PHDays 2015 May 26, 2015 to May 27, 2015, Moscow,Russia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
A Long View of Information Security Whitfield Diffie Cryptography, despite a long prehistory, is only about a hundred years old: radio created the ...
Circle of Mugging: Identity Theft in Moscow Metro George Noseevich Since January 2015, the Moscow Metro Wi-Fi has officially become available on all the subway ...
Zero Shades of Grey Andrey Masalovich Early detection and prevention of different information attacks, as well as struggle against extremism on ...
Automated Patching for Vulnerable Source Code Vladimir Kochetkov The report describes problems of automated patching based on the results of source code security ...
The End of Anonymity on Anonymous Networks Maria Garnaeva , Denis Makrushin The problem of user de-anonymization on the Darknet becomes more and more popular. The report ...
Social Engineering for Fun and Profit Chris Hadnagy The speaker will share his experience in creating competitions all around social engineering and will ...
Building a Cyber Fortress Alexander Sverdlov This fast and intensive one-hour hands-on lab is devoted to hardening operating systems, routers, networked ...
GSM Signal Interception Protection Sergey Kharkov , Artyom Poltorzhitsky GSM network attacks, involving replacement of a base station with a virtual one (MITM attacks), ...
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web Applications Denis Kolegov , Nikolai Tkachenko The report describes non-invasive methods for elimination of vulnerabilities in logical access control and data ...
Fighting Payment Fraud Within Mobile Networks Denis Gorchakov , Nikolai Goncharov The speakers will talk about a hardware-software system designed for Android virus analysis, as well ...
The Bazaar, the Maharaja's Ultimatum, and the Shadow of the Future: Extortion and Cooperation in the Zero-Day Market Alfonso de Gregorio The work contains the first results of an ongoing study on extortion and cooperation in ...
Compromises in Large Infrastructures: Investigating and Managing Incidents Vladimir borisovich Kropotov Large companies' information infrastructures often attract hackers. Media highlights tens of hacks, while hundreds of ...
How do infrastructure owners detect attacks? What do they do once a hack is detected and what should not be done? Who and when should be informed of an incident? What skills and technical equipment ar Vladimir borisovich Kropotov the head of monitoring department at Positive Technologies, a frequent speaker at a number of ...
Detecting Network Intrusions With Machine Learning-Based Anomaly Detection Techniques Clarence Chio Machine learning techniques used in network intrusion detection are susceptible to “model poisoning” by attackers. ...
CAESAR, BRUTUS, and Symmetric Crypto in 2020s Markku-juhani Olavi Saarinen What kind of ciphers do security-conscious users and organizations expect to be actually using in ...
Why IT Security Is Fucked Up Stefan Schumacher IT security is in a miserable state. The problems have been discussed again and again ...
How to Choose WAF Eldar Beibutov The report is about choosing a web application firewall for a large company. The speaker ...
RFID/NFC for the Masses Nahuel Grisolía The workshop covers both the Low Frequency band (mainly used for individual physical access to ...
Mobile "Security" Katerina Troshina , Yaroslav Alexandrov , Lenar Safin , Alexander Chernov The speakers will present a complete analysis process implemented to check if mobile applications comply ...
Key interests — binary analysis, decompilation and mobile application security. Lenar Safin is a postgraduate student of the faculty of computer science and technology at Saint Petersburg ...
ROP Is Not a Problem Anymore: Automatic Shellcode Detection in Network Traffic Ivan Petrov , Svetlana Gayvoronskaya This report covers the analysis of ROP shellcode present in public databases (metasploit, exploitdb, etc.) ...
Damn Vulnerable Chemical Process Marina Krotofil Attackers and researchers have shown numerous ways to compromise and control the digital systems involved ...
Binary Analysis Using Decompilation and LLVM Katerina Troshina , Yaroslav Alexandrov , Lenar Safin , Alexander Chernov The report describes how to apply binary decompilation methods to find security flaws in binary ...
Investments in a Global Development of Security Companies Yoav Tzruya , Alexander Galitsky , Sergei Khodakov , Geoffrey Baehr , Mikhail Kader The participants of this section will touch upon the areas of investments in the cyber-security ...
Not by Nmap Alone Dmitry Boomov The researcher will look into the possibility of internal infrastructure scanning via a victim’s browser ...
Hacking a Site on Adobe Experience Manager Mikhail Egorov The report is devoted to security testing of web applications based on Adobe Experience Manager ...
Handcuffs & Restraints Tech Robert Pingor For all of their varied brands and styles, did you know that most handcuffs consist ...
iOS Application Exploitation Prateek Gianchandani , Egor Tolstoy This will be a hands-on introduction to exploiting iOS applications. The training will be based ...
Log Analysis Automation Through Elastic Vitaly Chetvertakov , Kirill Semyonov The report is devoted to analyzing and correlating large amounts of logs from a variety ...
Debug Automation in WinDbg Alexander Tarasenko This will be a hands-on demonstration on how to automate painstaking tasks using WinDbg. You ...
Static Analysis of Source Code After 200 Open-Source Projects Evgeny Ryzhkov , Andrey Karpov NDA often forbids releasing information about closed commercial projects, but open source can and should ...
Attacks on SAP MobileTech Vahagn Vardanyan N/A
DGAs and Threat IntelligenceTech John Bambenek This talk will focus on a research into Domain Generation Algorithms used in several malware ... IncludeThinkstScapes
Specialized Compiler for Hash Cracking Alexey Cherepanov A lot of time was spent to improve hash cracking speed, but the results still ...
SAT Algorithms and Their Application in Cryptanalysis Alexander Semenov The report is about applying SAT algorithms to cryptanalysis tasks. The speaker will cover the ...
Why State-sponsored Malware is Interesting Alexander Gostev , Vitaly Kamluk Over the past few years, the cyberspace has turned into a battleground for spooks and ...
Cryptography in Russia: Is It All That Bleak? Sergey Agafin , Stanislav Smyshlyaev , Evgeny Alexeev The speakers will outline the basic principles of Russian cryptographic protection mechanisms, discuss the requirements ...
Emerging Trends and Ideas About the Business of Security From a Silicon Valley VC Perspective Geoffrey Baehr The strategy and business of security companies is rapidly changing. This is due to the ...
Lock Screen Bypass on Android Devices Leonid Lukyanenko The report is devoted to the methods of bypassing lock screens on Android devices. The ...
Is There Life Without SIEM? Igor Gots The speaker will demonstrate an effective primary analysis of system logs by using freeware. A ...
Yet Another Shodan: Creating a Similar Search Engine Igor Agievich , Pavel Markov The Shodan search engine has lately become very popular. It allows searching for various equipment ...
Pig in a Poke: M&A Security IssuesBusiness Natalya Kukanova When a company buys another company, nobody ever thinks of a security audit. If, by ...
Chw00t: Breaking Unices’ Chroot SolutionsTech Balazs Bucsay Chroot is not a security solution, but still lots of people use it as it ...
Don’t Believe Your Own Redirects Mikhail Bolshov This talk will focus on ways to bypass trusted redirects of Yandex, Mail.Ru, and LiveInternet.Mikhail ...
Bootkit via SMS: 4G Access Level Security Assessment Alexey Osipov , Timur Yunusov , Kirill Nesterov This report is devoted to the security of 4G networks. The speakers will focus on ...
Calculation, Visualization, and Analysis of Security Metrics in SIEM SystemsTech Igor Kotenko This report will focus on the current state of research and development introducing a new ...
Building International White Hat CommunityBusiness Vangelis , Rodrigo Rubira Branco , Sergey Gordeychik , Alexander mikhailovich Polyakov , Dragos Ruiu , Kana Shinoda , Bogk Andreas The Hacker Manifesto provoked the ongoing dispute on the distinction between hackers and criminals, researchers ...
SSL/TLS: History of Vulnerabilities Vladimir Lepikhin Over the past few years, there have been lots of vulnerabilities found in the TLS ...
Information Security: Careers of the Future Evgeny Minkovsky , Igor Sokolov , Aleksey Lukatsky , Mikhail Savelyev , Alexander Rusinov , Dmitry Gorelov , Ilya Dimitrov What jobs and technologies in information security will be in, say, five years? What about ...
Memory Corruption: from Sandbox to SMMTech Nikita Tarakanov This report will focus on similarities and differences of memory corruptions exploitation in different rings, ...
When File Encryption Helps Password Cracking Sylvain Pelissier The speaker will focus on eCryptfs, a Linux kernel file system used for file encryption. ...
SAP Security: Real-life Attacks on Business Processes Ertunga Arsal SAP applications build the business backbone of the largest organizations in the world. The speaker ...
Future Technologies for Internal Threat Elimination Natalya Kaspersky Protection from data leaks has evolved to resistance to internal threats and business risks. According ...
Technologies for Protection of ICS Integrity Andrey Doukhvalov Modern security technologies are oriented mostly on data confidentiality and less on data availability or ...
Today's Russia in Unfriendly Cyberworld Alexey Andreev A panel discussion on what information security issues are now the most pending in Russia ...
Practical Approaches to Automation of Reverse Engineering Anton Dorfman The report focuses on the author’s experience in creating a reverse engineering plugin based on ...
Expert Community's Role in Generation of Information Security Threat Databases Fstec Of Russia This year, FSTEC of Russia has launched a public information security threat database comprised of ...
How to Get the Common Criteria Certificate in Germany and Live to Tell the Tale Dmitry Kuznetsov The speaker will focus on his first successful experience in certifying a Russian security product ...
General Pr0ken File System Florian Grunow , Felix Wilhelm The speakers will present a detailed overview of the IBM General Parallel File System (IBM ...
Kaspersky Lab’s Solutions for ICS Security Konstantin Kamanin Kaspersky Lab’s overview of how to protect an ICS from main threats.Konstantin Kamanin is the ...
Invisible Backdoors In Your Code Debasis Mohanty This report will share facts of intentionally introduced security bugs demonstrating how such backdoors go ...
GSM Security Sergey Ponomarev The speaker will review generally accessible tools for GSM radio channel analysis (AirProbe, OsmocomBB, OpenBTS, ...
Wireless Arduino-based Spy Andrey Biryukov External wireless devices have become quite widespread nowadays. Even at work, many people prefer using ...
Cyberspace in Outer Space Aleksey Andreev , Dmitry Pashkov , Vitaly Egorov , Alexander Ilyin Development of the Internet and other communication systems brought space much closer. On the one ...
Black and White: Underground and Security Trends Vladimir borisovich Kropotov , Boris Simis Boris Simis Boris Simis, Vladimir Kropotov
Specifics of Data Storage in Popular Messaging Apps on Mobile Devices Artyom Poltorzhitsky The speaker will demonstrate the flaws of user data storage methods implemented in standard social ...
Open Source Anti-DDoS Web Accelerator Andrey Karpov , Alexander Krizhanovsky The report is devoted to Tempesta FW, a hybrid solution that combines a reverse proxy ...
Soviet Supercomputer K-340A and Security of Cloud Computing Sergey Krendelev The speaker will focus on issues of encrypted data processing with nonstandard encryption algorithms, such ...
How to Spot Invisible Incidents Dmitry Kuznetsov Statistics show that attackers require three to five days to obtain full control over large ...
Protecting HART Against Hacker Attacks Ravil Zulkarnaev This report will cover theoretical security issues concerning data transfer via the HART protocol. It ...
Destroy — Create — Destroy Alexey Kachalin Assessment of information system and application security in the course of development is gradually becoming ...
How to Detect Threats in Car Onboard Data Transferring Networks Nikolai Kalintsev Electronics control all systems in a modern car — its engine, brakes, roadholding ability, safety ...
Information Security Market: Novelties, Questions & Answers Business Oleg Glebov , Aleksey Kiselev , Igor Lyapunov , Yuri Sergeev Leading participants of the IS market will introduce their products and solutions: Oleg Glebov rose ...