icdw

Students Presenting at International Cyber Defense Workshop

Story by Trevor Green

Five University of Advancing Technology students - John Faulkner, Charles Neitzel, Drew Porter, Chase Schultz and John Wiltberger - will be guest lecturers for the 2011 International Cyber Defense Workshop (ICDW), taking place Nov. 6-11. The upperclassmen (the only undergraduates to offer presentations at this year’s event) will speak about network security projects and issues to industry and government professionals. The exclusively-online conference lets attendees login and attend sessions from their computers.

ICDW is sponsored by the U.S. Department of Defense (DoD), a longtime collaborator with UAT. The University was asked to participate due to their partnership (including scholarships, being a National Security Agency Center of Academic Excellence, and the grant to build the Cybercave) and student projects.

Professor Shelley Keating and Professor Craig Belanger reached out to students working on promising network security-based Student Innovation Projects. The original plan was to have two undergraduates, one for each 50-minute slot, and student interest (and a lobbying effort by Keating for more time and presenters) swelled to five speakers over 150 total minutes.

Keating hopes that the undergrads use the speaker opportunities as resume and confidence builders, particularly being grouped with attendees like Carnegie Mellon Software Engineering Institute, McAfee, Naval Postgraduate School and SANS Institute Training.

“We’re up there with some really great names,” she said.

“That’s what’s cool to me is being able to speak to people that work for the Department of Defense or are allies to the United States that could benefit from the knowledge,” said Schultz.

Keating welcomes opportunities to showcase the University and its students to impressed colleagues, and the global stage of ICDW is one of the best yet.

“For us to get our name out to in this community to showcase some of the high-caliber students with their high-caliber projects [is] very, very important.”

The chance to present for a varied audience is one that students are eager to grasp, particularly with the luxury of lecturing from the comfort of a computer.

“I feel like if I was actually in some massive conference hall where people from around the world were coming to me to watch me, oh god, I’d probably lock up,” said Faulkner.

Visual Network Analyzer Project

Instead of a computer screen flooding with network packets from a potential denial of service attack, what if images alerted you to problems? Network Security and Network Engineering student John Faulkner envisions a future where network traffic, intrusions and exploitations take on a different graphic mood based on circumstances.

“How would that look like if you could represent it in a different way? What if you took all of that madness and just turned it into… a picture or some kind of dynamically changing image?”

Faulkner’s Visual Network Analyzer detects various forms of internet traffic in real time and responds accordingly in its imagery. He plans to have it detect unique network packets and protocols, with exclusive colors assigned to the latter to give a dynamic face to and break the monotony of lists of text.

Digital Media Professor Vesna Dragojlov, an advocate for algorithmic art, liked Faulkner’s project and offered ideas to take it further down a vibrant, inventive path. A hypothetical example is a visual network detector installation that responds to high-traffic events like LAN parties and casual internet browsing with colors and patterns.

Like many of the undergrad presentations, Faulkner’s analyzer has potential to alter how people view network security, easing newcomers into the field with less daunting tools and graphics.

StealthRecon Project

The penetration testing field is bursting at the seams with software and code that have specific, complex uses. Network Security and Technology Forensics student Charles Neitzel hopes that his StealthRecon web interface groups programs for niches like port and vulnerability scanning with an easy-to-use online format that does the work for you and gives you the results.

“You don’t have to remember all of the command line stuff, you don’t have to use multiple programs; that’s what the backend of the web interface will do for you,” said Neitzel.

Unlike the security suites that house numerous security tools, Neitzel designed StealthRecon to be fully automated. He hopes that conference attendees feel more at ease, and new additions to the program will expand their knowledge.

“Hopefully this might take off the edge - a little bit - of that because [there is] going to be less and less to remember as time goes on.”

Sweet Pickles Project

Hearing the word pickles may trigger thoughts of pickled cucumbers in most people, but the security field thinks of them as ways to serialize (encrypt) and de-serialize (translate) programming language Python objects. (Think of this as a specialized form of ZIP compression files.) These pickles can be hacked at rest or in transit to deliver arbitrary, possibly malicious code when opened.

Network Security student Chase Schultz wants to protect the serialized pickle data with his endeavor, the open source Sweet Pickles Project, the subject of his presentation. He was inspired after he saw a Black Hat 2011 talk on the faults and lack of protection against malicious pickles.

“When I saw that talk I thought, ‘I’d like to use pickles for a project that I’m working on, but I want to ensure the authenticity and integrity as well as the confidentiality of the pickle itself.’”

Part of the solution lies in “Brine,” a methodology that uses DoD standardized, top-secret strength encryption (AES-256). Combined with Python wrappers (software that is a bridge between an operating system and a driver) for cryptography software libraries PyCrypto and Elliptic Curve Cryptography-521, Schultz is confident that only the person on the pickle’s receiving end can open the file.

Access to the Garden Project

Global System for Mobile Communication (GSM) cellular networks power approximately 80 percent of the world’s wireless phones. 2G, 3G and 4G phones send voice, text and internet data, which can be intercepted if you can break into a GSM system’s backend.

Network Security student Drew Porter will cover different methods to break microcells and access internal mobile systems, using software and hardware (pin-outs, cables) that run on home computers.

Porter gave his lecture at recent ToorCon lecture, and he was surprised that the risky subject matter was accepted for a global audience. He is tailoring the ICDW version to include testing methods, his own inquiries and research from foreign investigators that used his procedures.

Network Ninja Project

Information security software may seem daunting to information security and assurance newcomers; the vast array and complexity of programs and suites could put off the inexperienced. Network Security student John Wiltberger is lending a helping hand with Network Ninja, a security training tool that teaches people the basics of security tools and Linux operating system software.

Co-authored with UAT grad William Howe, Network Ninja is a testing environment that opens a custom webpage that has a syllabus, software apps, security tutorials and Python-built quiz features in its virtual, temporary operating system. Its aim is to simulate using software like Nmap and THC-Hydra in real-life environments.

Wiltberger and Howe were inspired to create the training program during their early college days as they saw the knowledge gap between Windows and Linux OS users, especially with Linux-based programs like Backtrack that did not cater to security novices. Wiltberger hopes Network Ninja is the bridge between penetration testers and normal clients.

“We had decided that it would probably be a good idea to build something that would help people first understand the concepts of what they’re doing, because there’s a lot that goes into testing networks and all the different intricate areas of it,” he said.