and LLVM

Lenar Safin, Yaroslav Alexandrov, Alexander Chernov, Katerina Troshina


Don’t Believe Your Own Redirects

Mikhail Bolshov
Technologies for Protection of ICS Integrity

Andrey Doukhvalov
SAP Security: Real-life Attacks on Business Processes

Ertunga Arsal
13:00-14:00 Why State-sponsored Malware is Interesting

Alexander Gostev, Vitaly Kamluk
Circle of Mugging: Identity Theft in Moscow Metro

George Noseevich


Specialized Compiler for Hash Cracking

Alexey Cherepanov


How to Choose WAF

Eldar Beibutov


When File Encryption Helps Password Cracking

Sylvain Pelissier
Expert Community's Role in Generation of Information Security Threat Databases

FSTEC of Russia
Fighting Payment Fraud Within Mobile Networks

Denis Gorchakov, Nikolai Goncharov
Kaspersky Lab’s Solutions for ICS Security

Konstantin Kamanin


Fuzzing Desktop

Alexander Cherepanov
14:00-15:00 The Bazaar, the Maharaja’s Ultimatum, and the Shadow of the Future: Extortion and Cooperation in the Zero-Day Market

Alfonso de Gregorio
Cyberspace in Outer Space

Moderator: Alexey Andreev
How to Get the Common Criteria Certificate in Germany and Live to Tell the Tale

Dmitry Kuznetsov
Chw00t: Breaking Unices’ Chroot Solutions

Balazs Bucsay
SSL/TLS: History of Vulnerabilities

Vladimir Lepikhin
15:00-16:00 Emerging Trends and Ideas About the Business of Security From a Silicon Valley VC Perspective

Geoffrey Baehr
Practical Approaches to Automation of Reverse Engineering

Anton Dorfman
Mobile "Security"

Yaroslav Alexandrov, Lenar Safin, Alexander Chernov, Katerina Troshina
16:00-17:00 Video conference with Whitfield Diffie (Advisor of Almaz Capital). A Long View of Information Security
17:00-18:00 Cryptography in Russia: Is It All That Bleak?

Stanislav Smyshlyaev, Evgeny Alexeev, Sergey Agafin
Building International White Hat Community Invisible Backdoors In Your Code

Debasis Mohanty
Calculation, Visualization, and Analysis of Security Metrics in SIEM Systems

Igor Kotenko
Wireless Arduino-based Spy

Andrey Biryukov


Log Analysis Automation Through Elasticsearch

Vitaly Chetvertakov, Kirill Semyonov


Is There Life Without SIEM?

Igor Gots


Specifics of Data Storage in Popular Messaging Apps on Mobile Devices

Artyom Poltorzhitsky

May 27

Time Amphitheater Hall Seliger Hall Press Hall Hall A Hall B
9:00 REGISTRATION
10:00-11:00 Destroy — Create — Destroy

Alexey Kachalin
Covert Timing Channels Based on HTTP Cache Headers

Oleg Broslavsky


Breaking a Fully Homomorphic Cryptosystem Based on Factorization

Alina Trepacheva


Modeling Framework for Developing and Testing Network Security Techniques against DDoS Attacks

Konstantin Borisenko


Computer Counter-Forensics in *NIX Systems

Yaroslav Shmelev
Why IT Security Is Fucked Up

Stefan Schumacher
Soviet Supercomputer K-340A and Security of Cloud Computing

Sergey Krendelev
RFID/NFC for the Masses

Nahuel Grisolía
11:00-12:00 Black and White: Underground and Security Trends

Boris Simis, Vladimir Kropotov
How to Spot Invisible Incidents

Dmitry Kuznetsov
CAESAR, BRUTUS, and Symmetric Crypto in 2020s

Markku-Juhani Saarinen
12:00-13:00 Social Engineering for Fun and Profit

Chris Hadnagy
Development of a Service for Access to and Management of the Integrated Vulnerability Database

Andrey Fedorchenko


Hacking the Energy Grid: From Individual Substation to Black-out

Istvan Kiss


Cyber-Physical Systems Security — Experimental Analysis of a Vinyl Acetate Monomer Plant

Alexander Vinnitsky


Firmalice — Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware

Yan Shoshitaishvili
Attacks on SAP Mobile

Vahagn Vardanyan
Investments in a Global Development of Security Companies

Moderator: Alexander Galitsky
13:00-14:00 Automated Patching for Vulnerable Source Code

Vladimir Kochetkov
Security Management: Less Time for Routing, More Time for Creativity

Andrey Likholetov
Contest Among Startups in IS, Network Technologies, Internet of Things

Moderator: Almaz Capital
14:00-15:00 Handcuffs & Restraints

Robert Pingor
Конкурс HackQuiz

ATTENTION! The contest starts at 14:30!
Damn Vulnerable Chemical Process

Marina Krotofil
Tempesta FW — Open Source Anti-DDoS Web Accelerator

Alexander Krizhanovsky, Andrey Karpov


fuzz.txt

Dmitry Boomov, Oleg Kupreev
15:00-16:00 Compromises in Large Infrastructures: Investigating and Managing Incidents

Moderator: Vladimir Kropotov
Detecting Network Intrusions With Machine Learning-Based Anomaly Detection Techniques

Clarence Chio
Information Security: Careers of the Future

Moderator: Evgeny Minkovsky
Debug Automation in WinDbg

Alexander Tarasenko
16:00-17:00 Memory Corruption: from Sandbox to SMM

Nikita Tarakanov
Building a Cyber Fortress

Alexander Sverdlov
Static Analysis of Source Code After 200 Open-Source Projects

Evgeny Ryzhkov, Andrey Karpov


Windows Driver Fuzzing

Lazar Altschuller
Information Security Market: Novelties, Questions & Answers

Moderator: Oleg Glebov
17:00-18:00 Zero Shades of Grey

Andrey Masalovich
Hacking a Site on Adobe Experience Manager

Mikhail Egorov


How to Detect Threats in Car Onboard Data Transferring Networks

Nikolai Kalintsev
GSM Security

Sergey Ponomarev
SAT Algorithms and Their Application in Cryptanalysis

Alexander Semenov