Campus hosts cyber security events

by Nathan Yeo | 8/15/11 10:00pm

Dartmouth's Institute for Security, Technology and Society co-hosted "Securing the eCampus 2011: Building a Culture of Information Security in an Academic Institution" along with Peter Kiewit Computing Services on July 19-20, according to ISTS associate director Thomas Candon.

The fifth annual conference brought together chief information officers and chief information security officers from many universities to discuss ways to protect research data, as well as other information security issues. ISTS also hosted a program for college students and a camp for high school students this summer term to promote information security.

Founded in 2000, ISTS aims to engage in research and education about information security and privacy, according to ISTS's website. ISTS has developed several courses for the College and regularly brings speakers to give presentations at Dartmouth.

"There are all sorts of intellectual property issues that [universities] need to be concerned about," Candon said. "There are a number of faculty members who are doing research and you want to make sure it does not get out there into the larger community in terms of stuff that they're doing that's brand new and they will be presenting later."

The conference also featured guest speakers including Larry Conrad, the Chief Information Officer of the University of North Carolina, Chapel Hill and Larry Clinton, president of the Internet Security Alliance, according to Candon. Clinton discussed current congressional policy on information security during his presentation.

From June 21 to July 1, 11 students from other colleges participated in the fourth annual Secure Information Systems Mentoring and Training program, which is designed to immerse students in cyber security.

The two-week intensive course featured a "hacker curriculum" that helped students find ways to exploit weaknesses in computer security systems in order to safeguard them against real hackers, according to Candon.

Candon said one purpose of the program is to spread the study of cyber security to other universities, as computer security is not always emphasized in other universities' computer science curricula.

For the remainder of the summer, the students were placed in information technology internships with a variety of employers, including academic institutions, large corporations and small start-ups, according to Candon. After the internships end, the students will return to their universities to work on cyber security projects with a faculty advisor.

"The thinking behind that is that once you get tied in with the faculty at a home institution, there's a better chance of infusing information security into the home institution," Candon said.

Ten high school students equipped with Apple iPads participated in the Security, Technology and Society High School Summer Camp, which lasted from July 5 to July 8.

The program introduced high school students to "multidisciplinary" studies in cyber security and privacy, according to Suzanne Thompson, director of the camp and a research scientist at Dartmouth Medical School.

A team of graduate students and postdoctoral fellows instructed the students, most of whom were in 11th grade. The students visited Dartmouth-Hitchcock Medical Center to speak with doctors about data security in the healthcare field, according to Thompson.

In one project, students examined a picture of a birthday cake that was posted to Twitter and used the picture's metadata to determine where and when the picture was taken, Candon said.

"One of the exercises that they did was taking a picture, posting it online and realizing all of the information that underlies that picture that tells you a larger story of what's going on there," Candon said. "There's information there that you might want to protect in some ways when you put it online."

In another activity, students played "CISO vs Adversary," a video game designed by Gabriel Weaver, a Computer Science doctoral student, and Juhee Kwon, a research fellow at the Center for Digital Strategies at the Tuck School of Business.

In the game, the player aimed to protect money and computer data against a medical identity theft, according to Candon.

"We were able to expose the high school students to those areas as well so we could give them a real cross section of very current technology applications," she said. "I think they were absorbed, and we were very pleased with the feedback."

Thompson said some students were already planning projects, including one about digital forensics, to work on when they returned to their high schools, including one about digital forensics.

"That's what it's all about exposing them and having them take these ideas and apply them to their lives and sharing what they learned with other students," she said. ISTS is largely funded through the Department of Justice and the Department of Homeland Security, according to the ISTS website.

ISTS has also received over $22 million in competitive grants from agencies, foundations and information technology companies including the National Science Foundation, the Mellon Foundation and Microsoft and Adobe. A Department of Defense grant funded the high school camp, according to Thompson.