Students 2016-2017

Anatoly Tykushin

Anatoly graduated from Penza State University in 2016 as a specialist in Information security of automated systems. He worked in НИП «Аргус» АО «ПНИЭИ» for 4 years as an embedded software engineer. As an embedded software engineer he was involved in developing projects on microcontroller units (MCU) using C and assembler programming languages. His tasks were developing software for slave devices like keyboard, key input device and etc. Also, he implemented data exchange protocols with support of wired interfaces like USB, UART(USART), I2C, SPI, 1-Wire. He also developed special software and prepared required documentation for certification tests.

As a research student of Masters degree in Secure System and Network Engineering in Innopolis University, he has worked on  a couple of research projects.


  • “Forging virtual environments by untrusted cloud provider”. Here we designed possible attack scenarios of how untrusted cloud provider can get access to the clients’ data through bypassing security mechanisms, like full-disk encryption, transparently for the client. The project team developed a proof-of-concept installation that demonstrates one of the possible attacks on the client’s infrastructure.

  • “File system based on social networks media storage”. Here the project team implemented proof-of-concept file system that can be mounted in the user-space. The file systemabuses social network music storage by mimicking any file as an audio file. It stores data in chunks where each chunk is an mp3 file of size equal to 1Mb. When a user wants to save a file, the file system splits it into chunks and uploads the chunks to the social networks such as and The file system itself does not have any file size or disk space limitations.

  • “Video memory forensics”. The students automated the process of acquiring and analyzing  graphical data from the memory. As a result, they developed Volatility plug-in that works with Linux profiles and automatically retrieves screen images and process windows from computer memory dump.


Nadezhda Troflyanina

She received Bachelor degree from Moscow Technical University of Communications and Informatics. Her diploma paper was: A development of the software product "Traffic Analyzer". She  worked in the JSK "RSK" as a system administrator (responsibilities: network monitoring corporate email, implementing preventive measures, timely response to security threats).

During the studying in Innopolis University she worked on the following projects:

  • “Security in public place: defining drug intoxication by the pupil size”. The main idea of the project is to compare two photographs of the same person with different levels of illumination. Primary tool: OpenCV. The achieved result: a prototype of the application which can determine a state of people (using only 2 photos).

  • “Backdooring asymmetric crypto-algorithms”.The existing cryptosystem can be considered as a black-box/ In this project there were analyzed  methods of embedding and detecting backdoors, kleptographic attacks on ElGamal and DSA, provided proof of concept code and detection techniques.

  • “Forensics on smart fitness trackers”. It was considered in details how fitness trackers work, how and where they collect information. Also, in the work described results of practical experiments including  substitution of data stored on the bracelet, copying data from a bracelet without alerting user, sending false notifications

As the results of completing her projects,  she developed skills in information security, especially in the usage of secure protocols and encryption; ability to conduct expertise and investigations in the field of computer forensics and cybercrime.  
 bogdan-v.JPG Bogdan Vaneev

He received bachelor degree at Kharkov National University of Radielectronics (2011-2015).He studied at Telecommunications faculty of the Communication networks department.His  graduation thesis was "Multicriterial analysis of stegoalgorithms", where he used  multicriteria optimization to find the best algorithm by predefined criterias, and developed his own algorithm.

Industrial experience:

1. Junior Engineer (intern) at Samsung Ukraine, Kharkov during June 2013 - Sep 2013. Project related to scientific calculations. MATLAB, C++, gtkmm.

2. Software Engineer at Biodynamo project ( during summer internship in July 2016. He worked  on visualization engine. He used for that  C++, STL, CERN ROOT.

3. Software Engineer at Soramitsu, from Dec 2016 till

Projects: - validation peer in blockchain network, - distributed database for Iroha. It is used following technologies and languages:  C++14, gtest, cmake, Flatbuffers, STL, python, docker, docker-compose, docker swarm.

He has personal github repo on the following link:

Projects completed during studying SNE program:

  • Physical security of electronic devices “ In this project students considered what potential attacker can  do if he has physical access to the following devices: PC with Windows, PC with Linux, Android phone (versions 4, 5, 6) with full disk encryption, partial disk encryption and without disk encryption. The contribution of Bogdan was developing techniques for the hacking host operating system through bootloaders, developing a proof of concept for patching initrd and PAM to steal user's disk decryption password and  personal password.

  • Backdooring asymmetric crypto algorithms”  In this project students considered few backdoors for asymmetric algorithms: RSA, DSA, DH, El-Gamal, algorithms based on ECDLP. The contribution of Bogdanwas describing security principles of algorithms based on elliptic curves and proposing own backdoor for any algorithm based on ECDLP with implementing the "strongest" backdoor in latest OpenSSL (

  • “Extracting passwords from KeePass storage after memory acquisition”  In this project students  considered a case when forensics expert performs memory acquisition of KeePass process and then analyses it. Group developed a technique which allows to extract and decrypt all encrypted passwords from the memory dump including master password. Students have developed a proof of concept - program.

 stepan-r.JPG Stepan Rogonov

Received Bachelor degree at ITMO University in 2016 with graduation work "Augmented reality application". During 2015-2016 he has worked for  Arcadia company in Saint-Petersburg like junior C++ programmer. BOOST and math libraries was used for set of scientific tools, the work results was used by abroad scientists.

Projects completed during studying in SNE programm:

"Bitcoin wallets classification", results from this project may help to find and arrest criminals that try hiding money in digital currency. As a outcomes of that work several features was got from bitcoin database. If combine them with exists large programs in that area, new information can be extracted.

Except main project in first half of graduation, there are two other projects related with specific courses: "Drug detection based on eye analysis" and "Finding proofable timestamps in Filesystems and Journals of operating systems".
Through that projects several programs are written and a lot of technical literature was analysed. Finally program can successfully detects fact of non normal eye's behavior and a lot of ways to get timestamps was founded.
Nevertheless a lot of other topics that closer to security are interesting and wait its time.

 artyom-b.JPG Artyom Bakhtin 

Artyom has two degrees:

Karaganda State Technical University, Bachelor’s Degree Field Of Study Computer Science (2010 – 2014)

Thesis topic: Modernization of software and hardware means to ensure information security of e-payment company


Tomsk Polytechnic University, Master's Degree, Computer Systems Networking and Telecommunications (2014-2016)

Thesis topic: Development and modernization of software and hardware means to ensure information security

Industrial experience:

Wooppay, Kazakhstan (Nov. 2012 - Jun. 2015)

- Continuous company infrastructure/web-portals penetration testing (automated/manual, PCI DSS compliance, code security review);

- Network infrastructure maintenance/configuration (Cisco IPS/IDS, Catalyst, ISR, PIX Firewall, ACL, VLAN);

- Linux environment deployment/configuration (CentOS, MySQL, Apache/Nginx, PHP, SSL/TLS

Selectel, Saint-Petersburg (Internship, June - July 2015)

Development of the tool to distribute forbidden sites registry entries among network hardware in datacenter.

Projects completed during studing on SNE programme:

"Confidentiality of Virtual Environments in Untrusted Clouds"

The project team looked into the possibility to access client's virtual machine data by adversary cloud provider running KVM technology. The project team has showed that the provider could log keystrokes and read disk image, without making any changes to the guest environment. Attack works even when the client utilizes full-disk encryption and hardened environment.

"File System Based on Social Networks Media Storage"

The project teamp created a proof-of-concept software that allows to store and manage files of any format in social networks mimicking them as audio files.

It works for those social networks that allow to upload user audio files. Usually, they don't limit the amount of files uploaded. Students exploit this fact to mimic files of an arbitrary format as MP3 audio files. To ease the file management routine we implemented own file system based on FUSE kernel module.

"Leveraging BitTorrent network to detect files with hidden information"

The main goal of this project was to confirm the possibility to validate integrity of local files using BitTorrent network. Such task primarily lies in computer forensics area. There are cases when an expert should validate whether files on disk were embedded with hidden information (like crypto container, steganography, etc). But the number of files doesn't allow to perform the operation manually. As for now, significant part of user files, especially larger ones, are downloaded from the BitTorrent network.

The project team created a software that allows to check whether file is registered in the BitTorrent network using an offline database. If it is not found there then use Distributed Hash Table.
 vasiliy-p.JPG Vasiliy Podtikhov

Has got bachelor degree on Information security from Kazan Federal University, Physic Institution. Graduation work was "Integration log2timeline data into Splunk system".

His last project was "Analysis of Bitcoin block-chain database for clustering wallets". In this work he tries to identify characteristics of wallets and apply clusterization techniques on bitcoin wallets for trying to identify wallet users. All transaction was saved in PostgreSQL database management system. From this transactions some futures of wallets was extracted and calculated (live time, number of transactions, total amounts of bitcoins etc.)In this work following technologies was involved: block-chain, Kahan summation algorithm, K-means++.

First SNE project was done during Security of Systems and Networks course. It was named "Mapping IP address to account on social network" in this work he with his colleague found the correlation between IP addresses which was retrieved from net-flow records in Innopolis University, and user profile in social networks like VK, Instagram and Facebook. For this project few programs was written as proof of concept to obtain date of presence person in social network and tie him to IP address.

Second was did on Computer Crime and Forensics course. "In memory forensics of popular data storages", this was the name of this project. In this project he study the ways that databases saved in volatile memory and try to extract data from their. He wrote the plugins for volatility framework which perform search databases data and extract them with preservation of structure and timestamps from RAM.
 mikhail.JPG Mikhail Boldyrev

Has received Bachelor degree from Bauman Moscow State University, faculty of Design and Technology of Electronic Devices, 15.08.2016, Thesis theme: "Electronic Fuel Level Gauge".

Mikhail has completed following projects while studying SNE programm:

A competition project: melody recognition program written in C++. Mikhail developed the overall architecture and the database module. The project finished as a working prototype.

SSN project: "Non-destructive physical attacks on electronic devices". Mikhail focused on Android devices security: screen lock, encryption, bootloader, privileges escalation. Different cases, attack scenarios and mitigation techniques were considered.

Research Project 1: "Graph Watermarking". Mikhail has created a new watermarking algorithm that is more resilient against cluster splitting attacks. Also, he has improved the global key exchange system, providing the ability to unambiguously determine the party that responsible to leak the data. The project is especially interesting because there were only two research papers published in that area to that date.

CCF project: "Video Memory Forensics". Mikhail participated in Linux graphics system exploration, kernel dump analysis and has created a method to reconstruct graphical data scattered over the video MMIO area. This project was a contribution to the free open-source cybercrime forensics tools.
 bulat-s.JPG Bulat Saifullin

He obtained his Bachelor’s Degree in Information Security In the Kazan National Research Technical University - KAI named after A.N.Tupolev. Final year project was “Implementation of Neural Cryptographic Protocols”. Also he has a degree of Translator(English-Russian) in the field of professional communication (International center of Kazan National Research Technical University).

His last industrial experience before he came to university Innopolis was in ICL -КПО ВС. He was working in Research and Development Center of System Technologies. The project what he was working on was about the implementation the Printer service that handle big number of printers and has security features as checking we leaking of confidential material through the printers etc. Project program language is C#.

The first SNE project was done during Security of Systems and Networks course. It was named "Mapping IP address to account on social network" in this work he with his colleague try to find correlation between IP addresses which was retrieved from net-flow records in Innopolis University, and user profile in social networks like VK, Instagram and Facebook. For this project few programs was written as proof of concept to obtain date of presence person in social network and tie him to IP address.

The second project was done during RP1. It was named “Analysis of the authenticated key exchange protocol that uses neural cryptography with secret boundaries” in this work he with his colleague tried to find the vulnerability in neural cryptography protocol NCSB. They found some potential vulnerability and they proposed modifications  to close this vulnerability.  During the project they created realizations of NCSB protocol in C# programming language.

The third project was done during Cybercrime and Forensics course. It was named “Forensic on Smart Fitness Trackers” in this work he with his colleague analysed fitness trackers and find out: How the data that the fitness trackers are collect and store are reliable; How these data are useful in the investigation; How they can extract the data from the fitness tracker;  Can somebody change data on the fitness tracker. They find out that cheap smart fitness trackers do not use encryptions that mean everyone can see the information that goes between Smartphone and fitness tracker, this is can be very dangers if the tracker has the screen and you receive  the message on the tracker. 
 aydar-s.JPG Aidar Sabirov

Aidar graduated from KNRTU-KAI in 2015 and has a specialist degree. The topic for diploma paper is "The software suite for extracting the data capable of reducing the anonymity level of a Tor user"

Aidar was working as an information security researcher for 2 years. The projects he conducted required a deep understanding of networks and cryptography. Therefore, he is capable of performing traffic analysis and modification in a variety of ways as well as analysis of cryptography implementations. Apart from that, he also have programming and basic reverse engineering skills, sometimes plays Capture The Flag (CTF) contests.

Completed Projects:

The first project was Secure Systems and Networks project called "Non-destructive physical attacks on electronic devices". The main goal of the team was to find out what can they possible do via a physical access to a device (Linux host, Android, Samsung Smart TV) including scenarios with encrypted devices. As a result, they managed to perform different kinds of attacks on various targets and created a threat model.

The next project was Research Project 1 called "Backdooring asymmetric crypto-algorithms". This time they were backdooring asymmetric crypto-algorithms in a way such that only the attacker can take advantage of that backdoor and even after reverse engineering the researcher would not be able to use that. They implemented these algorithms in OpenSSL or as a proof of concept. Detection techniques were used in order to find such backdoors in dumps which contain TLS and SSL handshakes from all IPv4 space.

In the last project "Leveraging BitTorrent network to detect files with

hidden information" they proposed a framework that allows a forensics expert to detect whether the files on the suspect’s hard drive were not modified using the BitTorrent network. If the file is genuine and it exists in the BitTorrent network, the framework outputs that thus allowing an expert to skip it and speed up the analysis process.
 konstantin-m.JPG Konstantin Munichev

Has got bachelors degree in «Dubna» University (The fundamental computer science and information technologies program). The bachelor paper: Developing an environment for interactive programming teaching.

Industrial experience:

Nordavind Group of Companies, Moscow Region, Dubna, June 2014 – July 2015. Main projects:

Video surveillance system development (C++, Qt). Completed integration of JVC IP camera to the video surveillance system. Improved the integration of the Mitsubishi digital video recorder to the video surveillance system by making the capability to work with a large amount of recorders (over 100) at the same time. Improved the automatic camera’s detection system.

Worked on the project "Cardiovascular monitoring system development (C/embedded, STM32)". He did Refactoring the firmware’s source code written by other developers. Designed and implemented storage system to save results of cardiovascular system measurements to micro-SD card. Added support for temperature sensors and accelerometer. Implemented the firmware update system for end users without chip programmers.

SNE projects participation.

SSN project: defining drug intoxication by the pupil size, project was done with the classmates. The basic idea was to take 2 photos of a man’s face: one in a dark environment and another one with a light turned on and see how pupil will react. If its size increases a person is not intoxicated; otherwise he has a significant probability to be intoxicated and should be tested by other methods. Project works in ideal environment but needs adaptation for a real life usage.

Research project 1: analysis of security issues in open- source software (alone). I performed a security analysis of a distributed hyperledger Iroha project ( using static code analysis tools and fuzzing. 3 different vulnerabilities were found, 2 of them fixed and all reported to project developers.

CCF project: Android messengers: memory acquisition and analysis. We performed a RAM acquisition and analyzed dumps of different Android messengers. We found that all messengers we analyzed provide no in-memory data protection and store all sensitive data as a plaintext.
 oleg-i.JPG Oleg Ilin

Has got bachelor degree in military technical-engineering university 2011, power supply project of a special object.

Before Innopolis University he worked in power supply company as an engineer.

In Innopolis Project SE was his first IT project. The team had developed an android mobile application, which is called SE Insights. He was responsible for database on server part, storing text in JSON format, performance testing.

During the SNE program he had completed several projects.

The first project was as part of Security Systems and Networks course. It was connected with device detection using wi-fi infrastructure. The project team developed application to send warning message to the Telegram group when appears a device which is not in permitted user list.

Another project was related to neural cryptography. With a partner he made a security analysis of key exchange protocol based on neural cryptography which is called NCSB (Neural Cryptography with Secret Boundaries). They have found some potential vulnerabilities and suggest ways to improve it.

As part of CCF course with a partner he made android messengers memory acquisition and analysis. They observed Telegram, Skype and Antox messengers.
 ali-a.JPG Ali Abdulmadzhidov

Has received Bachelor degree  in Information Security at Dagestan State University. 2015. Paper: Personal data protection in mobile applications theMeet

Industrial experience:

Event organization service development in TimePad.

- Developed android applications for event organization and ticket check.

- Fixed several security vulnerabilities.

Technologies: Android SDK, Java, Teamcity, github

Developed new way dating service (

- Developed client-server android application

- Managed development process.

- Server-side administration and support.

Technologies: Android SDK, Java, SaaS, git, redmine

Wrote telegram marketplace bot.

Technologies: Python, Flask, telegram-api, Postgres, Redis, Nginx, WSGI

As a research student of Masters degree in Secure System and Network Engineering in Innopolis University, he has worked on following of research projects.

Wi-Fi based access control service.

The project team distinguished ability to detect unauthorized access to room based on wifi signal and implemented findings in PoC tool. It is very interesting, because Wi-Fi is very widespread and such tool can help to detect visitors in area where they shouldn't be.

Analysis of Resource Consumption for Malware Detection

in Mobile Environment

Detection of malicious activity in mobile environment based on resource consumption.

Compared resource consumption of clean and infected device and developed method that can detect malicious activity in ideal situation.

This work is interesting because it is new way and method of malware detection.

VK Forensics.

Made forensics on memory and virtual machine snapshot in order to detect evidences like private messages, likes, friend add requests etc.

Implemented findings in PoC tool that gives extended output about various activities after processing memory dump.

This work is very useful to police departments, because there're many illegal activities are going in social networks like and this method can help to find evidences of that activites.

Emil Sharifullin

Received bachelor degree in KNRTU-KAI named after Tupolev. Bachelor paper: Development of BigData analysis system based on MapReduce pattern.

Industrial experience:

Tensor company-fullstack web developer(Python, JS, PostgreSQL, Redis)

NoXA datalab-BOS engineer(Java, Vaadin, PostgreSQL, Docker)

SNE Projects:

Wi-Fi Based Location Detection: In this project the project team developed system to detect indoor location of device with Wi-Fi enabled devices.

Analysis of Resource Consumption for Malware Detection in Mobile Environment: In this project the project team analysed ability to detect malware behaviour in backdoored applications based on resources consumption fingerprints.

Memory Forensics of Modern In-Memory Storages: in this project Emil with the teammate investigated ways to extract data from memory dumps of PostgreSQL and Memcached.

Сайт находится в технической разработке