Category: CyberS

More Achievements for MTU RedTeam

The MTU RedTeam ranked 13th out of 162 teams in a recent 24-hour Cybar OSINT Capture The Flag (CTF) cybersecurity competition. The team finished tied for 5th place, having completed all the challenges presented by the competition.

Students on the team were Trevor Hornsby (Software Engineering), Shane Hoppe (Computer Science), Matthew Chau (Cybersecurity), Steven Whitaker (Electrical Engineering), and Sankalp Shastry (Electrical Engineering).

Professor Yu Cai, Applied Computing, and Assistant Professor Bo Chen, Computer Science, are advisor and co-advisor of RedTeam, respectively. Both are members of the ICC’s Center for Cybersecurity.

RedTeam promotes a security-driven mindset among Michigan Tech students and provides a community and resource for those wishing to learn more about information security. The RedTeam competes in National Cyber League (NCL) competitions, a great way for students to gain competency in cybersecurity tools and boost their resumes.

RedTeam is on Slack at mturedteam.slack.com. Interested students can sign up with a Michigan Tech email. View past RedTeam presentations here.

This OSINT CTF is non-theoretical and contestants work in teams of up to four members to crowdsource the collection of OSINT to assist law enforcement in generating new leads on missing persons.

The contest runs as a Capture the Flag (CTF) format where contestants must collect various “flags” which equate to points. Since the each flag submitted is treated as potential “net new intelligence”, Trace Labs has a team of volunteers known as “Judges” who validate each submission and award points if the flag meets the category requirements. At the end of each CTF, the team with the most points on the scoreboard wins.

Bo Chen, Grad Students Present Posters at Security Symposium

College of Computing Assistant Professor Bo Chen, Computer Science, and his graduate students presented two posters at the 41st IEEE Symposium on Security and Privacy, which took place online May 18 to 21, 2020.

Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

Chen leads the Security and Privacy (SnP) lab at Michigan Tech. He is a member of Michigan Tech’s Institute of Computing and Cybersystems (ICC) Center for Cybersecurity (CyberS).

Chen’s research focuses on applied cryptography and data security and he investigates novel techniques to protect sensitive data in mobile devices/flash storage media and cloud infrastructures. Chen is also interested in designing novel techniques to ensure security and privacy of big data.

Chen will serve as general chair for the First EAI International Conference on Applied Cryptography in Computer and Communications (AC3), which will be held in Xiamen, China, in May 2021.

Visit Bo Chen’s faculty webpage here.

Poster: A Secure Plausibly Deniable System for Mobile Devices against Multi-snapshot Adversaries
Authors: Bo Chen, Niusen Chen
Abstract: Mobile computing devices have been used broadly to store, manage and process critical data. To protect confidentiality of stored data, major mobile operating systems provide full disk encryption, which relies on traditional encryption and requires keeping the decryption keys secret. This however, may not be true as an active attacker may coerce victims for decryption keys. Plausibly deniable encryption (PDE) can defend against such a coercive attacker by disguising the secret keys with decoy keys. Leveraging concept of PDE, various PDE systems have been built for mobile devices. However, a practical PDE system is still missing which can be compatible with mainstream mobile devices and, meanwhile, remains secure when facing a strong multi- snapshot adversary. This work fills this gap by designing the first mobile PDE system against the multi-snapshot adversaries.

Poster: Incorporating Malware Detection into Flash Translation Layer
Authors: Wen Xie, Niusen Chen, Bo Chen
Abstract: OS-level malware may compromise OS and obtain root privilege. Detecting this type of strong malware is challeng- ing, since it can easily hide its intrusion behaviors or even subvert the malware detection software (or malware detector). Having observed that flash storage devices have been used broadly by computing devices today, we propose to move the malware detector to the flash translation layer (FTL), located inside a flash storage device. Due to physical isolation provided by the FTL, the OS-level malware can neither subvert our malware detector, nor hide its access behaviors from our malware detector.

The 41st IEEE Symposium on Security and Privacy was sponsored by the IEEE Computer Society Technical Committee on Security and Privacy in cooperation with the International Association for Cryptologic Research. The Symposium was May 18-20, 2020, and the Security and Privacy Workshops were May 21, 2020.

Computing Awards COVID-19 Research Seed Grants

Michigan Tech College of Computing

The College of Computing is pleased to announce that it has awarded five faculty seed grants, which will provide immediate funding in support of research projects addressing critical needs during the current global pandemic.

Tim Havens, College of Computing associate dean for research, said that the faculty seed grants will enable progress in new research that has the potential to make an impact on the current research. Additional details will be shared soon.

Congratulations to the winning teams!

Guy Hembroff (AC, HI): “Development of a Novel Hospital Use Resource Prediction Model to Improve Local Community Pandemic Disaster Planning”

Leo Ureel (CS) and Charles Wallace (CS): “Classroom Cyber-Physical Simulation of Disease Transmission”

Bo Chen (CS): “Mobile Devices Can Help Mitigate Spreading of Coronavirus”

Nathir Rawashdeh (AC, MERET): “A Tele-Operated Mobile Robot for Sterilizing Indoor Space Using UV Light” (A special thanks to Paul Williams, who’s generous gift to support AI and robotics research made this grant possible)

Weihua Zhou (AC, HI) and Jinshan Tang (AC, MERET): “KD4COVID19: An Open Research Platform Using Feature Engineering and Machine Learning for Knowledge Discovery and Risk Stratification of COVID-19″

ROTC Cybersecurity Training for Tomorrow’s Officers

The U.S. Department of Defense, Office of Naval Research, has awarded Michigan Tech faculty researchers a $249,000 grant that supports the creation of an ROTC undergraduate science and engineering research program at Michigan Tech. The primary goal of the program is to supply prepared cadets to all military branches to serve as officers in Cyber commands.

The principal investigator (PI) of the project is Andrew Barnard, Mechanical Engineering-Engineering Mechanics. Co-PIs are Timothy Havens, College of Computing; Laura Brown , Computer Science, and Yu Cai, Applied Computing. The title of the project is, “Defending the Nation’s Digital Frontier: Cybersecurity Training for Tomorrow’s Officers.”

The curriculum will be developed over the summer, and instruction associated with the award will begin in the fall 2020 semester. Cadets interested in joining the new program are urged to contact Andrew Barnard.

Initially, the program will focus on topics in cybersecurity, machine learning and artificial intelligence, data science, and remote sensing systems, all critical to the The Naval Science and Technology (S&T) Strategic Plan and the Navy’s Force of the Future, and with equal relevance in all branches of the armed forces.

The plan of work focuses on on engaging ROTC students in current and on-going Cyber research, and supports recruitment of young ROTC engineers and scientists to serve in Navy cybersecurity and cyber-systems commands. The program will compel cadets to seek positions within Cyber commands upon graduation, or pursue graduate research in Cyber fields.

“Our approach develops paid, research-based instruction for ROTC students through the existing Michigan Tech Strategic Education Naval Systems Experiences (SENSE) program,” said principal investigator Andrew Barnard, “ROTC students will receive one academic year of instruction in four Cyber domains: cybersecurity, machine learning and artificial intelligence (ML/AI), data science, and remote sensing systems.”

Barnard says the cohort-based program will enrich student learning through deep shared research experiences. He says the program will be designed with flexibility and agility in mind to quickly adapt to new and emerging Navy science and technology needs in the Cyber domain. 

Placement of officers in Cyber commands is of critical long-term importance to the Navy (and other DoD branches) in maintaining technological superiority, says the award abstract, noting that technological superiority directly influences the capability and safety of the warfighter.

Also closely involved in the project are Michigan Tech Air Force and Army ROTC officers Lt. Col. John O’Kane and LTC Christian Thompson, respectively.

“Unfortunately, many ROTC cadets are either unaware of Cyber related careers, or are unprepared for problems facing Cyber officers,” said Lt. Col. O’Kane. “This proposal aims to provide a steady flow of highly motivated and trained uniformed officers to the armed-services, capable of supporting the warfighter on day-one.”

Andrew Barnard is director of Michigan Tech’s Great Lakes Research Center, an associate professor of Mechanical Engineering-Engineering Mechanics, and faculty advisor to the SENSE Enterprise.

Tim Havens is director of the Institute of Computing and Cybersystems, associate dean for research, College of Computing, and the William and Gloria Jackson Associate Professor of Computer Systems.

Laura Brown is an associate professor, Computer Science, director of the Data Science graduate program, and a member of the ICC’s Center for Data Sciences.

Yu Cai is a professor of Applied Computing, an affiliated professor of Computational Science and Engineering, a member of the ICC’s Center for Cybersecurity, and faculty advisor for the Red Team, which competes in the National Cyber League (NCL).

The Great Lakes Research Center (GLRC) provides state-of-the-art laboratories to support research on a broad array of topics. Faculty members from many departments across Michigan Technological University’s campus collaborate on interdisciplinary research, ranging from air–water interactions to biogeochemistry to food web relationships.

The Army and Air Force have active ROTC programs on Michigan Tech’s campus.

The Office of Naval Research (ONR) coordinates, executes, and promotes the science and technology programs of the United States Navy and Marine Corps.

Guy Hembroff Awarded CCISD Contract for CTE Cybersecurity Course

Guy Hembroff, associate professor, CMH Division, and director of the Health Informatics graduate program and the Institute of Computing and Cybersystem’s Center for Cybersecurity, is the principal investigator on a one-year project that has been awarded a $40,000 contract from the Copper Country Intermediate School District (CCISD). The project is titled “Cybersecurity Course for Career and Technical Education (CTE) Program.”

The CCISD CTE program provides courses and labs to high school-age students from Baraga, Houghton, and Keweenaw counties. It is intended to provide the academic background, technical ability, and work experience that today’s youth will need to succeed in today’s changing job market.

The contract funds instructor time, use of facilities, labs, and equipment, and materials and supplies. Student enrolled in the program meet on Michigan Tech’s campus for two hours per day, Monday through Friday, from September to May. 

The CTE Cybersecurity course covers topics including security architecture, cryptographic systems, security protocols, and security management tools. Students also learn about virus and worm propagation, malicious software scanning, cryptographic tools, intrusion detection, DoS, firewalls, best practices, and policy management.

Learn more about the CCISD CTE program at: https://www.copperisd.org/career-technical-education.

Congratulations, RedTeam@MTU!

National Cyber League Logo

RedTeam@MTU, one of Michigan Tech’s National Cyber League (NCL) teams, placed 8th out of 689 teams in the recent NCL Fall 2019 cyber competition team game. The team consists of seven College of Computing undergraduate and graduate students: Alexander Larkin, John Claassen, Jack Bergman, Jon Preuth, Trevor Hornsby, Shane Hoppe, and Matthew Chau. In addition, two RedTeam@MTU team members ranked in the top 100 out of 4149 players in the individual game: John Claassen (67th) and Alex Larkin (70th).

“This is a breakthrough since first joining the NCL competition in Fall 2017,” said faculty coach Bo Chen, assistant professor of computer science. “Congratulations to the RedTeam and John Claasen and Alex Larkin!”

Three teams and 21 players from Michigan Tech were involved this season, most of them with the RedTeam@MTU, a student organization which exists to promote a security-driven mindset among the student population, and to provide a community and resource for those wishing to learn more about information security.  The RedTeam is co-advised by Bo Chen and Yu Cai, professor in the College of Computing.

Students from hundreds of U.S. universities participated during the Fall 2019 NCL season, which comprised a week-long Preseason placement game, followed by a weekend Individual Game, and culminating in a weekend Team Game. A total of 689 teams and 4149 players  participated.

In addition, Michigan Tech ranks 11th among the top 100 colleges and universities in the “Team” Cyber Power Rankings, 51st in the Individual Rank, and 23rd in the Participation Rank. The Cyber Power Rankings were created by Cyber Skyline in partnership with the National Cyber League (NCL). The rankings represent the ability of students from these schools to perform real-world cybersecurity tasks on the Cyber Skyline platform, such as identify hackers from forensic data, pentest and audit vulnerable websites, recover from ransomware attacks, and more. Schools are ranked based on their top team performance, their top student’s individual performance, and the aggregate individual performance of their students. View the full ranking list at https://cyberskyline.com/data/power-ranking/fall-2019-national.

Founded in 2011 to provide an ongoing virtual training ground for participants to develop, practice, and validate their cybersecurity skills, the NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants played the games simultaneously during all of the Fall season games.

The NCL challenges are based on the CompTIA Security+™ and EC-Council Certified Ethical Hacker (CEH)™ performance-based exam objectives and include the following content: Open Source Intelligence, Scanning, Enumeration and Exploitation, Password Cracking, Traffic Analysis, Log Analysis, Wireless Security, Cryptography, and Web Application Security. Players of all levels can participate in the NCL games. Through easy, medium and hard challenges, students have multiple opportunities to excel.

Learn more about the NCL at: https://www.nationalcyberleague.org/.

Cyber Skyline Logo

Cyber Skyline is an immersive cloud platform on which to practice, develop, and measure technical cybersecurity skills. It is built for Incident Response Handlers, Security & Network Engineers, SOC Analysts, Software Engineers, Pentesters, and more. Visit the Cyber Skyline website at: https://cyberskyline.com.

MEDC Cyber and Mobility Division Visits Michigan Tech

MEDC Logo

Michigan Tech’s ICC Center for Cybersecurity and the MTEC SmartZone hosted members of the Michigan Economic Development Corporation’s (MEDC’s) Cyber and Mobility division in Houghton, MI, on December 2, 2019.

The group’s visit included presentations by several Michigan Tech faculty who are conducting research in the cyber and mobility space, strategic economic development discussions highlighting Michigan Tech and the local community, and tours of selected Michigan Tech cyber and mobility labs, including GLRC, APS Labs, and the KRC.

The tour concluded with a talk to Michigan Tech students by Karl Heimer of the MEDC regarding information and student opportunities with MEDC-affiliated CyberAuto and CyberTruck competitions.

For more information, contact Associate Professor Guy Hembroff, director of the ICC Center for Cybersecurity and the Health Informatics graduate program.

Guy Hembroff Invited Speaker at MedFuse ’19

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program,  and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, was an invited speaker at Medfuse ’19, held in Minneapolis, MN, on October 24, 2019. Hembroff’s presentation  was titled “Treating the patient holistically and securely.” He also served on the conference panel, “Internet of Medical Things (IoMT) Security.”

Presentation Abstract: We propose a holistic mHealth community model for residents to overcome significant barriers of care and improve coordinated patient health intervention by integrating multiple health and safety data sources through a mobile digital personal health library application. AI algorithms strategically connect residents to community resources and provide customized health education aimed at increasing the health literacy, empowerment, and self-management of the user. Users are able to securely share their health data with others (e.g. physicians, caregivers). Clinicians can better track patients offering improved preventative measures and care management. The architecture’s security includes a touchless biometric feature, capable of large-scale identity management using a novel fingerprint algorithm to establish a unique health identifier (UHID) for each individual, with the use of facial-recognition as a secondary form of validation prior to a user viewing patient data. Standard smartphones and web cameras are utilized in the identify management process where the application is installed.

The MedFuse conference focuses on advancing Medical IoT (IoMT) devices and exploring the future healthcare implications of Health Informatics.

 

Guy Hembroff Presents Paper at MobiHealth 2019

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program,  and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, presented his paper, “The design of a holistic mHealth community library model and its impact on empowering rural America,” at MobiHealth 2019, the 8th EAI International Conference on Wireless Mobile Communication and Healthcare,  November 13-14, 2019, in Dublin, Ireland.

The objectives of the EAI International Conference on Wireless Mobile Communication and Healthcare are to advance medical diagnosis, treatment, patient care and patient safety through application of sensing technologies (e.g. Internet of Things IoT), mobile computing, and effective data management methodologies. Contributions will be solicited regarding the interdisciplinary design and application of relevant technologies to help provide advanced mobile health care applications and infrastructures. The essence of the conference lies in its interdisciplinary nature, with original contributions cutting across boundaries but all within the sphere of the application of mobile communications (e.g. technologies, international standards, new and existing solutions, methodologies) aiming at the betterment of patient care and patient safety. As such, the conference will have a multi-tier approach, going from wearable and Implantable Devices to ubiquitous patient monitoring environments (e.g. remote monitoring, healthcare surveillance and Public Health).

Guy Hembroff Quoted in Article About Telehhealth

Guy Hembroff

Guy Hembroff, College of Computing associate professor, director of the Health Informatics graduate program, and director of the Institute of Computing and Cybersystem’s Center for Cybersecurity, was quoted in the article, “Your virtual doctor is in,” published on November 20, 2019, in the online newspaper The Hill (the hill.com).

The article explores advances in telehealth services, areas for expansion, and barriers that remain for patients.

View the article here: https://thehill.com/changing-america/well-being/health-care/471165-your-virtual-doctor-is-in

The Hill is an American website, based in Washington, D.C. which began as a newspaper publisher in 1994. Focusing on politics, policy, business and international relations, The Hill coverage includes the U.S. Congress, the presidency, and election campaigns. On its website, The Hill describes its output as “nonpartisan reporting on the inner workings of Congress and the nexus of politics and business”. (Wikipedia)