CERIAS Weekly Security Seminar - Purdue University

GDPR/ NYDFS/ CCPA and other State, Federal and Supra-regional regulations coming online quickly. Governments are driving Security, Privacy & Compliance throughout the world. Since there is not an overriding set of Federal laws such as GLBA, many organizations in the US are unprepared for the upcoming deluge of regulations. Gain an understanding of what is coming and learn ways that you can help future organizations cope with and plan for a “50 States” strategy in an uncertain future. As well as prepare yourself for an uncertain future.

Sure, you may know how to subnet a class "C" network into 64 different networks, but how about where to go to learn about technology that has yet to make it into a textbook? Or to find your next job? Or just somewhere where you can commensurate with someone who understands what you mean when you say, "That APT left the MSSP DOA!" This presentation will outline the OSINT and TTP's cyber security practitioners use in industry to connect, build, and maintain networks, with an eye towards how Boilermakers who are CERIAS about cybersecurity can do the same. About the speaker: Andrew Rozema is the department head of the Grand Rapids Community College Computer Information Systems department, an Assistant Professor, and the director of the Grand Rapids Community College Center for Cybersecurity Studies. Prof. Rozema led GRCC's efforts to earn the "NSA DHS Center of Academic Excellence in Two Year Education" designation, and now mentors and reviews other institutions as they do the same. After 20 years in various IT, security, and managerial roles in industry, Prof. Rozema now focuses his attention on educating the next generation of IT and cybersecurity professionals.As an educator, Prof. Rozema teaches cybersecurity related courses for Grand Rapids Community College, and the ISC^2, as well as serving as a mentor for students with the SANS Institute.Prof. Rozema holds a AA from Grand Rapids Community College, a Bachelor of Science in Information Assurance and Security, and a Master of Computer Information Systems with a focus on Security from Boston University. Prof. Rozema has done postgraduate work with the SANS Technology Institute and is currently a student in the interdisciplinary Ph.D. program at the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University.

Sure, you may know how to subnet a class "C" network into 64 different networks, but how about where to go to learn about technology that has yet to make it into a textbook? Or to find your next job? Or just somewhere where you can commensurate with someone who understands what you mean when you say, "That APT left the MSSP DOA!" This presentation will outline the OSINT and TTP's cyber security practitioners use in industry to connect, build, and maintain networks, with an eye towards how Boilermakers who are CERIAS about cybersecurity can do the same.

The global impact resulting from the distribution of doctored digital photographs has reached an epidemic proportion. These digitally altered photos are distributed through social media, news outlets, traditional web resources and are making their way into the mainstream media. The impact of these photos can dramatically change the way people think, act, react, believe and can ultimately cause harm. At the simplest level they represent visual fraud.During this presentation, I will convey real examples along with the resulting impacts that have already occurred. Most importantly, I will demonstrate a new methodology rooted in the dark art of steganography that can actively identify these fraudulent photos and even trace their origins back to their creators. About the speaker: Chet Hosmer is the Founder of Python Forensics, Inc. a non-profit organization focused on the collaborative development of open source investigative technologies using Python and other popular scripting languages. Chet has been researching and developing technology and training surrounding forensics, digital investigation and steganography for decades. He has made numerous appearances to discuss emerging cyber threats including National Public Radio's Kojo Nnamdi show, ABC's Primetime Thursday, and ABC News Australia. He has also been a frequent contributor to technical and news stories relating to cyber security and forensics with IEEE, The New York Times, The Washington Post, Government Computer News, Salon.com and Wired Magazine.Chet is the author of Seven recent Books: PowerShell and Python Together – Targeting Digital Investigations, Defending IoT Infrastructures with a Raspberry Pi; Passive Python Network Mapping; Python Forensics; Integrating Python with Leading Computer Forensic Platforms; Data Hiding which is co/authored with Mike Raggo; Executing Windows Command Line Investigation, which is co/authored with Joshua Bartolomie and Ms. Rosanne Pelli.Chet serves as a visiting professor at Utica College in the Cybersecurity Graduate program where his research and teaching focus on advanced steganography/data hiding methods and the latest active cyber defense methods and techniques. Chet is also an adjunct professor at Champlain College, where his research and teaching focus on applying Python and other scripting languages to solve challenging problems in digital investigation and forensics.

The global impact resulting from the distribution of doctored digital photographs has reached an epidemic proportion. These digitally altered photos are distributed through social media, news outlets, traditional web resources and are making their way into the mainstream media. The impact of these photos can dramatically change the way people think, act, react, believe and can ultimately cause harm. At the simplest level they represent visual fraud. During this presentation, I will convey real examples along with the resulting impacts that have already occurred. Most importantly, I will demonstrate a new methodology rooted in the dark art of steganography that can actively identify these fraudulent photos and even trace their origins back to their creators.

Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. This knowledge raises concern that space systems could face similar threats. This project will research and develop moving target defense algorithms that will add cyber resilience to space systems by improving their ability to withstand cyber-attacks. Most proposed cyber resilience solutions focus on or require detection of threats before mitigative actions can be taken, a significant technical challenge. Our novel approach avoids this requirement while creating informational asymmetry that favors defenders over attackers.We hypothesize that moving target defenses (MTD) can create dynamic, uncertain environments on space systems and be used to defeat cyber threats against these systems. Many proposed solutions focus on or require detection (e.g. anomaly detection, AI, data analytics) before mitigative actions can be taken, a significant technical challenge. We propose a novel approach that avoids this requirement while creating informational asymmetry that favors defenders over attackers. About the speaker: Dr. Chris Jenkins is a principal member of technical staff at Sandia National Laboratories in Albuquerque, NM. His primary responsibility focuses on cybersecurity. Under the cybersecurity umbrella, he focuses on two areas. First, he conducts assessments for a variety of government customers by analyzing devices and systems for vulnerabilities and design flaws. Second, he leads a moving target defense (MTD) research project. His MTD project looks to build cyber resiliency into the design of non-IP based networks. For example, his current research seeks to dynamically change addresses of devices on a non-IP bus where by adversaries have difficulty attacking nodes on the bus. In addition, he works on a high-performance computing (HPC) project called qthreads, which is a general-purpose multithreading library for HPC systems. He plans to port the library to the ASTRA supercomputer purchase by the department of energy. This supercomputer differs as it does not use x86 CPUs. Instead, the supercomputer uses ARM processors based on the ARMv8 architecture.Chris received his bachelor's degree in computer engineering from the University of Illinois at Urbana-Champaign. He finished his PhD at the University of Wisconsin-Madison focusing on accelerating cryptographic algorithms utilizing SIMD execution units on a software-defined radio DSP.

Nation-state adversaries have shown the ability to disrupt critical infrastructure through cyber-attacks targeting systems of networked, embedded computers. This knowledge raises concern that space systems could face similar threats. This project will research and develop moving target defense algorithms that will add cyber resilience to space systems by improving their ability to withstand cyber-attacks. Most proposed cyber resilience solutions focus on or require detection of threats before mitigative actions can be taken, a significant technical challenge. Our novel approach avoids this requirement while creating informational asymmetry that favors defenders over attackers. We hypothesize that moving target defenses (MTD) can create dynamic, uncertain environments on space systems and be used to defeat cyber threats against these systems. Many proposed solutions focus on or require detection (e.g. anomaly detection, AI, data analytics) before mitigative actions can be taken, a significant technical challenge. We propose a novel approach that avoids this requirement while creating informational asymmetry that favors defenders over attackers.

Consider a scenario where a group of agents, each receiving partially informative private signals, aim to learn the true underlying state of the world that explains their collective observations. These agents might represent a group of individuals interacting over a social network, a team of autonomous robots tasked with detection, or even a network of processors trying to collectively solve a statistical inference problem. To enable such agents to identify the truth from a finite set of hypotheses, we propose a distributed learning rule that differs fundamentally from existing approaches, in that it does not employ any form of ``belief-averaging". Instead, agents update their beliefs based on a min-rule. Under standard assumptions on the observation model and the network structure, we establish that each agent learns the truth asymptotically almost surely. As our main contribution, we prove that with probability 1, each false hypothesis is ruled out by every agent exponentially fast, at a network-independent rate that strictly improves upon existing rates. We then consider a scenario where certain agents do not behave as expected, and deliberately try to spread misinformation. Capturing such misbehavior via the Byzantine adversary model, we develop a computationally-efficient variant of our learning rule that provably allows every regular agent to learn the truth exponentially fast with probability 1. About the speaker: Aritra Mitra received the B.E. degree from Jadavpur University, Kolkata, India, and the M.Tech. degree from the Indian Institute of Technology Kanpur, India, in 2013 and 2015, respectively, both in electrical engineering. He is currently working toward the Ph.D. degree in electrical engineering at the School of Electrical and Computer Engineering, Purdue University, West Lafayette, IN, USA. His current research interests include the design of distributed algorithms for estimation, inference and learning; networked control systems; and secure control. He was a recipient of the University Gold Medal at Jadavpur University and the Academic Excellence Award at IIT Kanpur.

Consider a scenario where a group of agents, each receiving partially informative private signals, aim to learn the true underlying state of the world that explains their collective observations. These agents might represent a group of individuals interacting over a social network, a team of autonomous robots tasked with detection, or even a network of processors trying to collectively solve a statistical inference problem. To enable such agents to identify the truth from a finite set of hypotheses, we propose a distributed learning rule that differs fundamentally from existing approaches, in that it does not employ any form of ``belief-averaging". Instead, agents update their beliefs based on a min-rule. Under standard assumptions on the observation model and the network structure, we establish that each agent learns the truth asymptotically almost surely. As our main contribution, we prove that with probability 1, each false hypothesis is ruled out by every agent exponentially fast, at a network-independent rate that strictly improves upon existing rates. We then consider a scenario where certain agents do not behave as expected, and deliberately try to spread misinformation. Capturing such misbehavior via the Byzantine adversary model, we develop a computationally-efficient variant of our learning rule that provably allows every regular agent to learn the truth exponentially fast with probability 1.

While made famous for the work that was done on the physical plastic cards many of carry around in our wallets, Mastercard is thinking way beyond those cards for the future.We'll walk through how Mastercard deploys its assets creating simple, safe and secure experiences for customers whether it is for payments or their identities.

While made famous for the work that was done on the physical plastic cards many of carry around in our wallets, Mastercard is thinking way beyond those cards for the future. We’ll walk through how Mastercard deploys its assets creating simple, safe and secure experiences for customers whether it is for payments or their identities.

This session provides observations regarding the process of moving the datacenter assets of a Top100 bank fully into the cloud. The Golden Rules providing security and assurance will be described. The gotchas, surprises, lessons learned, and resulting strategic changes are presented to raise awareness and prevent future mistakes by attendees. About the speaker: Steve Lodin is the Senior Director of Cyber Security Operations in Corporate Security at Sallie Mae. Mr. Lodin is focused on managing perimeter security, endpoint protection, application security, vulnerability management, and threat intelligence to reduce risk and ensure compliance. As an accomplished information security professional, Mr. Lodin has been published in numerous information security publications. He has been a speaker at many security conferences, as well as numerous local ISSA chapter meetings. He is a senior member of ISSA and a board member of the Central Indiana ISSA chapter. He is on the local governing boards of additional security organizations including Evanta and Cloud Security Alliance. Mr. Lodin took the "CISSP test of the test" in the mid ‘90s at Purdue and has maintained his CISSP certification since 1998. He has a Master's Degree in Computer Science from Purdue University where he was a member of the COAST/CERIAS program.

This session provides observations regarding the process of moving the datacenter assets of a Top100 bank fully into the cloud. The Golden Rules providing security and assurance will be described. The gotchas, surprises, lessons learned, and resulting strategic changes are presented to raise awareness and prevent future mistakes by attendees.

Despite over 50 years of intensive research and experimentation, we still are plagued with systems that are fragile, compromised, and impossible to fully trust. There is near-daily news of compromises and losses, from criminals, nation-state actors, and vandals. The cyber ecosystem we have developed and upon which society is increasingly reliant appears to develop (or have exposed) a new vulnerability as soon as a current one is patched, and old problems keep being introduced. Why do we have such problems? I contend it is traceable to one root cause: we don't understand what cyber security really is. Without good definitions we cannot formulate good metrics. With the absence of good metrics we can't really tell whether we are spending our money and time on useful approaches. Furthermore, the only metrics available to most decision-makers is based simply on cost and speed -- neither of which reflects security or safety. This talk explores this idea in more depth, and should be understandable to non-specialists. I include discussion of some open research problems that -- if successfully addressed -- would lead to improvement of our cyber ecosystem.

Despite over 50 years of intensive research and experimentation, we still are plagued with systems that are fragile, compromised, and impossible to fully trust. There is near-daily news of compromises and losses, from criminals, nation-state actors, and vandals. The cyber ecosystem we have developed and upon which society is increasingly reliant appears to develop (or have exposed) a new vulnerability as soon as a current one is patched, and old problems keep being introduced. Why do we have such problems? I contend it is traceable to one root cause: we don't understand what cyber security really is. Without good definitions we cannot formulate good metrics. With the absence of good metrics we can't really tell whether we are spending our money and time on useful approaches. Furthermore, the only metrics available to most decision-makers is based simply on cost and speed -- neither of which reflects security or safety. This talk explores this idea in more depth, and should be understandable to non-specialists. I include discussion of some open research problems that -- if successfully addressed -- would lead to improvement of our cyber ecosystem.