We are pleased to provide information below about our upcoming workshop 'Security Technology - Information Warfare & Computer Forensics' being conducted at the Grand Hyatt Muscat on 26th - 29th November 2006.

Should you require any further information we would be delighted to provide it.

We look forward to hearing from you.

Thanking you and assuring you of our best attention at all times.

Best regards,

Nick Hadjiyiannis

Precept Management Consultancy

Tel. +968 24497222 & +968 24539853

Fax +968 24540420

Mobile +968 99312451

E-Mail precept@omantel.net.om

Website www.preceptmanagement.com

SECURITY TECHNOLOGY

Information Warfare & Computer Forensics

WHY NEEDED

Computers and other digital electronic equipments are increasingly being used in the commission of modern crimes, with criminals often using sophisticated measures to hide evidence. With computer systems and networks now controlling highly critical infrastrcutures it is essential that information is proetcted and mechanisms are in place to prevent, detect and investigate potential security breaches.

DATES & VENUE

Ų Duration: Four Days, 26^th - 29^th November 2006, 8:30 am - 5 pm;

Ų Fees: R.O. 785 (including course materials, lunch & breaks at the venue);

Ų Venue: Grand Hyatt Muscat;

Ų Presenter: Dr. Malcolm Shore.

WHO SHOULD PARTICIPATE

The primary objective of the workshop is to provide those wishing to understand cryptographic techniques, starting work in the forensic area, and those tasked with protecting the critical infrastructure with a detailed understanding of the field of security technology. The course will also provide experienced analysts with up to date information on forensic techniques and technologies.

OBJECTIVE

This course is designed to provide a detailed insight into how networks and critical infrastructures are attacked, how data is protected through the use of advanced cryptography, and the use of forensic techniques to investigate crime.

To register, please click here

THE WORKSHOP

Day 1

Module	Topic	Objectives
CyberCrime	History	This describes the history of cybercrime and hacking, and some contemporary cases
	Motivation	Flow theory and an advanced model of cyber crime
	Computer Law	This topic covers the main points of computer law from various countries

Principals of Information Warfare	RMA	A description of the revolution in military affairs that occurred with the use of information technology, and the next revolution that is occurring in which information and information systems are targets and the US seek Information Superiority
	ELIGIBLE RECEIVER	A description of the ELIGIBLE RECIEVER exercise that was run in the US and which demonstrated the vulnerability of contemporary US military and infrastructural systems
	SOLAR SUNRISE	Video: SOLAR SUNRISE attack
Defensive Information Operations	GIG	The aims and objectives of the Global Information Infrastructure
	IA	The shift of Information Security to Information Assurance
	Hardening	Techniques used to harden hardware and software against attacks, and contemporary trusted systems processes
	Operational Security	Principles of operations security and information indicators
	Certification and Accreditation	Procedures for certification of classified systems and the accreditation processes to verify their integrity
Offensive Information Operations	Mapping	The process of charting the operational environment and identifying the location of target systems. Practical use of scanning systems
	Operational Planning	Procedures for establishing the operational plan and running computer network attacks
	IO Weapons	The various forms of weapons used against information systems, including cyber weapons. Matching vulnerabilities to targets
	Information Imperialism	The issues related to control of sources of information and information systems and communications paths. Techniques used to deny or subvert information technology
Signals and Cryptology	Communications	Forms of communication and their susceptibility to interception
	Cryptology	The issues related to the use of cryptography to protect information, and methods of defeating cryptographic protection.

Day 2

Module	Topic	Objectives
Introduction to Cryptography	Manual Ciphers	The beginnings of cryptography through examination of a range of historical manual ciphers systems
	Enigma	The design of the WWII German cryptography device and the effort applied to break the ciphers
Programming and the IDE	Basic Operations	An introduction to the IAR integrated development environment and its use, and the basic operations of the ARM assembler, with practical exercises
	Logic Programming	Additional coding structures used to implement the various logic operations used in cryptographic algorithms, with practical exercises
	Integer Maths	The techniques, functions and instructions used to implement fast long integer modulus mathematics, with practical exercises
Block Ciphers	AES	A full description and practical exercises for the Advanced Encryption System and its implementation with 128, 192, and 256 bit keys
	Key Expansion	Practical exercise in writing the AES key expansion routine
	AES Variants	Use of different tables and parameters to create different variants of the AES algorithm, and a review of the security implications of these
	IDEA	A full description of the public domain IDEA algorithm as used in PGP
Stream Ciphers	LFSR	A description of linear feedback shift registers as used to build stream ciphers. Includes description of contemporary T-Functions and practical exercises
	A5	Full description of the GSM A5 algorithm and its implementation as a practical exercise
	Modes of Operation	The use of different modes of operation to convert a block cipher into a steam cipher. Covers OFB, CBC, CFB, OCFB and Counter modes. Practical implementation of CFB8
	LCG and others	A description of linear congruential and other forms of generators used to build stream ciphers
	SP800-22	The NIST random number testing suit used to assess the randomness of a stream cipher keystream. Includes practical use of the testing application.
Public Key Cryptography	Diffie-Hellman	Description of the Diffie-Hellman key exchange protocol
	RSA	Description of the Rivest-Shamir-Adleman protocol for public key cryptography. Includes practical exercises
	DSS	Full description of the Digital Signature Standard, the Secure Hash Algorithm, and the Digital Signature Algorithm.
	Wang Breakthrough	Description of the collision attack against MD5 and SHA
Identity Protocols	Fiat-Shamir	Description of the basic Fiat-Shamir interactive protocol for proof of identit
Knapsack Cryptography	ZQT Algorithm	Use of knapsack techniques to provide cryptographic key exchange
Key Exchange Protocols	IKE	Description of the Internet Key Exchange protocol (RFC 2409) used with IPSec. Discussion of difficulties with IPSec and NAT operation
	KEA	Description of the originally classified key exchange protocol used in the SKIPJACK system
	UKAP	Description of the two pass authenticated key agreement protocol proposed by Ankney, Johnson and Matyas
CyberCrime	History	This describes the history of cybercrime and hacking, and some contemporary cases
	Motivation	Flow theory and an advanced model of cyber crime
	Computer Law	This topic covers the main points of computer law from various countries

Day 3

Module	Topic		Objectives
Storage Media	Hard Disks	The various types of disk structures and describes places where the evidence is hidden
	CDs	The structure and access methods for CD and DVD media
	Memory modules	The structure and access methods for smartmedia, USB flashdisks, and SIM cards
Hidden and Protected Evidence	Data Profiling	Analysis of data semantics based on file headers and byte distribution characteristics
	Passwords	The methods and tools used to access password protected files
	Encryption	Encryption mechanisms and methods of data recovery
	Steganography	Techniques used to embed data in multimedia files, detection methods, and extraction tools
Major Tools	EnCase	Description of the Encase tool and demonstration of its use
	X-Ways	Description of the X-Ways Forensics tool and practical exercises
	CDRoller	Practical forensic recover of multisession CD evidence
Search & Seizure	Legal Processes	The rules and procedures for getting copies of electronic evidence that will be accepted in court

Day 4

Module	Topic		Objectives
Computer/Network Attacks	Denial of Service	The techniques used to deny access to an online system
	Remote Attacks	The processes by which remote network users can penetrate and manipulate network accessible computers
	Traceback	Traceback methods and protocols which allow the source of an attack to be found
	Router Analysis	Methods used for forensic examination of routers and key differences between router and system analysis
IW Research Programme	R&D Tools	The tools necessary to carry out research into system and network vulnerabilities
	Vulnerabilities	The techniques used to monitor vulnerability announcements, diagnose system vulnerabilities, and develop computer penetration techniques
	Payloads	Methods of exploiting computer systems: denial of service, information retrieval, information subversion
	Cloaking	Techniques used to cloak computer network attacks and protect payloads
Summary		Summary of the workshop

PRESENTER'S PROFILE

Dr. Malcolm Shore

Dr Malcolm Shore is a Senior Fellow at Canterbury University and a Visiting Professor at Wuhan University (PRC). He is responsible for conducting COSC425: Computer Forensics and Information Warfare post-graduate course and supervising post-graduate research students. Dr Shore has extensive experience in the Government and private sector in the design and practical implementation of secure systems.

Employment Record

2002 - present

Canterbury University

Senior Fellow. Responsible for conducting the COSC425: Computer Forensics and Information Warfare post-graduate course and supervising post-graduate research students. Major areas of teaching and research include computer forensics, computer and network vulnerabilities, theory of information warfare, and defensive and offensive information operations.

1999-present

CES Communications Ltd

Technical Director. Responsible for all hardware and software development, operation of internal IT systems, and technical support for the company Web site. Specific tasks include managing the development of analog voice/fax encryptors for telephony and radio based on the SAFE technique, and design and development of the SQ-series products including SQ-Phoenix digital encryption voice/fax/data encryptor, SQ-Argent async/sync data encryptor, and SQ-Hermes Voice over IP encryptor. Providing training in cryptographic algorithm development and implementation.

1991-1999

Government Communications Security Bureau

Manager, Computer Security. Establishment of a national COMPUSEC strategy and creation of the GCSB_s national COMPUSEC advisory service. Development and publication of national Computer Security doctrine for Government use, development and production of a quarterly INFOSEC Bulletin, development and running of a range of COMPUSEC training courses for Government, management of various COMPUSEC projects, representing the GCSB in national and international liaison, national referee for ISO INFOSEC standards (JTC1, SC27), installation of an INFOSEC research network, project manager for the NZ Public Key Infrastructure development, and consultancy to departments in their application of security. Technical areas of work include security policy and management, risk analysis, security aspects of X.400/X.500 networking applications, public key encryption technology, cryptographic smartcards and PCMCIA modules, firewalls, mailguards, and Web technology. Installation and use of X.509 Certificate and Directory servers.

Director, INFOSEC. Responsible for the national INFOSEC programme.

1989-1996

5^th Generation Systems Ltd

Director. Part time activity. Responsible for PC application software development. Software includes General Ledger, Accounts Payable, Accounts Receivable, Stock Control, Job Costing, Payroll, Chartered Accounting Time & Cost, Hire Purchase & Depositors Ledger, and many other one-off applications. Development of the Rapuara QUEST database and the Funding Information Service's Fundview system.

This work involved substantial software development on PCs and LANs, and development of Windows applications and SQL server applications.

Assistant Director Information Systems Policy, Defence HQ. Coordination of Service computing requirements, and development of the Defence Manual (DM) 55: Defence Information Systems Policy and Standards. Development and adoption of an NZDF GOSIP and Application Environment Profile for NZDF.

Retired in the rank of Squadron Leader after 20 years contributory service.

Staff Officer Computer Policy, Air Staff. Support for Base level computing. Project officer for RNZAF strategic information systems analysis in conjunction with Coopers & Lybrand using the SUMMIT methodology. Subsequent development of the New Zealand Air Publication (NZAP) 702: Information Systems Strategic Plan.

Systems Programmer/Chief Systems Programmer, Defence EDP. Evaluation and installation of the Sperry 1100 mainframe. Providing support for the Sperry 1100 system software, including the OS1100 operating system, CMS1100 communications system, DMS1100 database, and various compilers and utilities. Performance monitoring and system tuning, system fault analysis and installation of system patches. Support for the RPS1100 end-user database and MAPPER software. Development of various items of systems software, including a Remote Print utility. Managed a staff of eight systems programmers.

1976-1991

RNZAF Officer Commission

Personnel Team Programmer, Defence EDP. Responsible for the development, maintenance, and enhancement of the Personnel Suite of programs on the ICL 1900 mainframe. Managed a staff of four programmers.

1975-76

Dunlop NZ, Wellington

Programmer/analyst, business systems, on NCR Century minicomputers. Worked primarily on stock control and general ledger systems.

1974-75

State Services Commission, Wellington

Technical Advisory Officer, mainframe packages, providing support to departments on the use of various mainframe compilers and application packages. Installation and support of the packages on the Commission's mainframes. Installation acceptance and support for ICL 2903 systems.

1970

ICL, Kidsgrove

Pre-University trainee, worked in:

Numerical Control System Support, providing technical support to users of the SURF/AUCTOR package on KDF-9 computers. J Level Operating Systems Development, work on file subsystems for the 2900 series mainframes.

*Major Assignments*
*Client*	*Activity*
POLI	Design and development of the Personnel On Line Interrogation (POLI) system, a personnel database generalised query and reporting system for NZDF. The software was written in Cobol to run on a 1900-series mainframe, and incorporated a custom-designed data storage technique to optimise disk performance.
Stats/OCR	Acceptance testing of the Department of Statistics CDC-1700 OCR system for automatic reading of census forms. This involved the design, development and running of a series of acceptance test routines in CDC assembler.
AMPS Query	Design and development of a query and reporting subsystem for the AMPS 4th Generation Application Development system. The software was written in the AMPS language to run on a PDP-11.
Sperry 1100	Technical officer for the Conversion Team introducing the Sperry mainframes into NZDF, with primary responsibility for operating system software.
MODNET	Technical support to the NZDF MODNET project in the design and implementation of an X.25 wide area private packet switching network. The Optinet system from Network Automation (Australia) was selected, although a number of areas of software enhancements to the network management system were designed, developed, and acceptance tested. The project involved significant system performance testing and tuning and integration of both Sperry and ASCII terminals and Sperry, Primos, and Unix hosts.
UBASE	Oversight of the development of a MAPPER based translator to run xBASE source code on a Unisys MAPPER system. Appeared as an article in the Unisys magazine
QUEST	Development of the QUEST Rapuara Job and Course Search software used in many schools and Labour Department offices nationally
Banking Audit	Security Audit of an online, home banking system and incorporation of a software-based DES encryption facility.
ITSEC	Introduction of the European Harmonised IT Security Evaluation Criteria scheme into New Zealand, and New Zealand representative on the Australasian IT Security Evaluation Programme (AISEP).
CATALYST	Oversight of a research project into risk analysis tools. This resulted in the development in C++ of the CATALYST Windows-based system modelling and risk analysis package which is used as the NZ Government standard risk analysis tool. The package was presented at the 1994 Canadian Information Systems Security Symposium
NETAUDIT	Oversight of a research project into network auditing and intrusion detection tools. This resulted in the development of the NETAUDIT Windows-based security auditing tool for Novell 3.x networks. The package is written in Borland C++ and uses the Novell APIs
Research Network	Establishment of an INFOSEC research network which includes a variety of operating systems and a Web server for various Intranet applications
NZ PKI	Investigations into the potential for Government use of public key cryptography, and the establishment of the NZ Public Key Infrastructure for support of departmental public key cryptography applications. Implementation of the Spyrus Certificate Authority Workstation and associated infrastructural components.
COMPUSEC Courses	Development of the following training courses: Introduction to INFOSEC PC Security LAN Security Trusted Operating Systems Certification and Accreditation Risk Analysis
SQ-Phoenix	Design and development of the SQ-Phoenix digital encryption unit for voice and fax security. This involves implementation of the TEA cryptographic algorithm, the T.30 fax standard, and design and implementation of a proprietary security negotiation protocol. Also integration of a dedicated crypto co-processor.
5G PC Software	Development of a full xBASE accounting suite for PC systems (General Ledger, Debtors, Creditors, Payroll, Stock Control, Job Costing). Conversion of the software to operate with a Windows-compliant GUI and Microsoft SQL client/server architecture. Also custom design and development of Hire Purchase, Chartered Accounting, Import Costing, and Medical Accounting software.

	*Education and Professional Societies*
Formal Education		Queen Mary College, University of London : 1971-74 BSc (Hons) Computer Science, Massey University : 1980 Master of Arts in Computer Science Research Topic: The Application of Steiner Graphs to Phylogeny (Graph Theory) Otago University : 1998 PhD in Information Science Research Topic: Automatic Enforcement of Information Security Policies Victoria University : 1996 Post-Graduate Management Course RNZAF Officers Training 1977 CSC Promotion Examination 1980 PSC (Senior Staff College) 1987 Other Various systems analysis training courses (ICL) Various systems programming training courses (Sperry Univac) CRAMM Risk Analysis training Various David Solomon systems programming training courses
	Programming Languages	Fluent in : Cobol, C/C++, xBASE (Clipper, Foxpro), Delphi, Basic, Fortran, PLUS 1100, Sperry MASM, CDC Assembler, AVR Assembler, Algol, Algol-68, MAPPER, AMPS 4GL, NEAT-3 (NCR), SQL. Familiar with: SQL, LISP, MODULA, SIMSCRIPT, IBM Assembler, Pascal, LINC.
	CASE Tools:	Picture Oriented Software Engineering (POSE)
	Design, Development, and Support of the following Business Applications:	General Ledger, Accounts Receivable, Accounts Payable, Stock Control, Job Costing, Trust Accounts, Personnel, Payroll, Medical Accounting, Property Management, Housing Maintenance, Hire Purchase
	Experience on the following systems:	Mainframes ICL KDF-9, 1900, 2900 IBM 370 CDC 1700, 6600 NCR Century Sperry 1100 (OS 1100) Minicomputers PDP-11, Mapper-5 Microcomputers DOS, WFW, Windows 95/98, Windows-NT, SCO-Unix LANs Novell Netware 3,4 Windows For Workgroups/Microsoft Networks WANs NZDF X.25 (MODNET) Microsoft RAS Internet Others Amperif SQL RDBMS Microsoft SQL Server
	Languages	English - (excellent)
	Personal	Citizenship - New Zealand

Representation And Publications

National Rep

National referee for the Standards NZ Committee SC603: Information Security and member of the Australian IT/12/4 committee. Represented NZ at various overseas forums, including the recent UN/EDIFACT Joint Rapporteurs Meeting and a number of multilateral Defence Force international technical forums.

Public Presentations

Presented papers at various conferences, including since 1990:

1991 BIS IT Security Conference

1992 AIC IT Security Conference: "All you need to know about OSI Security"

1993 IIR 1st Annual IT Security Conference, "Trends in Information Systems Security"

1994 IIR 2nd Annual IT Security Conference, "The Threats to and Vulnerabilities of Computer Systems"

1994 Canadian Information Systems Security Symposium, "CATALYST: Risk Analysis Tool"

1995 IIR 3rd Annual IT Security Conference, "The Threats to and Vulnerabilities of Computer Systems"

1997 GOVIS-2 Conference, "Public Key Encryption"

1998 TUANZ Conference, "Public Key Encryption"

1998 AIC Information Systems Security Conference, "Public Key Encryption"

2001 IIR IT Security Conference, "Latest Developments in Ciphers & Cryptography"

2003 4th Australian Information Warfare and IT Security Conference, "Cyberwar Target Acquisition and Identification"

2003 4th Australian Information Warfare and IT Security Conference, "Automated Matching of Cyberwar Exploits and Targets"

2004 1st Syrian International Conference on Telecommunications Theory and Application, "Cryptographic Modes of Operation with Bit Loss Synchronisation"

Articles

Various articles published in early microcomputer magazines. Canadian Networks journal, "Phylogeny and the Steiner Problem in Graphs"

Publications

Quarterly NZ Government INFOSEC Bulletin, issues 1-26

Policy Documents

NZAP 702: RNZAF Strategic Information Systems Plan

DM55: Defence Information System Policy

NZ Security of Information Technology (NZSIT) Vols 1 & 2

NZSIT 100: Computer Security

NZSIT 101: Computer Security Policy Handbook

NZSIT 102: Certification and Accreditation

NZSIT 103: Security Evaluation Criteria

NZSIT 104: Risk Analysis

NZSIT 105: Configuration Management

NZSIT 106: Security Object Standards

NZSIT 107: Information Security Standards

NZSIT 109: Security Notices

NZSIT 200: PC Security

NZSIT 202: LAN Security

NZSIT 204: Authentication Techniques

NZSIT 205: Security of EDI

NZSIT 207: Declassification of Storage Media

NZSIT 209: COMPUSEC Utilities