Transcript Slide 1
The CyberScience Laboratory: A CyberSecurity and Incident Response Enabler 8 November 2007 Salvatore C. Paladino, CISSP Overview • • • • • • Mission/Objectives Staff CyberSecurity Network of Partners Delivery System Rapid Technology Deployments Technology Development and Analysis – Rapid Forensic Analyst • Dynamic Training Capabilities • Virtual Training Portal and Resources – CyberSecurity Technical Assistance Package • Embedded Intern Program • Future Plans CyberScience Laboratory • Established March 2000 • Mission/Objectives – Develop a national and international government, industry & academia network to address cybersecurity technical issues – Evaluate DOD, DHS and DOJ R&D technologies and provide technology assistance for transition to federal, state and local law enforcement agencies and critical infrastructure owners and operators across the U.S. – Facilitate cybersecurity training, technical assistance and technology transfer to the cybersecurity community Rapid Technology Deployment Tool Demonstrations CyberSecurity Training CSL Staff • Members of the CSL staff include: – – – – Cyber Security Specialists Electronic Crime Specialists Information Analysts Software Engineers • Certifications include: – Certified Forensic Computer Examiner (CFCE) – Certified Electronic Evidence Collection Specialist (CEECS) – Certified Information Systems Security Professional (CISSP) – Network+ Certified Professional – Certified Ethical Hacker (CE/H) CSL’s Public, Private and Academia Network • Public Sector – National Institute of Justice – Office of Science & Technology – Air Force Research Laboratory/Information Directorate – Department of Homeland Security - Science and Technology – DHS/USSS Electronic Crimes Task Forces (ECTFs) • Atlanta, Charlotte, Chicago, Dallas, Houston, Kentucky, Los Angeles, Miami, New England, New York, San Francisco, Washington D.C. – Federal Bureau of Investigation (FBI) Cyber Division and Digital Evidence Section (DES) – Inter-American Committee Against Terrorism (CICTE) – International Association of Computer Investigative Specialists (IACIS) – Multi-State Information Sharing and Analysis Center Houston, (MS-ISAC) Kentucky, Los Angeles, Miami, New • Atlanta, Charlotte, Chicago, Dallas, – New York City Criminal Justice Coordinator’s Office England, New York, San Francisco, Washington D.C. – New York State Police (NYSP) – Organization of American States (OAS) – Upstate New York Electronic Crimes Coalition (UNYECC) – Western NY Regional Computer Forensic Lab – Infragard – Central New York Computer Crime Coalition (CNY3C) • Private Sector – Paraben Corporation – AccessData Corporation – Partners Trust Bank – Digital Intelligence, Inc. – The TrainingCo. LLC. – Dolphin Technology, Inc. – WetStone Technologies, – Guidance Software Inc. – International High Technology Crime Investigation Association (HTCIA) – Intelligent Computer Solutions, Inc. – JPMorgan Chase – MasterCard – National Grid • Academia – Utica College: Economic Crime Investigation Institute – Eastern Kentucky University – Florida Atlantic University – John Jay College of Criminal Justice – Stanford University – George Mason University – Syracuse University – James Madison University – George Washington University – Columbia University – Champlain College – Carnegie Mellon University – Dartmouth College – Cornell University – University of Dayton: Institute on Law, Technology & Security • Academia Public Sector Private Sector – National Institute of Justice –Crime OfficeInvestigation of Science & Technology AccessData Utica College: Corporation Economic Institute – Force Research – Air Digital John Jay Intelligence, College Laboratory/Information ofInc. Criminal Justice Directorate – of Homeland Security - Science and Technology – Department Guidance University Syracuse Software – DHS/USSS Electronic Crimes Task Forces (ECTFs) – Columbia International University High Technology Crime Investigation Association (HTCIA) – Carnegie ITT Dolphin Mellon Technology, University LLC – Bureau of Investigation (FBI)Inc. Cyber Division and Digital Evidence – Federal Intelligent Cornell University Computer Solutions, Section (DES) – Eastern JPMorgan Kentucky Chase University – Inter-American Committee Against Terrorism (CICTE) – MasterCard University – Stanford International Association of Computer Investigative Specialists (IACIS) – National James Madison Grid University – Multi-State Information Sharing and Analysis Center (MS-ISAC) – New Paraben Champlain Corporation College – York City Criminal Justice Coordinator’s Office Partners Dartmouth Trust College Bank(NYSP) – New York State Police – Organization American States (OAS) The TrainingCo. University ofofDayton: LLC. Institute on Law, Technology & Security – New York University ElectronicInc. Crimes Coalition (UNYECC) – Upstate WetStone Florida Atlantic Technologies, – Regional Computer Forensic Lab – Western George NY Mason University – Infragard – George Washington University – Central New York Computer Crime Coalition (CNY3C) Rapid Technology Deployments Wireless Intrusion Detection System (WIDS) MOZART Impact of deployments on the practitioner community • Demonstrated a need for wireless security and identified wireless gaps in networks Future Deployments • Saved a tremendous amount of manual work that is now automated Future Test Sites • Immigrations and Customs Enforcement • CAULDRON • Office of Emergency & Public Health • IronKey Deployed • Zippy Reporting Tool Deployed Preparedness • USSS ECTFs • PhishBouncer • Utica Police Department • Rapid Forensic Analyst Presidential Debate (2004) Utica PD (2004) Gaston County, NC and Gastonia PD (2005 - 2006) Miami ECTF (2007) Rapid Forensic Analyst • First responder’s triage tool for forensic analysis – Quickly and easily assess field situations – Focus on pertinent, relevant, and useful data while filtering out extraneous information – Gather potentially volatile (perishable) information in a secure manner • Use indications & warnings to focus first responders: – Where to look – What evidence gathering tools to use and in what order • Turnkey solution – Ideal for border, parole, or other incident response – Ready for beta testing Technology Analysis • An unbiased “honest broker” approach for the functional testing and evaluation of the following technologies: – – – – Government Commercial Open-source Freeware • Demonstrate technologies to the cybersecurity community to raise awareness • Provide on-site technology assistance to help facilitate the adoption of appropriate cybersecurity technology solutions CSL’s Dynamic Training Capabilities Judicial and Prosecutor’s Perspectives on Electronic Crime CyberCrimes Investigations Training Course Intrusion Forensic Experiment (IFX) Forensic Tool Workshop Senior Official's CyberSecurity Seminar The CSL has trained over 2,000 International, Federal, State, Local, and Private Sector CyberSecurity Agencies OAS CyberSecurity and CyberCrime Seminar Cybersecurity/Cybercrime Training Topics CSL’s Virtual Training Portal CSL Virtual Training Portal includes: – Interactive and on-demand virtual training – Resource Library – Functional Analysis and Threat Assessment Reports – Training Curriculum Center • View Training Materials • Test • Certificate of Completion Training Resources CyberSecurity Cyberthreat Technical Resource Kit (C-Kit) Assistance CSL Desktop and Pocket Reference Cards Package CSL Cybersecurity and Cybercrime Training DVDs USSS Forward Edge II Training DVD CSL Future Plans • Technology/Tool Transfer – 23rd Annual Computer Security Applications Conference, FL – 12/07 – Develop of C-Kit v3.0 • Technical Assistance – Embedded intern program – NY/NJ ECTF and FBI’s RCFL • Capacity Building – OAS CyberSecurity and CyberCrime Seminar: The Way Forward, FL – 11/07 – DoD 2008 CyberCrime Conference, MO – 1/08 Website Registration www.cybersciencelab.com Thank You Salvatore C. Paladino, CISSP Cyber Security Specialist ITT Advanced Engineering & Sciences CyberScience Laboratory www.cybersciencelab.com [email protected] 315-838-7066