Blog

Governor’s Cybersecurity Task Force (GCTF)

I am very happy to be part of the California Governor’s Cybersecurity Task Force (GCTF), serving on the Workforce Development and Education Subcommittee. The main objective of this subcommittee is to address the growing workforce gap; currently, there are 37,000 available cybersecurity positions in California, and 314,000 in the nation. About 70% of those positions require a 4 year degree or more.

The aim of our subcommittee is three fold: to enrich and standardize the educational pathway from K12 to PhD/Certification; to teach a general Cyber hygiene, both to the workforce and the public; and to help military, especially veterans, transition into civilian careers in Cybersecurity.

Computer Science at CI is well positioned to address some of the challenges:

  • A thriving program in Computer Science, with a minor in Cybersecurity; we are part of CyberWatchWest, we have a Cybersecurity student club, and we teach courses in Cybersecurity at the undergraduate and graduate level.
  • Experience in “hands-on” education, which is one of the aims of the workforce development. We have strong connections with the industry and the public sector (such as the SoCal High Technology Task Force).
  • An ongoing collaboration with the Navy, and have worked with both Navy officer and civilians as instructors and collaborators.

Please read more here.

SEAKER

Raspberry Pi controller, the hardware for SEAKER

In the summer 2017, while I was teaching COMP 524 (Cybersecurity) at California State University Channel Islands, the students were introduced to a project based on an R&D from the SoCal High Technology Task Force (HTTF). The requirements and specifications asked for a device that could automate the search through vast amounts of data contained in portable devices (such as hard disks and thumb-drives), looking for pre-established patterns in file-names.

The students designed and prototyped a device the we christened SEAKER (Storage Evaluator and Knowledge Extractor Reader), based on a Raspberry Pi, with a custom designed version of Raspbian (the OS running on Raspberry Pis), and a bash shell script for cloning such devices. The first presentation of SEAKER took place on August 7, 2017, to an audience composed of CI faculty and students, as well as investigators from the SoCal HTTF.

As SEAKER was being developed, it was presented at various other venues, for example:

We have also published the research resulting from the SEAKER project:

  • As the masters thesis of Eric Gentry, April 2019 [pdf]
  • In the proceedings of the 2019 Future of Information and Communication Conference (FICC) [doi]
  • To appear in the proceedings of the 2019 23rd International Conference on Knowledge-Based and Intelligent Information & Engineering Systems (KES), track: Cybercrime Investigation and Digital Forensics

The Beast project

The Beast at the SCHTTF forensic lab

In September of 2018, a group of CI students, working on their senior capstone project under my supervision, started to build a machine capable of massive parallel computing. We christened the machine “The Beast.” We undertook to build the machine following the specification of the So Cal High Technology Task Force (HTTF) digital forensics lab in Ventura County.

The Beast was built with five EVGA GeForce GTX 1080Ti, capable of massive computational parallelism, a MSI Z370-A-Pro motherboard, a i5-8400 CPU, as well as a Hydra II 8 GPU 6U Server Mining Rig Case, and power supplied capable of maintaining four big fans; cooling The Beast was an important part of the project.

Presenting The Beast at the Capstone Showcase

The students who participated in the project were, in alphabetical order, Noelle Abe, Benjamin Alcazar, Matthew Atcheson, Joshua Buckley, Joshua Carter, John Miller, Scott Slocum, Ryan Torres and Devon Trammell (the team leader). On May 2nd, after working on the project during both terms of 2018/19, and having overcome many technical difficulties, the team presented The Beast at the Computer Science Advisory Board Meeting and the Computer Science Capstone Showcase; following these presentation, The Beast was handed over to the SoCal HTTF digital forensics lab. As you can see from the first picture above, The Beast has settled in its new home, a cooling room at the HTTF lab.

Rattled by Cyberattacks, Hospitals Push Device Makers to Improve Security

Hospitals are pushing medical-device makers to improve cyber defenses of their internet-connected infusion pumps, biopsy imaging tables and other health-care products as reports of attacks rise.

Rattled by recent global cyberattacks, U.S. hospitals are conducting tests to detect weaknesses in specific devices, and asking manufacturers to reveal the proprietary software running the products in order to identify vulnerabilities. In some cases, hospitals have canceled orders and rejected bids for devices that lacked safety features….

Source: Rattled by Cyberattacks, Hospitals Push Device Makers to Improve Security – WSJ

Last day of Stephen Cook celebration

Stephen Cook and Michael Soltys at Hart House, UofT

Today is the last day of the conference at the Fields Institute dedicated to Stephen Cook, and 50 years of Complexity Theory. Stephen Cook was my PhD advisory starting in 1997, at the University of Toronto. I had two undergraduate degrees, one in Mathematics and one in Computer Science, and a masters in Mathematical Physics. I was looking for a topic for my PhD thesis, and I after working in algorithms for my masters, I approach Stephen Cook at the department of Computer Science, and he suggested to me that I read a book on Boolean Circuits by Ingo Wegener called The Complexity of Boolean Functions; I became immediately intrigued by the topic. I remember that I was fascinated by a result of Claude Shannon contained in Wegener’s book showing that there are “many more Boolean functions than Boolean circuits of small size”, and that therefore there have to be Boolean functions that required exponential size circuits. Once Stephen Cook accepted me as one of his students, he proposed that I read Samuel Buss‘ book Bounded Arithmetic, which became my introduction to the field of proof complexity. For my PhD thesis I worked on the problem of formalizing Linear Algebra in weak theories of bounded arithmetic, culminating with my 2001 thesis The Complexity of Derivations of Matrix Identities.

Alasdair Urquhart walking to the Fields Institute

It was a wonderful experience during the last few days to see so many colleagues and friends at the conference at the Fields Institute, celebrating the legacy of Stephen Cook. The department of Computer Science has long been a center of Theoretical Computer Science, Complexity and Proof Complexity. One of my mentors, and now friend, is Alasdair Urquhart, who spanned both the department of Philosophy and Computer Science, and whom I was lucky to have on my PhD committee, and who gave me a lot of guidance during my PhD years (for example, using lambda calculus as part of my formalization of a constructive theory of matrices for my PhD thesis).