PHDays 2015 May 26, 2015 to May 27, 2015, Moscow,Russia
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
A Long View of Information Security | Whitfield Diffie | Cryptography, despite a long prehistory, is only about a hundred years old: radio created the ... | |
Circle of Mugging: Identity Theft in Moscow Metro | George Noseevich | Since January 2015, the Moscow Metro Wi-Fi has officially become available on all the subway ... | |
Zero Shades of Grey | Andrey Masalovich | Early detection and prevention of different information attacks, as well as struggle against extremism on ... | |
Automated Patching for Vulnerable Source Code | Vladimir Kochetkov | The report describes problems of automated patching based on the results of source code security ... | |
The End of Anonymity on Anonymous Networks | Maria Garnaeva , Denis Makrushin | The problem of user de-anonymization on the Darknet becomes more and more popular. The report ... | |
Social Engineering for Fun and Profit | Chris Hadnagy | The speaker will share his experience in creating competitions all around social engineering and will ... | |
Building a Cyber Fortress | Alexander Sverdlov | This fast and intensive one-hour hands-on lab is devoted to hardening operating systems, routers, networked ... | |
GSM Signal Interception Protection | Sergey Kharkov , Artyom Poltorzhitsky | GSM network attacks, involving replacement of a base station with a virtual one (MITM attacks), ... | |
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web Applications | Denis Kolegov , Nikolai Tkachenko | The report describes non-invasive methods for elimination of vulnerabilities in logical access control and data ... | |
Fighting Payment Fraud Within Mobile Networks | Denis Gorchakov , Nikolai Goncharov | The speakers will talk about a hardware-software system designed for Android virus analysis, as well ... | |
The Bazaar, the Maharaja's Ultimatum, and the Shadow of the Future: Extortion and Cooperation in the Zero-Day Market | Alfonso de Gregorio | The work contains the first results of an ongoing study on extortion and cooperation in ... | |
Compromises in Large Infrastructures: Investigating and Managing Incidents | Vladimir borisovich Kropotov | Large companies' information infrastructures often attract hackers. Media highlights tens of hacks, while hundreds of ... | |
How do infrastructure owners detect attacks? What do they do once a hack is detected and what should not be done? Who and when should be informed of an incident? What skills and technical equipment ar | Vladimir borisovich Kropotov | the head of monitoring department at Positive Technologies, a frequent speaker at a number of ... | |
Detecting Network Intrusions With Machine Learning-Based Anomaly Detection Techniques | Clarence Chio | Machine learning techniques used in network intrusion detection are susceptible to “model poisoning” by attackers. ... | |
CAESAR, BRUTUS, and Symmetric Crypto in 2020s | Markku-juhani Olavi Saarinen | What kind of ciphers do security-conscious users and organizations expect to be actually using in ... | |
Why IT Security Is Fucked Up | Stefan Schumacher | IT security is in a miserable state. The problems have been discussed again and again ... | |
How to Choose WAF | Eldar Beibutov | The report is about choosing a web application firewall for a large company. The speaker ... | |
RFID/NFC for the Masses | Nahuel Grisolía | The workshop covers both the Low Frequency band (mainly used for individual physical access to ... | |
Mobile "Security" | Katerina Troshina , Yaroslav Alexandrov , Lenar Safin , Alexander Chernov | The speakers will present a complete analysis process implemented to check if mobile applications comply ... | |
Key interests — binary analysis, decompilation and mobile application security. | Lenar Safin | is a postgraduate student of the faculty of computer science and technology at Saint Petersburg ... | |
ROP Is Not a Problem Anymore: Automatic Shellcode Detection in Network Traffic | Ivan Petrov , Svetlana Gayvoronskaya | This report covers the analysis of ROP shellcode present in public databases (metasploit, exploitdb, etc.) ... | |
Damn Vulnerable Chemical Process | Marina Krotofil | Attackers and researchers have shown numerous ways to compromise and control the digital systems involved ... | |
Binary Analysis Using Decompilation and LLVM | Katerina Troshina , Yaroslav Alexandrov , Lenar Safin , Alexander Chernov | The report describes how to apply binary decompilation methods to find security flaws in binary ... | |
Investments in a Global Development of Security Companies | Yoav Tzruya , Alexander Galitsky , Sergei Khodakov , Geoffrey Baehr , Mikhail Kader | The participants of this section will touch upon the areas of investments in the cyber-security ... | |
Not by Nmap Alone | Dmitry Boomov | The researcher will look into the possibility of internal infrastructure scanning via a victim’s browser ... | |
Hacking a Site on Adobe Experience Manager | Mikhail Egorov | The report is devoted to security testing of web applications based on Adobe Experience Manager ... | |
Handcuffs & Restraints Tech | Robert Pingor | For all of their varied brands and styles, did you know that most handcuffs consist ... | |
iOS Application Exploitation | Prateek Gianchandani , Egor Tolstoy | This will be a hands-on introduction to exploiting iOS applications. The training will be based ... | |
Log Analysis Automation Through Elastic | Vitaly Chetvertakov , Kirill Semyonov | The report is devoted to analyzing and correlating large amounts of logs from a variety ... | |
Debug Automation in WinDbg | Alexander Tarasenko | This will be a hands-on demonstration on how to automate painstaking tasks using WinDbg. You ... | |
Static Analysis of Source Code After 200 Open-Source Projects | Evgeny Ryzhkov , Andrey Karpov | NDA often forbids releasing information about closed commercial projects, but open source can and should ... | |
Attacks on SAP MobileTech | Vahagn Vardanyan | N/A | |
DGAs and Threat IntelligenceTech | John Bambenek | This talk will focus on a research into Domain Generation Algorithms used in several malware ... | IncludeThinkstScapes |
Specialized Compiler for Hash Cracking | Alexey Cherepanov | A lot of time was spent to improve hash cracking speed, but the results still ... | |
SAT Algorithms and Their Application in Cryptanalysis | Alexander Semenov | The report is about applying SAT algorithms to cryptanalysis tasks. The speaker will cover the ... | |
Why State-sponsored Malware is Interesting | Alexander Gostev , Vitaly Kamluk | Over the past few years, the cyberspace has turned into a battleground for spooks and ... | |
Cryptography in Russia: Is It All That Bleak? | Sergey Agafin , Stanislav Smyshlyaev , Evgeny Alexeev | The speakers will outline the basic principles of Russian cryptographic protection mechanisms, discuss the requirements ... | |
Emerging Trends and Ideas About the Business of Security From a Silicon Valley VC Perspective | Geoffrey Baehr | The strategy and business of security companies is rapidly changing. This is due to the ... | |
Lock Screen Bypass on Android Devices | Leonid Lukyanenko | The report is devoted to the methods of bypassing lock screens on Android devices. The ... | |
Is There Life Without SIEM? | Igor Gots | The speaker will demonstrate an effective primary analysis of system logs by using freeware. A ... | |
Yet Another Shodan: Creating a Similar Search Engine | Igor Agievich , Pavel Markov | The Shodan search engine has lately become very popular. It allows searching for various equipment ... | |
Pig in a Poke: M&A Security IssuesBusiness | Natalya Kukanova | When a company buys another company, nobody ever thinks of a security audit. If, by ... | |
Chw00t: Breaking Unices’ Chroot SolutionsTech | Balazs Bucsay | Chroot is not a security solution, but still lots of people use it as it ... | |
Don’t Believe Your Own Redirects | Mikhail Bolshov | This talk will focus on ways to bypass trusted redirects of Yandex, Mail.Ru, and LiveInternet.Mikhail ... | |
Bootkit via SMS: 4G Access Level Security Assessment | Alexey Osipov , Timur Yunusov , Kirill Nesterov | This report is devoted to the security of 4G networks. The speakers will focus on ... | |
Calculation, Visualization, and Analysis of Security Metrics in SIEM SystemsTech | Igor Kotenko | This report will focus on the current state of research and development introducing a new ... | |
Building International White Hat CommunityBusiness | Vangelis , Rodrigo Rubira Branco , Sergey Gordeychik , Alexander mikhailovich Polyakov , Dragos Ruiu , Kana Shinoda , Bogk Andreas | The Hacker Manifesto provoked the ongoing dispute on the distinction between hackers and criminals, researchers ... | |
SSL/TLS: History of Vulnerabilities | Vladimir Lepikhin | Over the past few years, there have been lots of vulnerabilities found in the TLS ... | |
Information Security: Careers of the Future | Evgeny Minkovsky , Igor Sokolov , Aleksey Lukatsky , Mikhail Savelyev , Alexander Rusinov , Dmitry Gorelov , Ilya Dimitrov | What jobs and technologies in information security will be in, say, five years? What about ... | |
Memory Corruption: from Sandbox to SMMTech | Nikita Tarakanov | This report will focus on similarities and differences of memory corruptions exploitation in different rings, ... | |
When File Encryption Helps Password Cracking | Sylvain Pelissier | The speaker will focus on eCryptfs, a Linux kernel file system used for file encryption. ... | |
SAP Security: Real-life Attacks on Business Processes | Ertunga Arsal | SAP applications build the business backbone of the largest organizations in the world. The speaker ... | |
Future Technologies for Internal Threat Elimination | Natalya Kaspersky | Protection from data leaks has evolved to resistance to internal threats and business risks. According ... | |
Technologies for Protection of ICS Integrity | Andrey Doukhvalov | Modern security technologies are oriented mostly on data confidentiality and less on data availability or ... | |
Today's Russia in Unfriendly Cyberworld | Alexey Andreev | A panel discussion on what information security issues are now the most pending in Russia ... | |
Practical Approaches to Automation of Reverse Engineering | Anton Dorfman | The report focuses on the author’s experience in creating a reverse engineering plugin based on ... | |
Expert Community's Role in Generation of Information Security Threat Databases | Fstec Of Russia | This year, FSTEC of Russia has launched a public information security threat database comprised of ... | |
How to Get the Common Criteria Certificate in Germany and Live to Tell the Tale | Dmitry Kuznetsov | The speaker will focus on his first successful experience in certifying a Russian security product ... | |
General Pr0ken File System | Felix Wilhelm , Florian Grunow | The speakers will present a detailed overview of the IBM General Parallel File System (IBM ... | |
Kaspersky Lab’s Solutions for ICS Security | Konstantin Kamanin | Kaspersky Lab’s overview of how to protect an ICS from main threats.Konstantin Kamanin is the ... | |
Invisible Backdoors In Your Code | Debasis Mohanty | This report will share facts of intentionally introduced security bugs demonstrating how such backdoors go ... | |
GSM Security | Sergey Ponomarev | The speaker will review generally accessible tools for GSM radio channel analysis (AirProbe, OsmocomBB, OpenBTS, ... | |
Wireless Arduino-based Spy | Andrey Biryukov | External wireless devices have become quite widespread nowadays. Even at work, many people prefer using ... | |
Cyberspace in Outer Space | Aleksey Andreev , Dmitry Pashkov , Vitaly Egorov , Alexander Ilyin | Development of the Internet and other communication systems brought space much closer. On the one ... | |
Black and White: Underground and Security Trends | Vladimir borisovich Kropotov , Boris Simis | Boris Simis Boris Simis, Vladimir Kropotov | |
Specifics of Data Storage in Popular Messaging Apps on Mobile Devices | Artyom Poltorzhitsky | The speaker will demonstrate the flaws of user data storage methods implemented in standard social ... | |
Open Source Anti-DDoS Web Accelerator | Andrey Karpov , Alexander Krizhanovsky | The report is devoted to Tempesta FW, a hybrid solution that combines a reverse proxy ... | |
Soviet Supercomputer K-340A and Security of Cloud Computing | Sergey Krendelev | The speaker will focus on issues of encrypted data processing with nonstandard encryption algorithms, such ... | |
How to Spot Invisible Incidents | Dmitry Kuznetsov | Statistics show that attackers require three to five days to obtain full control over large ... | |
Protecting HART Against Hacker Attacks | Ravil Zulkarnaev | This report will cover theoretical security issues concerning data transfer via the HART protocol. It ... | |
Destroy — Create — Destroy | Alexey Kachalin | Assessment of information system and application security in the course of development is gradually becoming ... | |
How to Detect Threats in Car Onboard Data Transferring Networks | Nikolai Kalintsev | Electronics control all systems in a modern car — its engine, brakes, roadholding ability, safety ... | |
Information Security Market: Novelties, Questions & Answers Business | Oleg Glebov , Aleksey Kiselev , Igor Lyapunov , Yuri Sergeev | Leading participants of the IS market will introduce their products and solutions: Oleg Glebov rose ... |