ARMSec 2016
OWASP Security Conference - 17 September, 2016


Registration starts at 09:00 AM at the entrance of Manoogian Hall. Manoogian Hall and Rooms 113W and 313W will simultaneously start talks, workshops and paneldiscussions right after Keynote speech.

We will break two times during the day:

  • 12:30 - 13:00 Coffee Break
  • 15:00 - 16:00 Lunch

Please switch between tabs to see the schedule in the other rooms.

Satenik Mnatsakanyan


Opening speech

Samvel Martirosyan


Annual 3W review: what, when, who in Armenia. And a lot of about near future.

Khachatur Virabyan

Artificial Intelligence integration in the world of InfoSec

With the growth of more sophisticated attack surface of the web, the defense must start to evolve, artificial intelligence implementation in the world of information security will bring new breath for new technologies and strategies for defending information infrastructures.

Knarik Kyuregyan

New Block Cipher SAFER-256

Two types of cryptographic algorithms exist: symmetric and asymmetric algorithms. Symmetric algorithms are the classical approach for secure communication. But they have а big drawback in that communication partners have to share the same secret key, thus, the problem of key distribution arises. The asymmetric principle solves the key distribution problem in an elegant way by using two different keys, a public and a private one. Encryption and verifying involves a public key that is available to everyone. The private key is used for decryption and signing. However, asymmetric (public key) algorithms are computationally much more expensive than symmetric algorithms (about 1000 times), which is viewed by many as a big knockout criteria for applications such as embedded systems with limited processor power and a small sized memory. In ARmSec we will talk about block ciphers and their pros and cons.

Samvel Gevorgyan

Can you predict who will win the US election?

Who would win the battle for the White House to become the next President of the United States was a topic of hot debate in 2012.

Much of that debate was taking place online, with plenty of people blogging, tweeting or updating social media with their thoughts on Mitt Romney versus Barack Obama.

This provided us with a rich source of information about what people were thinking and feeling about the election race.

Eghisabet Alaverdyan

Algebraic attaks against cloud cyphers

Cloud computing is a cost-effective platform for providing services over the Internet. However, cloud computing adds certain risks, such as: outsourcing essential services to a third party; lack in data security and privacy; attacks against cloud ciphers. This topic addresses issues in the sphere, particularly, suggests identification of the main vulnerabilities in secure cloud computing aiming at analysis of specific attacks against cloud ciphers...

Ajit Dhumale
Vaagn Toukharian

Protecting Web Applications in today’s Hostile Environment

Modern day web applications live and operate in a complex eco-system. Securing the web server and web application business logic is not sufficient. The eco-system outside your direct control also contribute to the security risk posed to users of you web application. Security weaknesses and compromised elements in the eco-system would make your, otherwise safe, application risky for your users. You need to think of protecting your users in this untrusted environment.

Davit Baghdasdaryan

Can I tell you a secret?

We will talk about the state of security in communications, both in traditional Telecom as well as modern E2E Voice/Text Apps. While the talk will be high level, we will still dig into topics such as $30B worth Fraud in Telecom, why security community doesn't like Telegram and some open problems in this space.

Artur Avanesov

Facebook Secret Chat

Automatically encrypts and decrypts t system. All messages and end-to-end encrypted with an AES256 encryption algorithm and encrypted/decrypted locally in the browser so no plain text ever hits servers.

Mari Barseghyan

High Tech Center for Cybersecurity

The center seeks to develop and employ high tech solutions to enhance the professional capabilities of recruits during compulsory military service.

The center, in particular, has four main areas of activity: department of training and qualification, department of solutions development, department of cybersecurity, and department of incubation.

Ruben Muradyan

Building and maintaining secure DMZ

Every infosec standard requires properly built DMZ. What are the actual requirements for DMZ and how shall it be organized? How to configure secure operations of public services?

If you are interested in security and standards this workshop is for you.

Edgar Aroutiounian

Reverse engineering iOS, a tour of the landscape and live examples

Getting into reverse engineering can be hard, there’s a lot of outdated material and much of the knowledge is in people’s heads rather than written down. We’ll do a tour what you can do with a jailbroken phone as a programmer, along the way we’ll show some neat code injection tricks and maybe a live man in the middle session of an iPhone talking to iTunes.

Ruben Muradyan

Getting ready for DDOS

Fine tuning of web-applications for DDOS mitigation. Cloudflare tuning. Armenia based bots. What are the lessons that were taught during the last 5 years of azeri DDOS mitigation against the Armenian web.


ARMSec conference is Armenia’s premier security conference. It will be held at Yerevan, Armenia on 17 September, 2016. Based on the ARMSec 2014 and ARMSec 2015 we anticipate active participation of information security professionals, government institutions, academia as well as students. The conference is organized and will be held by members of the OWASP Armenia Chapter.

General Sponsor



Official T-Shirt of ARMSec 2016

First 100 participants will get ARMSec 2016 T-Shirts.