From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by yquem.inria.fr (Postfix) with ESMTP id 19E6FBC69 for ; Wed, 1 Nov 2006 22:13:06 +0100 (CET) Received: from Sami ([85.154.147.178]) by concorde.inria.fr (8.13.6/8.13.6) with SMTP id kA1L8G1f027661 for ; Wed, 1 Nov 2006 22:08:48 +0100 From: "Precept Management Consultancy" To: "Caml-list" Subject: Security Technology - Information Warfare & Computer Forensics; Grand Hyatt Muscat; 26th-29th November 2006 Date: Thu, 2 Nov 2006 01:08:13 +0400 Reply-To: "Precept Management Consultancy" Message-ID: <75764272.20061102010813@omantel.net.om> X-Priority: 3 (Normal) MIME-Version: 1.0 Organization: Precept Management Consultancy Content-Type: multipart/alternative; boundary="----_PartID_717452743085836" X-Miltered: at concorde with ID 45490CC0.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)! X-Spam: no; 0.00; model:01 ciphers:01 ciphers:01 variants:01 hash:01 nat:01 model:01 semantics:01 byte:01 async:01 referee:01 smartcards:01 subsystems:01 optimise:01 apis:01 This is a multi-part message in MIME format. ------_PartID_717452743085836 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable SECURITY TECHNOLOGY Information Warfare & Computer Forensics Grand Hyatt Muscat, 26th - 29th November 2006 We are pleased to provide information below about our upcoming workshop 'Security Technology - Information Warfare & Computer Forensics' being conducted at the Grand Hyatt Muscat on 26th - 29th November 2006. Should you require any further information we would be delighted to provide it. We look forward to hearing from you. Thanking you and assuring you of our best attention at all times. Best regards, Nick Hadjiyiannis Precept Management Consultancy Tel. +968 24497222 & +968 24539853 Fax +968 24540420 Mobile +968 99312451 E-Mail precept@omantel.net.om Website www.preceptmanagement.com SECURITY TECHNOLOGY Information Warfare & Computer Forensics WHY NEEDED Computers and other digital electronic equipments are increasingly being used in the commission of modern crimes, with criminals often using sophisticated measures to hide evidence. With computer systems and networks now controlling highly critical infrastrcutures it is essential that information is proetcted and mechanisms are in place to prevent, detect and investigate potential security breaches. DATES & VENUE =D8 Duration: Four Days, 26th - 29th November 2006, 8:30 am - 5 pm; =D8 Fees: R.O. 785 (including course materials, lunch & breaks at the venue); =D8 Venue: Grand Hyatt Muscat; =D8 Presenter: Dr. Malcolm Shore. WHO SHOULD PARTICIPATE The primary objective of the workshop is to provide those wishing to understand cryptographic techniques, starting work in the forensic area, and those tasked with protecting the critical infrastructure with a detailed understanding of the field of security technology. The course will also provide experienced analysts with up to date information on forensic techniques and technologies. OBJECTIVE This course is designed to provide a detailed insight into how networks and critical infrastructures are attacked, how data is protected through the use of advanced cryptography, and the use of forensic techniques to investigate crime. To register, please click here THE WORKSHOP Day 1 ModuleTopicObjectives CyberCrimeHistoryThis describes the history of cybercrime and hacking, and some contemporary cases MotivationFlow theory and an advanced model of cyber crime Computer LawThis topic covers the main points of computer law from various countries Principals of Information WarfareRMAA description of the revolution in military affairs that occurred with the use of information technology, and the next revolution that is occurring in which information and information systems are targets and the US seek Information Superiority ELIGIBLE RECEIVERA description of the ELIGIBLE RECIEVER exercise that was run in the US and which demonstrated the vulnerability of contemporary US military and infrastructural systems SOLAR SUNRISEVideo: SOLAR SUNRISE attack Defensive Information OperationsGIGThe aims and objectives of the Global Information Infrastructure IAThe shift of Information Security to Information Assurance HardeningTechniques used to harden hardware and software against attacks, and contemporary trusted systems processes Operational SecurityPrinciples of operations security and information indicators Certification and AccreditationProcedures for certification of classified systems and the accreditation processes to verify their integrity Offensive Information OperationsMappingThe process of charting the operational environment and identifying the location of target systems. Practical use of scanning systems Operational PlanningProcedures for establishing the operational plan and running computer network attacks IO WeaponsThe various forms of weapons used against information systems, including cyber weapons. Matching vulnerabilities to targets Information ImperialismThe issues related to control of sources of information and information systems and communications paths. Techniques used to deny or subvert information technology Signals and CryptologyCommunicationsForms of communication and their susceptibility to interception CryptologyThe issues related to the use of cryptography to protect information, and methods of defeating cryptographic protection. Day 2 ModuleTopicObjectives Introduction to CryptographyManual CiphersThe beginnings of cryptography through examination of a range of historical manual ciphers systems EnigmaThe design of the WWII German cryptography device and the effort applied to break the ciphers Programming and the IDEBasic OperationsAn introduction to the IAR integrated development environment and its use, and the basic operations of the ARM assembler, with practical exercises Logic ProgrammingAdditional coding structures used to implement the various logic operations used in cryptographic algorithms, with practical exercises Integer MathsThe techniques, functions and instructions used to implement fast long integer modulus mathematics, with practical exercises Block CiphersAESA full description and practical exercises for the Advanced Encryption System and its implementation with 128, 192, and 256 bit keys Key ExpansionPractical exercise in writing the AES key expansion routine AES VariantsUse of different tables and parameters to create different variants of the AES algorithm, and a review of the security implications of these IDEAA full description of the public domain IDEA algorithm as used in PGP Stream CiphersLFSRA description of linear feedback shift registers as used to build stream ciphers. Includes description of contemporary T-Functions and practical exercises A5Full description of the GSM A5 algorithm and its implementation as a practical exercise Modes of OperationThe use of different modes of operation to convert a block cipher into a steam cipher. Covers OFB, CBC, CFB, OCFB and Counter modes. Practical implementation of CFB8 LCG and othersA description of linear congruential and other forms of generators used to build stream ciphers SP800-22The NIST random number testing suit used to assess the randomness of a stream cipher keystream. Includes practical use of the testing application. Public Key CryptographyDiffie-HellmanDescription of the Diffie-Hellman key exchange protocol RSADescription of the Rivest-Shamir-Adleman protocol for public key cryptography. Includes practical exercises DSSFull description of the Digital Signature Standard, the Secure Hash Algorithm, and the Digital Signature Algorithm. Wang BreakthroughDescription of the collision attack against MD5 and SHA Identity ProtocolsFiat-ShamirDescription of the basic Fiat-Shamir interactive protocol for proof of identit Knapsack CryptographyZQT AlgorithmUse of knapsack techniques to provide cryptographic key exchange Key Exchange ProtocolsIKEDescription of the Internet Key Exchange protocol (RFC 2409) used with IPSec. Discussion of difficulties with IPSec and NAT operation KEADescription of the originally classified key exchange protocol used in the SKIPJACK system UKAPDescription of the two pass authenticated key agreement protocol proposed by Ankney, Johnson and Matyas CyberCrimeHistoryThis describes the history of cybercrime and hacking, and some contemporary cases MotivationFlow theory and an advanced model of cyber crime Computer LawThis topic covers the main points of computer law from various countries Day 3 ModuleTopicObjectives Storage MediaHard DisksThe various types of disk structures and describes places where the evidence is hidden CDsThe structure and access methods for CD and DVD media Memory modulesThe structure and access methods for smartmedia, USB flashdisks, and SIM cards Hidden and Protected EvidenceData ProfilingAnalysis of data semantics based on file headers and byte distribution characteristics PasswordsThe methods and tools used to access password protected files EncryptionEncryption mechanisms and methods of data recovery SteganographyTechniques used to embed data in multimedia files, detection methods, and extraction tools Major ToolsEnCaseDescription of the Encase tool and demonstration of its use X-WaysDescription of the X-Ways Forensics tool and practical exercises CDRollerPractical forensic recover of multisession CD evidence Search & SeizureLegal ProcessesThe rules and procedures for getting copies of electronic evidence that will be accepted in court Day 4 ModuleTopicObjectives Computer/Network AttacksDenial of ServiceThe techniques used to deny access to an online system Remote AttacksThe processes by which remote network users can penetrate and manipulate network accessible computers TracebackTraceback methods and protocols which allow the source of an attack to be found Router AnalysisMethods used for forensic examination of routers and key differences between router and system analysis IW Research ProgrammeR&D ToolsThe tools necessary to carry out research into system and network vulnerabilities VulnerabilitiesThe techniques used to monitor vulnerability announcements, diagnose system vulnerabilities, and develop computer penetration techniques PayloadsMethods of exploiting computer systems: denial of service, information retrieval, information subversion CloakingTechniques used to cloak computer network attacks and protect payloads SummarySummary of the workshop PRESENTER'S PROFILE Dr. Malcolm Shore Dr Malcolm Shore is a Senior Fellow at Canterbury University and a Visiting Professor at Wuhan University (PRC). He is responsible for conducting COSC425: Computer Forensics and Information Warfare post-graduate course and supervising post-graduate research students. Dr Shore has extensive experience in the Government and private sector in the design and practical implementation of secure systems. Employment Record 2002 - present Canterbury University Senior Fellow. Responsible for conducting the COSC425: Computer Forensics and Information Warfare post-graduate course and supervising post-graduate research students. Major areas of teaching and research include computer forensics, computer and network vulnerabilities, theory of information warfare, and defensive and offensive information operations. 1999-present CES Communications Ltd Technical Director. Responsible for all hardware and software development, operation of internal IT systems, and technical support for the company Web site. Specific tasks include managing the development of analog voice/fax encryptors for telephony and radio based on the SAFE technique, and design and development of the SQ-series products including SQ-Phoenix digital encryption voice/fax/data encryptor, SQ-Argent async/sync data encryptor, and SQ-Hermes Voice over IP encryptor. Providing training in cryptographic algorithm development and implementation. 1991-1999 Government Communications Security Bureau Manager, Computer Security. Establishment of a national COMPUSEC strategy and creation of the GCSB_s national COMPUSEC advisory service. Development and publication of national Computer Security doctrine for Government use, development and production of a quarterly INFOSEC Bulletin, development and running of a range of COMPUSEC training courses for Government, management of various COMPUSEC projects, representing the GCSB in national and international liaison, national referee for ISO INFOSEC standards (JTC1, SC27), installation of an INFOSEC research network, project manager for the NZ Public Key Infrastructure development, and consultancy to departments in their application of security. Technical areas of work include security policy and management, risk analysis, security aspects of X.400/X.500 networking applications, public key encryption technology, cryptographic smartcards and PCMCIA modules, firewalls, mailguards, and Web technology. Installation and use of X.50! 9 Certificate and Directory servers. Director, INFOSEC. Responsible for the national INFOSEC programme. 1989-1996 5th Generation Systems Ltd Director. Part time activity. Responsible for PC application software development. Software includes General Ledger, Accounts Payable, Accounts Receivable, Stock Control, Job Costing, Payroll, Chartered Accounting Time & Cost, Hire Purchase & Depositors Ledger, and many other one-off applications. Development of the Rapuara QUEST database and the Funding Information Service's Fundview system. This work involved substantial software development on PCs and LANs, and development of Windows applications and SQL server applications. Assistant Director Information Systems Policy, Defence HQ. Coordination of Service computing requirements, and development of the Defence Manual (DM) 55: Defence Information Systems Policy and Standards. Development and adoption of an NZDF GOSIP and Application Environment Profile for NZDF. Retired in the rank of Squadron Leader after 20 years contributory service. Staff Officer Computer Policy, Air Staff. Support for Base level computing. Project officer for RNZAF strategic information systems analysis in conjunction with Coopers & Lybrand using the SUMMIT methodology. Subsequent development of the New Zealand Air Publication (NZAP) 702: Information Systems Strategic Plan. Systems Programmer/Chief Systems Programmer, Defence EDP. Evaluation and installation of the Sperry 1100 mainframe. Providing support for the Sperry 1100 system software, including the OS1100 operating system, CMS1100 communications system, DMS1100 database, and various compilers and utilities. Performance monitoring and system tuning, system fault analysis and installation of system patches. Support for the RPS1100 end-user database and MAPPER software. Development of various items of systems software, including a Remote Print utility. Managed a staff of eight systems programmers. 1976-1991 RNZAF Officer Commission Personnel Team Programmer, Defence EDP. Responsible for the development, maintenance, and enhancement of the Personnel Suite of programs on the ICL 1900 mainframe. Managed a staff of four programmers. 1975-76 Dunlop NZ, Wellington Programmer/analyst, business systems, on NCR Century minicomputers. Worked primarily on stock control and general ledger systems. 1974-75 State Services Commission, Wellington Technical Advisory Officer, mainframe packages, providing support to departments on the use of various mainframe compilers and application packages. Installation and support of the packages on the Commission's mainframes. Installation acceptance and support for ICL 2903 systems. 1970 ICL, Kidsgrove Pre-University trainee, worked in: Numerical Control System Support, providing technical support to users of the SURF/AUCTOR package on KDF-9 computers. J Level Operating Systems Development, work on file subsystems for the 2900 series mainframes. Major Assignments ClientActivity POLIDesign and development of the Personnel On Line Interrogation (POLI) system, a personnel database generalised query and reporting system for NZDF. The software was written in Cobol to run on a 1900-series mainframe, and incorporated a custom-designed data storage technique to optimise disk performance. Stats/OCRAcceptance testing of the Department of Statistics CDC-1700 OCR system for automatic reading of census forms. This involved the design, development and running of a series of acceptance test routines in CDC assembler. AMPS QueryDesign and development of a query and reporting subsystem for the AMPS 4th Generation Application Development system. The software was written in the AMPS language to run on a PDP-11. Sperry 1100Technical officer for the Conversion Team introducing the Sperry mainframes into NZDF, with primary responsibility for operating system software. MODNETTechnical support to the NZDF MODNET project in the design and implementation of an X.25 wide area private packet switching network. The Optinet system from Network Automation (Australia) was selected, although a number of areas of software enhancements to the network management system were designed, developed, and acceptance tested. The project involved significant system performance testing and tuning and integration of both Sperry and ASCII terminals and Sperry, Primos, and Unix hosts. UBASEOversight of the development of a MAPPER based translator to run xBASE source code on a Unisys MAPPER system. Appeared as an article in the Unisys magazine QUESTDevelopment of the QUEST Rapuara Job and Course Search software used in many schools and Labour Department offices nationally Banking AuditSecurity Audit of an online, home banking system and incorporation of a software-based DES encryption facility. ITSECIntroduction of the European Harmonised IT Security Evaluation Criteria scheme into New Zealand, and New Zealand representative on the Australasian IT Security Evaluation Programme (AISEP). CATALYSTOversight of a research project into risk analysis tools. This resulted in the development in C++ of the CATALYST Windows-based system modelling and risk analysis package which is used as the NZ Government standard risk analysis tool. The package was presented at the 1994 Canadian Information Systems Security Symposium NETAUDITOversight of a research project into network auditing and intrusion detection tools. This resulted in the development of the NETAUDIT Windows-based security auditing tool for Novell 3.x networks. The package is written in Borland C++ and uses the Novell APIs Research NetworkEstablishment of an INFOSEC research network which includes a variety of operating systems and a Web server for various Intranet applications NZ PKIInvestigations into the potential for Government use of public key cryptography, and the establishment of the NZ Public Key Infrastructure for support of departmental public key cryptography applications. Implementation of the Spyrus Certificate Authority Workstation and associated infrastructural components. COMPUSEC CoursesDevelopment of the following training courses: Introduction to INFOSEC PC Security LAN Security Trusted Operating Systems Certification and Accreditation Risk Analysis SQ-PhoenixDesign and development of the SQ-Phoenix digital encryption unit for voice and fax security. This involves implementation of the TEA cryptographic algorithm, the T.30 fax standard, and design and implementation of a proprietary security negotiation protocol. Also integration of a dedicated crypto co-processor. 5G PC SoftwareDevelopment of a full xBASE accounting suite for PC systems (General Ledger, Debtors, Creditors, Payroll, Stock Control, Job Costing). Conversion of the software to operate with a Windows-compliant GUI and Microsoft SQL client/server architecture. Also custom design and development of Hire Purchase, Chartered Accounting, Import Costing, and Medical Accounting software. Education and Professional Societies Formal EducationQueen Mary College, University of London : 1971-74 BSc (Hons) Computer Science, Massey University : 1980 Master of Arts in Computer Science Research Topic: The Application of Steiner Graphs to Phylogeny (Graph Theory) Otago University : 1998 PhD in Information Science Research Topic: Automatic Enforcement of Information Security Policies Victoria University : 1996 Post-Graduate Management Course RNZAF Officers Training 1977 CSC Promotion Examination 1980 PSC (Senior Staff College) 1987 Other Various systems analysis training courses (ICL) Various systems programming training courses (Sperry Univac) CRAMM Risk Analysis training Various David Solomon systems programming training courses Programming LanguagesFluent in : Cobol, C/C++, xBASE (Clipper, Foxpro), Delphi, Basic, Fortran, PLUS 1100, Sperry MASM, CDC Assembler, AVR Assembler, Algol, Algol-68, MAPPER, AMPS 4GL, NEAT-3 (NCR), SQL. Familiar with: SQL, LISP, MODULA, SIMSCRIPT, IBM Assembler, Pascal, LINC. CASE Tools:Picture Oriented Software Engineering (POSE) Design, Development, and Support of the following Business Applications:General Ledger, Accounts Receivable, Accounts Payable, Stock Control, Job Costing, Trust Accounts, Personnel, Payroll, Medical Accounting, Property Management, Housing Maintenance, Hire Purchase Experience on the following systems: Mainframes ICL KDF-9, 1900, 2900 IBM 370 CDC 1700, 6600 NCR Century Sperry 1100 (OS 1100) Minicomputers PDP-11, Mapper-5 Microcomputers DOS, WFW, Windows 95/98, Windows-NT, SCO-Unix LANs Novell Netware 3,4 Windows For Workgroups/Microsoft Networks WANs NZDF X.25 (MODNET) Microsoft RAS Internet Others Amperif SQL RDBMS Microsoft SQL Server LanguagesEnglish - (excellent) PersonalCitizenship - New Zealand Representation And Publications National RepNational referee for the Standards NZ Committee SC603: Information Security and member of the Australian IT/12/4 committee. Represented NZ at various overseas forums, including the recent UN/EDIFACT Joint Rapporteurs Meeting and a number of multilateral Defence Force international technical forums. Public PresentationsPresented papers at various conferences, including since 1990: 1991 BIS IT Security Conference 1992 AIC IT Security Conference: "All you need to know about OSI Security" 1993 IIR 1st Annual IT Security Conference, "Trends in Information Systems Security" 1994 IIR 2nd Annual IT Security Conference, "The Threats to and Vulnerabilities of Computer Systems" 1994 Canadian Information Systems Security Symposium, "CATALYST: Risk Analysis Tool" 1995 IIR 3rd Annual IT Security Conference, "The Threats to and Vulnerabilities of Computer Systems" 1997 GOVIS-2 Conference, "Public Key Encryption" 1998 TUANZ Conference, "Public Key Encryption" 1998 AIC Information Systems Security Conference, "Public Key Encryption" 2001 IIR IT Security Conference, "Latest Developments in Ciphers & Cryptography" 2003 4th Australian Information Warfare and IT Security Conference, "Cyberwar Target Acquisition and Identification" 2003 4th Australian Information Warfare and IT Security Conference, "Automated Matching of Cyberwar Exploits and Targets" 2004 1st Syrian International Conference on Telecommunications Theory and Application, "Cryptographic Modes of Operation with Bit Loss Synchronisation" ArticlesVarious articles published in early microcomputer magazines. Canadian Networks journal, "Phylogeny and the Steiner Problem in Graphs" PublicationsQuarterly NZ Government INFOSEC Bulletin, issues 1-26 Policy DocumentsNZAP 702: RNZAF Strategic Information Systems Plan DM55: Defence Information System Policy NZ Security of Information Technology (NZSIT) Vols 1 & 2 NZSIT 100: Computer Security NZSIT 101: Computer Security Policy Handbook NZSIT 102: Certification and Accreditation NZSIT 103: Security Evaluation Criteria NZSIT 104: Risk Analysis NZSIT 105: Configuration Management NZSIT 106: Security Object Standards NZSIT 107: Information Security Standards NZSIT 109: Security Notices NZSIT 200: PC Security NZSIT 202: LAN Security NZSIT 204: Authentication Techniques NZSIT 205: Security of EDI NZSIT 207: Declassification of Storage Media NZSIT 209: COMPUSEC Utilities Other Events in 2006: SULTANATE OF OMAN IMPACT, PRESENCE & PRESENTATION Grand Hyatt Muscat, 11th - 12th December 2006 There is much evidence that we are judged not just by what we say but how we say it, and even by the non-verbal impression we give before we open our mouths. Do we come across as being confident, competent and in-control? Do we look the part of Leaders? This seminar explores that elusive quality of Leadership "presence", going beyond how to look polished and professional but also covering how to sustain a positive impact. CYPRUS BUSINESS SECURITY FOR MANAGERS Elysium Resort, Paphos, Cyprus, 14th - 16th November 2006 The Business Security for Managers (BSM) workshop has been specially designed to provide non-fulltime managers of security with the essential skills and knowledge necessary to manage the day-to-day security of business units. This fast-paced three-day introduction to security management was developed initially in response to a specific requirement from the oil & gas sector and is aimed at any manager with local responsibility for security. The workshop's broad content makes it of clear benefit to delegates from other sectors operating in environments with similar risks. Security of assets and operations from external, and internal, sources of loss is an essential element of any business. Not all businesses, however, can afford the luxury of a full-time security manager. In many cases responsibility for security rests with a line manager, or is an additional responsibility for health and safety, facilities or general services managers. For more information about Precept you are welcome to visit us at: www.preceptmanagement.com If you do not wish to receive messages about our forthcoming events in the future kindly send a message with "Delete" as the subject. Thank you. ------_PartID_717452743085836 Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable

SECURITY TECHNOLOGY

Information Warfare & Computer Forensics

Grand Hyatt Muscat, 26th - 29th November 2006

 

We are pleased to provide information below about our upcoming workshop 'Security Technology - Information Warfare & Computer Forensics' being conducted at the Grand Hyatt Muscat on 26th - 29th November 2006.

 

Should you require any further information we would be delighted to provide it.

 

We look forward to hearing from you.

 

Thanking you and assuring you of our best attention at all times.

 

Best  regards,

 

Nick Hadjiyiannis

Precept Management Consultancy

Tel.                  +968 24497222 & +968 24539853

Fax                   +968 24540420

Mobile              +968 99312451

E-Mail              precept@omantel.net.om

Website            www.preceptmanagement.com 

 

SECURITY TECHNOLOGY

Information Warfare & Computer Forensics

 

WHY NEEDED

Computers and other digital electronic equipments are increasingly being used in the commission of modern crimes, with criminals often using sophisticated measures to hide evidence.  With computer systems and networks now controlling highly critical infrastrcutures it is essential that information is proetcted and mechanisms are in place to prevent, detect and investigate potential security breaches.

 

DATES & VENUE

=D8    Duration:                 Four Days, 26th - 29th November 2006, 8:30 am - 5 pm;

=D8    Fees:                       R.O. 785 (including course materials, lunch & breaks at the venue);

=D8    Venue:                     Grand Hyatt Muscat;

=D8    Presenter:                Dr. Malcolm Shore.

 

WHO SHOULD PARTICIPATE

The primary objective of the workshop is to provide those wishing to understand cryptographic techniques, starting work in the forensic area, and those tasked with protecting the critical infrastructure with a detailed understanding of the field of security technology. The course will also provide experienced analysts with up to date information on forensic techniques and technologies. 

 

OBJECTIVE

This course is designed to provide a detailed insight into how networks and critical infrastructures are attacked, how data is protected through the use of advanced cryptography, and the use of forensic techniques to investigate crime.

 

To register, please click here

 

THE WORKSHOP

 

Day 1

Module

Topic

Objectives

CyberCrime

History

This describes the history of cybercrime and hacking, and some contemporary cases

Motivation

Flow theory and an advanced model of cyber crime

Computer Law

This topic covers the main points of computer law from various countries

Principals of Information Warfare

RMA

A description of the revolution in military affairs that occurred with the use of information technology, and the next revolution that is occurring in which information and information systems are targets and the US seek Information Superiority

ELIGIBLE RECEIVER

A description of the ELIGIBLE RECIEVER exercise that was run in the US and which demonstrated the vulnerability of contemporary US military and infrastructural systems

SOLAR SUNRISE

Video: SOLAR SUNRISE attack

Defensive Information Operations

GIG

The aims and objectives of the Global Information Infrastructure

IA

The shift of Information Security to Information Assurance

Hardening

Techniques used to harden hardware and software against attacks, and contemporary trusted systems processes 

Operational Security

Principles of operations security and information indicators 

Certification and Accreditation

Procedures for certification of classified systems and the accreditation processes to verify their integrity

Offensive Information Operations

Mapping

The process of charting the operational environment and identifying the location of target systems.  Practical use of scanning systems

Operational Planning

Procedures for establishing the operational plan and running computer network attacks

IO Weapons

The various forms of weapons used against information systems, including cyber weapons.  Matching vulnerabilities to targets

Information Imperialism

The issues related to control of sources of information and information systems and communications paths. Techniques used to deny or subvert information technology

Signals and Cryptology

Communications

Forms of communication and their susceptibility to interception

Cryptology

The issues related to the use of cryptography to protect information, and methods of defeating cryptographic protection.

 

Day 2

Module

Topic

Objectives

Introduction to Cryptography

Manual Ciphers

The beginnings of cryptography through examination of a range of historical manual ciphers systems

Enigma

The design of the WWII German cryptography device and the effort applied to break the ciphers  

Programming and the IDE

Basic Operations

An introduction to the IAR integrated development environment and its use, and the basic operations of the ARM assembler, with practical exercises 

Logic Programming

Additional coding structures used to implement the various logic operations used in cryptographic algorithms, with practical exercises

Integer Maths

The techniques, functions and instructions used to implement fast long integer modulus mathematics, with practical exercises

Block Ciphers

AES

A full description and practical exercises for the Advanced Encryption System and its implementation with 128, 192, and 256 bit keys 

Key Expansion

Practical exercise in writing the AES key expansion routine

AES Variants

Use of different tables and parameters to create different variants of the AES algorithm, and a review of the security implications of these

IDEA

A full description of the public domain IDEA algorithm as used in PGP

Stream Ciphers

LFSR

A description of linear feedback shift registers as used to build stream ciphers. Includes description of contemporary T-Functions and practical exercises

A5

Full description of the GSM A5 algorithm and its implementation as a practical exercise

Modes of Operation

The use of different modes of operation to convert a block cipher into a steam cipher.  Covers OFB, CBC, CFB, OCFB and Counter modes. Practical implementation of CFB8

LCG and others

A description of linear congruential and other forms of generators used to build stream ciphers

SP800-22

The NIST random number testing suit used to assess the randomness of a stream cipher keystream.  Includes practical use of the testing application.

Public Key Cryptography

Diffie-Hellman

Description of the Diffie-Hellman key exchange protocol

RSA

Description of the Rivest-Shamir-Adleman protocol for public key cryptography.  Includes practical exercises

DSS

Full description of the Digital Signature Standard, the Secure Hash Algorithm, and the Digital Signature Algorithm.

Wang Breakthrough

Description of the collision attack against MD5 and SHA

Identity Protocols

Fiat-Shamir

Description of the basic Fiat-Shamir interactive protocol for proof of identit

Knapsack Cryptography

ZQT Algorithm

Use of knapsack techniques to provide cryptographic key exchange

Key Exchange Protocols

IKE

Description of the Internet Key Exchange protocol (RFC 2409) used with IPSec. Discussion of difficulties with IPSec and NAT operation 

KEA

Description of the originally classified key exchange protocol used in the SKIPJACK system 

UKAP

Description of the two pass authenticated key agreement protocol proposed by Ankney, Johnson and Matyas

CyberCrime

History

This describes the history of cybercrime and hacking, and some contemporary cases

Motivation

Flow theory and an advanced model of cyber crime

Computer Law

This topic covers the main points of computer law from various countries

 

Day 3

Module

Topic

Objectives

Storage Media

Hard Disks

The various types of disk structures and describes places where the evidence is hidden

 

CDs

The structure and access methods for CD and DVD media

 

Memory modules

The structure and access methods for smartmedia, USB flashdisks, and SIM cards

 

Hidden and Protected Evidence

Data Profiling

Analysis of data semantics based on file headers and byte distribution characteristics

 

Passwords

The methods and tools used to access password protected files

 

Encryption

Encryption mechanisms and methods of data recovery

 

Steganography

Techniques used to embed data in multimedia files, detection methods, and extraction tools

 

Major Tools

EnCase

Description of the Encase tool and demonstration of its use

 

X-Ways

Description of the X-Ways Forensics tool and practical exercises

 

CDRoller

Practical forensic recover of multisession CD evidence

 

Search & Seizure

Legal Processes

The rules and procedures for getting copies of electronic evidence that will be accepted in court

 

Day 4

Module

Topic

Objectives

Computer/Network Attacks

Denial of Service

The techniques used to deny access to an online system

 

Remote Attacks

The processes by which remote network users can penetrate and manipulate network accessible computers

 

Traceback

Traceback methods and protocols which allow the source of an attack to be found

 

Router Analysis

Methods used for forensic examination of routers and key differences between router and system analysis

 

IW Research Programme

R&D Tools

The tools necessary to carry out research into system and network vulnerabilities 

 

Vulnerabilities

The techniques used to monitor vulnerability announcements, diagnose system vulnerabilities, and develop computer penetration techniques

 

Payloads

Methods of exploiting computer systems: denial of service, information retrieval, information subversion 

 

Cloaking

Techniques used to cloak computer network attacks and protect payloads

 

Summary

Summary of the workshop

 

 

PRESENTER'S PROFILE

 

Dr. Malcolm Shore

Dr Malcolm Shore is a Senior Fellow at Canterbury University and a Visiting Professor at Wuhan University (PRC).  He is responsible for conducting COSC425: Computer Forensics and Information Warfare post-graduate course and supervising post-graduate research students.  Dr Shore has extensive experience in the Government and private sector in the design and practical implementation of secure systems.

 

Employment Record

2002 - present

Canterbury University

  • Senior Fellow.  Responsible for conducting the COSC425: Computer Forensics and Information Warfare post-graduate course and supervising post-graduate research students.  Major areas of teaching and research include computer forensics, computer and network vulnerabilities, theory of information warfare, and defensive and offensive information operations.

1999-present

CES Communications Ltd

  • Technical Director.  Responsible for all hardware and software development, operation of internal IT systems, and technical support for the company Web site.  Specific tasks include managing the development of analog voice/fax encryptors for telephony and radio based on the SAFE technique, and design and development of the SQ-series products including SQ-Phoenix digital encryption voice/fax/data encryptor, SQ-Argent async/sync data encryptor, and SQ-Hermes Voice over IP encryptor.   Providing training in cryptographic algorithm development and implementation.

1991-1999

Government Communications Security Bureau

  • Manager, Computer Security.  Establishment of a national COMPUSEC strategy and creation of the GCSB_s national COMPUSEC advisory service.  Development and publication of national Computer Security doctrine for Government use, development and production of a quarterly INFOSEC Bulletin, development and running of a range of COMPUSEC training courses for Government, management of various COMPUSEC projects, representing the GCSB in national and international liaison, national referee for ISO INFOSEC standards (JTC1, SC27), installation of an INFOSEC research network, project manager for the NZ Public Key Infrastructure development, and consultancy to departments in their application of security.  Technical areas of work include security policy and management, risk analysis, security aspects of X.400/X.500 networking applications, public key encryption technology, cryptographic smartcards and PCMCIA modules, firewalls, mailguards, and Web technology.  Installation and use of X.509 Certificate and Directory servers. 

  • Director, INFOSEC.  Responsible for the national INFOSEC programme.

1989-1996

5th Generation Systems Ltd

  • Director.   Part time activity.  Responsible for PC application software development.  Software includes General Ledger, Accounts Payable, Accounts Receivable, Stock Control, Job Costing, Payroll, Chartered Accounting Time & Cost, Hire Purchase & Depositors Ledger, and many other one-off applications.  Development of the Rapuara QUEST database and the Funding Information Service's Fundview system.

This work involved substantial software development on PCs and LANs, and development of Windows applications and SQL server applications.

  • Assistant Director Information Systems Policy, Defence HQ.  Coordination of  Service computing requirements, and development of the Defence Manual (DM) 55: Defence Information Systems Policy and Standards.  Development and adoption of an NZDF GOSIP and Application Environment Profile for NZDF.

  • Retired in the rank of Squadron Leader after 20 years contributory service.

  • Staff Officer Computer Policy, Air Staff.  Support for Base level computing.  Project officer for RNZAF strategic information systems analysis in conjunction with Coopers & Lybrand using the SUMMIT methodology.  Subsequent development of the New Zealand Air Publication (NZAP) 702:  Information Systems Strategic Plan.

  • Systems Programmer/Chief Systems Programmer, Defence EDP.   Evaluation and installation of the Sperry 1100 mainframe.  Providing support for the Sperry 1100 system software, including the OS1100 operating system, CMS1100 communications system, DMS1100 database, and various compilers and utilities.   Performance monitoring and system tuning, system fault analysis and installation of system patches.  Support for the RPS1100 end-user database and MAPPER software.  Development of various items of systems software, including a Remote Print utility.  Managed a staff of eight systems programmers.

1976-1991

RNZAF Officer Commission

  • Personnel Team Programmer, Defence EDP.  Responsible for the development, maintenance, and enhancement of the Personnel Suite of programs on the ICL 1900 mainframe.  Managed a staff of four programmers. 

1975-76

Dunlop NZ, Wellington

  • Programmer/analyst, business systems, on NCR Century minicomputers.  Worked primarily on stock control and general ledger systems.

1974-75

State Services Commission, Wellington

  • Technical Advisory Officer, mainframe packages, providing support to departments on the use of various mainframe compilers and application packages.  Installation and support of the packages on the Commission's mainframes.  Installation acceptance and support for ICL 2903 systems.

1970

ICL, Kidsgrove

  • Pre-University trainee, worked in:

Numerical Control System Support, providing technical support to users of the SURF/AUCTOR package on KDF-9 computers.  J Level Operating Systems Development, work on file subsystems for the 2900 series mainframes.

 

 

Major Assignments

Client

Activity

POLI

Design and development of the Personnel On Line Interrogation (POLI) system, a personnel database generalised query and reporting system for NZDF.  The software was written in Cobol to run on a 1900-series mainframe, and incorporated a custom-designed data storage technique to optimise disk performance.

Stats/OCR

Acceptance testing of the Department of Statistics CDC-1700 OCR system for automatic reading of census forms.  This involved the design, development and running of a series of acceptance test routines in CDC assembler.

AMPS Query

Design and development of a query and reporting subsystem for the AMPS 4th Generation Application Development system.  The software was written in the AMPS language to run on a PDP-11.

Sperry 1100

Technical officer for the Conversion Team introducing the Sperry mainframes into NZDF, with primary responsibility for operating system software.

MODNET

Technical support to the NZDF MODNET project in the design and implementation of an X.25 wide area private packet switching network.  The Optinet system from Network Automation (Australia) was selected, although a number of areas of software enhancements to the network management system were designed, developed, and acceptance tested.  The project involved significant system performance testing and tuning and integration of both Sperry and ASCII terminals and Sperry, Primos, and Unix hosts.

UBASE

Oversight of the development of a MAPPER based translator to run xBASE source code on a Unisys MAPPER system.  Appeared as an article in the Unisys magazine

QUEST

Development of the QUEST Rapuara Job and Course Search software used in many schools and Labour Department offices nationally

Banking Audit

Security Audit of an online, home banking system and incorporation of a software-based  DES encryption facility.

ITSEC

Introduction of the European Harmonised IT Security Evaluation Criteria scheme into New Zealand, and New Zealand representative on the Australasian IT Security Evaluation Programme (AISEP).

CATALYST

Oversight of a research project into risk analysis tools.  This resulted in the development in C++ of the CATALYST Windows-based system modelling and risk analysis package which is used as the NZ Government standard risk analysis tool.   The package was presented at the 1994 Canadian Information Systems Security Symposium

NETAUDIT

Oversight of a research project into network auditing and intrusion detection tools.  This resulted in the development of the NETAUDIT Windows-based security auditing tool for Novell 3.x networks.  The package is written in Borland C++ and uses the Novell APIs

Research Network

Establishment of an INFOSEC research network which includes a variety of operating systems and a Web server for various Intranet applications

NZ PKI

Investigations into the potential for Government use of public key cryptography, and the establishment of the NZ Public Key Infrastructure for support of departmental public key cryptography applications.  Implementation of the Spyrus Certificate Authority Workstation and associated infrastructural components.

COMPUSEC Courses

Development of the following training courses:

  • Introduction to INFOSEC
  • PC Security
  • LAN Security
  • Trusted Operating Systems
  • Certification and Accreditation
  • Risk Analysis

SQ-Phoenix

Design and development of the SQ-Phoenix digital encryption unit for voice and fax security.  This involves implementation of the TEA cryptographic algorithm, the T.30 fax standard, and design and implementation of a proprietary security negotiation protocol.  Also integration of a dedicated crypto co-processor.

5G PC Software

Development of a full xBASE accounting suite for PC systems (General Ledger, Debtors, Creditors, Payroll, Stock Control, Job Costing).  Conversion of the software to operate with a Windows-compliant GUI and Microsoft SQL client/server architecture.  Also custom design and development of Hire Purchase, Chartered Accounting, Import Costing, and Medical Accounting software.

 

 

 

 

 

 

Education and Professional Societies

Formal Education

Queen Mary College, University of London : 1971-74

BSc (Hons) Computer Science,

Massey University : 1980

Master of Arts in Computer Science

Research Topic: The Application of Steiner Graphs to Phylogeny (Graph Theory)

Otago University : 1998

PhD in Information Science

Research Topic: Automatic Enforcement of Information Security Policies

Victoria University : 1996

Post-Graduate Management Course

RNZAF

Officers Training                                   1977

CSC Promotion Examination                1980

PSC (Senior Staff College)                   1987

Other

Various systems analysis training courses (ICL)

Various systems programming training courses (Sperry Univac)

CRAMM Risk Analysis training

Various David Solomon systems programming training courses

 

Programming Languages

Fluent in           :  Cobol, C/C++, xBASE (Clipper, Foxpro), Delphi, Basic, Fortran, PLUS 1100, Sperry MASM, CDC Assembler, AVR Assembler, Algol, Algol-68, MAPPER, AMPS 4GL, NEAT-3 (NCR), SQL.

Familiar with:  SQL, LISP, MODULA, SIMSCRIPT, IBM Assembler, Pascal, LINC.

 

CASE Tools:

Picture Oriented Software Engineering (POSE)

 

Design, Development, and Support of the following Business Applications:

General Ledger,            Accounts Receivable,  Accounts Payable,  Stock Control,  Job Costing,  Trust Accounts,  Personnel,  Payroll,  Medical Accounting,  Property Management,  Housing Maintenance,  Hire Purchase

 

Experience on the following systems:

Mainframes                  ICL KDF-9, 1900, 2900

                                    IBM 370

                                    CDC 1700, 6600

                                    NCR Century

                                    Sperry 1100 (OS 1100)

Minicomputers  PDP-11, Mapper-5

Microcomputers           DOS, WFW, Windows 95/98, Windows-NT,              SCO-Unix

LANs                           Novell Netware 3,4

                                    Windows For Workgroups/Microsoft                                       Networks

WANs                         NZDF X.25 (MODNET)

                                    Microsoft RAS

                                    Internet

Others                          Amperif SQL RDBMS

                                    Microsoft SQL Server

 

Languages

English - (excellent)

 

Personal

Citizenship - New Zealand

 

 

Representation And Publications

National Rep

National referee for the Standards NZ Committee SC603: Information Security and member of the Australian IT/12/4 committee.  Represented NZ at various overseas forums, including the recent UN/EDIFACT Joint Rapporteurs Meeting and a number of multilateral Defence Force international technical forums.

Public Presentations

Presented papers at various conferences, including since 1990:

1991 BIS IT Security Conference

1992 AIC IT Security Conference: "All you need to know about OSI Security"

1993 IIR 1st Annual IT Security Conference, "Trends in Information Systems Security"

1994 IIR 2nd Annual IT Security Conference, "The Threats to and Vulnerabilities of Computer Systems"

1994 Canadian Information Systems Security Symposium, "CATALYST: Risk Analysis Tool"

1995 IIR 3rd Annual IT Security Conference, "The Threats to and Vulnerabilities of Computer Systems"

1997 GOVIS-2 Conference, "Public Key Encryption"

1998 TUANZ Conference, "Public Key Encryption"

1998 AIC Information Systems Security Conference, "Public Key Encryption"

2001 IIR IT Security Conference, "Latest Developments in Ciphers & Cryptography"

2003 4th Australian Information Warfare and IT Security Conference, "Cyberwar Target Acquisition and Identification" 

2003 4th Australian Information Warfare and IT Security Conference, "Automated Matching of Cyberwar Exploits and Targets"  

2004  1st Syrian International Conference on Telecommunications Theory and Application, "Cryptographic Modes of Operation with Bit Loss Synchronisation"

Articles

Various articles published in early microcomputer magazines. Canadian Networks journal, "Phylogeny and the Steiner Problem in Graphs"

Publications

Quarterly NZ Government INFOSEC Bulletin, issues 1-26

Policy Documents

NZAP 702: RNZAF Strategic Information Systems Plan

DM55: Defence Information System Policy

NZ Security of Information Technology (NZSIT) Vols 1 & 2

NZSIT 100: Computer Security

NZSIT 101: Computer Security Policy Handbook

NZSIT 102: Certification and Accreditation

NZSIT 103: Security Evaluation Criteria

NZSIT 104: Risk Analysis

NZSIT 105: Configuration Management

NZSIT 106: Security Object Standards

NZSIT 107: Information Security Standards

NZSIT 109: Security Notices

NZSIT 200: PC Security

NZSIT 202: LAN Security

NZSIT 204: Authentication Techniques

NZSIT 205: Security of EDI

NZSIT 207: Declassification of Storage Media

NZSIT 209: COMPUSEC Utilities

 

Other Events in 2006:

 

SULTANATE OF OMAN

 

IMPACT, PRESENCE & PRESENTATION

Grand Hyatt Muscat, 11th - 12th December 2006

 

There is much evidence that we are judged not just by what we say but how we say it, and even by the non-verbal impression we give before we open our mouths. Do we come across as being confident, competent and in-control?  Do we look the part of Leaders? This seminar explores that elusive quality of Leadership "presence", going beyond how to look polished and professional but also covering how to sustain a positive impact.

 

 

CYPRUS

 

BUSINESS SECURITY FOR MANAGERS

Elysium Resort, Paphos, Cyprus, 14th - 16th November 2006

The Business Security for Managers (BSM) workshop has been specially designed to provide non-fulltime managers of security with the essential skills and knowledge necessary to manage the day-to-day security of business units.

 

This fast-paced three-day introduction to security management was developed initially in response to a specific requirement from the oil & gas sector and is aimed at any manager with local responsibility for security.

 

The workshop's broad content makes it of clear benefit to delegates from other sectors operating in environments with similar risks.

 

Security of assets and operations from external, and internal, sources of loss is an essential element of any business. Not all businesses, however, can afford the luxury of a full-time security manager.  In many cases responsibility for security rests with a line manager, or is an additional responsibility for health and safety, facilities or general services managers. 

 

                     

 

For more information about Precept you are welcome to visit us at:

www.preceptmanagement.com

 

If you do not wish to receive messages about our forthcoming events in the future
     kindly send a message with "Delete" as the subject. Thank you.

------_PartID_717452743085836--