Wednesday, November 30, 2016
Monday, November 28, 2016
The presenters and project names are:
- Xinwen Fu, New England Cybersecurity Operation and Research Center (CORE)
- James Joshi & Brian Stengel, SAC-PA: Towards Security Assured Cyberinfrastructure in Pennsylvania
- Jaroslav Flidr, Substrate for Cybersecurity Education; a Platform for Training, Research and Experimentation (SCEPTRE)
- Jill Gemmill, SouthEast SciEntific Cybersecurity for University REsearch (SouthEast SECURE)
More information about this presentation is on the event page.
Presentations are recorded and include time for questions with the audience.
Join CTSC's discuss mailing list for information about upcoming events. To submit topics or requests to present, contact us here. Archived presentations are available on our site under "Past Events."
New England Cybersecurity Operation and Research Center (CORE)
CORE Project Web Site
Presenter: Xinwen Fu (University of Massachusetts Lowell)
The New England Cybersecurity Operation and Research Center (CORE) is a collaboration between cybersecurity researchers and networking experts from the University of Massachusetts Lowell, and Information Technology (IT) support personnel and leadership from the Office of the President of University of Massachusetts (UMass), who work together to improve the security of under-resourced institutions in New England and providing a model of a regional approach to cybersecurity. The researchers have established an open cybersecurity program at UMass, which guides customers through a sequence of steps and selects security controls and technologies from both proprietary solutions and free open source solutions, considering the budget of the institution or enterprise that wants to protect their assets. This project also performs research on emerging threats, trends and defense based on the collected data.
SAC-PA: Towards Security Assured Cyberinfrastructure in PennsylvaniaPresenters: James Joshi & Brian Stengel (University of Pittsburgh)
Cybersecurity is a growing concern for individuals, communities, nations and the world. Increasing cyberattacks make cybersecurity a critical national security concern. Information technology provides tremendous opportunities to accelerate data-driven scientific research and education. Increasing cybersecurity problems can adversely impact the research and its economic and social benefits if our cyberinfrastructure that supports scientific research and education is not well protected. Beyond innovative cybersecurity solutions, it is critical to establish structured and effective practices and better collaboration among various stakeholders to share cybersecurity resources, expertise and information. This project focuses on establishing a regional collaboration and partnership within the state of Pennsylvania, referred to as SAC-PA. SAC-PA will provide critical support to smaller academic institutions (schools and colleges, etc.) including resource constrained regional institutions that serve under-represented groups, females and high school teachers and students. It will establish a collaboration and partnership framework to enable concerted activities promoting the use of effective cybersecurity techniques and practice of security-assured cyberinfrastructure. While enhancing the cybersecurity posture of PA, SAC-PA will provide a regional cybersecurity collaboration and partnership model that can be adopted by other regions, or be extended for national level collaborations. The SAC-PA project will include participation from the public-private sectors and academic institutions in PA in the following key activities: (i) developing and delivering three regional workshops in Pittsburgh to bring together various regional stakeholders from scientific research related communities with cyberinfrastructure or cybersecurity resources to better understand the regional capabilities; explore existing and emerging cybersecurity challenges/solutions; and devise collaboration and partnerships to enable concerted cybersecurity activities to promote the use of effective cybersecurity techniques and practices; (ii) collaboratively developing training/awareness materials based on the needs and capabilities identified in the workshops, and sharing these extensively with regional partners and beyond through various channels; and (iii) establishing regional partnerships and a shared repository of cybersecurity resources/capabilities to facilitate collaborative and concerted efforts towards protecting scientific cyberinfrastructures.
Substrate for Cybersecurity Education; a Platform for Training, Research and Experimentation (SCEPTRE)Presenter: Jaroslav Flidr (The George Washington University)
In collaboration with the Michigan Cyber Range (MCR) facility operated by Merit Network, and the Cyber Academy operated by the College of Professional Studies (CPS) at the George Washington University, the project proposes to establish and deploy an open and flexible technology platform for broad-context cybersecurity education and hands-on training. Initially, the platform will be used in developing and delivering a credit bearing Practicum (2 credit hours) that addresses “Intrusion Detection and Remediation.” The course will be transferable toward the undergraduate certificate in Protection and Defense of Computer Networks, which is part of the Bachelor’s degree completion in cybersecurity. The practicum is a hands-on training that will cover a broad range of network intrusion, prevention, and detection techniques such as implementation and testing of IDS security plans, security monitoring, intrusion detection, alarm management, analysis of events and trends, and vulnerability management. The program will utilize a high-performance, flexible environment built on Cisco’s UCS hardware platform with a modified OpenStack framework. This multi-tenant system, originally developed under an NSF grant, will facilitate the full integration of the Cyber Academy with the MCR resources. Thanks to its virtual nature and its tight coupling with physical cyberinfrastructure components such as HPC, cluster storage arrays, public and private clouds, 100G optical networks, and a wide variety of SDN technologies, the system will be able to deploy nearly any cybersecurity scenario, on demand. The program will start enrolling students immediately after making the platform operational.
Collaborative Research: CICI: Regional: SouthEast SciEntific Cybersecurity for University REsearch (SouthEast SECURE)Presenter: Jill Gemmill (Clemson)
The SouthEast SciEntific Cybersecurity for University REsearch (SECURE) project helps protect the National Science Foundation's investments in scientific research while providing scientists with tools to safeguard intellectual property and ensure data integrity. The project team provides education, training, and selected cybersecurity services to NSF-funded researchers across the Southeast. The team is multidisciplinary, comprised of cybersecurity experts (both research and practitioner), scientists, and experts in communication. Team members are located in South Carolina, Alabama and Mississippi, with strong representation from Historically Black Colleges and Universities (HBCU). This program raises investigators' awareness of their essential role in creating a secure and trustworthy cyberspace and offers concrete assistance in risk assessment, vulnerability testing, and mitigation tailored to NSF-funded scientists? workflow and program size. Through past collaborations, the team is well positioned to leverage both national and regional cybersecurity organizations and programs to effectively reach the target audience.
SouthEast SECURE impacts the region by raising cybersecurity awareness; providing concise training, assessment, tools and one-on-one help; and assisting in preparation of select cybersecurity metrics. Student interns are conducting many of these activities by means of practicum-based deployment and support, thus developing capabilities in the next generation of cyber professionals. An online survey of NSF-funded investigators in the region will be conducted to learn about their primary cybersecurity challenges and concerns. Training is then tailored to provide concrete and practical assistance in how to do right-sized risk assessment and mitigation. A "toolkit" is provided to test and validate local cybersecurity, and measures of cybersecurity are created and field-tested. The team's approach facilitates communication between research faculty and university IT/Data Security staff. A long-term goal is building communities with common interests in cybersecurity and a commitment to helping others; and building connections with other regions and with national centers and programs.
Wednesday, November 16, 2016
Science gateways help expand and broaden participation in science - research and education, by providing user-friendly interfaces to computing, data, networking and scientific instrumentation. The goal of the SGCI is to speed the development and application of robust, cost-effective, sustainable gateways and address the needs of scientists and engineers. Within the five-component design of SGCI, CTSC will formally be part of the Incubator component and will focus on security education for gateway software developers and operators.
To learn more about CTSC’s training, including Secure Software Engineering Best Practices, visit: http://trustedci.org/trainingmaterials/
To apply for a one-on-one engagement with CTSC, visit http://trustedci.org/application/
Monday, November 14, 2016
I told the story of how NTP had become a liability not just to the science projects that depend on accurate time, but to the internet as a whole. CTSC had a chance to make a difference in a failing system by partnering with nonprofit ICEI in a short, intense intervention. About a year later the work we made possible has been carried on by others. The NTP Security Project (NTPSec) has taken the lead, resulting in a new life for this critical infrastructure:
- NTPSec's code base is down to 75kloc (75,000 lines of code) from the original 227klok. That 2/3 reduction in attack surface has paid off: NTPSec has been immune to about half of old NTP's vulnerabilities before discovery, and 84% in the past year.
- NTPSec's code is now stored in a standard git repository, accessible to all. Its documentation has been brought up to date, and the project has begun onboarding and training new developers.
- NTPSec's success has helped increase awareness of critical infrastructure in need, and made fixing it approachable. Recent articles by Brady Dale of the NY Observer and the (in)famous Cory Doctorow helped spread the story.