2016 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Information Security: Lightning Talks

Time 09/28/16 02:30PM-03:20PM

Room Chopin

Session Abstract

In this session, four presenters provide short talks on topics of interest to generate further discussion – these Lightning Talks hope to encourage on-going discussion:

  1. Joanna Grama (EDUCAUSE) on "State of the CISO: Research Preview" -- EDUCAUSE conducted extensive research on the role of the higher education CISO in 2016, focusing on leadership development; skills and abilities; and mentoring and professional development case studies. This lightning round session will briefly highlight the most interesting research findings.

  2. Rich Graves (Carleton College) on "Shibboleth 3 "1.5 factor auth" intercept flow" -- Although we advocate 2-factor authentication, few students are ready for it. So we built a "1.5 factor authentication" system that combines geolocation, ASN, a persistent cookie, and user characteristics to demand additional knowledge-based questions of only the most "unusual" logins. Possibly novel features: "Mostly stateless" design that allows horizontal scaling and failover without "real" clustering, similar to IDP30 itself. No Java code, just scripted attributes and some trivial LAMP pages. User-facing "Account Activity" page conceptually similar to what Google and Microsoft do. Use of browser cookies to bridge the Shibboleth/Java world to LAMP code that our developers understand.

  3. Sigita Jurkynaite (GEANT) on "Building Trust in the CSIRT Community" -- One of the first tasks I was assigned when I started working at GÉANT (then TERENA) was providing management support for TF-CSIRT - a task force that promotes collaboration and coordination between Computer Security Incident Response Teams (CSIRTs). I had joined GÉANT from outside of the REN community and, at first, working with these very technically minded people did not seem any more or less complicated than anything else I had done in my career. I quickly learned, however, that the computer security world is quite….different. Having now worked with the CSIRT community for over two years, I would like to look back on my experiences and share the lessons I’ve learned in building - and sustaining - trust with those who do not trust anyone.

  4. Piradon Liengtiraphan (Marist College) on "How to Make a Honeypot" -- To have an effective response to threats against new technologies, two strategies should be applied: offensive and defensive. While firewalls and other networking technologies serve to protect resources, the primary goal is to have true anonymity and security across the network. To best achieve this goal, the response team must be provided with a sufficient amount of information that will accurately generate dynamic protocols for adaptive security. In the world of continuous, emerging threats, we approach this problem by first creating a honeypot that would fingerprint as the detected resource. The data collected from the honeypot is then analyzed by an open source analytics software code named “Longtail” to generate information that serve to represent the general trend of attacks toward the secured resource. In this lightning talk, we will present how one would go about creating a honeypot which has the ability to fingerprint the real secured resource(s) within the environment. NOTE: This research was performed by: Piradon Liengtiraphan, Vallie Joseph, and Robert Cannistra


Speaker Sigita Jurkynaite GÉANT

Speaker Joanna Grama EDUCAUSE

Speaker Rich Graves Carleton College

Speaker Robert Cannistra Marist College

Speaker Piradon Liengtiraphan Marist College

Presentation Media

media item thumbnail How to Make a Honeypot

Speaker Robert Cannistra Marist College

Speaker Piradon Liengtiraphan Marist College

Primary track Information Security

platinum Sponsors

gold Sponsors

silver Sponsors

supporter Sponsors