Using AWS on a project in collaboration with SoCal HTTF to decrypt a password

Anyone working in the field of Digital Forensics is aware that a substantial portion of time is dedicated to reverse engineering passwords. That is, in most cases a digital forensics investigator receives a password-protected handheld device, or a laptop with an encrypted hard disk, or a Microsoft Word document which has been password protected.

It is then the task of the investigator to try to retrieve the evidence, and that in turns requires reverse engineering the password; in some cases this can be achieved by recovering the hash of the password, which is stored somewhere (the locations are often known) on the device’s memory.

In order to obtain the password from the hash, we have to run a brute-force search algorithm that guesses passwords (the guesses can be more or less educated, depending on what is known about the case). Sometimes we get lucky. There are two programs that are used extensively for this purpose: John the Ripper and hashcat.

As we have been studying methods for recovering passwords from hashes, we have been using AWS EC2 instances in order to run experiments and help HTTF with their efforts. Together with senior capstone students as well as graduate students in Cybersecurity, we have been creating a set of guidelines and best practices to help in the recovery of passwords from hashes. AWS EC2 instances are ideal as they can be crafted to the needs and resources of a particular case. For example we are currently running a t2.2xlarge instance on a case where we have to recover the password of a Microsoft Word document; we have also used a p2.16xlarge with GPU-based parallel compute capabilities, but it costs $14/hour of usage, and so we deploy it in a very surgical manner.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.
— Read on www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

In the Spring 2019 we will be offering Cloud Computing (COMP 529) using AWS Cloud Computing Architect curriculum

As I am working through the AWS Academy Cloud Computing Architecture – Instructor Accreditation, we are going to offer COMP 529, our Cloud Computing course in the Computer Science masters program, using the AWS curriculum. This is a service offered through the AWS Academy. The students who complete the course will be ready to take the AWS Cloud Solutions Architect certification.

The first lecture will be on Thursday January 24, 2019, in Sierra Hall 1131 (the Computer Science Networking & Security Lab).

Our graduate Zane Gittins working at HAAS as Systems Security Engineer

Zane Gittins is a Systems Security Engineer at Haas Automation and recently graduated from CSUCI with a bachelors in Computer Science. Zane started his journey at Haas as an intern through CSUCI partnerships with local business and was recently hired full time. During his undergraduate career he worked under Dr. Pilarcyzk as an assistant in research focused on Persistent Homology. During his capstone project he worked closely with Dr. Soltys to provide a security best practices document to Haas. He continues to expand his education in the CI masters of Computer Science program (MSCS).

TradeDesk info session on open positions on October 2

Please see the attached flyer for the Trade Desk Info Session on October 2, 2018 from 11-1 in BT 1471. Please share widely and encourage students to obtain a resume review in advance of attending this event. The first part of the info session will include an overview about the ad tech industry and company followed by time to meet and greet with TTD representatives.

It is highly recommended that interested applicants bring a copy of their resume to this info session. TTD is hiring for several open positions and will be in attendance at our Career & Internship Fair on October 17, 2018 from 10-2 at Broome Library Plaza. For information on the fair, download the Career Fair Plus App to view participating employers, filter based on needs, and research companies in real-time. Please let me know if you have any questions.

Employer info session-1

Employment opportunity at Rio School District

Rio School District is interested in hiring 3 – 5 STEM majors as AVID tutors at a rate of $11.50 per hour on Tuesdays and Thursdays from 8:45 – 2 PM (6.25 hours twice a week) at Rio del Valle Middle School. The duties for this position are to support middle school students and to support the MESA program at the school.

For more questions contact: philip.hampton@csuci.edu

Luis Torres Martinez CSUCI graduate now DBA at Yardi

Luis Torres Martinez is a Database Administrator at Yardi Systems in Oxnard and a 2018 Computer Science (CS) graduate from CSUCI. During his time at CSUCI he was a member of the Competitive Programming Club and SACNAS – CSUCI Chapter. He also participated in competitions such as the 2018 CS Programming GURU Contest, 2017 ICPC – ACM International Collegiate Programming Contest Southern California Section, and 2017 NASA Swarmathon Contest where his team earned third place. Additionally, during his time at CSUCI he was a Web Developer Intern for Aumnia Inc. and afterwards a Data Capture Fulfillment Analyst Intern at The Trade Desk prior to his employment at Yardi.