Invitation to the HAAS/CSUCI Cybersecurity conference

I would like to invite you to the first meeting of the HAAS and CSUCI Cybersecurity Conference on February 11, 2019. This is going to be a biannual conference, to be held this year at HAAS on Feb 11, and at CSUCI on Oct 7. I attach an early flyer which will be resent with more information in mid January.

Please RSVP here:
There is no registration fee.

This conference aims to serve Ventura, Santa Barbara and LA Counties. There is a lot of interest and need in the area of cybersecurity. We have local groups that work in

  • business & industry security
  • Navy security
  • digital forensics
  • compliance, policy and law
  • research & education

but it will serve all of us well to have a venue where we can all meet, learn about the latest software tools, best practices and certifications, and speak to fellow IT experts who are being proactive in defending businesses and infrastructure.

Please come and attend our first meeting at HAAS in Oxnard, and circulate this flyer among your colleagues and friends. As I said, a flyer with more information, in particular a registration email, will be circulated in January.

Microsoft Open Sources Homomorphic Encryption Library

My student Dragan Rakas and I worked on an early version of this technology in 2013, and we found it to be a very interesting but difficult problem. You can read our about it here.

Microsoft has open sourced a homomorphic encryption library developed by its Cryptography Research group, saying it “strongly believes” the technology is ripe for use in real-world applications, as it makes the source code available on GitHub. (Here is the link to the GitHub repository.)

Source: Microsoft Open Sources Homomorphic Encryption Library

Geetanjali Agarwal successfully defended her MSCS thesis on image recognition

My student Geetanjali (Geet) Agarwal defended her masters thesis titled Aneka – Wavelet Image Hashing Algorithm, see announcement, where the contribution is a framework of hashing algorithms for image recognition. This important work is done in collaboration with the SoCal High Technology Task Force (HTTF). Geet deployed the AWS to accomplish her results, including EC2 instances and MySQL databases used to run experiments on thousands of images. Geet’s thesis will be available after the final draft is ready.

Voyager: an implementation of a tracking pixel

Voyager is a software that implements what is called an invisible bit (aka, a tracking bit), that can be used to track certain activities. Voyager deploys the AWS network infrastructure, and its Data Base, the Relational Database Service (RDS). Voyager has been implemented at CI by a group of Computer Science students, as a Research & Development project for the HTTF. From AWS website:

Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching and backups. It frees you to focus on your applications so you can give them the fast performance, high availability, security and compatibility they need.

For this project, we are also using the following tools: EC2, S3 and Route 53.

US weapons systems can be easily hacked

The Government Accountability Office (GAO) found “mission-critical” cyber-vulnerabilities in nearly all weapons systems tested between 2012 and 2017.That includes the newest F-35 jet as well as missile systems.

Pentagon officials had no immediate response to the 50-page report from the Senate Armed Services Committee.

The committee’s members expressed concerns about how protected weapon systems were against cyber-attacks.

Source: US weapons systems can be ‘easily hacked’ – BBC News

Using AWS on a project in collaboration with SoCal HTTF to decrypt a password

Anyone working in the field of Digital Forensics is aware that a substantial portion of time is dedicated to reverse engineering passwords. That is, in most cases a digital forensics investigator receives a password-protected handheld device, or a laptop with an encrypted hard disk, or a Microsoft Word document which has been password protected.

It is then the task of the investigator to try to retrieve the evidence, and that in turns requires reverse engineering the password; in some cases this can be achieved by recovering the hash of the password, which is stored somewhere (the locations are often known) on the device’s memory.

In order to obtain the password from the hash, we have to run a brute-force search algorithm that guesses passwords (the guesses can be more or less educated, depending on what is known about the case). Sometimes we get lucky. There are two programs that are used extensively for this purpose: John the Ripper and hashcat.

As we have been studying methods for recovering passwords from hashes, we have been using AWS EC2 instances in order to run experiments and help HTTF with their efforts. Together with senior capstone students as well as graduate students in Cybersecurity, we have been creating a set of guidelines and best practices to help in the recovery of passwords from hashes. AWS EC2 instances are ideal as they can be crafted to the needs and resources of a particular case. For example we are currently running a t2.2xlarge instance on a case where we have to recover the password of a Microsoft Word document; we have also used a p2.16xlarge with GPU-based parallel compute capabilities, but it costs $14/hour of usage, and so we deploy it in a very surgical manner.