Category: CyberS

ROTC Cybersecurity Training for Tomorrow’s Officers

The U.S. Department of Defense, Office of Naval Research, has awarded Michigan Tech faculty researchers a $249,000 grant that supports the creation of an ROTC undergraduate science and engineering research program at Michigan Tech. The primary goal of the program is to supply prepared cadets to all military branches to serve as officers in Cyber commands.

The principal investigator (PI) of the project is Andrew Barnard, Mechanical Engineering-Engineering Mechanics. Co-PIs are Timothy Havens, College of Computing; Laura Brown , Computer Science, and Yu Cai, Applied Computing. The title of the project is, “Defending the Nation’s Digital Frontier: Cybersecurity Training for Tomorrow’s Officers.”

The curriculum will be developed over the summer, and instruction associated with the award will begin in the fall 2020 semester. Cadets interested in joining the new program are urged to contact Andrew Barnard.

Initially, the program will focus on topics in cybersecurity, machine learning and artificial intelligence, data science, and remote sensing systems, all critical to the The Naval Science and Technology (S&T) Strategic Plan and the Navy’s Force of the Future, and with equal relevance in all branches of the armed forces.

The plan of work focuses on on engaging ROTC students in current and on-going Cyber research, and supports recruitment of young ROTC engineers and scientists to serve in Navy cybersecurity and cyber-systems commands. The program will compel cadets to seek positions within Cyber commands upon graduation, or pursue graduate research in Cyber fields.

“Our approach develops paid, research-based instruction for ROTC students through the existing Michigan Tech Strategic Education Naval Systems Experiences (SENSE) program,” said principal investigator Andrew Barnard, “ROTC students will receive one academic year of instruction in four Cyber domains: cybersecurity, machine learning and artificial intelligence (ML/AI), data science, and remote sensing systems.”

Barnard says the cohort-based program will enrich student learning through deep shared research experiences. He says the program will be designed with flexibility and agility in mind to quickly adapt to new and emerging Navy science and technology needs in the Cyber domain. 

Placement of officers in Cyber commands is of critical long-term importance to the Navy (and other DoD branches) in maintaining technological superiority, says the award abstract, noting that technological superiority directly influences the capability and safety of the warfighter.

Also closely involved in the project are Michigan Tech Air Force and Army ROTC officers Lt. Col. John O’Kane and LTC Christian Thompson, respectively.

“Unfortunately, many ROTC cadets are either unaware of Cyber related careers, or are unprepared for problems facing Cyber officers,” said Lt. Col. O’Kane. “This proposal aims to provide a steady flow of highly motivated and trained uniformed officers to the armed-services, capable of supporting the warfighter on day-one.”

Andrew Barnard is director of Michigan Tech’s Great Lakes Research Center, an associate professor of Mechanical Engineering-Engineering Mechanics, and faculty advisor to the SENSE Enterprise.

Tim Havens is director of the Institute of Computing and Cybersystems, associate dean for research, College of Computing, and the William and Gloria Jackson Associate Professor of Computer Systems.

Laura Brown is an associate professor, Computer Science, director of the Data Science graduate program, and a member of the ICC’s Center for Data Sciences.

Yu Cai is a professor of Applied Computing, an affiliated professor of Computational Science and Engineering, a member of the ICC’s Center for Cybersecurity, and faculty advisor for the Red Team, which competes in the National Cyber League (NCL).

The Great Lakes Research Center (GLRC) provides state-of-the-art laboratories to support research on a broad array of topics. Faculty members from many departments across Michigan Technological University’s campus collaborate on interdisciplinary research, ranging from air–water interactions to biogeochemistry to food web relationships.

The Army and Air Force have active ROTC programs on Michigan Tech’s campus.

The Office of Naval Research (ONR) coordinates, executes, and promotes the science and technology programs of the United States Navy and Marine Corps.


Guy Hembroff Awarded CCISD Contract for CTE Cybersecurity Course

Guy Hembroff, associate professor, CMH Division, and director of the Health Informatics graduate program and the Institute of Computing and Cybersystem’s Center for Cybersecurity, is the principal investigator on a one-year project that has been awarded a $40,000 contract from the Copper Country Intermediate School District (CCISD). The project is titled “Cybersecurity Course for Career and Technical Education (CTE) Program.”

The CCISD CTE program provides courses and labs to high school-age students from Baraga, Houghton, and Keweenaw counties. It is intended to provide the academic background, technical ability, and work experience that today’s youth will need to succeed in today’s changing job market.

The contract funds instructor time, use of facilities, labs, and equipment, and materials and supplies. Student enrolled in the program meet on Michigan Tech’s campus for two hours per day, Monday through Friday, from September to May. 

The CTE Cybersecurity course covers topics including security architecture, cryptographic systems, security protocols, and security management tools. Students also learn about virus and worm propagation, malicious software scanning, cryptographic tools, intrusion detection, DoS, firewalls, best practices, and policy management.

Learn more about the CCISD CTE program at: https://www.copperisd.org/career-technical-education.


Congratulations, RedTeam@MTU!

National Cyber League Logo

RedTeam@MTU, one of Michigan Tech’s National Cyber League (NCL) teams, placed 8th out of 689 teams in the recent NCL Fall 2019 cyber competition team game. The team consists of seven College of Computing undergraduate and graduate students: Alexander Larkin, John Claassen, Jack Bergman, Jon Preuth, Trevor Hornsby, Shane Hoppe, and Matthew Chau. In addition, two RedTeam@MTU team members ranked in the top 100 out of 4149 players in the individual game: John Claassen (67th) and Alex Larkin (70th).

“This is a breakthrough since first joining the NCL competition in Fall 2017,” said faculty coach Bo Chen, assistant professor of computer science. “Congratulations to the RedTeam and John Claasen and Alex Larkin!”

Three teams and 21 players from Michigan Tech were involved this season, most of them with the RedTeam@MTU, a student organization which exists to promote a security-driven mindset among the student population, and to provide a community and resource for those wishing to learn more about information security.  The RedTeam is co-advised by Bo Chen and Yu Cai, professor in the College of Computing.

Students from hundreds of U.S. universities participated during the Fall 2019 NCL season, which comprised a week-long Preseason placement game, followed by a weekend Individual Game, and culminating in a weekend Team Game. A total of 689 teams and 4149 players  participated.

In addition, Michigan Tech ranks 11th among the top 100 colleges and universities in the “Team” Cyber Power Rankings, 51st in the Individual Rank, and 23rd in the Participation Rank. The Cyber Power Rankings were created by Cyber Skyline in partnership with the National Cyber League (NCL). The rankings represent the ability of students from these schools to perform real-world cybersecurity tasks on the Cyber Skyline platform, such as identify hackers from forensic data, pentest and audit vulnerable websites, recover from ransomware attacks, and more. Schools are ranked based on their top team performance, their top student’s individual performance, and the aggregate individual performance of their students. View the full ranking list at https://cyberskyline.com/data/power-ranking/fall-2019-national.

Founded in 2011 to provide an ongoing virtual training ground for participants to develop, practice, and validate their cybersecurity skills, the NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants played the games simultaneously during all of the Fall season games.

The NCL challenges are based on the CompTIA Security+™ and EC-Council Certified Ethical Hacker (CEH)™ performance-based exam objectives and include the following content: Open Source Intelligence, Scanning, Enumeration and Exploitation, Password Cracking, Traffic Analysis, Log Analysis, Wireless Security, Cryptography, and Web Application Security. Players of all levels can participate in the NCL games. Through easy, medium and hard challenges, students have multiple opportunities to excel.

Learn more about the NCL at: https://www.nationalcyberleague.org/.

Cyber Skyline Logo

Cyber Skyline is an immersive cloud platform on which to practice, develop, and measure technical cybersecurity skills. It is built for Incident Response Handlers, Security & Network Engineers, SOC Analysts, Software Engineers, Pentesters, and more. Visit the Cyber Skyline website at: https://cyberskyline.com.


MEDC Cyber and Mobility Division Visits Michigan Tech

MEDC Logo

Michigan Tech’s ICC Center for Cybersecurity and the MTEC SmartZone hosted members of the Michigan Economic Development Corporation’s (MEDC’s) Cyber and Mobility division in Houghton, MI, on December 2, 2019.

The group’s visit included presentations by several Michigan Tech faculty who are conducting research in the cyber and mobility space, strategic economic development discussions highlighting Michigan Tech and the local community, and tours of selected Michigan Tech cyber and mobility labs, including GLRC, APS Labs, and the KRC.

The tour concluded with a talk to Michigan Tech students by Karl Heimer of the MEDC regarding information and student opportunities with MEDC-affiliated CyberAuto and CyberTruck competitions.

For more information, contact Associate Professor Guy Hembroff, director of the ICC Center for Cybersecurity and the Health Informatics graduate program.


Guy Hembroff Invited Speaker at MedFuse ’19

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program,  and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, was an invited speaker at Medfuse ’19, held in Minneapolis, MN, on October 24, 2019. Hembroff’s presentation  was titled “Treating the patient holistically and securely.” He also served on the conference panel, “Internet of Medical Things (IoMT) Security.”

Presentation Abstract: We propose a holistic mHealth community model for residents to overcome significant barriers of care and improve coordinated patient health intervention by integrating multiple health and safety data sources through a mobile digital personal health library application. AI algorithms strategically connect residents to community resources and provide customized health education aimed at increasing the health literacy, empowerment, and self-management of the user. Users are able to securely share their health data with others (e.g. physicians, caregivers). Clinicians can better track patients offering improved preventative measures and care management. The architecture’s security includes a touchless biometric feature, capable of large-scale identity management using a novel fingerprint algorithm to establish a unique health identifier (UHID) for each individual, with the use of facial-recognition as a secondary form of validation prior to a user viewing patient data. Standard smartphones and web cameras are utilized in the identify management process where the application is installed.

The MedFuse conference focuses on advancing Medical IoT (IoMT) devices and exploring the future healthcare implications of Health Informatics.

 


Guy Hembroff Presents Paper at MobiHealth 2019

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program,  and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, presented his paper, “The design of a holistic mHealth community library model and its impact on empowering rural America,” at MobiHealth 2019, the 8th EAI International Conference on Wireless Mobile Communication and Healthcare,  November 13-14, 2019, in Dublin, Ireland.

The objectives of the EAI International Conference on Wireless Mobile Communication and Healthcare are to advance medical diagnosis, treatment, patient care and patient safety through application of sensing technologies (e.g. Internet of Things IoT), mobile computing, and effective data management methodologies. Contributions will be solicited regarding the interdisciplinary design and application of relevant technologies to help provide advanced mobile health care applications and infrastructures. The essence of the conference lies in its interdisciplinary nature, with original contributions cutting across boundaries but all within the sphere of the application of mobile communications (e.g. technologies, international standards, new and existing solutions, methodologies) aiming at the betterment of patient care and patient safety. As such, the conference will have a multi-tier approach, going from wearable and Implantable Devices to ubiquitous patient monitoring environments (e.g. remote monitoring, healthcare surveillance and Public Health).


Guy Hembroff Quoted in Article About Telehhealth

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program, and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, was quoted in the article, “Your virtual doctor is in,” published on November 20, 2019, in the online newspaper The Hill (the hill.com).

The article explores advances in telehealth services, areas for expansion, and barriers that remain for patients.

View the article here: https://thehill.com/changing-america/well-being/health-care/471165-your-virtual-doctor-is-in

The Hill is an American website, based in Washington, D.C. which began as a newspaper publisher in 1994. Focusing on politics, policy, business and international relations, The Hill coverage includes the U.S. Congress, the presidency, and election campaigns. On its website, The Hill describes its output as “nonpartisan reporting on the inner workings of Congress and the nexus of politics and business”. (Wikipedia)


Bo Chen Weighs In on Identity Fraud in WalletHub Article

Bo Chen, Computer Science

Bo Chen (CS/CyberS) was featured in the article “2019’s States Most Vulnerable to Identity Theft & Fraud,” published October 16, 2019, in WalletHub.

Link to the article here:https://wallethub.com/edu/states-where-identity-theft-and-fraud-are-worst/17549/#expert=bo-chen

Based in Washington DC, WalletHub is the first-ever website to offer free credit scores and full credit reports that are updated on a daily basis. The company also hosts an artificially intelligent financial advisor that provides customized credit-improvement advice, personalized savings alerts, and 24/7 wallet surveillance, supplemented by reviews of financial products, professionals and companies.


Bo Chen Receives $250K NSF Award for Mobile PDE Systems Research

Bo Chen, CS

Bo Chen, assistant professor of computer science and member of the Institute of Computing and Cybersystems Center for  Cybersecurity, is the principal investigator on a project that has received a $249,918 research and development grant from the National Science Foundation. The project is entitled, “SaTC: CORE: Small: Collaborative: Hardware-Assisted Plausibly Deniable System for Mobile Devices.” This is a potential three-year project.

Abstract: Mobile computing devices typically use encryption to protect sensitive information. However, traditional encryption systems used in mobile devices cannot defend against an active attacker who can force the mobile device owner to disclose the key used for decrypting the sensitive information. This is particularly of concern to dissident users who are targets of nation states. An example of this would be a human rights worker collecting evidence of untoward activities in a region of oppression or conflict and storing the same in an encrypted form on the mobile device, and then being coerced to disclose the decryption key by an official. Plausibly Deniable Encryption (PDE) has been proposed to defend against such adversaries who can coerce users into revealing the encrypted sensitive content. However, existing techniques suffer from several problems when used in flash-memory-based mobile devices, such as weak deniability because of the way read/write/erase operations are handled at the operating systems level and at the flash translation layer, various types of side channel attacks, and computation and power limitations of mobile devices. This project investigates a unique opportunity to develop an efficient (low-overhead) and effective (high-deniability) hardware-assisted PDE scheme on mainstream mobile devices that is robust against a multi snapshot adversary. The project includes significant curriculum development activities and outreach activities to K-12 students.

This project fundamentally advances the mobile PDE systems by leveraging existing hardware features such as flash translation layer (FTL) firmware and TrustZone to achieve a high deniability with a low overhead. Specifically, this project develops a PDE system with capabilities to: 1) defend against snapshot attacks using raw flash memory on mobile devices; and 2) eliminate side-channel attacks that compromise deniability; 3) be scalable to deploy on mainstream mobile devices; and 4) efficiently provide usable functions like fast mode switching. This project also develops novel teaching material on PDE and cybersecurity for K-12 students and the Regional Cybersecurity Education Collaboration (RCEC), a new educational partnership on cybersecurity in Michigan.

Publications related to this research:

[DSN ’18] Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices. The 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN ’18), June 2018 (Acceptance rate: 28%)
[Cybersecurity ’18] Qionglu Zhang, Shijie Jia, Bing Chang, Bo Chen. Ensuring Data Confidentiality via Plausibly Deniable Encryption and Secure Deletion – A Survey. Cybersecurity (2018) 1: 1.
[ComSec ’18 ] Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen Tao Zhu, Yingjiu Li, and Zhan Wang. User-Friendly Deniable Storage for Mobile Devices. Elsevier Computers & Security, vol. 72, pp. 163-174, January 2018
[CCS ’17] Shijie Jia, Luning Xia, Bo Chen, and Peng Liu. DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer. 2017 ACM Conference on Computer and Communications Security (CCS ’17), Dallas, Texas, USA, Oct 30 – Nov 3, 2017 (Acceptance rate: 18%)
[ACSAC ’15] Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. MobiPluto: File System Friendly Deniable Storage for Mobile Devices. 2015 Annual Computer Security Applications Conference (ACSAC ’15), Los Angeles, California, USA, December 2015 (Acceptance rate: 24.4%)
[ISC ’14] Xingjie Yu, Bo Chen, Zhan Wang, Bing Chang, Wen Tao Zhu, and Jiwu Jing. MobiHydra: Pragmatic and Multi-Level Plausibly Deniable Encryption Storage for Mobile Devices. The 17th Information Security Conference (ISC ’14), Hong Kong, China, Oct. 2014

Link to more information about this project: https://snp.cs.mtu.edu/research/index.html#pde


GenCyber Camp for Teachers Garners Local Media Coverage

Michigan Tech hosted two week-long GenCyber camps this summer. The first, held June 17–21, 2019, hosted 30 local middle/high school students. The second camp, August 12–16, 2019, hosted 21 local K-12 teachers. Camp participants gained cybersecurity knowledge, understood correct and safe online behavior, and explored ways to deliver cybersecurity content in K-12 curricula.

A story about the GenCyber teacher camp was reported on August 16, 2019, by TV6: “GenCyber cyber security training camp comes to Michigan Tech” and on August 13, 2019, by the Keweenaw Report: “Teachers Learn How To Include Cybersecurity In Their Lessons.”

Learn more about the camps on the Institute of Computing and Cybersystems blog: https://blogs.mtu.edu/icc/2019/06/04/inspiring-the-next-generation-of-cyber-stars-2/.