Our final meeting of the semester will be held April 27 at 7:00pm in CS209A. In this meeting lies the fate of SIG-SEC: we will be electing officers for next year. If you’re interested in all about SIG-SEC, either come vote on officers or run for a position. The various positions are as follows:

Also, Missouri S&T’s Dr. Chellappan will be giving a presentation on intrusion detection with mobile sensors.

Abstract: In this talk, Dr. Chellappan will discuss issues in Intrusion Detection with Mobile Sensors. The talk will first present the problem in brief detail, along with the motivation and state of the art in Mobile Sensors. Then the problem of intrusion detection with mobile sensors will be formulated, followed by algorithms to optimally solve the problem. The talk will conclude with some open issues of security with mobile sensors.

Bio: Sriram Chellappan is an Assistant Professor in the Dept. of Computer Science at Missouri University of Science and Technology since January 2008. He received his Ph.D. degree from the Dept. of Computer Science and Engineering at The Ohio-State University in December 2007.

Sriram’s broad research interests are in Networking, Network Security and Mobile Computing. In particular, his research focuses on Security in Overlay Networks, Performance and Security in Wireless Sensor Networks and Performance Optimizations in Vehicular Networks.

At this semester’s MinerLAN, SIG-SEC will be hosting a capture the flag event. There will be several security challenges in which the competitors must detect and take advantage of several common vulnerabilities.

If you’re interested in the competition, we’ll be going over the contest after the next ACM general meeting at 7:00pm Tuesday, March 16th in CS209A. Otherwise, hitup one of the officers

Our next meeting will be Tuesday, March 23 in CS209A. Elonka Dunin will be giving a delightful presentation on Famous Unsolved Codes. If you’re interested in crypto, you best be here!

On our meeting Tuesday, February 23 at 7:00pm in CS209A, Dr. Jiang will be presenting on Secure Multiparty Communication. Dr. Wei Jiang is an Assistant Professor in the Department of Computer Science at Missouri University of Science and Technology. He received Bachelor’s degrees in both Computer Science and Mathematics from the University of Iowa, Iowa City, Iowa, in 2002. He received a Master’s degree and a Ph.D. in Computer Science from Purdue University, West Lafayette, Indiana, in 2004 and 2008 respectively. His research interests include privacy-preserving data mining, data integration, privacy issues in federated search environments, and text sanitization.

Two millionaires, Alice and Bob, want to know who is richer, but they do not want to disclose how much money they have to each other. This can be achieved through a Trusted Third Party (TTP). Can we achieve the same objective without a TTP? Secure Multiparty Computation (SMC) techniques were specifically developed to solve this kind of problem. In this talk, we will introduce the concept of SMC and a generic solution to compute any two-party function securely. In addition, we will show how SMC concepts can be applied to protect data security and personal privacy in distributed data analysis, e.g., how police can query an FBI database for suspected criminal activities without disclosing what he or she is looking for to the FBI.

Update: The slides from the presentation are now available here (pdf)

The next SIG-SEC meeting will be held Wednesday February 10th, 7:00pm in CS209A. Former SIG-SEC co-chair Will Atkins will be visiting and giving a baller presentation on Red Teaming. Here are the goods regarding the talk:

Given their roles in enabling services and functions vital to modern societies, critical information and control system infrastructures present high-value targets for the adversaries of such societies. Protecting these systems against digital attack is exceedingly difficult, as thousands of vulnerabilities in such systems are discovered every year. Red teaming, the general concept of a defensive team simulating one or more adversaries, is a useful technique for identifying which critical systems an adversary may choose to attack and how they may go about executing such attacks. This talk will address various types of red teaming, introduce a generic adversary model, overview Sandia National Laboratories’ Information Design Assurance Red Team (IDART), and reveal some of the tools and techniques used by IDART when performing red team assessments.

For those of you that aren’t familiar with the former SIG-SEC star, William D. Atkins is a Member of Technical Staff in the Critical Infrastructure Systems Department at Sandia National Laboratories, where he conducts information assurance research and engages in red teaming exercises to secure critical information and control system infrastructures against attack from a variety of adversaries. Atkins received both Masters and Bachelors of Science degrees in Computer Engineering from the University of Missouri–Rolla, now the Missouri University of Science and Technology, in 2007 and 2005, respectively. His research interests include wireless communications systems, communications protocol analysis, embedded systems design, and reverse engineering.

Update: The slides from the presentation are now available in both pdf and ppt. Comments related to the scenarios we went through were NOT exported into the PDF, so if you’re looking for all that good stuff you’re gonna have to grab the powerpoint.

If you didn’t make it to tonight’s meeting, or just want more information about the tools we covered, we have you covered. Below you’ll find what we covered and links for more information.

Netcat
Netcat is a utility included with almost every Linux distribution which allows users to make connections and send data over the network.

To run Netcat as a server (listen for connections)
:~$ nc -l -p [port]
To send data to a host with Netcat
:~$ nc [hostname] [port]

Netcat itself is not available for Windows, but Ncat, an improved version of Netcat, is available along with Nmap. You can find more information about Ncat here.

Nmap
Nmap is a “network mapper” tool which can be used to discover hosts which are responding on a network and discover what services are available on those hosts. Versions for Linux, Mac, and Windows and documentation are available from the Nmap homepage.

To discover hosts on a subnet
:~$ nmap -sP [address range]
Address ranges may be given in a variety of styles outlined in the documentation.
To scan a host for active service versions and operating system
# nmap -sV -O [host address]

Wireshark
Wireshark is a network packet sniffer which can be used to analyze captured network traffic. It may be used to inspect individual packets or reconstruct streams of data sent over the network. The tool is available for Linux, Mac, and Windows. Download and usage information can be found at Wireshark’s homepage, http://wireshark.org.

Aircrack
Aircrack-ng has grown into a suite of tools used to audit wireless network security. The set of tools was built for Linux, and, while there is a Windows port, most suggest that you use a Linux LiveCD to run Aircrack. The suite is available on the BackTrack Linux LiveCD distribution.

The example given during the meeting was based on the Simple WEP Crack tutorial on the Aircrack-ng site.

Yo everyone. We’ll be holding our first meeting Tuesday, Jan. 26 at 7:00pm in CS209A. This semester we have a capture the flag competition in the works. There will be several security challenges setup to be worked through, with the successful completion of one challenge providing a hint about the next challenge.

This meeting will be a very brief introduction to the CTF event (which won’t be until March) in with some of the SIG-SEC homies will be dropping some sweet knowledge about some commonly used security tools, including nmap, netcat, wireshark, etc. Of course, demos of them will be given.

Hey everyone. It’s a new semester and we have some cool stuff planned. Check out our calendar for a list of what’s coming up! Our first meeting will be announced shortly and is set for Tuesday, 1/26.

In the mean time, check out SIG-SEC|REVERSING this Thursday, 7pm in CS209A to get your security fix! Josh is going to be reversing the newest pdf sploits

Hey everyone. December 9th, 7:00pm – CS209A is the place to be. All us ACM folk will be taking a break from dead week by playing some minigolf, arcade games and armagetron. There’s going to be a sweet potluck including so come eat and hang out.

Our next meeting Tuesday, November 17 at 7:00pm in CS209a will feature a two part talk given by both Dr. Bruce McMillin and Derek Ditch. Missouri S&T is the first school in Missouri to be able to hold National Security Agency (NSA) Certification as a Center of Academic Excellence and to offer fellowship opportunities with Department of Defense/NSA. This is a two-part talk, given by Derek Ditch, who is an NSA fellowship recipient consists of his research on: (1) Implications of distributed observers in a cyber-physical system and (2) a student’s perspective on being a fellowship participant and interning with the NSA. Additionally, Dr. McMillin, campus Information Assurance Scholarship Program coordinator and Director of the Center of Information Assurance, will talk about the benefits of the DoD’s IASP program and the application process.

For more information, feel free to refer to meeting flier