ISSA NE Chapter Meeting – 11/2/17
“2.5 CPEs”
Venue:
Museum of Science
1 Science Park, Boston, MA 02114
Come join us to celebrate ISSA New England 30th Anniversary celebration. Finish off the evening with watching a brilliant show at the Museum of Science Mugar Omni IMAX Theatre. Your registration also includes free entrance to the Museum of Science for the day and complimentary parking.
“2.5 CPEs”
Venue:
Museum of Science
1 Science Park, Boston, MA 02114
Come join us to celebrate ISSA New England 30th Anniversary celebration. Finish off the evening with watching a brilliant show at the Museum of Science Mugar Omni IMAX Theatre. Your registration also includes free entrance to the Museum of Science for the day and complimentary parking.
Agenda:
AGENDA:
9 am Registration IF museum visit (includes free pass, parking)
OR
11:30 am Registration IF ONLY attending the meeting and reception
12:30-1 Welcome, Ratification of bylaws, sponsor thanks
1:15-2 ESG/ISSA 2nd Annual Global Research 'State of the Cyber Security Professional' - Candy Alexander, vCISO, ISSA International Director
2:05–2:50 Incident Response- From the Trenches to the Boardroom and Back, O’Shea Bowens
2:55–3:20 Minions: Off-path Man-in-the-Middle Attack on Tor Hidden Services, Amirali Sanatinia, Security Researcher, Northeastern University
3:20-5 Closing note, followed by Chapter’s 30th anniversary reception
5:00 Omni Theater presentation
9 am Registration IF museum visit (includes free pass, parking)
OR
11:30 am Registration IF ONLY attending the meeting and reception
12:30-1 Welcome, Ratification of bylaws, sponsor thanks
1:15-2 ESG/ISSA 2nd Annual Global Research 'State of the Cyber Security Professional' - Candy Alexander, vCISO, ISSA International Director
2:05–2:50 Incident Response- From the Trenches to the Boardroom and Back, O’Shea Bowens
2:55–3:20 Minions: Off-path Man-in-the-Middle Attack on Tor Hidden Services, Amirali Sanatinia, Security Researcher, Northeastern University
3:20-5 Closing note, followed by Chapter’s 30th anniversary reception
5:00 Omni Theater presentation
Talk and Speaker Details:
State of the Cyber Security Professional: Given the overwhelming barrage of challenges that cyber security professionals face daily, it’s a natural wonder just how well they are holding up. Are they able to coordinate on cyber security strategies and tactics with their business and IT peers? Do they have the skills necessary for their jobs as cyber-adversaries develop new exploits? Are they overwhelmed and burn out? We will explore the answers to these questions and more, in this research based discussion.
Minions: Off-path Man-in-the-Middle Attack on Tor Hidden Services
In the last decade, Tor proved to be a very successful and widely popular system to protect users’ anonymity. However, Tor remains a practical system with a variety of limitations, some of which were indeed exploited in the recent past. Previous work showed the existence of malicious participating Tor relays. In this work, we show that an adversary who compromises the Hidden Service private key can mount a man-in-the-middle attack on hidden services. One characteristic of this attack is that the adversary does not need to be in the communication path between the client and the server. We demonstrate a proof-of-concept (POC) for this attack. Furthermore, we provide a tool that can be used to detect such attempts. We also discuss possible detection and mitigation mechanism and the implication of the certificate systems for hidden services.
Incident Response- From the Trenches to the Boardroom and Back. The talk will discuss questions C-level may ask the Incidence Response team when handling incidents. We will also discuss questions on how technologies in-house are best utilized to assist with IR.
- Candy Alexander is a vCISO, ISSA International Director and a recognized information security leader. Candy has in-depth experience in performing many aspects of information security which she obtained through the various information security roles she has filled in her 23+ years in the industry at companies such as Digital Equipment, Compaq Computer Corporation and Symantec.
- -
Minions: Off-path Man-in-the-Middle Attack on Tor Hidden Services
In the last decade, Tor proved to be a very successful and widely popular system to protect users’ anonymity. However, Tor remains a practical system with a variety of limitations, some of which were indeed exploited in the recent past. Previous work showed the existence of malicious participating Tor relays. In this work, we show that an adversary who compromises the Hidden Service private key can mount a man-in-the-middle attack on hidden services. One characteristic of this attack is that the adversary does not need to be in the communication path between the client and the server. We demonstrate a proof-of-concept (POC) for this attack. Furthermore, we provide a tool that can be used to detect such attempts. We also discuss possible detection and mitigation mechanism and the implication of the certificate systems for hidden services.
- Amirali Sanatinia is a Computer Science PhD candidate at Northeastern advised by Professor Guevara Noubir, and holds a Bachelor’s degree in CS from St Andrews University. His research focuses on cyber security and privacy, and was covered by venues such as MIT Technology Review and ACM Tech News. He has talked at various venues including DEFCON, BSides and PyCon.
Incident Response- From the Trenches to the Boardroom and Back. The talk will discuss questions C-level may ask the Incidence Response team when handling incidents. We will also discuss questions on how technologies in-house are best utilized to assist with IR.
- O’Shea Bowens is an information security enthusiast with 10 years of information security experience. He currently is a Security Operations Expert for Novartis where his primary focus is incident response, malware analysis, blue teaming functions and developing incident response coursework. O'Shea has worked and consulted for companies and clients in the federal government, U.S. and international firms in various information security roles, including security analyst, incident response, network & systems forensics, and network engineering.
Venue Information:
Mugar Omni Theatre
In the Mugar Omni Theater, the world's largest film format is projected onto a five-story-tall IMAX® Dome screen. It wraps audiences in larger-than-life images of flora, fauna, and faraway places. A state-of-the-art digital sound system completes the immersion effect.
For details on Parking, please visit https://www.mos.org/parking
In the Mugar Omni Theater, the world's largest film format is projected onto a five-story-tall IMAX® Dome screen. It wraps audiences in larger-than-life images of flora, fauna, and faraway places. A state-of-the-art digital sound system completes the immersion effect.
For details on Parking, please visit https://www.mos.org/parking
Speaker Bios:
