uc yber meeting 20 announcements
play

UC.yber; Meeting 20 Announcements Tomorrow UCRI will be hearing - PowerPoint PPT Presentation

Jan 26, 2023 •191 likes •338 views

UC.yber; Meeting 20 Announcements Tomorrow UCRI will be hearing out our research ideas IEEE Secure Development Conference (at MIT) apply by Aug 11th RAPIDS 2 under discussion as State faces funding problems Focus on HS outreach

  1. UC.yber; Meeting 20

  2. Announcements ● Tomorrow UCRI will be hearing out our research ideas IEEE Secure Development Conference (at MIT) apply by Aug 11th ● RAPIDS 2 under discussion as State faces funding problems ● ● Focus on HS outreach will as Fall approaches ● What is SFS ?

  3. If You’re New! ● Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati ● OWASP Chapter ● Feel free to get involved with one of our committees: Content/Events , Finance, and Social Media Stay updated through our weekly emails ●

  4. Last Week ● Had no meeting due to the holiday The week before we discussed our NCCDC topics ●

  5. Malware Sandboxing

  6. What is Cuckoo ● A malware analysis tool Sits on top of a VM (like virtualbox) ● Interconnectivity with other malware analysis tools like Yara ● ● Google Summer of Code project ● Preferred OS Ubuntu or Debian

  7. What Can Cuckoo Do? ● Traces of calls performed by all processes spawned by the malware. Files being created, deleted and downloaded by the malware during its ● execution. ● Memory dumps of the malware processes. ● Network traffic trace in PCAP format. Screenshots taken during the execution of the malware. ● Full memory dumps of the machines. ●

  8. Uses? ● Generic Windows executables ● PHP scripts DLL files CPL files ● ● PDF documents Visual Basic (VB) scripts ● ● ● Microsoft Office documents ● ZIP files ● URLs and HTML files ● Java JAR PHP scripts Python files ● ● Almost anything else ●

  10. Preparing the Host: ● Dual boot latest Linux LTS: ○ https://www.ubuntu.com/download/desktop ■ Download onto hard drive, open and place onto flash drive…..I have one we can pass around if needed ● Load latest Python scripts ○ sudo apt-get install python python-pip python-dev libffi-dev libssl-dev sudo apt-get install python-virtualenv python-setuptools sudo apt-get install libjpeg-dev zlib1g-dev swig ● MongoDB ○ $ sudo apt-get install mongodb ● PostgreSQL as database ○ $ sudo apt-get install postgresql libpq-dev

  11. Preparing the Host: ● KVM as machinery module ○ $ sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils python-libvirt ● Cuckoo adopts tcpdump ○ $ sudo apt-get install tcpdump apparmor-utils $ sudo aa-disable /usr/sbin/tcpdump ● For Linux platforms with AppArmor disabled (e.g., Debian) the following command will suffice to install tcpdump: ○ $ sudo apt-get install tcpdump ● Tcpdump requires root privileges, but since you don’t want Cuckoo to run as root you’ll have to set specific Linux capabilities to the binary: ○ $ sudo setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump ● You can verify the results of the last command with: ○ $ getcap /usr/sbin/tcpdump **/usr/sbin/tcpdump = cap_net_admin,cap_net_raw+eip

  12. Preparing the Host: ● setcap ○ sudo apt-get install libcap2-bin Installing M2Crypto ● ○ sudo apt-get install swig All Done with that!

  13. Installing Cuckoo ● Create a new user: sudo adduser cuckoo ○ ● make sure the new user belongs to the “libvirtd” group (or the group your Linux distribution uses to run libvirt): sudo usermod -a -G libvirtd cuckoo ○ $ . ● (venv)$ (venv)$

  14. Installing Cuckoo ● Download it: sudo pip install -U pip setuptools ○ ○ sudo pip install -U cuckoo virtualenv venv ○ venv/bin/activate ○ pip install -U pip setuptools ○ pip install -U cuckoo ○ ● $ . (venv)$ (venv)$

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

UC.yber; Meeting 25 Vulnerabilities and more! If Youre New! Join our Slack

UC.yber; Meeting 25 Vulnerabilities and more! If Youre New! Join our Slack

UC.yber; Meeting 25 Vulnerabilities and more! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our

443 views • 15 slides
UC.yber; Meeting 24 Meet New Leadership and Wireshark If Youre New! Join our Slack

UC.yber; Meeting 24 Meet New Leadership and Wireshark If Youre New! Join our Slack

UC.yber; Meeting 24 Meet New Leadership and Wireshark If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

502 views • 19 slides
UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New!

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New!

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get

487 views • 6 slides
UC.yber Meeting 18 If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter

UC.yber Meeting 18 If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter

UC.yber Meeting 18 If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of our committees: Content/Events ,

436 views • 14 slides
UC.yber; News, Networking, Bash, and CTFs Announcements Robert Bathlter has reached out

UC.yber; News, Networking, Bash, and CTFs Announcements Robert Bathlter has reached out

UC.yber; News, Networking, Bash, and CTFs Announcements Robert Bathlter has reached out to Xavier High School we will be working to set up an event with them, THANKS! Alex reached out to Lakota East, THANKS! We now have lab

403 views • 14 slides
UC.yber; Meeting #2 Last Weeks Meeting We... Talked about our purpose and goals Explained

UC.yber; Meeting #2 Last Weeks Meeting We... Talked about our purpose and goals Explained

UC.yber; Meeting #2 Last Weeks Meeting We... Talked about our purpose and goals Explained OWASP Displayed our current leadership and filled open leadership roles Covered how to get involved Brainstormed fundraising

230 views • 9 slides
UC.yber; Meeting 3 Last Week... Discussed lab space and equipment donations Talked

UC.yber; Meeting 3 Last Week... Discussed lab space and equipment donations Talked

UC.yber; Meeting 3 Last Week... Discussed lab space and equipment donations Talked about Hackathon Team (REGISTER) Went over basic enigma machine history Set in motion getting a banner for fundraising events For Newcomers

196 views • 8 slides
UC.yber Meeting 12 WARGAMES! Last Week Discussed National Collegiate Cyber Defense

UC.yber Meeting 12 WARGAMES! Last Week Discussed National Collegiate Cyber Defense

UC.yber Meeting 12 WARGAMES! Last Week Discussed National Collegiate Cyber Defense Competition Planned out what we need for becoming an official chapter Planned out our visit to Loveland HS Received a donation! Thanks to

1.11k views • 9 slides
TAEKWONDO Fundamental knowledge of physiology, biomechanics, dietetics coming together

TAEKWONDO Fundamental knowledge of physiology, biomechanics, dietetics coming together

WELCOME ! W ELCOME ELCOME TO TO THE THE H H WASHIN WASHIN C C YBER YBER U NIVERSITY NIVERSITY I I NTERNATIONAL NTERNATIONAL T T AEKWONDO AEKWONDO D EPARTMENT EPARTMENT ! Movie industry and widely media-covered combat sports events have spread

285 views • 15 slides
The Future of Cyber Experimentation and Testing T he U.S. NAT I O NAL C YBER RANG E

The Future of Cyber Experimentation and Testing T he U.S. NAT I O NAL C YBER RANG E

s The Future of Cyber Experimentation and Testing T he U.S. NAT I O NAL C YBER RANG E Michael VanPutte, Ph.D. Program Manager Distribution Statement A (Approved for Public Release, Distribution Unlimited #14014) DISCLAIMER: The

319 views • 11 slides
What i is cyb yber resilienc ence? e? Aaron Clark-Ginsberg Center for International Security

What i is cyb yber resilienc ence? e? Aaron Clark-Ginsberg Center for International Security

What i is cyb yber resilienc ence? e? Aaron Clark-Ginsberg Center for International Security and Cooperation, Stanford University 2017 Frontiers in Resilience Symposium Word cloud created from texts analyzed for this study This material

360 views • 35 slides
Announcements Meeting for business at the rise of meeting today June 18 Fathers Day

Announcements Meeting for business at the rise of meeting today June 18 Fathers Day

Announcements Meeting for business at the rise of meeting today June 18 Fathers Day celebration and Pot Luck June 25 Etching after meeting and Pizzas and Salad July 8 -- Youngs Dairy in Yellow Springs Young

452 views • 22 slides
Cyb yber er Sec ecurity rity @ UN @ UNC Industr stry y Based ed Broadening dening

Cyb yber er Sec ecurity rity @ UN @ UNC Industr stry y Based ed Broadening dening

Cyb yber er Sec ecurity rity @ UN @ UNC Industr stry y Based ed Broadening dening Information rmation Operat rations ns Denni nis s Schmid idt Assistant Vice Chancellor for Information Security and Privacy and Chief Information

624 views • 38 slides
UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is

UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is

UC.yber; OWASP Chapter The University of Cincinnati's Official Cybersecurity Chapter What is OWASP? Open Web Application Security Project Non-profit organization focused on improving security of software. They have some GREAT info on

372 views • 9 slides
Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack

Cyber@UC Meeting 35 Exploit ALL the vulnerabilities! If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

563 views • 11 slides
Cyber@UC Meeting 33 Katoolin, Special Project, and more... If Youre New! Join our Slack

Cyber@UC Meeting 33 Katoolin, Special Project, and more... If Youre New! Join our Slack

Cyber@UC Meeting 33 Katoolin, Special Project, and more... If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with

402 views • 18 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cuckoo Hashing for Security Awerbuch, Scheideler, Towards Scalable and Robust Overlay Networks Problem: -

329 views • 19 slides
Strong Randomness Properties of (Hyper-)Graphs Generated by Simple Hash Functions Martin Aum

Strong Randomness Properties of (Hyper-)Graphs Generated by Simple Hash Functions Martin Aum

Strong Randomness Properties of (Hyper-)Graphs Generated by Simple Hash Functions Martin Aum uller Technische Universit at Ilmenau, Germany AofA15 Strobl, June 8, 2015 Joint work with Martin Dietzfelbinger and Philipp Woelfel. M.

691 views • 56 slides
INTRODUCTION H ERE Claudio nex Guarnieri @botherder Security

INTRODUCTION H ERE Claudio nex Guarnieri @botherder Security

INTRODUCTION H ERE Claudio nex Guarnieri @botherder Security Researcher at Rapid7 Core member of The Shadowserver FoundaBon Core member of The

472 views • 46 slides
Hig igh-Performance Key- Carnegie Mellon Value Store University Intel Labs Presented by:

Hig igh-Performance Key- Carnegie Mellon Value Store University Intel Labs Presented by:

Hyeontaek Lim , Bin Fan, SIL ILT: A Memory ry-Efficient, David G. Andersen Michael Kaminsky Hig igh-Performance Key- Carnegie Mellon Value Store University Intel Labs Presented by: Ramya Danappa Seesaw Game? FAWN-DS How can we

411 views • 11 slides
PanORAMa: Oblivious RAM with Logarithmic Overhead Sarvar Patel, Giuseppe Persiano, Mariana

PanORAMa: Oblivious RAM with Logarithmic Overhead Sarvar Patel, Giuseppe Persiano, Mariana

PanORAMa: Oblivious RAM with Logarithmic Overhead Sarvar Patel, Giuseppe Persiano, Mariana Raykova, Kevin Yeo Most frequently used file Bob knows what files I am accessing Bandwidth is expensive Retrieve the whole database Oblivious RAM

1.13k views • 85 slides
F o r ma l S e c u r i t y A n a l y s i s o f t h e O p e n I D F

F o r ma l S e c u r i t y A n a l y s i s o f t h e O p e n I D F

F o r ma l S e c u r i t y A n a l y s i s o f t h e O p e n I D F i n a n c i a l - g r a d e A P I D a n i e l F e t t , P e d r a m H o s s e y n i , R a l f K s

725 views • 43 slides
Tackling the Reproducibility Problem in Systems Research with Declarative Experiment

Tackling the Reproducibility Problem in Systems Research with Declarative Experiment

Tackling the Reproducibility Problem in Systems Research with Declarative Experiment Specifications Ivo Jimenez , Carlos Maltzahn ( UCSC ) Adam Moody, Kathryn Mohror ( LLNL ) Jay Lofstead ( Sandia ) Andrea Arpaci-Dusseau, Remzi Arpaci-Dusseau (

463 views • 44 slides
Efficient Join Processing across Heterogeneous Processors Henning Funke, Sebastian Bre, Stefan

Efficient Join Processing across Heterogeneous Processors Henning Funke, Sebastian Bre, Stefan

Efficient Join Processing across Heterogeneous Processors Henning Funke, Sebastian Bre, Stefan Noll, Jens Teubner December 15, 2015 1 / 14 GPUs IN DATABASES ARE LIKE A MUSCLE CAR IN A TRAFFIC JAM 3 / 14 Bottleneck 3 / 14 really? 3 / 14

216 views • 19 slides

More recommend