Information Assurance Center Iowa State University 1 Computer Forensics – Iowa State University Experience ISU Information Assurance Center www.iac.iastate.edu.

Slides:



Advertisements
Similar presentations
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #26 Emerging Technologies.
Advertisements

Information Security and Assurance Center 1 Address: 615 McCallie Avenue Phone: Chattanooga TN 37403
Gerald M. Santoro, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA (slides.
Information Assurance & Network Security Certificate Prof. Rafael M. Rivera Universidad del Turabo School of Engineering Institute of Telecommunications.
Educational Programs in Bioinformatics at UNO Hesham H. Ali Department of Computer Science College of Info Science and Technology University of Nebraska.
College Strategic Plan by Strategic Planning and Quality Assurance Committee.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Overview CSE 465 Information Assurance
Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.
Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.
Teaching Security via Problem- based Learning Scenarios Chris Beaumont Senior Lecturer Learning Technology Research Group Liverpool Hope University College.
IT Security Policy in Japan 23 September 2002 Office of IT Security Policy Ministry of Economy, Trade and Industry JAPAN.
A First Course in Information Security
Company LOGO Broader Impacts Sherita Moses-Whitlow 07/09/09.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Information Assurance Research and Training at Iowa State University (ISU) Johnny Wong Information Assurance Center (IAC) Information.
1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB
Information Systems Today, 2/C/e ©2008 Pearson Education Canada Lecture Outline eCommerce Highlights of Electronic Business 2-1.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
University of Tulsa - Center for Information Security Center for Information Security: An Overview October 4th, 2002.
Promoting Research and Application of Information Assurance and Cybersecurity 6 th Annual Security Summit May 20, 2009 Mark Weatherford, Chief Information.
ICT business statistics and ICT sector: Uzbekistan’s experience Prepared by Mukhsina Khusanova.
The BTech (IT) Program Xing Liu, Ph.D, Chair Computer Science & Information Technology School of Business Kwantlen Polytechnic University April 30, 2014.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Informatics Institute 6/19/081 A Draft Plan for the Informatics Institute (Graduate Program) Informatics Institute A Draft Plan for the Informatics Institute.
Computer Science and Engineering 1 Cyber Security University of South Carolina Columbia Center for Information Assurance Engineering (CIAE)
CSCE 727 Information Warfare
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure Workshop Summary May 3, 2013 Support for.
OVERVIEW OF CYBER TERRORISM IN INDONESIA PRESENTED BY: SUPT. DRS. BOY RAFLI AMAR SPECIAL DETACHMENT 88 AT – INP ARF SEMINAR ON.
Learning by Doing (LBD) based Course Content Development (in Areas of CS and ECE) International Institute of Information Technology Hyderabad, India 1.
Computer Science and Engineering 1 Future of Cyber Security.
CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.
1 Chapter Nine Engineering Your Career. 2 Engineering Careers  Electrical and computer engineers find employment in: 1.Private industry. 2.Government.
Department of Computer and Information SciencesMay 5th, 2004 HOMMER: Holistic Model for Minority Education & Research.
Training and Certification. Who needs digital forensic training and professional certification? Forensic examiners Investigators Crime scene specialists.
S tandards Education in Technology Programs Amin Karim, DeVry University Jennifer McClain, IEEE Educational Activities.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Mission Statement The mission of NW3C is to provide training, investigative support and research to agencies and entities involved in the prevention,
Telecommunications Engineering The University of Texas at Dallas The Erik Jonsson School of Engineering and Computer Science Jonsson School Industrial.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Center for Cybersecurity Research and Education (CCRE)
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering
Information Assurance – A Technology Transfer Success Story Deidre W. Evans, Edward L. Jones, Christy L. Chatmon Computer and Information Sciences Department.
Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #1 Biometrics and Other Emerging Technologies in Applications.
E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.
Information Technology Services Strategic Directions Approach and Proposal “Charting Our Course”
Technology Transition Workshop Field Investigation Drug Officer Program History Technology Transition Workshop| David L. Sylvester.
SPANISH NATIONAL POLICE INNOVATION & DEVELOPMENT SERVICE LOGISTICS GENERAL DIRECTORATE SMI2GS - H2020, BRUSSELS 26 & 27 February 2016 H2020 (CALL 2016)
Cybercrime Courses 1.Child Protection Software 2.Forensic Scan 3.Internet For Investigators 1.Intelligence Gathering On The Internet (Open Source) 1.Covert.
ONLINE COURSES - SIFS FORENSIC SCIENCE PROGRAMME - 2 Our online course instructors are working professionals handling real-life cases related to various.
Interdisciplinary MS in Information Assurance Jim Wolfe Computer Science Department Indiana University of Pennsylvania EPASEC 2006.
OAsIS National Centers of Academic Excellence in Information Assurance Education (CAEIAE) Program: OAsIS.
Who am I? Mikhail I. Gofman Assistant Professor of Computer Science at CSUF since Fall Education: Ph.D. in Computer Science at State University of.
Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering.
Examination of the Current Educational Contents in Information Assurance Bill Oblitey Indiana University of Pennsylvania Computer Science Department EPASEC.
Computer Science and Engineering 1 Cyber Security University of South Carolina Columbia Center for Information Assurance Engineering (CIAE)
Legal Implications.
SCSU Technology Update FY05
8 Building Blocks of National Cyber Strategies
Teaching and Engaging Students in
CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.
The Graduate College Travel Summary Presentation
UNM Information Assurance Scholarship for Service (SFS) Program
Information Assurance & Network Security Certificate
CSCD 434 Network Security Spring 2019 Lecture 1 Course Overview.
UNM Information Assurance Scholarship for Service (SFS) Program
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Information Assurance Center Iowa State University 1 Computer Forensics – Iowa State University Experience ISU Information Assurance Center April 18, 2003

Information Assurance Center Iowa State University 2 Outline Computer Forensics: Research Education Outreach About the ISU program: Research Education Outreach

Information Assurance Center Iowa State University 3 Forensics Research Network Origin Identification (Tom Daniels) Accountable Anonymity (Yong Guan, Tom Daniels) Tracing Encrypted Connections (Yong Guan)

Information Assurance Center Iowa State University 4 Network Origin Identification Finding the wily hacker! – Many ways that an attacker can conceal his computer/location/identity Lying about/Laundering of Identity – Authentication is too expensive/problematic to use for everything – Forensic approaches are needed Passive Origin Id System for Networks (POISN) – Build an architecture that can trace numerous different types of traffic – Leverage and incorporate past work in origin id.

Information Assurance Center Iowa State University 5 Origin Identification Techniques Allows: –Prosecution/Civil Litigation –Cessation/Filtering of Attacks ● Past Work Focuses on Individual Types of Origin Concealment ● POISN develops a general architecture that incorporates past work and allows tracing new types of traffic.

Information Assurance Center Iowa State University 6 POISN Approach Distributed Multisource –Incorporates network and host data sources –Can trace many types of traffic –Subject to covert channel problems –Requires wide deployment Distributed Network –Just network data sources –Less intrusive to use –What traffic can be traced without host access?

Information Assurance Center Iowa State University 7 Accountable Anonymity Problem Definition Networked computer systems can be attacked from virtually anywhere in the world, the attackers can easily hide their identity and origin through stepping stones such as anonymity systems. Even worse, encrypted attack traffic makes tracing the source of attack substantially more difficult. Our proposed approaches make it possible to trace encrypted attack traffic through a chain of stepping stones in real-time, which can help to stop further attacks, apprehend and punish those who are responsible. Solution will be applicable to a wide range of forensic investigations at all levels.

Information Assurance Center Iowa State University 8 Accountable Anonymity Technical Approach: We address this tracing problem through a novel correlation scheme based on statistical timing, size, and other properties of the incoming traffic and outgoing traffic of a stepping stone, rather than the contents of the network messages. The basic approaches include statistical traffic analysis, pattern recognition, and network tomography.

Information Assurance Center Iowa State University 9 Accountable Anonymity Target System Stepping Stones Attacker

Information Assurance Center Iowa State University 10 Tracing Encrypted Connections Anonymity is key techniques for protecting people’s privacy. However, it can be used to launch attacks. The attackers can easily hide their identity and origin through anonymity systems. Our proposed research aim at developing an innovative concept “Accountable Anonymity” by introducing accountability into anonymity, and designing approaches to implement accountable anonymity. Solution will be applicable to a wide range of forensic investigations at all levels.

Information Assurance Center Iowa State University 11 Tracing Encrypted Connections Technical Approach: We address this by studying security implications of various anonymity mechanisms and impacts of human factors and law and policy issues, and designing a sweet spot (i.e., accountable anonymity) between accountability and anonymity. Our previous publications on anonymity research: –Y. Guan, et al, “An Optimal Strategy for Anonymous Communication Protocols,” IEEE ICDCS –Y. Guan, et al, “A Quantitative Analysis of Anonymous Communications,” in IEEE Transactions on Reliability, to appear. –T. Daniels, et al, “Identification of host audit data to detect attacks on low- level IP vulnerabilities,” Journal of Computer Security, 1999.

Information Assurance Center Iowa State University 12 Forensics Education Computer Forensics & Cyberspace Camouflaging

Information Assurance Center Iowa State University 13 Computer Forensics & Cyberspace Camouflaging Graduate survey of modern topics in computer forensics and cyberspace camouflaging. Computer forensics studies cyber-attack prevention, planning, detection, and response with the goals of counteracting cybercrime, cyberterrorism, and cyberpredators and making them accountable. Cyberspace camouflaging (e.g. anonymity) are likely to be effective methods against hostile computer forensics.

Information Assurance Center Iowa State University 14 Computer Forensics & Cyberspace Camouflaging Module I: Overview of Computer Forensics and Cyberspace Camouflaging & 1 week Module II: Basics of Computer Networks and Operating Systems & 1.5 weeks Module III: Advanced Topics of Computer Forensics & 4 weeks Module IV: Intrusion Detection and Response & 3 weeks Module V: Steganography & Steganalysis & 1 week Module VI: Anonymity/Pseudonymity/Privacy Protection (e.g., P3P) & 3 weeks Module VII: Legal and ethical issues & 1 week (optional)

Information Assurance Center Iowa State University 15 Forensics Outreach MFRC DPS Cyber Crime Lab

Information Assurance Center Iowa State University 16 Midwest Forensics Resource Center Partnership of Crime Laboratories in IA, IL, WI, MN, ND, SD, NE, KS, and MO, with ISU and the USDOE Ames Laboratory Four-part Program –Casework –Training –Education –Research Funded by National Institute of Justice Director: David P. Baldwin, (515)

Information Assurance Center Iowa State University 17 Midwest Forensics Resource Center Initial DOJ funding started end of August, A second round of funding was authorized during February of Has held three Annual Meetings – also specialized regional meetings for crime labs and: rural law enforcement, agencies charged with countering agro- terrorism, college/university forensic science programs

Information Assurance Center Iowa State University 18 Midwest Forensics Resource Center Progress in four program areas: Casework Assistance performed work for crime lab or local law enforcement –helped determine cause of 2 deaths, –employed university resources to investigate video tape, –identified biological materials found on a burglary suspect (thought to tie him to a crime scene) Training: –Providing academic and R&D lectures and video to crime labs, –invited by FBI to become regional training partner Education: –held regional meeting of forensic science education programs and state/regional crime labs Research: –Issuing RFP’s, performing R&D project for FBI

Information Assurance Center Iowa State University 19 ISU Department of Public Safety Guest lectures in class –Legal issues –Ethical issues –Case studies Computer Case work –Over 10 cases –Helped serve search warrants –Educated officers in cyber crime

Information Assurance Center Iowa State University 20 Case work Backdoor software installed on lab of computers to capture password Password capture software install on web server Computers are used for spam mail New computer attacked within 15 minutes of being installed Child porn, IP theft, Software theft.

Information Assurance Center Iowa State University 21 Cyber Crime Lab Partnership between: –MFRC –IAC –ISU’s Department of Public Safety Goals: –improve computer security education at ISU, –provide source of computer security R&D ideas, –improve campus and local computer forensic investigation, –establish a new forensics resource for rural Iowa

Information Assurance Center Iowa State University 22 Cyber Crime Lab Replaces State Cyber Crime Lab Faculty, Students, and Law enforcement will become certified in computer forensics Lab established in DPS facility Training ground for students. Work on both criminal and civil cases

Information Assurance Center Iowa State University 23 Information Assurance at ISU Multidisciplinary: seven academic departments Synergistic: 30+ faculty, joint research Sustained Education: 12 IA courses offered each year Outreach: seminars and short courses to state agencies and industry; security awareness integrated in other curricula; significant inter-University projects University and Regents support: IA Center, MS degree, Graduate Certificate, Ph.D. & undergraduate minor under consideration

Information Assurance Center Iowa State University 24 Research

Information Assurance Center Iowa State University 25 Education Graduate education –Courses since 1995 –NSF CyberCorps fellowships –Masters of Science in Information Assurance –MS programs specializing in IA in: CprE, CS, Math, PolySci, MIS, and IMSE –PhD programs specializing in IA: CprE and CS –Graduate Certificate in IA –Ph.D. Program planned for next year

Information Assurance Center Iowa State University 26 Courses CprE 530: Computer Network Protocols  distance education CprE 531: Computer System Security  distance education CprE 532:Information Warfare  distance education CprE/Math 533:Cryptography  distance education CprE 534:Legal & Ethical Issues in Security CprE 537:Security in Wireless Communications ComS 586:Network Architectures ComS 552:Advanced Operating Systems CprE 592:Seminar (new topics) IE 581X: E-Commerce Systems Engineering MIS 533:Data Management for Decision Makers MIS 534:Electronic Commerce MIS 535:Telecommunications Management MIS 538:Business Processes and Systems PolySci 421:Constitutional Freedoms PolySci 487/587: Electronic Democracy PolySci 486/586:Science, Technology, and Public Policy Note: CprE 530, 531, 532, and 533 lead to an Iowa State University Certificate in Information Assurance

Information Assurance Center Iowa State University 27 Outreach Seminars, tutorials, media “experts” Membership on over 10 national panels, boards, and committees NSF faculty development workshop –Summer workshops to increase the number of faculty who teach IA –20 faculty members invited from across the Midwest

Information Assurance Center Iowa State University 28 Future IU/CRC Proposal Cyber protection lab Increased research funding Continued participation at state and national level.

Information Assurance Center Iowa State University 29 NSF I/UCRC Center for Information Protection Needs at least 18 companies to commit to $600,000 a year in funding for 5 years. NSF funded support for the operation of the center

Information Assurance Center Iowa State University 30 NSF I/UCRC NSF provided $10,000 planning grant to raise the funding to create the center University Partners: –Mississippi State University –University of Kansas –Other schools will be added (talking with NCSU and Duke)

Information Assurance Center Iowa State University 31 QUESTIONS?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.