Event: ENSS/IGCP Joint Colloquium Series

Presenter: Dr. Hal Berghel, Professor of Computer Science, University of Nevada, Las Vegas

Date: Friday, April 27, 2012

Time: 3:00 PM*

Location: EIT Auditorium

*Meet and greet with Dr. Berghel starts at 2:30pm. Cookies and coffee will be available.


Title: The Stuxnet Experience: Insights into the World of Network Forensics

 

Abstract: This talk will discuss the tools of the network forensics practitioner by means of the recent Stuxnet attack that was so effective in disabling the Iranian Natanz uranium enrichment centrifuges. The discussion begins with an overview of malware profiling and the art of Internet forensics. We then look at Stuxnet from an evolutionary point of view, tracing it's development from the initial PLC MC7 hack through the Windows OS vulnerabilities, to the process injection sequence, to the method of flying under the anti-malware radars, and finally to the actual exploit itself. Several conjectures of the source of Stuxnet modules will be covered. A flowchart of the Stuxnet infection flow will be presented. This talk may also include other network hacks as exemplars of Internet forensics tools and strategies.

 

Bio: Hal Berghel is currently Professor of Computer Science at the University of Nevada, Las Vegas where he has previously served as Director of the School of Computer Science and Associate Dean of the College of Engineering. He is also the founding Director of the Identity Theft and Financial Fraud Research and Operations Center. His research interests are wide-ranging within the binary and digital ecosystem, ranging from logic programming and expert systems, relational database design, algorithms for non-resolution based inferencing, approximate string matching, digital watermarking and steganography, and digital security (including both computer and network forensics), Since the mid-1990's he has applied his work in digital security to law enforcement, particularly with respect to digital crime, cyberterrorism, and information warfare. His research has been supported by both industry and government for over thirty years. His most recent work in secure credentialling technology was funded by the Department of Justice. In addition to his academic positions, Berghel is also a popular columnist, author, frequent, talk show guest, inventor, and keynote speaker. For nearly fifteen years he wrote the popular Digital Village column for the Communications of the ACM.

Berghel is a Fellow of both the Institute for Electrical and Electronics Engineers and the Association for Computing Machinery, and serves both societies as a Distinguished Visitor and Distinguished Lecturer, respectively. He has received the ACM Outstanding Lecturer of the Year Award four times and was recognized for Lifetime Achievement in 2004. He has also received both the ACM Outstanding Contribution and Distinguished Service awards. He is also the founder and owner of Berghel.Net, a consultancy serving business and industry, and co-owner of BC Innovations Management, a startup company in IP and DRM.