May 23–26, 2024, Moscow, Luzhniki sports complex

4/21/2022

PHDays 2022 contests: ML techniques, ATM hacking, and IDS bypass

The pandemic was followed by a real epidemic of cyberattacks, making the PHDays forum more relevant than ever in the new reality. As ever, there won’t be a dull moment. In addition to in-depth talks on information security, you will witness The Standoff cyberbattle, while the wide range of contests will not only keep you entertained, but deliver new knowledge and valuable experience. The competitions are open to all interested researchers. You can take part online or offline.

Last year, there were a lot of venturous participants: each of the five contests at PHDays X gathered dozens of information security enthusiasts—a total of more than 200 people. This time, we want to attract even more, so we have refined and updated the formats of our contests.

Artificial intelligence (AI) technologies have already become a part of our lives. The kidding is over. Now that cybercriminals have started using deepfakes in their attacks, AI is no longer a gimmick, rather the source of new incidents, some curious, some terrifying. At the AI Track, participants will hear talks on the role of AI in security, as well as on the security of AI itself. AI experts will share their experience in using machine learning (ML) for protection, and researchers will talk about the risks of AI-based solutions. The AI CTF competition will acquaint information security specialists with various ML techniques and vulnerabilities in CTF gaming services. The tasks of varying difficulty levels will fascinate both experienced CTF players and beginners.

In the Payment Village, you can try your hand at finding vulnerabilities in banking systems. Our experts will tell you about various payment devices and their protection flaws. After getting acquainted with the theory, you’ll have the chance to test the security system of a real ATM, cash register system, or POS terminal. Even those without their own laptop can still take part.

At the IDS Bypass stand, you can put a real network protection system through its paces. Not only will participants have to find weaknesses in six services and get flags for fulfilling certain conditions, but also bypass an intrusion detection system (IDS), which allows traffic through and blocks attempted network attacks. Vulnerable services are selected so that competitors focus their efforts on bypassing the IDS, and the number of possible solutions is unlimited.

Such contests have been chosen for a reason. Cybercriminals, with their rich imagination, can weaponize any payment terminal, allowing them to attack banks and cardholders alike. And as the boom in biometrics continues, we can expect ever more deepfakes and other AI-related challenges in the near future.

The PHDays 2022 program does not end there. Far from it. HackerToon, an experimental animation festival, and the final of the first All-Russian open-source project competition for schoolchildren and students await forum visitors and participants. In addition, music will feature heavily at PHDays: the finalists of the Positive Wave festival will perform, and a well-known Russian musician will play AI-composed tracks.

The co-organizer of PHDays 2022 is InnoSTage Group, a key cybersecurity player. The business partners of the forum are Rostelecom-Solar, a national provider of information security services and technologies; MONT, a distributor of software for any business; and Security Vision, a developer of cybersecurity solutions. The partners of PHDays 2022 are Axoft, Fortis, ICL System Technologies, InfoWatch, MARVEL Distribution, R-Vision, Azbuka Vkusa, Gazinformservice, and Pangeo Radar.