POSITIVE HACK DAYS

Schedule

Tech Business Hands-on Labs Fast Track
Young School
Section

May, 21st

Conference Hall Chess Hall Small Hall Press Centre Transformer Hall
10:00-11:00 Are Specialized Solutions a Cure-all? Discussing MDM, BYOD, etc.
Kirill Kertsenbaum
A New Approach to Intrusion Detection and Prevention
Robert Griffin
TPM 2.0 Security
Oleg Verner
Secure Cloud Computations Using Steganography: Definitions and Challenges
Philipp Bourtyka and Alyna Trepacheva

There's Nothing so Permanent as Temporary
Dmitry Bumov


Insider Attacks: Offence and Protection
Nikita Panov


Comparison of PDF Threat Detection Methods
Mikhail Smirnov


Application of Radare2 Illustrated by Shylock and Snakso.A Analysis
Anton Kochkov


Virtual Machine Introspection – a Way to Track an Attacker in the Cloud
Nazar Tymoshyk


NFC Implementations Security
Andrey Plastunov and Roman Bazhin


Injecting Axapta — Attacks on Business Data in Microsoft Dynamics AX
Dmitry Yerusov


Techniques of Impeding Malware Detection and Analysis in PHP Scripts
Grigory Zemskov


Getting User Credential is Not Only Admins' Privilege
Anton Sapozhnikov


Dynamic Assessment of Computer Networks Security in SIEM Systems
Yelena Doynikova and Igor Kotenko

Technical Details of Integration between IT GRC Systems on One Hand and Vulnrability and Compliance Management Solutions on the Other
Marat Rakhimov


Efficiency of IdM Solutions: How Much Do They Help Economize?
Alexey Zhukov


General Model of Web Applications Protection Techniques Based on Hash Functions
Denis Kolegov and Nikolay Tkachenko

Leveraging IPv6 Features to Ensure Security
Alexander Nevalenny
Android Exploitation
Aditya Gupta
11:00-12:00 Critical Infrastructure Security Side Channel Analysis: Practice and a Bit of Theory
Ilya Kizhvatov
PHP Object Injection Vulnerability in WordPress: an Analysis
Tom Van Goethem
12:00-13:00 Give Me Your Data!
Dave Chronister
Development of Techniques of Exploit Generation on the Basis of Binary Code Analysis
Andrey Fedotov and Vadim Kaushan
13:00-14:00 SCADA Strangelove: Hacking in the Name
Positive Technologies experts
Telecoms: From SS7 to Billing Prospects for Investment in Information Security in Russia
14:00-15:00 Big Data on Social Networks: No Need for NSA’s Special Surveillance to Keep Track of You
Igor Ashmanov
Problems of Automated Generation of Exploits on the Basis of Source Code
Sergey Plekhov and Alexey Moskvin
Industrial Cybersecurity and Critical Infrastructure Protection in Europe
Ignacio Paredes
HackQuiz How to React to Security Incidents: Investigation of a Cyber-Attack
Alexander Sverdlov
15:00-16:00 How to Intercept a Conversation Held on the Other Side of the Planet
Sergey Puzankov and Dmitry Kurbatov
Vulnerabilities on Various Data Processing Levels
Omar Ganiev
Threats to Control Systems of Contemporary Electric Substations
Maxim Nikandrov
16:00-17:00 Mobile Network Attack Evolution
Karsten Nohl
Internet of Things Cryptography
Alexey Zhukov
Security Management Means Risk Management
17:00-18:00 In the Middle of Printers: (In)security of Pull Printing Solutions
Jakub Kałużny
OS X Drivers Reverse Engineering
Egor Fedoseev
Intercepter-NG: The New-Generation Sniffer
Alexander Dmitrenko and Ares

May, 22nd

Conference Hall Chess Hall Small Hall Press Centre Transformer Hall
10:00-11:00 State and Cybersecurity Botnet History Illustrated by BlackEnergy 2
Maria Garnaeva and Sergey Lozhkin
Security Modelling of Access and Dataflow Control Using DP Models Theory
Denis Kolegov
Ensuring Cryptographically Strong Group Communications with the Feature of Deniability
Maria Korosteleva and Denis Gamayunov

USB Drive Threats
Andrey Biryukov


Damnatio ad Bestias: Crowd-Filter as a Panacea for DDoS
Denis Makrushin


Analysis of Anti-Virus Labs Work
Igor Agiyevich and Pavel Markov


Tough Time
Alexander Puzakov

Yescrypt – Password Hashing Beyond Bcrypt and Scrypt
Alexander Peslyak (Solar Designer)


What to Expect from Foxes in Your Hen House?
Dmitry Tarakanov
ARM Exploitation
Aseem Jakhar
11:00-12:00 My Journey Into 0-Day Binary Vulnerability Discovery in 2014
Alisa Esage (Shevchenko)
Visual Analytics on Guard of Information Security
Igor Kotenko and Yevgeniya Novikova
12:00-13:00 Smart TV Insecurity
Donato Ferrante and Luigi Auriemma
Reverse Engineering Automation
Anton Dorfman
AppSec: From Mail to E-Government Portals Compromise Indicator Magic
Fyodor Yarochkin, Vladimir Kropotov and Vitaliy Chetvertakov
13:00-14:00 Crypto Hot Cases – One Year Backwar
Éric Filiol
ID and IP Theft with Side-Channel Attacks
David Oswald
14:00-15:00 Misuse of "Secure" Protocols and Their Exploitation
Vladimir Dubrovin
International Aspects of Information Security Catching Shellcodes under ARM
Svetlana Gayvoronskaya and Ivan Petrov
Hands-on Experience on Power Attacks
Roman Korkikian
15:00-16:00 Comparing Iranian, Chinese & North Korean Hacking Worlds William Hagestad II (No)SQL Timing Attacks for Data Retrieval
Ivan Novikov
CUA as a SAP Attack Vector
Dmitry Gutsko
16:00-17:00 Impressioning Attacks: Opening Locks with Blank Keys
Deviant Ollam, Babak Javadi, Keith Howell
Cracking Pseudorandom Sequences Generators in Java Applications
Mikhail Egorov and Sergey Soldatov
Information Security Market: Trends, Questions, and Answers Life After Snowden. Modern Tools of Internet Intelligence
Andrey Masalovich
17:00-18:00 Threats 3.0 Teach, Teach and, Once Again, Teach
Natalya Kukanova