3/20/10 CTF event during MinerLAN

posted March 8th, 2010

At this semester’s MinerLAN, SIG-SEC will be hosting a capture the flag event. There will be several security challenges in which the competitors must detect and take advantage of several common vulnerabilities.

If you’re interested in the competition, we’ll be going over the contest after the next ACM general meeting at 7:00pm Tuesday, March 16th in CS209A. Otherwise, hitup one of the officers

3/23/10

posted March 8th, 2010

Our next meeting will be Tuesday, March 23 in CS209A. Elonka Dunin will be giving a delightful presentation on Famous Unsolved Codes. If you’re interested in crypto, you best be here!

2/23/10 Secure Multiparty Computation and its Applications in Privacy-Preserving Data Analysis

posted February 5th, 2010

On our meeting Tuesday, February 23 at 7:00pm in CS209A, Dr. Jiang will be presenting on Secure Multiparty Communication. Dr. Wei Jiang is an Assistant Professor in the Department of Computer Science at Missouri University of Science and Technology. He received Bachelor’s degrees in both Computer Science and Mathematics from the University of Iowa, Iowa City, Iowa, in 2002. He received a Master’s degree and a Ph.D. in Computer Science from Purdue University, West Lafayette, Indiana, in 2004 and 2008 respectively. His research interests include privacy-preserving data mining, data integration, privacy issues in federated search environments, and text sanitization.

Two millionaires, Alice and Bob, want to know who is richer, but they do not want to disclose how much money they have to each other. This can be achieved through a Trusted Third Party (TTP). Can we achieve the same objective without a TTP? Secure Multiparty Computation (SMC) techniques were specifically developed to solve this kind of problem. In this talk, we will introduce the concept of SMC and a generic solution to compute any two-party function securely. In addition, we will show how SMC concepts can be applied to protect data security and personal privacy in distributed data analysis, e.g., how police can query an FBI database for suspected criminal activities without disclosing what he or she is looking for to the FBI.

Update: The slides from the presentation are now available here (pdf)

2/10/10 Red Teaming: It’s Good to Be Bad by Will Atkins

posted February 2nd, 2010

The next SIG-SEC meeting will be held Wednesday February 10th, 7:00pm in CS209A. Former SIG-SEC co-chair Will Atkins will be visiting and giving a baller presentation on Red Teaming. Here are the goods regarding the talk:

Given their roles in enabling services and functions vital to modern societies, critical information and control system infrastructures present high-value targets for the adversaries of such societies. Protecting these systems against digital attack is exceedingly difficult, as thousands of vulnerabilities in such systems are discovered every year. Red teaming, the general concept of a defensive team simulating one or more adversaries, is a useful technique for identifying which critical systems an adversary may choose to attack and how they may go about executing such attacks. This talk will address various types of red teaming, introduce a generic adversary model, overview Sandia National Laboratories’ Information Design Assurance Red Team (IDART), and reveal some of the tools and techniques used by IDART when performing red team assessments.

For those of you that aren’t familiar with the former SIG-SEC star, William D. Atkins is a Member of Technical Staff in the Critical Infrastructure Systems Department at Sandia National Laboratories, where he conducts information assurance research and engages in red teaming exercises to secure critical information and control system infrastructures against attack from a variety of adversaries. Atkins received both Masters and Bachelors of Science degrees in Computer Engineering from the University of Missouri–Rolla, now the Missouri University of Science and Technology, in 2007 and 2005, respectively. His research interests include wireless communications systems, communications protocol analysis, embedded systems design, and reverse engineering.

Update: The slides from the presentation are now available in both pdf and ppt. Comments related to the scenarios we went through were NOT exported into the PDF, so if you’re looking for all that good stuff you’re gonna have to grab the powerpoint.

Capture the Flag Tools Recap

posted January 27th, 2010

If you didn’t make it to tonight’s meeting, or just want more information about the tools we covered, we have you covered. Below you’ll find what we covered and links for more information.

Netcat
Netcat is a utility included with almost every Linux distribution which allows users to make connections and send data over the network.

To run Netcat as a server (listen for connections)
:~$ nc -l -p [port]
To send data to a host with Netcat
:~$ nc [hostname] [port]

Netcat itself is not available for Windows, but Ncat, an improved version of Netcat, is available along with Nmap. You can find more information about Ncat here.

Nmap
Nmap is a “network mapper” tool which can be used to discover hosts which are responding on a network and discover what services are available on those hosts. Versions for Linux, Mac, and Windows and documentation are available from the Nmap homepage.

To discover hosts on a subnet
:~$ nmap -sP [address range]
Address ranges may be given in a variety of styles outlined in the documentation.
To scan a host for active service versions and operating system
# nmap -sV -O [host address]

Wireshark
Wireshark is a network packet sniffer which can be used to analyze captured network traffic. It may be used to inspect individual packets or reconstruct streams of data sent over the network. The tool is available for Linux, Mac, and Windows. Download and usage information can be found at Wireshark’s homepage, http://wireshark.org.

Aircrack
Aircrack-ng has grown into a suite of tools used to audit wireless network security. The set of tools was built for Linux, and, while there is a Windows port, most suggest that you use a Linux LiveCD to run Aircrack. The suite is available on the BackTrack Linux LiveCD distribution.

The example given during the meeting was based on the Simple WEP Crack tutorial on the Aircrack-ng site.

1/26/10 Capture The Flag Part 1

posted January 21st, 2010

Yo everyone. We’ll be holding our first meeting Tuesday, Jan. 26 at 7:00pm in CS209A. This semester we have a capture the flag competition in the works. There will be several security challenges setup to be worked through, with the successful completion of one challenge providing a hint about the next challenge.

This meeting will be a very brief introduction to the CTF event (which won’t be until March) in with some of the SIG-SEC homies will be dropping some sweet knowledge about some commonly used security tools, including nmap, netcat, wireshark, etc. Of course, demos of them will be given.

SIG-SEC|REVERSING

posted January 19th, 2010

Hey everyone. It’s a new semester and we have some cool stuff planned. Check out our calendar for a list of what’s coming up! Our first meeting will be announced shortly and is set for Tuesday, 1/26.

In the mean time, check out SIG-SEC|REVERSING this Thursday, 7pm in CS209A to get your security fix! Josh is going to be reversing the newest pdf sploits

12/09/09 End of semester meeting

posted December 1st, 2009

Hey everyone. December 9th, 7:00pm – CS209A is the place to be. All us ACM folk will be taking a break from dead week by playing some minigolf, arcade games and armagetron. There’s going to be a sweet potluck including so come eat and hang out.

11/17/09 – Implications of distributed observers in a cyber-physical system and DoD IASP

posted November 9th, 2009

Our next meeting Tuesday, November 17 at 7:00pm in CS209a will feature a two part talk given by both Dr. Bruce McMillin and Derek Ditch. Missouri S&T is the first school in Missouri to be able to hold National Security Agency (NSA) Certification as a Center of Academic Excellence and to offer fellowship opportunities with Department of Defense/NSA. This is a two-part talk, given by Derek Ditch, who is an NSA fellowship recipient consists of his research on: (1) Implications of distributed observers in a cyber-physical system and (2) a student’s perspective on being a fellowship participant and interning with the NSA. Additionally, Dr. McMillin, campus Information Assurance Scholarship Program coordinator and Director of the Center of Information Assurance, will talk about the benefits of the DoD’s IASP program and the application process.

For more information, feel free to refer to meeting flier

10/29/09 – Cloud Security

posted October 26th, 2009

Krishna Kumar from Microsoft will be in town Thursday, October 29th for a lovely presentation on cloud security. It’s a different time but the same location, CS209A. This event is hosted by both ACM-SIG Security and the newly established IEEE Computer Society. After the meeting, Josh Eads (from our previous meeting) will be talking about possibly starting up a specialised branch of SIG-Security for reverse engineering, SIG-SEC|Reversing. For more information about that, make sure to stick around. Now for the details of SIG-SEC’s meeting:


Every few years, a revolution changes the way we use computers. Think of huge Mainframes in the 1960s, Minicomputers in the 1970s, Personal Computers in the 1980s and Smartphones over the last decade. Cloud computing is poised to be the next big paradigm shift in the computing landscape by bringing together advances in technologies like Virtualization, massive scale computing, communication formats and flexible data protocols. With advances by Microsoft, Amazon and other leaders in computing, this field is slated as the fastest growing segment of the technology industry in terms of investment, development and recruitment.

Join in the Microsoft Cloud Computing talk to learn more about this exciting development and about Windows Azure – our internet-scale cloud services platform, which provides an operating system and a rich set of developer services that allow you to build new applications to run from the cloud or enhance existing applications with cloud-based capabilities.

Krishna Kumar is the Microsoft Academic Relations Manager based out of Chicago where he works with the top 25 universities in the Midwest around technology and education. He has been with Microsoft for 8 years in various roles and has spent the last year working with Cloud computing and Windows Azure. He runs an Azure based web site at http://AzurePilot.com and tweets at http://twitter.com/KrishnaOnAzure.

Krishna Kumar is the Microsoft Academic Relations Manager based out of Chicago where he works with the top 25 universities in the Midwest around technology and education. He has been with Microsoft for 8 years in various roles and has spent the last year working with Cloud computing and Windows Azure. He runs an Azure based web site at http://AzurePilot.com and tweets at http://twitter.com/KrishnaOnAzure. K