Difference between revisions of "AFSecurity Seminar"

From mn/ifi/AFSecurity
Jump to: navigation, search
(28 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Cyber Security in High School ==
+
== Embedded-Device Forensics ==
  
 
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 
|-
 
|-
| '''DATE:'''&nbsp; 21 February 2019<br />
+
| '''TIME:'''&nbsp; 10:00h, Friday 4 October 2019<br />'''PLACE:'''&nbsp;  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House<br /><br />'''AGENDA:'''<br />
'''PLACE:'''&nbsp;  Seminar Room Prolog (Room 2465), UiO - OJD House . <br /><br />
+
10:00h Welcom at UiO<br />10:15h Invited Talk:
'''AGENDA:'''<br />
+
| [[File:Logo-Tulsa.jpg|102px|link=https://utulsa.edu/]]
15:00h Welcom at UiO<br /><br />15:15h Invited Talks:
 
| [[File:Logo-GenCyber.jpg|300px|link=https://gencyber.utulsa.edu/]]  
 
 
|}
 
|}
* '''TITLE:''' &nbsp;''Cyber Security in High School: The US GenCyber Program and the Norwegian CyberSmart Pilot for Cyber Security Education in High School.''<br/><br />'''SPEAKERS:''' &nbsp;''Kimberly Adams'' and ''Donna Farrior'' (GenCyber USA), ''Bodil Gr&oslash;dem'' and ''Janne Hagen'' (CyberSmart Norway) &nbsp; <br/><br />'''ABSTRACT:''' This AF''Security'' Seminar presents the US GenCyber and the Norwegian CyberSmart Programs for cyber-security education in high school.<br /><br /> The US GenCyber Program is an NSA-funded one-week intensive summer program for a cohort of 30 teachers in high school, followed by a sustained collaboration which takes place via an online community and resource repository for use during the following academic year and beyond. The GenCyber program at the University of Tulsa focuses on preparing teachers in high school to help their students understand correct and safe on-line behavior, to increase diversity and interest in cyber security, and to increase awareness about careers in the cyber-security workforce in USA.<br /><br />The Norwegian CyberSmart Pilot Program is a collaboration between NSM, NVE, UIO, NTNU, NorSis and Godalen vgs, Rogaland Fylkeskommune. The CyberSmart pilot project, which has been operating since 2018 with funding from NVE, gives knowledge and skills to teachers in high school in Norway, so that they can integrate cybersecurity in their classes in high school. The CyberSmart pilot project aims to fulfill one of the major goals of the Norwegian Government's [https://www.regjeringen.no/no/dokumenter/nasjonal-strategi-for-digital-sikkerhet/id2627177/ National Strategy for Digital Security] published on 30.01.2019, namely to make cyber security a component of general education in Norway.
+
* '''TALK:''' &nbsp;''Case Studies in Invasive Embedded Device Forensics: Evidence Extraction and Firmware Verification''<br />'''SPEAKER:''' ''Sujeet Shenoi'' (University of Tulsa, USA) &nbsp; <br />'''ABSTRACT:''' This presentation describes various electronic, physical and chemical techniques for extracting data and firmware from embedded devices. The techniques range from basic non-invasive techniques to sophisticated invasive techniques using chip desoldering and chemical etching or laser ablation to expose bond wires inside chip packages and extract data.  Several case studies related to evidence extraction from embedded devices are presented. Also, case studies dealing with the extraction and verification of firmware in suspected supply chain compromises are presented.
  
 +
11:00h Discussion<br />
 +
 +
== Threat of Open-Source Intelligence ==
 +
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 +
|-
 +
| '''TIME:'''&nbsp; 14:00h, Friday 4 October 2019<br />'''PLACE:'''&nbsp;  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House<br /><br />'''AGENDA:'''<br />
 +
14:00h Welcom at UiO<br />
 +
14:15h Invited Talk:
 +
| [[File:Logo-Tulsa.jpg|102px|link=https://utulsa.edu/]]
 +
|}
 +
* '''TALK:''' &nbsp;''How Open-Source Intelligence is Used to Attack Critical Infrastructure Assets''<br />'''SPEAKER:''' ''Sujeet Shenoi'' (University of Tulsa, USA) &nbsp; <br />'''ABSTRACT:'''  This case-study-based presentation demonstrates how open-source information can be collected and leveraged to attack critical infrastructure assets.  The case studies include the Stuxnet malware, information operations on an offshore oil and gas platform and a cyber and physical penetration of a financial entity.
 +
 +
15:00h Discussion<br />
  
16:00h Discussion<br />
 
  
  
'''SPEAKER BIOS''' <br/>
+
'''SPEAKER BIO''' <br/>
- Kimbery Adams is a Senior Instructor of Mathematics at the College of Engineering & Natural Sciences, Department of Mathematics, University of Tulsa. <br />- Donna Farrior is a Visiting Associate Professor of Mathematics at the College of Engineering & Natural Sciences, Department of Mathematics, University of Tulsa. <br />- Bodil Ellen Gr&oslash;dem is Project Manager for CyberSmart Norway. <br />- Janne Hagen is Chief Engineer for Cyber Security at NVE.
+
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a Professor of Chemical Engineering at the University of Tulsa, Tulsa, Oklahoma; and a member of the technical staff at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. An active researcher with specialties in cyber security, cyber operations, critical infrastructure protection and digital forensics, Dr. Shenoi works on exciting “problems” ranging from helping solve homicides to penetrating telecommunications systems, oil and gas pipelines, wind farms and voting machines. Dr. Shenoi is the Editor-in-Chief of the International Journal of Critical Infrastructure Protection (Elsevier); and Editor of the Advances in Digital Forensics and Critical Infrastructure Protection (Springer) series, now in their thirteenth and eleventh volumes, respectively. He spearheads the University of Tulsa's elite Cyber Corps Program that trains “MacGyvers” for U.S. government agencies, and is the Director of the Cyber Security Education Consortium, a National Science Foundation ATE Center that is building a high-tech workforce in the Southwestern United States. For his innovative strategies integrating academics, research and service, Dr. Shenoi was named the 1998-1999 U.S. Professor of the Year by the Carnegie Foundation.
 
{| border="0" cellpadding="1" cellspacing="1" width="90%"
 
{| border="0" cellpadding="1" cellspacing="1" width="90%"
 
|-
 
|-
| AF''Security'' is organised by the [https://www.mn.uio.no/ifi/english/research/groups/sec/ Information &amp; Cyber Security Research Group]
+
| [[File:AFSecurity-small.png|250px]]
 +
| AF''Security'' is organised by the UiO Research Group on [https://www.mn.uio.no/ifi/english/research/groups/sec/ Information &amp; Cyber Security]
 
| [[File:Sec-uio-light-1000.png|250px|link=https://www.mn.uio.no/ifi/english/research/groups/sec/]]
 
| [[File:Sec-uio-light-1000.png|250px|link=https://www.mn.uio.no/ifi/english/research/groups/sec/]]
 
|}
 
|}

Revision as of 16:42, 27 September 2019

Embedded-Device Forensics

TIME:  10:00h, Friday 4 October 2019
PLACE:  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House

AGENDA:

10:00h Welcom at UiO
10:15h Invited Talk:

Logo-Tulsa.jpg
  • TALK:  Case Studies in Invasive Embedded Device Forensics: Evidence Extraction and Firmware Verification
    SPEAKER: Sujeet Shenoi (University of Tulsa, USA)  
    ABSTRACT: This presentation describes various electronic, physical and chemical techniques for extracting data and firmware from embedded devices. The techniques range from basic non-invasive techniques to sophisticated invasive techniques using chip desoldering and chemical etching or laser ablation to expose bond wires inside chip packages and extract data. Several case studies related to evidence extraction from embedded devices are presented. Also, case studies dealing with the extraction and verification of firmware in suspected supply chain compromises are presented.

11:00h Discussion

Threat of Open-Source Intelligence

TIME:  14:00h, Friday 4 October 2019
PLACE:  Kristan Nygaards Hall (Room 5370), IFI, UiO - OJD House

AGENDA:

14:00h Welcom at UiO
14:15h Invited Talk:

Logo-Tulsa.jpg
  • TALK:  How Open-Source Intelligence is Used to Attack Critical Infrastructure Assets
    SPEAKER: Sujeet Shenoi (University of Tulsa, USA)  
    ABSTRACT: This case-study-based presentation demonstrates how open-source information can be collected and leveraged to attack critical infrastructure assets. The case studies include the Stuxnet malware, information operations on an offshore oil and gas platform and a cyber and physical penetration of a financial entity.

15:00h Discussion


SPEAKER BIO
Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a Professor of Chemical Engineering at the University of Tulsa, Tulsa, Oklahoma; and a member of the technical staff at Johns Hopkins University Applied Physics Laboratory, Laurel, Maryland. An active researcher with specialties in cyber security, cyber operations, critical infrastructure protection and digital forensics, Dr. Shenoi works on exciting “problems” ranging from helping solve homicides to penetrating telecommunications systems, oil and gas pipelines, wind farms and voting machines. Dr. Shenoi is the Editor-in-Chief of the International Journal of Critical Infrastructure Protection (Elsevier); and Editor of the Advances in Digital Forensics and Critical Infrastructure Protection (Springer) series, now in their thirteenth and eleventh volumes, respectively. He spearheads the University of Tulsa's elite Cyber Corps Program that trains “MacGyvers” for U.S. government agencies, and is the Director of the Cyber Security Education Consortium, a National Science Foundation ATE Center that is building a high-tech workforce in the Southwestern United States. For his innovative strategies integrating academics, research and service, Dr. Shenoi was named the 1998-1999 U.S. Professor of the Year by the Carnegie Foundation.

AFSecurity-small.png AFSecurity is organised by the UiO Research Group on Information & Cyber Security Sec-uio-light-1000.png