Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
COMP50/PS188:CyberSecurityandCyberWarfareTuftsInnovatesGrant2016
JeffTaliaferro,AssociateProfessor,PoliticalScienceMingChow,SeniorLecturer,ComputerScienceTheCourse’sMission:TodevelopintellectualbridgesamongstudentsandfacultymembersintheComputerScience,PoliticalScience,andInternationalRelations.Weareconvincedthatthelackofprogressincybersecurityisdueto
knowledgegapsbetweenthetechnicalcommunityand policymakers/non-technicalcommunity.
CourseGoals1. ToengagePoliticalScience(PS)andInternationalRelations
(IR)undergraduatesinasustaineddiscussionofthetechnicalaspectsofcybersecurityandcyberwar,whichhaveemergedasmajoraspectsofinternationalrelationsandUnitedStatesnationalsecurity.
2. ToexposeComputerScience(CS)undergraduatestotherealmofpolicymakingandtohelpthemunderstandkeyissuesinstrategicmanagementofcybersecurityintheprivatesectorandingovernment.
3. Toencouragestudentstobeengagedcitizens;toinformanddiscussthepolitical,legal,andethicalaspectsofcyberspacewiththepublic.
4. Toengageinconstructiveandhealthydebates,astheissuesincyberspacearepolitical,complex,controversial,andhavetradeoffs.
Assignments• CaptureTheFlag(CTF) - Ateam-basedexercise tofindand
exploitvulnerabilitiesinasystem(unpatchedWindowsServer2008)togainaccesstoinformationoneshouldnothaveaccessto.
• PolicyMemorandum - Apolicymemorandumonapressingissueincybersecuritydirectedtoainformationtechnology(IT)company,anintelligenceagency,acongressionalcommittee,orseniorexecutivebranchpolicymakers.
• PersonalEngagementProject - Anopen-ended projectforstudentstoactivelyengage withthecybersecurityandpolicycommunityoutsideoftheclassroomasthefieldisverybroad.
Topics• BasicNetworking• Securitytoolsincludingnmap,SHODAN,whois,Metasploit,KaliLinux• VulnerabilitiesandVulnerabilityDisclosure• CommonVulnerabilitiesandExposures(CVE)andCommonWeaknessEnumeration
(CWE)• Exploitation• MalwareandZeroDays• PrivacyandSurveillance• USIntelligenceCommunity• CyberCrime• Espionage• CounterintelligenceandLawEnforcement• DenialandDeception• CovertOperations• CyberWar
SpecialGuestsandAcknowledgements
• MattWeinberg,TeachingAssistant• Kade Crockford,DirectorofTechnologyforLibertyProgramat
ACLUofMassachusetts.GuestlectureonTuesday,March7th.Topic:SurveillanceandPrivacy(socialmediasurveillancebylocal,state,andfederallawenforcementagencies)
• ElyKahn,Co-Founder/VPBusinessDevelopmentandMarketingatSqrrl.GuestlectureonThursday,March16th.Topic:CyberDefense:Past,Present,andFuture
• SethMilstein,VicePresidentatJPMorganChase&Co.GuestlectureonTuesday,April4th.Topic:CyberSecurityinPublicvsPrivateSectors
WhatWeLearned• Theideaofcyberwarfareisnotthatspecial.Whilethe
techniquesareunique,manyideasaresimilartotraditionalwarfare.Theword“cyber”shouldbedropped.
• Verydifficulttokeepupwithcurrenteventsandnewreadingseveryday.
• Thereisaproblemwithvocabularyinthisfield.Manywordshavedifferentcontexttodifferentgroupsinthisfield.
ImprovementsToBeMade1. Needmoreassignments,perhapssmalllabs.2. IncorporateaneventsimilartotheAtlanticCouncilCyber
9/12StudentPolicyCompetitionintotheclass.3. Addasecondteambasedproject(inadditiontoCTF),with
eachteamcomprisedofIR/PSandCSstudents.4. Havemorein-classdebatesontopicssuchasvulnerability
disclosure.
FutureWorks1. Developadditionalundergraduatecoursesdealingwithspecific
aspectsofcybersecurityandpolicy.2. Makethisarequiredcourseinfuturegraduatedegreeprogram
incybersecurityandpolicyatTufts.3. PublicationsandtalksonourworktoInternationalRelationsand
PoliticalScienceforumsandjournals.
Outcomes47studentstotalininauguralclass.Weaskedstudentstocompleteasurveyattheendofthecourse.40totalresponses.