Category: CyberS

Congratulations, RedTeam@MTU!

National Cyber League Logo

RedTeam@MTU, one of Michigan Tech’s National Cyber League (NCL) teams, placed 8th out of 689 teams in the recent NCL Fall 2019 cyber competition team game. The team consists of seven College of Computing undergraduate and graduate students: Alexander Larkin, John Claassen, Jack Bergman, Jon Preuth, Trevor Hornsby, Shane Hoppe, and Matthew Chau. In addition, two RedTeam@MTU team members ranked in the top 100 out of 4149 players in the individual game: John Claassen (67th) and Alex Larkin (70th).

“This is a breakthrough since first joining the NCL competition in Fall 2017,” said faculty coach Bo Chen, assistant professor of computer science. “Congratulations to the RedTeam and John Claasen and Alex Larkin!”

Three teams and 21 players from Michigan Tech were involved this season, most of them with the RedTeam@MTU, a student organization which exists to promote a security-driven mindset among the student population, and to provide a community and resource for those wishing to learn more about information security.  The RedTeam is co-advised by Bo Chen and Yu Cai, professor in the College of Computing.

Students from hundreds of U.S. universities participated during the Fall 2019 NCL season, which comprised a week-long Preseason placement game, followed by a weekend Individual Game, and culminating in a weekend Team Game. A total of 689 teams and 4149 players  participated.

In addition, Michigan Tech ranks 11th among the top 100 colleges and universities in the “Team” Cyber Power Rankings, 51st in the Individual Rank, and 23rd in the Participation Rank. The Cyber Power Rankings were created by Cyber Skyline in partnership with the National Cyber League (NCL). The rankings represent the ability of students from these schools to perform real-world cybersecurity tasks on the Cyber Skyline platform, such as identify hackers from forensic data, pentest and audit vulnerable websites, recover from ransomware attacks, and more. Schools are ranked based on their top team performance, their top student’s individual performance, and the aggregate individual performance of their students. View the full ranking list at https://cyberskyline.com/data/power-ranking/fall-2019-national.

Founded in 2011 to provide an ongoing virtual training ground for participants to develop, practice, and validate their cybersecurity skills, the NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants played the games simultaneously during all of the Fall season games.

The NCL challenges are based on the CompTIA Security+™ and EC-Council Certified Ethical Hacker (CEH)™ performance-based exam objectives and include the following content: Open Source Intelligence, Scanning, Enumeration and Exploitation, Password Cracking, Traffic Analysis, Log Analysis, Wireless Security, Cryptography, and Web Application Security. Players of all levels can participate in the NCL games. Through easy, medium and hard challenges, students have multiple opportunities to excel.

Learn more about the NCL at: https://www.nationalcyberleague.org/.

Cyber Skyline Logo

Cyber Skyline is an immersive cloud platform on which to practice, develop, and measure technical cybersecurity skills. It is built for Incident Response Handlers, Security & Network Engineers, SOC Analysts, Software Engineers, Pentesters, and more. Visit the Cyber Skyline website at: https://cyberskyline.com.

Continue Reading


MEDC Cyber and Mobility Division Visits Michigan Tech

MEDC Logo

Michigan Tech’s ICC Center for Cybersecurity and the MTEC SmartZone hosted members of the Michigan Economic Development Corporation’s (MEDC’s) Cyber and Mobility division in Houghton, MI, on December 2, 2019.

The group’s visit included presentations by several Michigan Tech faculty who are conducting research in the cyber and mobility space, strategic economic development discussions highlighting Michigan Tech and the local community, and tours of selected Michigan Tech cyber and mobility labs, including GLRC, APS Labs, and the KRC.

The tour concluded with a talk to Michigan Tech students by Karl Heimer of the MEDC regarding information and student opportunities with MEDC-affiliated CyberAuto and CyberTruck competitions.

For more information, contact Associate Professor Guy Hembroff, director of the ICC Center for Cybersecurity and the Health Informatics graduate program.

Continue Reading


Guy Hembroff Invited Speaker at MedFuse ’19

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program,  and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, was an invited speaker at Medfuse ’19, held in Minneapolis, MN, on October 24, 2019. Hembroff’s presentation  was titled “Treating the patient holistically and securely.” He also served on the conference panel, “Internet of Medical Things (IoMT) Security.”

Presentation Abstract: We propose a holistic mHealth community model for residents to overcome significant barriers of care and improve coordinated patient health intervention by integrating multiple health and safety data sources through a mobile digital personal health library application. AI algorithms strategically connect residents to community resources and provide customized health education aimed at increasing the health literacy, empowerment, and self-management of the user. Users are able to securely share their health data with others (e.g. physicians, caregivers). Clinicians can better track patients offering improved preventative measures and care management. The architecture’s security includes a touchless biometric feature, capable of large-scale identity management using a novel fingerprint algorithm to establish a unique health identifier (UHID) for each individual, with the use of facial-recognition as a secondary form of validation prior to a user viewing patient data. Standard smartphones and web cameras are utilized in the identify management process where the application is installed.

The MedFuse conference focuses on advancing Medical IoT (IoMT) devices and exploring the future healthcare implications of Health Informatics.

Continue Reading


Guy Hembroff Presents Paper at MobiHealth 2019

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program,  and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, presented his paper, “The design of a holistic mHealth community library model and its impact on empowering rural America,” at MobiHealth 2019, the 8th EAI International Conference on Wireless Mobile Communication and Healthcare,  November 13-14, 2019, in Dublin, Ireland.

The objectives of the EAI International Conference on Wireless Mobile Communication and Healthcare are to advance medical diagnosis, treatment, patient care and patient safety through application of sensing technologies (e.g. Internet of Things IoT), mobile computing, and effective data management methodologies. Contributions will be solicited regarding the interdisciplinary design and application of relevant technologies to help provide advanced mobile health care applications and infrastructures. The essence of the conference lies in its interdisciplinary nature, with original contributions cutting across boundaries but all within the sphere of the application of mobile communications (e.g. technologies, international standards, new and existing solutions, methodologies) aiming at the betterment of patient care and patient safety. As such, the conference will have a multi-tier approach, going from wearable and Implantable Devices to ubiquitous patient monitoring environments (e.g. remote monitoring, healthcare surveillance and Public Health).

Continue Reading


Guy Hembroff Quoted in Article About Telehhealth

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program, and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, was quoted in the article, “Your virtual doctor is in,” published on November 20, 2019, in the online newspaper The Hill (the hill.com).

The article explores advances in telehealth services, areas for expansion, and barriers that remain for patients.

View the article here: https://thehill.com/changing-america/well-being/health-care/471165-your-virtual-doctor-is-in

The Hill is an American website, based in Washington, D.C. which began as a newspaper publisher in 1994. Focusing on politics, policy, business and international relations, The Hill coverage includes the U.S. Congress, the presidency, and election campaigns. On its website, The Hill describes its output as “nonpartisan reporting on the inner workings of Congress and the nexus of politics and business”. (Wikipedia)

Continue Reading


Bo Chen Weighs In on Identity Fraud in WalletHub Article

Bo Chen, Computer Science

Bo Chen (CS/CyberS) was featured in the article “2019’s States Most Vulnerable to Identity Theft & Fraud,” published October 16, 2019, in WalletHub.

Link to the article here:https://wallethub.com/edu/states-where-identity-theft-and-fraud-are-worst/17549/#expert=bo-chen

Based in Washington DC, WalletHub is the first-ever website to offer free credit scores and full credit reports that are updated on a daily basis. The company also hosts an artificially intelligent financial advisor that provides customized credit-improvement advice, personalized savings alerts, and 24/7 wallet surveillance, supplemented by reviews of financial products, professionals and companies.

Continue Reading


Bo Chen Receives $250K NSF Award for Mobile PDE Systems Research

Bo Chen, CS

Bo Chen, assistant professor of computer science and member of the Institute of Computing and Cybersystems Center for  Cybersecurity, is the principal investigator on a project that has received a $249,918 research and development grant from the National Science Foundation. The project is entitled, “SaTC: CORE: Small: Collaborative: Hardware-Assisted Plausibly Deniable System for Mobile Devices.” This is a potential three-year project.

Abstract: Mobile computing devices typically use encryption to protect sensitive information. However, traditional encryption systems used in mobile devices cannot defend against an active attacker who can force the mobile device owner to disclose the key used for decrypting the sensitive information. This is particularly of concern to dissident users who are targets of nation states. An example of this would be a human rights worker collecting evidence of untoward activities in a region of oppression or conflict and storing the same in an encrypted form on the mobile device, and then being coerced to disclose the decryption key by an official. Plausibly Deniable Encryption (PDE) has been proposed to defend against such adversaries who can coerce users into revealing the encrypted sensitive content. However, existing techniques suffer from several problems when used in flash-memory-based mobile devices, such as weak deniability because of the way read/write/erase operations are handled at the operating systems level and at the flash translation layer, various types of side channel attacks, and computation and power limitations of mobile devices. This project investigates a unique opportunity to develop an efficient (low-overhead) and effective (high-deniability) hardware-assisted PDE scheme on mainstream mobile devices that is robust against a multi snapshot adversary. The project includes significant curriculum development activities and outreach activities to K-12 students.

This project fundamentally advances the mobile PDE systems by leveraging existing hardware features such as flash translation layer (FTL) firmware and TrustZone to achieve a high deniability with a low overhead. Specifically, this project develops a PDE system with capabilities to: 1) defend against snapshot attacks using raw flash memory on mobile devices; and 2) eliminate side-channel attacks that compromise deniability; 3) be scalable to deploy on mainstream mobile devices; and 4) efficiently provide usable functions like fast mode switching. This project also develops novel teaching material on PDE and cybersecurity for K-12 students and the Regional Cybersecurity Education Collaboration (RCEC), a new educational partnership on cybersecurity in Michigan.

Publications related to this research:

[DSN ’18] Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices. The 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN ’18), June 2018 (Acceptance rate: 28%)
[Cybersecurity ’18] Qionglu Zhang, Shijie Jia, Bing Chang, Bo Chen. Ensuring Data Confidentiality via Plausibly Deniable Encryption and Secure Deletion – A Survey. Cybersecurity (2018) 1: 1.
[ComSec ’18 ] Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen Tao Zhu, Yingjiu Li, and Zhan Wang. User-Friendly Deniable Storage for Mobile Devices. Elsevier Computers & Security, vol. 72, pp. 163-174, January 2018
[CCS ’17] Shijie Jia, Luning Xia, Bo Chen, and Peng Liu. DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer. 2017 ACM Conference on Computer and Communications Security (CCS ’17), Dallas, Texas, USA, Oct 30 – Nov 3, 2017 (Acceptance rate: 18%)
[ACSAC ’15] Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. MobiPluto: File System Friendly Deniable Storage for Mobile Devices. 2015 Annual Computer Security Applications Conference (ACSAC ’15), Los Angeles, California, USA, December 2015 (Acceptance rate: 24.4%)
[ISC ’14] Xingjie Yu, Bo Chen, Zhan Wang, Bing Chang, Wen Tao Zhu, and Jiwu Jing. MobiHydra: Pragmatic and Multi-Level Plausibly Deniable Encryption Storage for Mobile Devices. The 17th Information Security Conference (ISC ’14), Hong Kong, China, Oct. 2014

Link to more information about this project: https://snp.cs.mtu.edu/research/index.html#pde

Continue Reading


GenCyber Camp for Teachers Garners Local Media Coverage

Michigan Tech hosted two week-long GenCyber camps this summer. The first, held June 17–21, 2019, hosted 30 local middle/high school students. The second camp, August 12–16, 2019, hosted 21 local K-12 teachers. Camp participants gained cybersecurity knowledge, understood correct and safe online behavior, and explored ways to deliver cybersecurity content in K-12 curricula.

A story about the GenCyber teacher camp was reported on August 16, 2019, by TV6: “GenCyber cyber security training camp comes to Michigan Tech” and on August 13, 2019, by the Keweenaw Report: “Teachers Learn How To Include Cybersecurity In Their Lessons.”

Learn more about the camps on the Institute of Computing and Cybersystems blog: https://blogs.mtu.edu/icc/2019/06/04/inspiring-the-next-generation-of-cyber-stars-2/.

Continue Reading


Bo Chen is PI of $200K NSF Research and Development Grant

Bo Chen (CS/CyberS) is Principal Investigator on a project that has received a $199,975 research and development grant from the National Science Foundation. The project is titled “EAGER: Enabling Secure Data Recovery for Mobile Devices Against Malicious Attacks.” This is a potential two-year project.

Abstract: Mainstream mobile computing devices like smart phones and tablets currently rely on remote backups for data recovery upon failures. For example, an iPhone periodically stores a recent snapshot to iCloud, and can get restored if needed. Such a commonly used “off-device” backup mechanism, however, suffers from a fundamental limitation that, the backup in the remote server is not always synchronized with data stored in the local device. Therefore, when a mobile device suffers from a malware attack, it can only be restored to a historical state using the remote backup, rather than the exact state right before the attack occurs. Data are extremely valuable for both organizations and individuals, and thus after the malware attack, it is of paramount importance to restore the data to the exact point (i.e., the corruption point) right before they are corrupted. This, however, is a challenging problem. The project addresses this problem in mobile devices and its outcome could benefit billions of mobile users.

A primary goal of the project is to enable recovery of mobile devices to the corruption point after malware attacks. The malware being considered is the OS-level malware which can compromise the OS and obtain the OS-level privilege. To achieve this goal, the project combines both the traditional off-device data recovery and a novel in-device data recovery. Especially, the following research activities are undertaken: 1) Designing a novel malware detector which runs in flash translation layer (FTL), a firmware layer staying between OS and flash memory hardware. The FTL-based malware detector ensures that data being committed to the remote server will not be tampered with by the OS-level malware. 2) Developing a novel approach which ensures that the OS-level malware is not able to corrupt data changes (i.e., delta) which have not yet been committed to the remote server. This is achieved by hiding the delta in the flash memory using flash storage’s special hardware features, i.e., out-of-place update and strong physical isolation. 3) Developing a user-friendly approach which can allow users to conveniently and efficiently retrieve the delta hidden in the flash memory for data recovery after malware attacks.

Link to an Unscripted article about related research at  https://www.mtu.edu/unscripted/stories/2018/march/how-to-speed-up-bare-metal-malware-analysis-and-better-protect-mobile-devices.html.

Continue Reading


Inspiring the Next Generation of Cyber Stars

Yu CaiGenCyber LogoBy Karen S. Johnson, ICC Communications Director

We live in a world where pretty much everything and everybody – individuals, companies, governments, critical infrastructure – are increasingly dependent on connected systems, networks and devices. And, as newspaper headlines reveal, those systems may be insecure and vulnerable to hackers.

“Nowadays, everybody is using computers, and more and more things are connected. That provides convenience, flexibility, a lot of great things, but it also opens the doors for hackers,” says Yu Cai, associate professor and program chair for the Computer Network and System Administration program at Michigan Technological University.

“The world has increasingly become a combination of the physical world and the cyber world,” Cai adds. “That’s why cybersecurity is important, because you want to protect yourself. As human beings, we evolved over thousands of years to take care of our security in the physical world. But in the cyber world, many don’t have a very good idea of how to protect themselves.”

Cai is principal investigator on two grant awards, each for about $85K, which are making possible two free, non-residential, week-long GenCyber summer camps on Michigan Tech’s campus. The first camp, for middle school and high school students, is the week of June 17. The second camp, for K-12 STEM teachers, is the week of August 12. Both camps and all learning materials are offered at no cost to camp participants. Each participant will receive a Raspberry Pi minicomputer. Breakfast and lunch are provided. For enrollment information, visit mtu.edu/gencyber.

Funded jointly by the National Security Agency (NSA) and the National Science Foundation (NSF), the goals of the nationwide GenCyber program are to increase interest in cybersecurity careers and diversity in the national cybersecurity workforce, help students understand correct and safe on-line behavior and how they can be good digital citizens, and improve teaching methods for delivery of cybersecurity content in K-12 curricula.

“This is part of our picture to make Michigan Tech a leader in cybersecurity research and education,” Cai says of this summer’s GenCyber camps. “We have other cybersecurity curriculum development grants that focus on college education, now we want to outreach to K through 12.”

In both camp sessions, participants will explore the world of cybersecurity through real-world case studies, hands-on learning activities and games, interactive lectures, career exploration, and field trips. Covered topics include safe online behavior, cyber ethics, fundamental computer and network knowledge, and cybersecurity career options and educational opportunities.

“We’ll also cover common vulnerabilities and weaknesses of computer systems, such as how hackers get into the systems, and how systems can be strengthened to defeat hackers against the hundreds of vulnerabilities,” Cai adds.

Tim Van Wagner, a lecturer at Michigan Tech and a co-PI on the grants, is the lead teacher for the camps. Cai and his other co-PIs—associate professor Guy Hembroff and assistant professor Bo Chen—will also present learning modules and assist with the camps.

K-12 pedagogical expertise in curriculum development was provided by Copper Country Intermediate School District (CCISD) staff members Emily Gochis, Director of the Region 16 MiSTEM Network, and Steve Kass, Educational Technologist.

“Steve and Emily provided a lot of input and suggestions regarding the camp curriculum and advised us in the best practices for teaching high school students,” Cai says, adding that they are also helping to promote the camps in local public schools.

Driving the curriculum are four principles: Learning by Storytelling, Learning by Doing, Learning by Gaming, and Learning by Teaching. Cai and his team will be assessing the effectiveness of these principles using several methods. The resulting research will be shared with the GenCyber program and the public.

The two grants are titled, “Innovative GenCyber Learning Experience for K-12 Teachers Through Storytelling + Teaching + Gaming + Doing” and “Innovative GenCyber Learning Experience for High School Students Through Storytelling + Teaching + Gaming + Doing.”

Continue Reading