Organized by the Computer Science Department and Hiroshi Fujiwara Cyber Security Research Center at the Technion.

The CS HACK 2020 is ready to go!


         Thursday and Friday, 2nd to 3rd of April.


         Taub Building – Computer Science Department.

If you have an exciting idea, you think outside the box, you have a hunger to develop and research and be part of a team of talented people, this event is exactly for you!

You can choose to develop your own idea or work on one of the challenges listed on the website    .


Industry-leader mentors, entrepreneurs and researchers will be available throughout the process—from the idea stage, through planning and development stage and up to the presentation stage. So, even if you have no knowledge of the area, you will still be able to participate.

The event is organized in collaboration with graduate students of the Computer Science department.

Bottom line: This is going to be an experience that you will be glad to include in your resume, one that includes a lot of surprises and cool prizes.

We can accept up to 100 participants and we intend to create diverse teams for the competition. We aim to select competitors from a broad range of backgrounds, nationalities, languages, genders, experiences and cyber security skills.

So hurry up and register – places are limited    .   



At the pre-hackathon meeting we will answer questions and provide more information on the event and on the challenges.

Please reserve the date!

  17:30   Hitchhiker's guide to cyber security

          Amichai Shulman Cyber Security Technologist and Investor  

  18:15   Presentation of selected challenges,   

          explanations and questions 

Tuesday   31.3


Game Rules


All Technion students of all degrees.


The Panel of Judges will include faculty members and senior executives from leading industrial organizations.

The criteria for winning include: creativity and Innovation, quality an implementation of the solution, how well the business need was addressed and how well the solution was presented.


Participation is in teams of 2 to 6 members. We recommend that you join a team at registration stage. Alternatively, you can register individually and we will team you up with other participants.


The teams will own the idea that they brought and developed.


The winning teams will be awarded cash prizes: 1st place: 5,000 NIS, 2nd place: 3,000 NIS, and 3rd place: 2,000 NIS.




  08:30   Registration

  09:00   Opening Ceremony 

  10:00   Start Hacking

  13:00   Lunch

  16:00   Cocktails

  18:00   Pilates

  19:00   Dinner

  22:00   Late Night Snacks

  08:30   Breakfast

  10:00   Presentation

  12:30   Prizes


Botnet detection via HTTP requests

#Cybersecurity #DataScience #Networks

Botnets are a cluster of bots - devices controlled by hackers - that operate synchronously through commands they receive from the hacker that owns the botnet. They are usually used to commence massive attacks on a single website, or scan numerous sites in hopes of finding an exploit. In this challenge you will attempt to detect botnets by analysing the patterns they create during attacks. You’ll get a dataset of requests sent by malicious actors and will have to devise a method to detect which requests were sent from a botnet, and which bots are part of it.

Phishing detection via external information

#Cybersecurity #DataScience

Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Phishing is still one of the most popular and most frequent cybercrime methods. The best way to protect yourself from phishing is to learn how to recognize a phish. You will get a database of community-based verified phishing sites and your mission is to suggest a new approach to better classify phishing attempts based on the existing database features, combined with new reconnecense approaches. For instance, usage of domain listing services (e.g., https://www.whois.net/) combined with innovative heuristics over PhishTank’s database.

Security solutions over encrypted traffic

#NetworkSecurity #NetworkInspection #Wireshark #Cloud

The urge of privacy and security led vendors all over the world to adopt encryption for network communications. Decrypting it is getting tougher everyday – end-to-end encryption, TLS 1.3, certificate pinning – which force us to think about new ways to deliver network security solutions. Giving that, what kind of security solutions can we create? Such ones that will be able to give visibility, anomaly, security insights and preferably prevention over encrypted traffic?

Fraudulent “call for action”

#FraudDetection #NLP

Phishing (and one its solutions – email security) is not a new problem. However, more advanced fraudsters find new ways to bypass all security solutions. Fraudster avoid using malicious attachments and links, they target specific people of the organizations, “tailor” an attack and usually call for victim’s interaction (e.g. transfer money, change account number, share insider information). How can we deal with this phenomenon?

DDoS detection - when more traffic is a bad thing

#Cybersecurity #DataScience

Network DDoS attack are “stupid” volumetric attacks that aim to overwhelm a website’s bandwidth and/or CPU by sending way more traffic than it can handle. DDoS detection is the art of detecting when an attack has begun and when to start performing mitigation. In this challenge you’ll receive tagged time series of numerous DDoS attacks. Your objective is to detect when an attack has started, and when it ended.

Non-genuine media detection

#FakeNews #ImageProcessing

Computer-generated videos, phone calls and social media accounts are all a relatively new risk for deceiving. In the era of DeepFake, robo-calls and fake news – how can we distinguish between what’s real and what’s not?

Passive TCP fingerprinting - find out who is on the other side

#Cybersecurity #Networks

Hackers tend to defend themselves by hiding behind services such as proxies and VPNs. Although this helps hackers avoid detection, it’s actually a double edged sword because if a website detects a client behind a masking service - it will know to treat it suspiciously. VPNs and proxies act as an intermediate between the hacker and the website and thus tend to slightly modify the traffic that flows through them. This modification can be detected by analyzing the lower levels of the packet - the IP and TCP headers.

Detecting phishing websites


You will need to get a website A and compare it to website B and give a score if one website A is a phishing website pretending to be website B. it can be achieved in multiple ways and scoring features such as text seen, visibility (colors used on the website), components (login or form fields) and more.

Online data type classification for sensitive or non-sensitive data types

#DataSecurity #DataScience

To protect the most sensitive data in the organization it is required to classify which data is sensitive and which data is non-sensitive. Sensitive data is considered as sensitive if it is one of two types PII (Personal Identifiable Information) or PCI (Payment Card Industry). The first can be any data that may reveal personal information of users customers (usernames, passwords, birth date, address, email, phone number, etc). The second refers to any data that reveals payment card information including credit card number expiration date CVV etc. In this challenge we’ll attempt to classify data types using the table name, column names and the data itself.

Encrypted rsync


Rsync is a Unix program that syncs a local directory to another local or remote directory, and allows to keep multiple versions of the same directory, while saving both disk space and transmission bandwidth when the same file is resynced. It is very useful for backing up your disk. However, it does not have encryption support. Competing software, e.g., rclone, do not support keeping multiple versions while saving bandwidth and disks pace (which rsync does when called with "--link-dest"). This project is aimed at providing an rsync version (or a new software) that provides encryption together with all the original rsync functionality.

הצגת נגישות לאימות דו שלבי במגוון פתרונות הזדהות

למשל Push Notification ,SMS ,Google auth, ההבדל בקושי בין מערכות ההפעלה, פתרונות הזדהות צד שלישי.

זיהוי תעבורה זדונית בפרוטוקולים שונים

למשל Https over SSH, SSH over DNS.

הסקת מסקנות אופרטיביות מניתוח תעבורה מוצפנת

למשל על בסיס נפח תעבורה וחריגה מ-Baseline.

זיהוי מגמות בפרוטוקולי הצפנה

ניתוח סטטיסטיקה על ה-DB של No more ransom.

זיהוי שירותים חשופים

ניתוח DB מבוסס Shodan לטובת זיהוי מגמות Misconfiguration בענן.


Registration is open until 13 March 2020. Those who register will receive confirmation of participation by 19 March 2020.


Thursday   2.4

Friday   3.4

Our Judges

Prof. Eli Biham
Prof. Shaul Markovitch
Amichai Shulman
Sara Bitan

Our Mentors

Shaked Rafaeli

Software Engineer @ Facebook

Daniel Haim Berger

Security Researcher @ Intel

Yuval Ron

M.Sc. Student @ Technion

Guy Pergal

Security Researcher @ Microsoft

Itzik Ashkenazi

Lab Chief Engineer @ Technion

Johnathan Azaria

Data Scientist @ Imperva

Limor Manasherov

Software Engineer @ Microsoft

Elad Shapira

Head of Research @ Panorays

Gil Cohen

Technical Lead @ Rafael

Maya Bechler-Speicher

Data and Applied Scientist @ Microsoft

Yehonatan Lusky

Security Researcher @ Intel

Guy Gadon

Software Engineer @ Facebook

Aviv Gaon

Researcher @ IDC Herzliya

Muhammad Abd El Gani

Software Engineer @ Facebook

Alon Bar Lev

System Engineer @ Rafael

Matan Lion

Engineering Manager, Data Science @ Imperva

Noam Mori

Product Cyber Defense Manager @ Rafael

Ron Shmelkin

Data Privacy and Security Researcher @ IBM

Ori Kupfershmid

WiFi Security Researcher @ Intel

Guy Feferman

Software Engineer @ Facebook

Moshe Pinto

Cyber Security Engineer @ Rafael

Lior Saddan

Software Engineer @ Facebook

Itay Tsabary

Ph.D. Student @ Technion 

Carmi Grushko

Software Engineer @ Facebook

Sarit Pinhas

Backend Engineer @ Duda

Maroun Tork

Software Engineer @ Facebook

Benny Zeltser

Security researcher @ Intel

Assaf Rosenbaum

Security Architect @ CyCloak

Shir Cohen

M.Sc. Student @ Technion


Our Sponsors