This year UMSL had the pleasure of having a faculty speak at SecureWorld 2016 on 18 October 2016. This event was attended by many currently employed as security professionals in the industry. This includes civilians and government civilians from Scott Air Force Base. Organizations that have local chapters such as (ISC)2, and ISACA were present.
On 26 October 2016, UMSL Advanced Cyber Security Concepts course had the pleasure of having Mr. Norm Muelleman Jr present to the class. He is currently a Senior Information Security Analyst at Schnucks Supermarket, and the (ISC)2 St. Louis Chapter President. He provided students with some resources for their cyber security career, and local meet-ups they should do. Also, he provided solid career guidance on entering the cyber security field which included how to get professionally ready for an opportunity.
View Mr. Muelleman’s LinkedIn at https://www.linkedin.com/in/norm-muelleman-jr-6228a22
UMSL is an official member of the National CyberWatch Center. The National CyberWatch Center is a consortium of higher education institutions, public and private schools, businesses, and government agencies focused on collaborative efforts to advance cybersecurity education and strengthen the national cybersecurity workforce.
View more info at http://www.nationalcyberwatch.org/ and review membership listing at http://www.nationalcyberwatch.org/membership/members/
National CyberWatch has partnered with Threat.Connect to bring you an overview of Threat Intelligence. The webinar will cover what Threat Intelligence is, FREE faculty resources available, and how faculty can easily integrate these resources into their courses.
Students in the Advanced Cyber Security Concepts course had to perform a number of activities that displayed their ability to master the cryptography domain. This included performing basic stenography encryption. The graduate student selected Steghide application to perform this task. In the figure below you can see the student’s encrypted photo and the command line commands used to decrypt it. See Steghide documentation and steps at http://steghide.sourceforge.net/documentation.php
Figure 1: Google Hangout Steghide Demonstration
“President Obama’s National Cybersecurity Action Plan of 2016” webinar on March 24, 2016 at 2:00 pm eastern.
The International Journal of Hyperconnectivity and the Internet of Things (IJHIoT) is set to be officially launched in 2017. The IJHIoT shall focus on a variety of topics relating to IoT and the current age of hyperconnectivity including security concerns, applications of IoT, development and management of the IoT, wearable computing, IoT for home automation, smart cities, etc. The editor-in-chief of the journal shall be Dr. Maurice Dawson who is a faculty member in the Information Systems Department.
See schedule below that shows the dates for the IJHIoT.
The signed contract can be viewed by clicking on the following link Dawson_IJHIoT agreement_signed_IGI
INFSYS 6868 Software Assurance – Student Research Papers
Software Development Security: Security Driven Development
Abstract: Security design patterns in the software development life cycle has taken a back seat to create better user experience. At the cost of this better user experience is the risk associated with the lack of focus in security. This becomes an issue for companies that experience major security breaches and must continue to patch their patterns rather than, taking a security driven approach to designing their software. In this paper we will explore the benefits of moving toward a security driven development pattern. In the paper the focus will be centered on business processes and involving security throughout the organizational ecosystem. The benefits and challenges that is associated with moving toward a security driven development pattern and how to build a security driven organization.
Click here to view research paper Secuirty_Driven_Dev_Sasa_Basara
Third Party Risk Management: Cost-effective Approach
Abstract: This paper focuses on importance of third-party risk management and outsourcing risks. Specifically this paper will emphasize the importance of building supplier relationships in safe, secure and productive way applying risk-based approach to supplier oversight and relationship management. Benefits and challenges outlined along with recommendations on how to build risk averse and policy compliant corporate culture.
Click here to view research paper Third Party Risk Management
Improving Web Application Security by Eliminating CWEs
Abstract: This study examined improving web application security by eliminating CWEs. With the developing of web application, securities are becoming more and more important and complicated. The article states the current situation of the web application security and provides possible solution method. By understanding the CWEs and eliminating CWEs can help web application developers to solve or minimizing the security problems. The study listed three CWEs as examples to show how to understand and eliminate CWEs. Problem-solving based method can help people quickly understand the advantage of using CWEs to improve web application. Cloud Computing is also covered in the study for the future research directions.
Click here to view research paper Weijie_Chen_ResearchPaper
INFSYS 6868 Software Assurance & INFSYS 3868 Secure Software Development
In this assignment, students were broken up into groups to perform the following tasks below.
|Select source code (minimum of 2 applications)|
|Run the tools and obtain reports|
|Create a presentation based upon reports (no more than 10 slides)|
|Defend how to fix deficiencies, errors, or vulnerabilities found|
|Present finding to class/instructor|
Click to view this group’s final submission INFSYS6868_StaticAnalysis_Basara_Want_Fillipets
Click to view this group’s final submission Static Code Analysis_Meyer_Zahniel