POSITIVE HACK DAYS

Tech Business Hands-on Labs Fast Track
Young school
Section Development

May 17

Download schedule



Time Amphitheater Hall Seliger Hall Press Hall Hall A Hall B
9:30-10:30 REGISTRATION
10:30-11:00 OPENING
11:00-12:00 Face to Face: the Arbiters of Security

Moderator: Dmitry Gusev, InfoTeCS
Pseudo-Security of NFC Services

Lev Denisov



—No viruses? I wouldn't be so sure

Olga Zinenko



Interleaving Attack on the RSA Algorithm Using the SAT Approach

Yuri Ogorodnikov


The City Never Sleeps

Denis Makrushin and Yuri Namestnikov
Memory Protection Based Anti-Cheat for Computer Games

Roman Kazantsev, Maxim Vafin, and Andrey Somsikov
Copycat Effect: From Cyberforensics to a Street Robbery

Sergey Golovanov
Crowdsourced Malware Triage

Sergey Frankoff and Sean Wilson
12:00-13:00 How We Developed the Federal Standard of SSDL

Alexander Barabanov



Static Code Analysis in the SSDL Context

Ivan Yolkin



Development of Public Key Cryptosystems Based on a Generalized Knapsack Problem

Maxim Vakhrushev and Evgeny Zagurskikh


Brute-Forced in Sixty Seconds

Nikolay Anisenya
Reverse Engineering of Binary Structures Using Kaitai Struct

Mikhail Yakshin
Wireless Hijack: From Computer Mouses to Quadrocopters

Artur Garipov
13:00-14:00 Why We Hack: The Truth

Moderator: Boris Simis, Positive Technologies
john-devkit: 100 Hash Types Later

Alexey Cherepanov



Development of New Graphic Models for Computer Network Visualization

Maxim Kolomeets


KASan in a Bare-Metal Hypervisor

Alexander Popov
Waf.js: How to Protect Web Applications Using JavaScript

Denis Kolegov and Arseny Reutov
The Press on Information Security: TS or Breaking News?

Moderator: Alexey Kachalin
Electronic Access Control Security

Matteo Beccaro
14:00-15:00 Targeted Attacks: Be the First to Aim

Vladimir Ivanov and Sergey Gordeychik

Building Honeypots to Monitor DDoS

Terrence Gareau
15:00-16:00 DNS as a Defense Vector

Paul Vixie
Fear and Loathing in Telecoms

Ilya Safronov
Web Application Firewall Bypassing

Khalil Bijjou
Enterprise Forensics 101

Mona Arkhipova
16:00-17:00 Another Round of the Standoff: IS Services as a Response to New Threats and Challenges Privacy and Security in the Internet of Things

Jeff Katz
Janitor to CISO in 360 Seconds: Exploiting Mechanical Privilege Escalation

Babak Javadi
A Riddle Wrapped in a Mystery, or Vulnerabilities in Medical and Industrial Software

Yuriy Gurkin and Emil Oleynikov
A Basic Course in Hacking Web Apps. Part 1

Mikhail Firstov
17:00-18:00 Fingerprinting and Attacking a Healthcare Infrastructure

Anirudh Duggal
Magic Box or: A Story about White Hat ATM Hackers

Olga Kochetova and Alexey Osipov
Lightning Talk

Moderators: Andrey Petukhov and Evgeny Minkovsky

Workshops CAN4ALL EAST 4 SCADA
Hardware Village Drone Quest MiTM Mobile
ViPNet
SDR

May 18

Time Amphitheater Hall Seliger Hall Press Hall Hall A Hall B
9:00 REGISTRATION
10:00-11:00 Defense and Offense Technologies in 2016: Which Side will Make a Breakthrough?

Moderator: Alexey Kachalin
If You Find One, There are Probably More! A Detection Method of “Reproduced” Vulnerability

Asuka Nakajima



Methods and Software for Risk Evaluation and Countermeasure Selection Based on Attacks Graphs for SIEM Systems

Elena Doynikova


Flash is Dead. Flash Forever!

Alexandra Svatikova


Exploiting Chrome on a Nexus Phone

Guang Gong
Mobile Communications are Insecure. Evidence-Based Arguments

Sergey Puzankov and Dmitry Kurbatov
DDoS Mitigation Workshop

Krassimir Tzvetanov
11:00-12:00 Exploiting Redundancy Properties of Malicious Infrastructure for Incident Detection

John Bambenek
Catch Me If You Can

Nikolay Zdobnov



Integration of Quantum Keys into Data Encryption Algorithms in a Russian Telecom Network

Anton Plyonkin

Realization of Self-Learning Techniques in WAF

Vladimir Lepikhin



Engineering Systems and Development Errors as the Factor of Security Flaws

Anton Zhbankov
Industrial System Security: It's Time to Take Action

Moderator: Ivan Melekhin
Thanks SAP for the Vulnerabilities. Exploiting the Unexploitable

Dmitry Chastukhin and Dmitry Yudin
12:00-13:00 From Cyber Offense to Cyber Arms Control: Developing Cybersecurity Norms

Jan Neutze
How I Became Paranoid in the World of Mobile Devices

Elena Feldman



Development and Implementation of HMAC in the Frame of the White-Box Cryptography Model

Nikita Oleksov and Oleg Broslavsky


Machine Learning Technique to Detect Generated Domain Names

Alexander Kolokoltsev



How to Start an Information Security Business

Alexander Bondarenko


How to Exploit Certifi-Gate, in Theory and Practice

Dan Koretsky
13:00-14:00 IT Round

Moderator: Alexey Katrich
Time is Not on Your Side: Exploiting Browser-Based Timing Attacks

Tom Van Goethem
Real and Formal Security: Born to Be Together

Mikhail Emelyannikov
Very Mighty eXtension for debugging

Artem Shishkin
14:00-15:00 Scalable and Effective Fuzzing of Google Chrome

Max Moroz
Experts Don’t Need No Education. Information Security and Other Pseudosciences

Moderator: Boris Simis
SSDL: One Day in the Life of a Developer

Valery Boronin
The CPU Does Not Matter. A Simple Analysis of Binary Files Using IDAPython

Anton Dorfman


15:00-16:00 Security Automation Based on Artificial Intelligence

Rahul Sasi
SIEM, or not SIEM: That is the Question

Moderator: Alexey Lukatsky

NFC: Naked Fried Chicken

Matteo Beccaro
Aspects of Insiders' Activity Within a Company

Sergii Kavun
16:00-17:00 Groundbait: Analysis of a Surveillance Toolkit

Anton Cherepanov
A Device Fingerprint as a Cure for Fraud. It All Depends on Dosage

Evgeny Kolotinsky
Innovations in Information Security

Dmitry Romanchenko

Eldar Beybutov
A Basic Course in Hacking Web Apps. Part 2

Mikhail Firstov
17:00-18:00 Invited Talk

Dave Monnier
Andy, the Polluters, Rick Deckard, and Other Bounty Hunters

Alfonso de Gregorio


How to Become the Sole Owner of Your PC

Positive Research
The Revenant

Andrey Masalovich