SEC 2013 Workshops

7 July,
0900 – 1200		 Workshop 1: Security Threats and Attacks in Wireless and Mobile Networks: a practical workshop, offered by Dr Ray Hunt
10 July,
1300 – 1700		 Workshop 2: Cyber Warfare, the Tallinn Manual and the ICT Professional, offered by Dr Bill Caelli.

Workshops and speakers details:

Workshop 1: Security Threats and Attacks in Wireless and Mobile Networks: a practical workshop

The last few years have seen a dramatic growth in the use of a vast variety of wireless and mobile network devices. Further, interconnectivity of these devices via Wireless Local Area Networks, Wireless Personal Area Networks, Broadband and Metropolitan Area Networks, a variety of 3G Network Infrastructures, the Internet and Cloud Networks has led to a virtual seamless integration of communication which supports data, voice and other multimedia services.

It had been hoped that development in security infrastructure would have afforded the necessary protection to safely operate such a significant infrastructure of integrated services. Regrettably this has not been the case. Mariposa botnet, Conficker, Stuxnet, and Zeus (together with variants) have spelt disaster along with botnets, spam, zeroday attacks, trojans, spyware, spoofing, session hijacking, denial of service and many more as well as blended versions of these network attacks. Mobile devices once thought to be largely unaffected have seen dramatic changes with over 40 families of mobile malware threats appearing over the last couple of years.

Many of the techniques used to attack networks 10 years ago are still causing considerable damage today. These techniques have been reinvented and are frequently based on variations of basic themes or combinations of these used to form multi-vector and multi-payload attacks. The scale of interconnectivity that has evolved further compounds the damage that such attacks can cause. Further, wireless and mobile network access brings with it the opportunity for hackers to exploit many of these attacks, all be it in different forms. As networks have scaled in size and complexity so have attack vectors.

This workshop will commence by examining the characteristics of the different wireless and mobile networks including Bluetooth and other WPANs, Android, and IEEE802.11 variants of WLANs.  The manner in which these networks can be compromised by attacks such as, sniffing, spyware, spoofing, hijacking, man-in-the-middle, buffer overflow, injection, brute force, denial of service (as well as the usual range of viruses, worms and Trojans) will be discussed.

This workshop will be run as a laboratory in which PCs running virtual machines which in turn run Backtrack5 Rev 2 will be used in conjunction with networking equipment such as a variety of access points, wireless interface devices, Bluetooth and Android equipment etc and a selection of these attacks will be created, tested and verified. Delegates will work in pairs and be guided through the process of carrying out a range of penetration attacks to which WPANs, WLANs and handheld mobile computers are particularly vulnerable.

The key workshop topics will include:

This workshop is a hands-on practical laboratory designed to demonstrate the vulnerabilities of wireless and mobile networks and to implement various active and passive attacks in order to carry out penetration tests on these systems. This laboratory makes use of the power and flexibility of a suite of wireless tools used to illustrate wireless insecurity, and focuses on understanding the inner workings, tools and methodologies of modern day attacks.

Types of Attacks

In this section, we will focus on different types of network scenarios such as home networks, small business networks and enterprise networks. Since different networking scenarios will require different security options, we will employ a range of attacks, such as:

  • Masquerading/Spoofing Attacks
  • MITM (Man in the Middle Attacks) - Spoofing MAC-based security, ARP poisoning
  • WEP Crack (up to 128 bit)
  • WPA and WPA2 PSK
  • Advanced Attacks (Packet replay, DNS Spoofing, ARP poisoning, SSL Hacking)
  • DoS (Denial of Service) Attacks

Overview of Tools

Individual PCs will run Backtrack 5 Rev 2 (2012) which is a Linux-based penetration testing suite which runs the following tools in a purely native environment:

  • kismet – a wireless network detector and packet sniffer
  • netstumbler  – a tool for discovering fake access points
  • airmon-ng – a tool that can help set a wireless adapter into monitor mode (rfmon)
  • airodump-ng – a tool for capturing packets from an Access Point
  • aireplay-ng – a tool for forging ARP requests
  • aircrack-ng – a tool for decrypting WEP keys
  • iwconfig – a tool for configuring wireless adapters in monitor mode and generation of fake ARP requests
  • macchanger – a tool that allows one to view and/or spoof (fake) MAC address
  • wireshark – a tool for passive collection and analysis of packets
  • android exploit software

The wireless adapter cards will allow both passive packet sniffing and active packet injection. In this laboratory, we will be using Alfa AWUS036H 802.11b/d Long-Range Wireless USB Adapters, Bluetooth mobile phones and Android handheld computers. A variety of CISCO, Linksys and D-Link Wireless Access Points will be used which will be configured with a variety of security options.

A variety of Bluetooth equipment with specifically configured Cambridge chipset USB Bluetooth adaptors will be used for the next part of the workshop.

Most importantly, modern Android devices will be used to demonstrate how private information can be extracted by the use of specific exploits and how such mobile devices can be subject to information theft and spam bot attacks.

Workshop leader Associate Professor Ray Hunt

RayHunt.jpgDr Ray Hunt is an Associate Professor specialising in Networks and Security. His areas of teaching and research are computer networks and network security. In addition he has provided numerous training courses on Networks and Security for the industry in Australia, New Zealand, Singapore, Hong Kong, Thailand, Malaysia and Taiwan. Further, he has addressed a variety of conferences in Australia, Singapore, China, Hong Kong, U.S.A, Canada and Europe.

He has acted as a telecommunications consultant for a number of telcos and other companies in the Asian-Pacific region and works as an adviser on aspects network architecture, security and design as well as advising industries on a wide range of telecommunication topics.

He is well known in Asia in particular where he has run training workshops over the last 15 years for companies such as Fujitsu, Reuters, AT&T, Vodafone and others. He has visited Asia over 70 times in the last 15 years providing a wide range of training and education workshops in areas of networks and security.

Prior to being with the University of Canterbury, Ray Hunt worked for the airline industry where he designed and built international telecommunication networks.

Early in 2011, Ray Hunt was appointed an adjunct Associate Professor at the University of South Australia (Adelaide) and Edith Cowan University (Perth) and early in 2012 he was appointed Honorary Associate Professor at Deakin University, Melbourne and visiting Professor at the Technical University of Malaysia, Kuala Lumpur.

Workshop 2: Cyber Warfare, the Tallinn Manual and the ICT Professional

This seminar will examine, and lead discussion on, the relevance and impact of the newly released "Tallin Manual" on cyber warfare for the ICT professional, in particular.  To give it its full name, the volume is entitled the "TALLINN MANUAL ON THE INTERNATIONAL LAW APPLICABLE TO CYBER WARFARE".  It was prepared by an "international group of experts at the invitation of the NATO Cooperative Cyber Defence Centre of Excellence" and has Michael N Schmitt as its general editor.  This seminar will consider:

  1. the background to and an overview/language of the Tallinn Manual, along with current reactions at the international level,
  2. “cyber” as a new arena of conflict,
  3. the manual’s position in an era of “Cyber Operations”,
  4. its role in relation to the private and public  non-military sectors and, in particular, to the protection of national critical infrastructure by its owners/operators,
  5. problems of response to cyber attack, including the role and function of ICT professionals employed in both the public and private sectors as well as in military establishments,
  6. some historical perspectives, from the “posse” to “vigilantism” to “militia” to “reservists”, with some examples including the “InfraGard” program of the USA’s FBI, etc. and
  7. the role, functions, responsibilities and responses of the ICT professional, particularly a member of an associated professional organisation of IFIP and in adherence to any associated “codes of conduct” or requirements for ethical behaviour.

Workshop leader: Professor William J (Bill) Caelli

CAELLI-PHOTO-230701-1The seminar will be led by Emeritus Professor William J (Bill) Caelli, AO, FACS. He is currently a member of the Board of the Colloquium for Information Systems Security Education (CISSE) based in Maryland, USA and a member of the national policy committee of the Australian Computer Society, of which he was founding member in 1965. He served on the IT Security Expert Advisory Group (ITSEAG) of Australia’s Trusted Information Sharing Network (TISN) from its inception in 2003 until 2011. He has worked with Rand Corporation in the USA on related policy research activities. He is a Director of International Information Security Consultants Pty Ltd in Australia and an Adjunct Professor at both the Queensland University of Technology and Griffith Universities in Queensland, Australia.  He has almost 50 years of experience in the ICT area with some 37 years of that in all aspects of cyber and network security.