Events

Office of the University Provost
Center for Cybersecurity & Information Assurance

Please review all events below for early registration as events are arranged by closest upcoming date!


Digital Forensics Special Interest Group Spring 2016

Date/Time: Meets Tuesday 5:30 PM – 6:15 PM Starting Tuesday January 12, 2016 with Dr. Doherty
Location: Cybercrime Lab 2, Dickinson Hall, Metropolitan Campus
Contact: For more information, email Dr. Eamon Doherty.

It is free and there are no prerequisites to attend. It is open to faculty, staff, and students at all campuses of FDU.

Week 1 : January 12, 2016 We will discuss some places where digital evidence is kept. Then we will learn to examine a digital picture frame and recover some pictures that were deleted from it.

Week 2 : January 19, 2016 We do not meet.

Week 3 : January 26, 2016 We will discuss the need for investigators to be able to seize webmail and keep the integrity of the folders. Then we will look at a tool for seizing webmail.

Week 4 : February 2, 2016 We will learn to forensically wipe a hard drive with a Logic Cube and discuss why hard drives need to be wiped.

Week 5 : February 9, 2016 We will learn to forensically copy a hard drive with a Logic Cube and discuss why it is necessary.

Week 6 : February 16, 2016 We will learn to forensically examine a piece of legacy digital media and discuss why it is still necessary.

Week 7 : February 23, 2016 We will learn to forensically examine a cell phone and collect the evidence with a popular cell phone forensic tool.


 

Singapore Cybersecurity R&D Conference: Call for Abstracts

Date/Time: January 14-15, 2016
Location: Location: Singapore University of Technology and Design, Singapore
Register: Details of submission can be found in the Conference website: http://itrust.sutd.edu.sg/sg-crc-2016/

This is not an opportunity to be missed! Submit a technical paper in the research, industry, or tools track. Engage in conversations with the top researchers and practitioners from across the world in the area of cyber security. Visit the most advanced realistic testbeds in cyber physical systems and enjoy a game of attack and defence. And of course, enjoy the ever beautiful Singapore.

Students are strongly encouraged to participate and compete for many cash prizes.

Theme: Cyber Security by Design

The inaugural Singapore Cyber Security R&D Conference will be held in Singapore on January 14-15, 2016 at the campus of the Singapore University of Technology and Design (SUTD). The conference will bring together academics and practitioners from across the world to participate in a vibrant programme consisting of research papers, industrial best practices, and tools exhibition. Students, undergraduate and graduate, are encouraged to participate in specially organised sessions. Several cash awards and certificates will be given to the best contributions in various student categories.

This year’s theme focuses on the importance of bringing a technically grounded element of design that integrates cyber security into a system early in the process rather than an afterthought. The element of design is integral to a process be it a purely software system, such as one engaged in managing online transactions, or a combination of hardware and software, such as in Industrial Control Systems, pacemakers, and a multitude of IoT devices. This design element pervades the entire development process from the beginning till the end, and even during operation and maintenance. SG-CRC 2016 will focus on how design as an element can be made explicit early in the development process using novel techniques based on sound mathematical tools and engineering approaches.

Submissions

Authors are invited to submit original work on any of the topics listed below. Submissions that fall in the general area of cyber security but not exactly in any of the topics below will also be considered. Submissions may focus on theoretical results, experiments, or a mix of both.

  • Attacker and attack models
  • Biometrics
  • Cyber Security Education
  • Data privacy
  • Defence against side channel attacks
  • Design of runtime security
  • Design of secure controllers
  • Design of secure systems from insecure components
  • Digital Forensics
  • Economic models of cyber security
  • EV/AV security
  • Formal methods in cyber security
  • Hardware/software cyber defense mechanisms
  • IoT security
  • Legal aspects of cyber security
  • Lightweight crypto and security
  • Methodologies for assessing system security and risk
  • Mobile security
  • Protection of public infrastructure: power, water, and transportation
  • Security by design
  • Security in healthcare
  • Security policies and compliance
  • Social Engineering and cyber security
  • Testbeds for experimentation
  • Testing for cyber security
  • Urban transportation system security
  • Verified security design

 

CAE Tech Talk: Tripleheader

Date/Time: 21 Jan 2016 from 1 - 3:10pm
Location:https://capitol.adobeconnect.com/cae_tech_talk/ An overflow room is available at the address below:
http://capitol.adobeconnect.com/cae2/ -- Just log in as “Guest” and enter your name. No password required.
Contact: For questions on CAE Tech Talk, please send email to CAETechTalk@nsa.gov

Mark your calendars and come join your friends in the CAE community for a Tech Talk. We are a warm group that shares technical knowledge, and CAE Tech Talks are free and conducted live in real-time over the Internet so no travel is required. You can attend from just about anywhere (office, home, etc.) Capitol Technology University (CTU) hosts the presentations using their online delivery platform (Adobe Connect) which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation(s).

Below is a description of the presentation(s) and logistics of attendance:

Time: 1pm – 1:40pm ET

Title/Topic: An In-Depth Look at Rainbow Tables

Audience Skill Level: Intermediate

Presenter: Andrew Kramer (student Dakota State University)

Description:

Rainbow tables have become a well-respected and frequently used tool in the information security community, but how do they actually work, and why are they so effective? What makes a rainbow table lookup so much faster than a brute-force search? How is it that such enormous key-spaces can be covered using so little storage space? Take a deeper look at this brilliant tool and you'll marvel at its genius.

Major topics covered in this presentation will include: hash functions, reduction functions, rainbow table generation, and rainbow table searching. Viewers will benefit greatly from prior knowledge of hash functions and their use as a password security mechanism, however this knowledge is not necessarily required. This tech talk is geared towards any person with an interest in “password cracking”, especially students and information security researchers.

Time: 1:45–2:25 pm ET

Title/Topic: Algorithms for Un-keyed Jam Resistance

Audience Skill Level: Intermediate

Presenter: Prof. Ramki Thurimella (University of Denver)

Description:

Communication over noisy channels has been studied quite extensively. In modern communication, achieving jam resistance is much more important as nowadays an attacker can easily obtain a typical jamming device on the open market inexpensively. This is especially critical in military applications as even a brief denial of service attack can severely impact a vital operation. In 2007, Baird, Bahn and Collins proposed an algorithm that is surprisingly simple and elegant. The main advantage of their probabilistic algorithm is that it does not require a shared secret. After reviewing their original algorithm, we will cover some recent developments in this area.

Time: 2:30-3:10 pm ET

Title/Topic: The Application of Current Probabilistic Models to Reasoning about Digital Evidence

Audience Skill Level: All Levels

Presenter: Imani Palmer (student University of Illinois)

Description:

As the use and complexity of digital devices continues to rise, the field of digital forensics remains in its infancy. The investigative process is currently faced with a variety of problems, ranging from the limited number of skilled practitioners, to the difficulty of interpreting different forms of evidence. Investigators are challenged with leveraging recovered evidence to find a deterministic cause and effect. Without reliable scientific analysis, judgments made by investigators can easily be biased, inaccurate and/or unprovable. Conclusions drawn from digital evidence can vary largely due to differences in their respective forensic systems, models, and terminology. This persistent incompatibility severely impacts the reliability of investigative findings as well as the credibility of the forensic analysts. Evidence reasoning is a fundamental part of investigative efficacy; however, the digital forensic process currently lacks the scientific rigor necessary to function in this capacity

I will also introduce a framework that will enable researchers and examiners to apply various reasoning models to their cases. The application of these reasoning methods would be automated in order to avoid discrepancies and provide reproducibility. This framework will handle the analysis phase of the digital forensic investigative process. It will receive information from both open and closed source digital forensic tools. This information will feed various visualizations to aid in the development of a hypothesis. The reasoning models define and assign likelihood between the relationships of evidence pertaining to the hypothesis. As digital forensic science advances it is important to be able to rigorously determine conclusions drawn from electronic evidence. The ability to determine if these conclusions are drawn is of critical importance.

CTU will post a recording of the live presentations on its website: https://capitol.instructure.com/courses/sis_course_id:CAE_Tech_Talk/external_tools/4

Announcements for CAE Tech Talk events can be found in the news and calendar section of the CAE community website: www.caecommunity.org


 

Continuing Education Opportunity: Digital Camera Forensics

Date/Time: Tuesday, January 26, 2016 from 9 AM - Noon
Location: in the Cybercrime Training Lab 1 of Dickinson Hall, 2nd Floor, Fairleigh Dickinson University, Hackensack
Register: Registration is best with a credit card to 201-692-6500 , A certificate will be mailed to you later.
Cost: The cost is $25 for FDU student and $50 for others.

With Dr. Eamon P. Doherty CCE, CPP, CISSP, SSCP

The course topics include theory or practical training in:

Locard’s Principle of Exchange, chain of custody, test plans, identifying, preserving, collecting, and analyzing digital evidence, metadata, Steganography, data carving, and using tools such as Recover My Files with a few digital cameras and we will also collect and analyze data from SD Cards, forensics is the intersection of law and science, lastly we will demonstrate a nanny cam bear and discuss where digital evidence may be found.

We will also talk about the need for isolated forensic examination computers for use with the cameras as well as write blockers to preserve camera data.


 

Introduction to Legacy Device Forensics: Continuing Education

Date/Time: Tuesday, February 2, 2016 – 9AM - Noon
Location: Cybercrime Training Lab 2 of Dickinson Hall, 2nd Floor, Fairleigh Dickinson University, Hackensack
Register: It is best to register with a credit card to 201-692-6500 and a certificate will be mailed to you later.
Cost: The cost is $50 which also includes the $10 registration.

Taught by Prof. Eamon P. Doherty, Ph.D., CCE, CPP, SSCP CISSP

The course topics include both theory or practical training in:

Locard’s Principle of Exchange, chain of custody, identifying, preserving, collecting, and analyzing digital evidence from a cell phone, collecting pictures, deleted pictures, email, SMS Messages, call logs, internal cell phone memory, SIM Cards, external memory, generating a report with hash marks of all evidence gathered, CALEA, communication data warrant, faraday bag, Susteen Secure View, Blackberry phone, Motorola V710 Camera Phone, Cyberbullying, Tracphone, Sexting, Video Voyeurism Act of 2004, the FAT File System, RecoverMyFiles, Logic Cube, Helix V 3.0

We will also talk about the need for isolated forensic examination computers for use with the cell phones as well as write blockers to preserve cell phone data.


 

Cell Phone Forensics Continuing Education

Date/Time: Tuesday – February 23, 2016 – 9 AM - Noon
Location: Cybercrime Training Lab 2 of Dickinson Hall, 2nd Floor, Fairleigh Dickinson University, Hackensack
Register: It is best to register with a credit card to 201-692-6500 and a certificate will be mailed to you later.
Cost: The cost is $50 which also includes the $10 registration.

Taught by Prof. Eamon P. Doherty, Ph.D., CCE, CPP, SSCP, CISSP

Here is an opportunity to learn about the vocabulary and tools used in the field of cell phone forensics and why such investigative knowledge is important for both businesses and security professionals.

The course topics include either theory or practical training in:

Locard’s Principle of Exchange, chain of custody, identifying, preserving, collecting, and analyzing digital evidence from a cell phone, collecting pictures, deleted pictures, email, SMS Messages, call logs, internal cell phone memory, SIM Cards, external memory, generating a report with hash marks of all evidence gathered, CALEA, communication data warrant, faraday bag, Susteen Secure View, Blackberry phone, Motorola V710 Camera Phone, Cyberbullying, Tracphone, Sexting, Video Voyeurism Act of 2004, Foreign Cell Phones, the RCFL, The IACIS, I will demonstrate how to map the coordinates of a digital picture with embedded GPS Data We will also talk about the need for isolated forensic examination computers for use with the cell phones as well as write blockers to preserve cell phone data.


 

Continuing Education Opportunity: Digital Camera Forensics

Date/Time: Tuesday, March 22, 2016 - 9 AM - Noon
Location: Cybercrime Training Lab 2 of Dickinson Hall, 2nd Floor Fairleigh Dickinson University, Hackensack
Register: Registration is best with a credit card to 201-692-6500 , A certificate will be mailed to you later.
Cost: The cost is $50 for FDU student and includes a $10 registration.

With Dr. Eamon P. Doherty CCE, CPP, CISSP, SSCP

The course topics include theory or practical training in:

Locard’s Principle of Exchange, chain of custody, test plans, identifying, preserving, collecting, and analyzing digital evidence, metadata, Steganography, data carving, and using tools such as Recover My Files with a few digital cameras and we will also collect and analyze data from SD Cards, forensics is the intersection of law and science, lastly we will demonstrate a nanny cam bear and discuss where digital evidence may be found.

We will also talk about the need for isolated forensic examination computers for use with the cameras as well as write blockers to preserve camera data.


 

The Black T-Shirt Forensics Challenge

Date/Time: January 1, 2016 to April 1, 2016
Register:Registration for the annual challenge will be available on January 1, 2016.

The Black T-Shirt Cyber Forensics Challenge is a free, annual contest, which has been designed to address a variety of elements important in conducting today's digital forensics examinations, incident responses, and intrusion analyses. This Challenge includes elements such as:

  • File system and operating system identification
  • Recovery of operating system and application artifacts
  • Recovery of user-created artifacts
  • Conducting in-depth analysis across the system and scenario, which extends beyond artifact recovery
  • Event reconstruction
  • Report writing

Each Challenge, designed by one or more of the Challenge's partners, will require participants to perform various activities of varying degrees of difficulty ranging from novice to expert.

In addition to the annual challenge, mini challenges will be offered starting in the fall.

For more information click here.