Ronald Dodge

Phishing for user security awareness

User security education and training is one of the most important aspects of an organizations security posture. Using security exercises to reinforce this aspect is frequently done by education and industry alike; however these exercises usually enlist willing participants. We have taken the concept of using an exercise and modified it in application to evaluate a users propensity to respond to email phishing attacks in an unannounced test. This paper describes the considerations in establishing and the process used to create and implement an evaluation of one aspect of our user information assurance education program. The evaluation takes the form of a exercise, where we send out a phishing styled email record the responses.

Virtualization and Digital Forensics: A Research and Education Agenda

The application of virtualization software and techniques in information technology research and education has provided a foundational environment to advance the state-of-the-art in research and education in many related areas. Commercial and open source virtualization products are being used by researchers and educators to create a wide variety of virtual environments. These virtual environments facilitate systems design and development and product development as well as the testing and modeling of production and preproduction systems. As the capabilities, functionality, and stability of these products have evolved, the use of virtualization has expanded, necessitating the identification of new research areas to investigate the impacts of virtualization on digital forensics. In February 2007, a group of digital forensics researchers, educators, and practitioners gathered at the National Center for Forensic Science at the University of Central Florida for the 2007 Workshop on Virtualization in Digital Forensics to discuss these issues and develop a research and education agenda for virtualization and digital forensics. This article outlines some of the ideas generated and new research categories and areas identified at this meeting.

The Influences of Social Networks on Phishing Vulnerability

Phishing is a form of electronic deception in which an attacker tries to cause the recipient to do something or disclose data that they likely would not normally do by mimicking a trustworthy entity. These attacks have been increasing at an alarming rate and can cause damages in the form of identity theft, financial losses, and compromised security for organizations and governmental institutions. Additionally, phishing attacks have become very sophisticated and even more successful because of the lack of vigilance by computer users. Successful phishes have particularly strong implications for military populations, and have the potential to threaten national security. In an attempt to reduce the overall success rate of a phishing attack, this paper applies the foundations of social network analysis to identify how social network structures among a military company of future US Army officers. are most influential in reducing the spread of a phish. This experimental study collected empirical and survey data in an effort to analyze the flow of information and influence of people in phishing awareness within an organization.

Using Phishing for User Email Security Awareness

User security education and training is one of the most important aspects of an organizations security posture. Using security exercises to reinforce this aspect is frequently done by education and industry alike; however these exercises usually enlist willing participants. We have taken the concept of using an exercise and modified it somewhat to evaluate a users propensity to respond to email phishing attacks.

Organized cyber defense competitions

The Cyber Defense Exercise (CDX), an annual competition between students at the five U.S. Service Academies has developed into an extraordinary educational experience for the participants. During the exercise students will design and implement a realistic network against a set of realistic requirements. The students will then defend the networks they constructed over a 4 day period against attacks. Work has been conducted recently to examine how to best generalize the exercise methodology, as conducted at the Military Academies, to other universities. This paper describes the effort involve in executing a Cyber Defense Exercise, introducing the various functional groups, student team construction, and considerations when using the exercise methodology in other locations. We also describe the experienced and additional potential benefits of the exercise.

Information assurance the West Point way

At the US Military Academy at West Point, New York, we approach the topic of protecting and defending information systems as a matter of national security. The time has long passed where we could consider cyberattacks as merely a nuisance; the threat from a cyberattack is very real. Our national information infrastructure is not just essential to the USA economy; it is a life-critical system. Presidential Decision Directive 63 (which called for a national effort to assure vulnerable and interconnected infrastructure security, such as telecommunications, finance, energy, transportation, and essential government services) officially recognizes this, and numerous reports have validated it. As military academy educators, our duty is to provide an education that empowers our graduates with the skills needed to protect the many critical information systems that the military uses.

Using Virtualization to Create and Deploy Computer Security Lab Exercises

Providing computer security laboratory exercises enables students to experience and understand the underlying concepts associated with computer security, but there are many impediments to the creation of realistic exercises of this type. Virtualization provides a mechanism for creating and deploying authentic computer security laboratory experiences for students while minimizing the associated configuration time and reducing the associated hardware requirements. This paper provides a justification for using virtualization to create and deploy computer security lab exercises by presenting and discussing examples of applied lab exercises that have been successfully used at two leading computer security programs. The application of virtualization mitigates many of the challenges encountered in using traditional computer laboratory environments for information assurance educational scenarios.

Empirical Benefits of Training to Phishing Susceptibility

Social engineering continues to be the most worrisome vulnerability to organizational networks, data, and services. The most successful form of social engineering is the practice of phishing. In the last several years, a multitude of phishing variations have been defined including pharming, spear phishing, and whaling. While each has a specific reason for its success, they all rely on a user failing to exercise due diligence and responsibility. In this paper, we report on a recent phishing experiments where the effects of training were evaluated as well as gathering demographic data to explore the susceptibility of given groups.

Replicating and Sharing Computer Security Laboratory Environments

Many institutions are currently investigating the feasibility of creating Computer Security Laboratory environments for their researchers and students. This paper compares four of the current isolated and remote access labs that institutions could use as models to minimize the effort required to create or access a working computer security lab without investing the years of effort that the original creators did. Laboratory attributes investigated include scalability, access capabilities, teaching environments, time requirements, and cost requirements. Additionally a discussion of the challenges associated with each environment is presented. Finally, a model for sharing remote access laboratory capabilities is delineated as an alternative for programs for which the creation of a local remote access lab would not be cost effective and some future investigation areas are identified.

Teaching secure coding: report from summit on education in secure software

Software is critical to life in the 21st century. It drives financial, medical, and government computer systems as well as systems that provide critical infrastructures in areas such as transportation, energy, networking, and telecommunications. As the number and severity of attacks that exploit software vulnerabilities increase, writing reliable, robust, and secure programs will substantially improve the ability of systems and infrastructure to resist such attacks. Education plays a critical role in addressing cybersecurity challenges of the future, such as designing curricula that integrate principles and practices of secure programming into educational programs. To help guide this process, the National Science Foundation Directorates of Computer and Information Science and Engineering (CISE) and Education and Human Resources (EHR) jointly sponsored the Summit on Education in Secure Software (SESS), held in Washington, DC in October, 2010. The goal of this session is to share some of the key findings and challenges identified by the summit and to actively engage the community in the discussions. Each of the speakers participated in the summit and brings a unique viewpoint to the session.