Talks & Presentations

The following is list of presentations that I give as part of meeting the CPD requirements of various certify organisations. These presentations are aimed at a non infosec audience and are suitable for the non technical as well. They are not overly technical and I try include practical demonstrations of the points where possible.

Details of where I will be doing these presentation can be found in the right hand side bar,  if you wish to attend please contact the organisers of the event.

If you would like to discuss about me giving a talk to a group you organise, please contact me

Title: Demystifying Phone Hacking

Phone hacking has been in the press in the UK but misunderstand what most of the papers where actually doing. This talk covers the history of phone hackers from the original phreakers to the cyber attackers of today and looks at some of the different attacks from social engineering access to voicemail to the cracking of encryption on mobile phone networks. This will be followed by discussions and a Q&A session.

Title: Hacking the Internet of Things

The Internet of Things describes a paradigm of how electronic devices including everyday items are now interconnected by various media to each other locally and across the Internet. This allows them to exchange information and to interact with us in order to make life easy. You can now control the heating in your home from a smart phone app or monitor the movement of hundreds of buoys free floating in ocean currents from anywhere in the world. The Internet of Things has great potential for aiding us, however the potential for malicious activities is just as great. This talk discusses the Internet of Things and it's potential.  This will be followed by discussions and demonstrations of how the Internet of Things can be hacked to reveal details of our interactions or take control of the environment around us.

Title: How the web hacks you


The internet has become a feature of all our lives whether at work or at home. Recent developments such as cloud services and the government's push to move its activities online mean that more and more in our personal and work life we are conducting transactions over the web. The web has made a wide range of interactions from finding information to purchasing and banking activities so much more convenient for us. However it has also made it easier for us as individuals and organisations to be attacked via the web with phishing, scams, malware and hacking occurring. Not a day goes past when some form of attack via the web is reported in the news. This talk will outline the reasons why the web is vulnerable, explain some of the more frequent attacks and suggests countermeasures that make it less likely you will be hacked via the web


Title: WiFi Networks: The Practicalities of Implementing A WiFi Network

The Wireless network protocol 802.11 was originally released in 1997 by the IEEE and by computing timescales is a mature technology with a large base of manufacturers and both commercial and domestic users. Despite initiatives like Wireless Protected set-up (WPS) to make installation easier, there are still issues in implementing a network using wireless technology, especially in the domestic environment. Wireless networks have a history of security problems with flaws in the implementation of WEP and recently with WPS. This talk will look at the these issues, the (opensource) tools that can be used and how these apply to the home environment. The talk will include practical demonstrations of the tools and techniques discussed in the presentation and unravel the alphabetic soup of the available standards. Secure configuration is becoming increasing important as a lot of home users are using wireless to create multimedia entertainment systems, enable laptops, smartphones and games console to have internet access and to create a CCTV system to monitor home security and children's playrooms. The courts have already convicted paedophiles of piggybacking neighbours wireless networks to download material and hackers of using wireless networks for pirating software, music and films and for spying on occupants using their own security cameras.

Hollywood Effect on Digital Forensic

There is a knock on the door, no answer, the FBI team crashes through the door and find the apartment empty. A computer is switched on in the corner of the room, a FBI agent goes across, types at the keyboard and in seconds is into the computer system, in no time recovers an email revealing the location of a nuclear weapon about to explode destroying Washington, they have enough time … just … to stop the weapon and capture the terrorist. A typical scene from a Hollywood movie but in reality the evidence from the email will be thrown out of court due to lack of procedure.
Hollywood has a unique view on the real world and can leave a distorted prospective in the minds of the movie goer or the couch potato. Digital forensics is new and almost hip in the eyes of the younger generations, it involves that part of modern life that is inescapable the computer and plays on the fear that every thing we do on the computer is traceable. Programs like CSI, Numb3rs, and NCIS leave viewers with the impression the digital forensic expert can retrieve any type of information and the expectation that in a court case that the evidence must include DNA, computer records etc for the case to be proven.
The success of forensics-based dramas like CSI has ensured there's no shortage of applicants to study forensics. Hollywood and its public are enamoured by the supernatural potency of the discipline. The ludicrous feats of deduction often scored by the stars of these shows have convinced many that modern forensics is fast-paced, glamorous work. The "CSI effect" has given the public in particularly some members of juries some inflated expectations of computer forensic analysis
This talk looks at Hollywood and the TV interpretation of digital forensics and gives an insight into to how it is really done.

Trojan, exploit & rootkit: a Practical demonstration

Is your computer system under attack? Would you know if hackers hijacked your system and took control of your resources? This presentation will show how the attacker takes control of the system, covers their tracks from the users of the system by creating a 'backdoor' and hiding it using a 'rootkit'. You can see exactly what these and other terms such as 'trojan', 'exploit', and 'hack' actually mean when applied to a real system. Will cover some basic precautions that will help you protect your computer from being attacked

Engagements

2015
  • "Demystifying Phone Hacking", Bedford BCS, 7th Oct 2015
  • "Hacking the Internet of Things", Hertfordshire BCS, 13th May 2015
  • "Ethical hacking and Computer Security", UoB student chapter BCS, 25th Feb 2015
2014
  • "Ethical Hacking Webinar", IT Governance Free Webinar series, 9th July 2014
  • "PCI DSS and Secure Applications", OWASP AppSec EU 2014, 25-26th June 2014
  • "Hacking the Internet of Things", Bedford BCS, 13th May 2014
  • Speaker at ISO 27001:2013 and PCI DSS V3: New Standards in the Global Cyber War, 8th May 2014
  • Penetration Testing Webinar, IT Governance Webinar, Thursday 3rd April, 2014
  • "Web Application Security", Bedford College Evening Students, 21st Jan 2014
2013
  • PCI DSS Version 3.0: The Changes Explained - Simply, IT Governance Webinar, 26th November 2013
  • "Computer Security & Hackers", Bedfordshire University, 25th November, 2013
  • "Hackers and Hacking", Research Institute for Media, Arts and Performance, Bedfordshire University, 13th November, 2013
  • "How the web hacks you", Lea & Ouse Valleys Safety Association, October 10, 2013
  • "Ethical Hacking", Bedford College Day Students, 26th Mar 2013
  • "WiFi Networks: The practicalities of Implementation",Essex Branch IET, 27th Feb 2013 (Further details)
  • "WiFi Networks: The practicalities of Implementation",Bedford Branch BCS,  26th Feb 2013 (Further Details)
  • "Web Application Security", Bedford College Evening Students, 9th Jan 2013
2012
  • Cost Effective Assessment of the Infrastructure Security Posture', The 7th International IET System Safety Conference, incorporating the Cyber Security Conference 2012, 16th-17th Oct, Edinburgh, Scotland
  • "Hollywood Forensics", Bedford Branch BCS, 28th June 2012
  • "Hollywood Forensics", Herts Branch BCS, 24th April 2012
  • "WiFi Networks: The practicalities of Implementation", Herts Branch INSTMC, 18th April 2012
  • "Ethical Hacking", Bedford College Day Students, 6th Mar 2012
  • "Trojan, exploit & rootkit: a Practical demonstration",Herts Branch BCS, 22nd Feb 2012
  • "Trojan, exploit & rootkit: a Practical demonstration",Essex Branch IET, 8th Feb 2012
  • "Web Application Security", Bedford College Evening Students, 25th Jan 2012
2011
  • "Web Application Security, Bedford College Evening Students, 15th Jun 2011 (Further details)
  • "Ethical Hacking", Bedford College Day Students, 3rd May 2011 (Further details)
  • "Trojan, exploit & rootkit: a Practical demonstration", Herts Branch INSTMC, 30th Mar 2011
  • "Hollywood Forensics", Essex Branch IET, 9th Feb 2011
2010
  • "Hollywood Forensics", Herts Branch INSTMC & IET, 27th Jan 2010
  • "Computer Security: Protecting Yourself", The Knowledge Network,
    University of Bedfordshire, 24th Mar 2010
2009
  • 'Development of a facility to aid the teaching of Computer Security and Digital Forensics at the University of Bedfordshire', 3rd International Conference on Cybercrime Forensics Education & Training 2009, 1st-2nd September, Canterbury, UK
2008
  • "Biometrics: Physical Identification", Herts BCS Branch Meeting, 30th Sept 2008
2006
  •  'Reliability, Availability and Security of Wireless Networks in the Community', IADIS International Conference e-Society 2006, 13-16th July, Dublin, Ireland

2 comments: