17 Sept 2015 - Double Header

Digital Investigation and the Trojan Defense, Revisited (1 – 2 pm EST)
NSA Codebreaker Challenge 3.0 (2:15 – 3:15 EST)

Friends, we are calling in our first airstrike with “double header”. Mark your calendars and come join your friends in the CAE community for a Tech Talk presentation. We are a warm, inviting group of people that share technical knowledge. CAE Tech Talks are free and we conduct them in real-time over the Internet so there is no need to travel. You can attend from just about anywhere (office, home, etc.) Capitol Technology University (CTU) will be hosting the presentation using their online delivery platform (Adobe Connect). The presentation along with questions and answers is conducted live in real-time using VOIP and chat. Just log in as guest and enjoy the presentation(s).

Below is a description of the presentation(s) and the logistics of attendance.

Date: Thursday 17 Sep 2015
Time: 1pm – 2pm EST
Title/Topic: Digital Investigation and the Trojan Defense, Revisited
Presenter: Professor Golden Richard III (University of New Orleans)
Location: https://capitol.adobeconnect.com/cae_tech_talk/
Just log in as Guest and enter your name. No password required.
Audience Skill Level:  All levels
Description:
Over the past 15 years, digital forensics has been radically transformed by the introduction of new tools and techniques that support very detailed investigation of a wide variety of digital crime scenes, spanning unauthorized data exfiltration, fraud, employee misconduct, kidnapping, child pornography, and murder. Modern digital forensics tools can be used to deeply examine not only computer systems, but smartphones, voice recorders, printers, cars, and much more. A common defense used by those accused of wrongdoing in crimes involving digital evidence is the so-called Trojan defense, which essentially means "I didn't do that--a computer virus did it." This defense has traditionally been quickly dismissed by investigators after a cursory examination of digital devices for the presence of malware. Often, this sweep for malware consists of simply running an antivirus program, noting a negative result, and using this as a basis for proceeding with the charge of wrongdoing. In all likelihood, this process was historically fairly accurate, because it was pretty unlikely that a virus did "do it". Now, in the face of increasingly sophisticated cyber attacks and malware infections, it's frequently very possible that someone or something (e.g., malware) other than the "obvious" party may be guilty. The solution to unraveling the accuracy of Trojan defenses and pointing the finger of blame in the right direction is increased technical sophistication for investigators and a more developed sense of empathy for non-technical users, which has a direct impact on digital forensics education.

Date: Thursday 17 Sep 2015
Time: 2:15 pm – 3:15 pm EST
Title/Topic: NSA Third Annual Codebreaker Challenge
Presenter: NSA
Location: https://capitol.adobeconnect.com/cae_tech_talk/
log in as Guest and enter your name. No password required.
Audience Skill Level:  All levels
Description:
NSA plans to launch its 3rd annual Codebreaker Challenge this Fall in a competition to see which university can be the first to solve the challenge and which will have the most solutions submitted.  This challenge provides students with an excellent hands-on opportunity to develop their reverse-engineering / low-level code analysis skills while working on a realistic problem set.  Feedback from previous competitions indicated that students got a lot out of it, so with your help we would like to encourage as much participation as possible!  Here are the pertinent details:

• The challenge materials and instructions will be hosted at https://codebreaker.ltsnet.net/
• The challenge will begin on Sept. 1st at midnight, and will end on Dec. 31st
• Prizes will be awarded to the first 50 students that complete the challenge nation-wide.  In the past, some universities have also chosen to offer additional incentives (extra-credit in a course, an award for the first students to solve the challenge within a department, etc.).  We encourage you to do this as well if possible.
• Students should register for the site using their .edu email addresses
• Links to reverse engineering lectures and other learning materials can be found on the site

This CAE Tech Talk will introduce the challenge, present some reverse engineering techniques, and walk through the solution to the challenge from last year.  NSA will also answer questions students may have about the challenge.

After the live presentation, CTU will post a recording of the presentation(s) on its website:
https://capitol.instructure.com/courses/sis_course_id:CAE_Tech_Talk/external_tools/4
Announcements for CAE Tech Talk events can be found in the news and calendar section of the CAE community website: www.caecommunity.org
For questions on CAE Tech Talk events, please send email to CAETechTalk@nsa.gov