The Spring 2016 CNY Hackathon talks will begin at 4:00PM on Friday April 22nd in the Frank E. Gannett Memorial Library concourse. We have four speakers lined up for this semester! Their talks abstracts and bios are listed below.
Aravind Prakash (Binghamton University)
Attacks compromise intended program behavior. Control-Flow Integrity (CFI) is an important security property that needs to be enforced to prevent control-flow hijacking attacks. Recent attacks have demonstrated that existing CFI protections for COTS binaries are too permissive, and vulnerable to sophisticated code reusing attacks. Accounting for control flow restrictions imposed at higher levels of semantics is key to increasing CFI precision. Particularly, virtual function calls in C++ is a popular target for control subversion attacks. C++ compilers utilize virtual tables (VTables) to accomplish virtual function calls. This presentation will first present an overview of state-of-the-art in attacks and defenses followed by our work codenamed vfGuard. Given a C++ binary, vfGuard (1) identifies the virtual function callsites and (2) recovers VTables in the program to provide a strict integrity policy. The policies constructed by vfGuard are sound and over 95% more precise when compared to state-of-the-art binary-only control-flow integrity solutions. Our experiments show an average runtime overhead of 18.3%.
Aravind Prakash is an assistant professor at Binghamton university. Before joining Binghamton, he earned his Ph.D. from Syracuse University in 2015. His research spans multiple areas of computer and mobile security with emphasis on binary analysis. Along with academic research experience, Aravind brings with him, over a decade of software programming experience.
Brian Millar & Daniel Spier (M.A. Polce Consulting, Inc.)
This talk will provide students with insight into a specific element of defenses they may face when conducting penetration tests. We will demonstrate how defenders utilize information gathered by Cisco ASAs with FirePOWER Services to detect and respond to intrusion attempts. Knowing the perspective of the “blue team” will allow students to understand how their methods may – or may not – be discovered during assessment scenarios.
Brian Millar is the manager of Information Security at M.A. Polce Consulting, Inc. and a recognized expert in networking and security. Prior to joining M. A. Polce Consulting, he gained over 20 years of experience in research and development of network solutions working for government contractors such as Rome Research Corporation, Northrup Grumman and Booze Allen Hamilton. These companies maintained contracts with Rome Labs where he designed and implemented research networks for the US Air Force that are used to develop new protocols for use in tactical networks. In addition, Brian has also worked within the Health Care and Telecommunications industries, where he successfully managed critical operational networks. Brian brings much experience and expertise to M. A. Polce Consulting and is a highly regarded expert in the design and implementation of secure networks. Brian is a Certified Information Systems Security Professional, (CISSP) and also possesses certifications in Countermeasures, Ethical Hacking (CEHv6), Security+ and Cisco Certified Network Associate (CCNA). Brian is a Clarkson graduate and holds a Bachelor of Science degree in Computer Science with a Technical Communications concentration.
Daniel Spier is a Network Security Engineer who joined M.A. Polce Consulting full-time after graduating from SUNY Polytechnic Institute in May 2015. He holds a Bachelor of Science degree in Network and Computer Security with a minor in Computer Science. Dan served as vice president of SUNY Polytechnic’s Network and Computer Security Club, during which time he participated in several cyber security competitions and conferences. Notably, he has acted as a team captain at several CNY Hackathon events. Dan possesses certification as a Cisco Certified Networking Associate (CCNA), and also as a Cisco Next-Generation Firewall Representative for his knowledge of Cisco firewalls and intrusion prevention systems.
Rick Gloo (Assured Information Security)
Virtual Machine introspection (VMI) provides a means to observe and actuate events within virtualized guest workstations. This talk will outline current research and development currently being conducted by AIS (www.ainfosec.com) to introduce host based defenses within the target workstation environment via VMI interfaces. Within the talk the team will outline the foundational capabilities (see IntroVirt here) for introducing defenses and inconsistencies to thwart an attacker within a computer system. We will also discuss how these techniques will manifest themselves within target systems during the hackathon exercise. In other words, these boxes fight back, choose your methods and techniques wisely!
Mr. Gloo is employed at Assured Information Security, Inc. of Rome, New York since 2005. He has led advanced research and development efforts in the cybersecurity domain. His expertise is focused on software development in the areas of digital forensics, steganography, data leakage prevention, reverse engineering, vulnerability assessment, network security monitoring, and 802.11 wireless security. Mr. Gloo holds a patent (US # 8,098,155) for a system and method for locating a target wireless device. Mr. Gloo received his B.S. degree in Computer Science in 2003 and an M.S. in Telecommunications in 2005 from SUNY Institute of Technology. Mr. Gloo is also a graduate of the
Utica College Master’s degree program in Cybersecurity – Intelligence and Forensics. Mr. Gloo has taught courses at Utica College and MVCC in computer security principles, Windows security, Linux security, vulnerability assessment, and digital forensics.
Tim Singletary (Harris Critical Networks)
“So you want to be a Pentester and work in Security?”
In this session Tim will talk about his 20+ years of experience working in security, from pulling coaxial under a dirty government building in Wiesbaden, Germany, creating fake badges with a color printer and many layers of packing tape to enter a secure government facility, teaching the Ultimate Hacking course at Black Hat, and being contributing author to “Evolution of Cyber Society and Conflicts to 2035: Rise of Disruptive Innovation.”
He will discuss the things you should expect to see as you embark on your new cyber career that hopefully will help guide you in the direction that you would like to pursue in the realm of the many facets of cyber security.
Tim has over 20 years of experience in the analysis, design and management of information system security. Some of Tim’s extensive experience is with the US Army Regional Computer Emergency Response Team (RCERT-Europe), the US Air Force Research Laboratory (AFRL) in Rome, New York, and several large Fortune 500 companies. Tim has also authored several advanced technical courses including Active-Defense Enterprise Network course, Foundstone™ Ultimate Hacking, Certified Information Systems Security Professional course, as well as custom courses for clients.
In 2016 Tim was a speaker at OILCOMM, one of the largest Oil and Energy sector conventions discussing cyber security issues those industries are facing. Tim was also one of the member panelists at Satellite 2016 discussing the state of security for SATCOM, and MPLS networks, answering questions from industry and attendees.
Tim was a contributing author of “Evolution of Cyber Technologies and Operations to 2035”, edited by Dr. Misty Blowers from the Air Force Research Laboratory in Rome, New York. Tim’s current work with the Harris Corporation as Business Area Manager, Cyber Security Programs, unique perspective on the DarkNet and underground hacker networks made him the perfect choice to author that chapter for AFRL.
Tim recently was a presenter and speaker at the New York Metro Joint Cyber Security Conference. Tim often speaks and presents at various security related events including several ISACA events annually for the past several years.
Tim has provided training and security seminars for many corporations worldwide including several well-known organizations: Intel Inc., Stanford University, Notre Dame University, Johns Hopkins University, and Internet Security Systems. Tim has also instructed at Blackhat™, the premier hacking event held annually in Las Vegas, Nevada.
Tim was recognized as having taught more Certified Ethical Hacker courses in 2006 than any other C|EI™ certified instructor, with a 94% pass rate and was the featured instructor in Nikkei Trendy magazine as instructing the hottest certification track in the USA. He was also on the design team as an independent security consultant that developed the CompTIA Security+ Certification.