the cyberscience laboratory: a cybersecurity and incident response enabler 8 november 2007 salvatore...
TRANSCRIPT
The CyberScience Laboratory: A CyberSecurity and Incident Response
Enabler
8 November 2007
Salvatore C. Paladino, CISSP
Overview• Mission/Objectives• Staff• CyberSecurity Network of Partners• Delivery System• Rapid Technology Deployments• Technology Development and Analysis
– Rapid Forensic Analyst
• Dynamic Training Capabilities• Virtual Training Portal and Resources
– CyberSecurity Technical Assistance Package
• Embedded Intern Program• Future Plans
CyberScience Laboratory
• Established March 2000• Mission/Objectives
– Develop a national and international government, industry & academia network to address cybersecurity technical issues
– Evaluate DOD, DHS and DOJ R&D technologies and provide technology assistance for transition to federal, state and local law enforcement agencies and critical infrastructure owners and operators across the U.S.
– Facilitate cybersecurity training, technical assistance and technology transfer to the cybersecurity community
Tool DemonstrationsRapid Technology Deployment
CyberSecurity Training
CSL Staff
• Members of the CSL staff include:– Cyber Security Specialists– Electronic Crime Specialists– Information Analysts– Software Engineers
• Certifications include:– Certified Forensic Computer
Examiner (CFCE)– Certified Electronic Evidence
Collection Specialist (CEECS)– Certified Information Systems
Security Professional (CISSP)– Network+ Certified Professional– Certified Ethical Hacker (CE/H)
• Public Sector– National Institute of Justice – Office of Science & Technology– Air Force Research Laboratory/Information Directorate– Department of Homeland Security - Science and Technology– DHS/USSS Electronic Crimes Task Forces (ECTFs)
• Atlanta, Charlotte, Chicago, Dallas, Houston, Kentucky, Los Angeles, Miami, New England, New York, San Francisco, Washington D.C.
– Federal Bureau of Investigation (FBI) Cyber Division and Digital Evidence Section (DES)– Inter-American Committee Against Terrorism (CICTE)– International Association of Computer Investigative Specialists (IACIS)– Multi-State Information Sharing and Analysis Center (MS-ISAC)– New York City Criminal Justice Coordinator’s Office– New York State Police (NYSP)– Organization of American States (OAS)– Upstate New York Electronic Crimes Coalition (UNYECC)– Western NY Regional Computer Forensic Lab– Infragard– Central New York Computer Crime Coalition (CNY3C)
• Private Sector– AccessData Corporation– Digital Intelligence, Inc.– Dolphin Technology, Inc.– Guidance Software– International High Technology Crime Investigation Association (HTCIA)– Intelligent Computer Solutions, Inc.– JPMorgan Chase– MasterCard– National Grid
• Academia– Utica College: Economic Crime Investigation Institute– John Jay College of Criminal Justice– Syracuse University – Columbia University– Carnegie Mellon University– Cornell University
CSL’s Public, Private and Academia Network
– Eastern Kentucky University– Stanford University– James Madison University– Champlain College– Dartmouth College– University of Dayton: Institute on
Law, Technology & Security
– Florida Atlantic University– George Mason University– George Washington University
– Paraben Corporation– Partners Trust Bank– The TrainingCo. LLC.– WetStone Technologies,
Inc.
• Public Sector– National Institute of Justice – Office of Science & Technology– Air Force Research Laboratory/Information Directorate– Department of Homeland Security - Science and Technology– DHS/USSS Electronic Crimes Task Forces (ECTFs)
• Atlanta, Charlotte, Chicago, Dallas, Houston, Kentucky, Los Angeles, Miami, New England, New York, San Francisco, Washington D.C.
– Federal Bureau of Investigation (FBI) Cyber Division and Digital Evidence Section (DES)
– Inter-American Committee Against Terrorism (CICTE)– International Association of Computer Investigative Specialists (IACIS)– Multi-State Information Sharing and Analysis Center (MS-ISAC)– New York City Criminal Justice Coordinator’s Office– New York State Police (NYSP)– Organization of American States (OAS)– Upstate New York Electronic Crimes Coalition (UNYECC)– Western NY Regional Computer Forensic Lab– Infragard– Central New York Computer Crime Coalition (CNY3C)
• Private Sector– AccessData Corporation– Digital Intelligence, Inc.– Guidance Software– International High Technology Crime Investigation Association (HTCIA)– ITT Dolphin Technology, LLC– Intelligent Computer Solutions, Inc.– JPMorgan Chase– MasterCard– National Grid– Paraben Corporation– Partners Trust Bank– The TrainingCo. LLC.– WetStone Technologies, Inc.
• Academia– Utica College: Economic Crime Investigation Institute– John Jay College of Criminal Justice– Syracuse University – Columbia University– Carnegie Mellon University– Cornell University– Eastern Kentucky University– Stanford University– James Madison University– Champlain College– Dartmouth College– University of Dayton: Institute on Law, Technology & Security– Florida Atlantic University– George Mason University– George Washington University
Wireless Intrusion Detection System (WIDS) MOZART
Utica PD (2004)
Gaston County, NC and Gastonia PD
(2005 - 2006)
Miami ECTF (2007)
Presidential Debate (2004)
• Demonstrated a need for wireless security and identified wireless gaps in networks
• Saved a tremendous amount of manual work that is now automated
Impact of deployments on the practitioner community
Future Deployments• CAULDRON • IronKey• Zippy Reporting Tool• PhishBouncer• Rapid Forensic Analyst
Future Test Sites• Immigrations and Customs Enforcement• Office of Emergency & Public Health
Preparedness• USSS ECTFs• Utica Police Department
Rapid Technology Deployments
DeployedDeployed
Rapid Forensic Analyst
• First responder’s triage tool for forensic analysis– Quickly and easily assess field situations– Focus on pertinent, relevant, and useful data while filtering
out extraneous information– Gather potentially volatile (perishable) information in a
secure manner
• Use indications & warnings to focus first responders:– Where to look– What evidence gathering tools to use and in what order
• Turnkey solution– Ideal for border, parole, or other incident response– Ready for beta testing
Technology Analysis
• An unbiased “honest broker” approach for the functional testing and evaluation of the following technologies:– Government– Commercial– Open-source– Freeware
• Demonstrate technologies to the cybersecurity community to raise awareness
• Provide on-site technology assistance to help facilitate the adoption of appropriate cybersecurity technology solutions
CSL’s Dynamic Training Capabilities
CyberCrimes Investigations
Training Course
Judicial and Prosecutor’s
Perspectives on Electronic Crime
OAS CyberSecurity and CyberCrime Seminar
Forensic Tool Workshop
Senior Official's CyberSecurity
Seminar
Intrusion Forensic Experiment (IFX)
The CSL has trained over
2,000 International,
Federal, State, Local, and
Private Sector CyberSecurity
Agencies
Cybersecurity/Cybercrime Training Topics
CSL’s Virtual Training Portal
CSL Virtual Training Portal includes:
– Interactive and on-demand virtual training
– Resource Library– Functional Analysis
and Threat Assessment Reports
– Training Curriculum Center
• View Training Materials• Test• Certificate of
Completion
Training Resources
CSL Cybersecurity and Cybercrime Training DVDs USSS Forward Edge II Training DVD
CyberSecurity Technical
Assistance PackageCSL Desktop and Pocket Reference Cards
Cyberthreat Resource Kit (C-Kit)
CSL Future Plans
• Technology/Tool Transfer– 23rd Annual Computer Security Applications
Conference, FL – 12/07– Develop of C-Kit v3.0
• Technical Assistance– Embedded intern program – NY/NJ ECTF and
FBI’s RCFL
• Capacity Building– OAS CyberSecurity and CyberCrime Seminar: The
Way Forward, FL – 11/07– DoD 2008 CyberCrime Conference, MO – 1/08
Website Registration
www.cybersciencelab.com
Thank You
Salvatore C. Paladino, CISSP
Cyber Security Specialist
ITT Advanced Engineering & Sciences
CyberScience Laboratory
www.cybersciencelab.com
315-838-7066