Alaska Chapter - Status Report 2011-2012

15 Nov 2012 Brian Hay gsoc

ORGANIZATION
• Brian Hay (Chapter Lead, Full Member)
• Kara Nance (BoD Member, Full Member)
• Chris Hecker
• Clark Harshbarger
• Matt Bishop
• Wesley McGrew
• Lucas McDaniel

DEPLOYMENTS
• 1 Honeeebox in Alaska
• Purchased multiple other Honeeeboxes available for third party deployments
• Periodic Dionaea deployments in both public and private clouds for student and demonstration use.

RESEARCH AND DEVELOPMENT

1. Ongoing development of hypervisor-based honeypot monitoring using virtual machine introspection (VMI) on Xen and KVM platforms.
2. Tools for deployment and management of virtual machines

PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS
• Involved in three funded DARPA CFT projects
• HP Annual Workshop 2012 – Circumventing cryptography with VMI
• Hay, B. and K. Nance. Circumventing Cryptography in Virtualized Environments. Proceedings of the 2012 Malware Conference. October 2012. (Best Paper Award)
• McDaniel, L. and K. Nance. Identifying Weaknesses in VM/Hypervisor Interfaces. Proceedings of HICSS 45. January 2013. (In Press)
• Nance, K. and B. Taylor. Using Security Injections to Increase Security and Safety Awareness While Teaching Students to Use Technology. Proceedings of the SITE 2012 Conference. Austin, Texas, March 2012. • Hay, B., K. Nance, L. McDaniel, M. Bishop. Are Your Papers in Order? Developing and Enforcing Multi-Tenancy and Migration Policies in the Cloud. Proceedings of the 45th Conference on January 2012
• Reardon, B., K. Nance and S. McCombie. Visualization of ATM Usage Patterns to Detect Counterfeit Cards Usage. January 2012
• Gonzalez, Hugo, K. Nance, and J. Nazario. Phishing by Form: The Abuse of Form Sites. Proceedings of the Malware 2011 Conference. Fajardo, Puerto Rico. October 2011. • John Quan, Kara Nance, Brian Hay, “A Mutualistic Security Service Model: Supporting Large-Scale Virtualized Environments,” IT Professional, pp. 18-23, May/June, 2011
• Nance, K. and R. Marty. Identifying and Visualizing the Malicious Insider Threat Using Bipartite Graphs. Information Security and Cyber Crime Minitrack of the Decision Technology, Mobile Technologies and Service Science Track of the 44th Hawaii International Conference on Systems Sciences. January 2011. • Bishop, M., B. Hay, and K. Nance. Applying Formal Methods Informally. Assurance Research for Dependable Software Systems Minitrack of the Software Technology Track of the 44th Hawaii International Conference on Systems Sciences. January 2011. • Hay, B., K. Nance, and M. Bishop. Storm Clouds Rising: Security Challenges for IaaS Cloud Computing. Cloud Computing Minitrack of the Software Technology Track of the 44th Hawaii International Conference on Systems Sciences. January 2011. • Nance, K. and D. Ryan. Legal Aspects of Digital Forensics: A Research Agenda. Digital Forensics Minitrack of the Software Technology Track of the 44th Hawaii International Conference on Systems Sciences. January 2011. • Tricaud, S., K. Nance, and P. Saade. Visualizing Network Activity using Parallel Coordinates. Security and Critical Infrastructure of the Electronic Government Track of the 44th Hawaii International Conference on Systems Sciences. January 2011.

GOALS
• Continue to advance the goals of the Honeynet Project in general by actively pursuing funding opportunities.
• To continue current research in the application of virtualization and visualization to the honeynet domain.
• To provide a honeynet resource for Alaskan organizations and institutions.
• To provide students with an opportunity to gain exposure to honeynets.

MISC ACTIVITIES
• Led the proposal writing process for two DARPA CFT proposals for HP members
• PM and testing for DARPA funded CFT (WAH)
• Leadership in the 2012 and 2013 Annual Workshop efforts
• Interaction with law enforcement agencies, corporations, and utilities regarding honeynet deployments.
• Honeynet BoD
• Honeynet Workshop Committee
• Honeynet Infrastructure Committee
• Honeynet Finance Committee

MENTORING
• GSOC Admin 2011
• GSOC Mentor 2011