I would like to invite you to the first meeting of the HAAS and CSUCI Cybersecurity Conference on February 11, 2019. This is going to be a biannual conference, to be held this year at HAAS on Feb 11, and at CSUCI on Oct 7. I attach an early flyer which will be resent with more information in mid January.
This conference aims to serve Ventura, Santa Barbara and LA Counties. There is a lot of interest and need in the area of cybersecurity. We have local groups that work in
business & industry security
compliance, policy and law
research & education
but it will serve all of us well to have a venue where we can all meet, learn about the latest software tools, best practices and certifications, and speak to fellow IT experts who are being proactive in defending businesses and infrastructure.
Please come and attend our first meeting at HAAS in Oxnard, and circulate this flyer among your colleagues and friends. As I said, a flyer with more information, in particular a registration email, will be circulated in January.
Brian Thoms distributed a draft of the departmental ABET document, and asked our board members to comment on our PEO (Program Educational Outcomes), which describe what we expect from our graduates 5 years after graduation (they are different for our 3 undergraduate programs: Computer Science, IT and Mechatronics). Please read the PEOs, and send your comments to Brian Thoms <email@example.com>.
Joel Helling is a Software Engineer at GBL Systems Corporation and part-time lecturer at CSUCI. He started working at GBL Systems, a government contractor based in Camarillo, in 2014 working on various projects from automated website design, implementation, and testing to desktop application development. Currently, he develops Test and Evaluation tools for the Test Resource Management Center (TRMC) and supports the development of the Testing and Training Enabling Architecture (TENA) Software Development Activity (SDA) including maintaining and updating legacy applications, and designing and implementing new software tools.
Joel completed his Master’s in Computer Science in 2018. His Master’s Thesis, under the advisement of Dr. Soltys, discussed the intersection of stringology and graph theory by relating indeterminate strings with undirected graphs and proving some properties of the indeterminate string and its associated alphabet size. The paper was later published in the Journal of Theoretical Computer Science. Currently, Joel is also working as a part-time lecturer for CSUCI. See here for details.
My student Geetanjali (Geet) Agarwal defended her masters thesis titled Aneka – Wavelet Image Hashing Algorithm, see announcement, where the contribution is a framework of hashing algorithms for image recognition. This important work is done in collaboration with the SoCal High Technology Task Force (HTTF). Geet deployed the AWS to accomplish her results, including EC2 instances and MySQL databases used to run experiments on thousands of images. Geet’s thesis will be available after the final draft is ready.
Daniel Vournazos is a Software Engineer for the Android platform at Google; he graduated from CI with a bachelors in CS and Mathematics. He originally got started with Android development through a directed study and capstone under CI Computer Science professor AJ Bieszczad. From there he worked at a local company doing some light Android work until he got a job in Glendale at Mobileforming. There he worked with amazing peers that created an environment for substantial growth, on a variety of Android apps, which helped him with getting hired at Google.
Anyone working in the field of Digital Forensics is aware that a substantial portion of time is dedicated to reverse engineering passwords. That is, in most cases a digital forensics investigator receives a password-protected handheld device, or a laptop with an encrypted hard disk, or a Microsoft Word document which has been password protected.
It is then the task of the investigator to try to retrieve the evidence, and that in turns requires reverse engineering the password; in some cases this can be achieved by recovering the hash of the password, which is stored somewhere (the locations are often known) on the device’s memory.
In order to obtain the password from the hash, we have to run a brute-force search algorithm that guesses passwords (the guesses can be more or less educated, depending on what is known about the case). Sometimes we get lucky. There are two programs that are used extensively for this purpose: John the Ripper and hashcat.
As we have been studying methods for recovering passwords from hashes, we have been using AWS EC2 instances in order to run experiments and help HTTF with their efforts. Together with senior capstone students as well as graduate students in Cybersecurity, we have been creating a set of guidelines and best practices to help in the recovery of passwords from hashes. AWS EC2 instances are ideal as they can be crafted to the needs and resources of a particular case. For example we are currently running a t2.2xlarge instance on a case where we have to recover the password of a Microsoft Word document; we have also used a p2.16xlarge with GPU-based parallel compute capabilities, but it costs $14/hour of usage, and so we deploy it in a very surgical manner.
As I am working through the AWS Academy Cloud Computing Architecture – Instructor Accreditation, we are going to offer COMP 529, our Cloud Computing course in the Computer Science masters program, using the AWS curriculum. This is a service offered through the AWS Academy. The students who complete the course will be ready to take the AWS Cloud Solutions Architect certification.
The first lecture will be on Thursday January 24, 2019, in Sierra Hall 1131 (the Computer Science Networking & Security Lab).