Getting Into Cyber 102

Getting Involved and Setting Goals

Who Am I?

Graduated from UMD in '19 with a BS in CS. Involved in CSEC and helped create challenges for UMDCTF-2018/19.

 

Now I have to be an adult and work our lives away, but still love CTFs and connecting with the community! (And we love our jobs! #cyberroolz)

Mike - WittsEnd2

Software Engineer - C, Python, & Web

Reverse Engineer

Graduate Student - M. Eng. Cyber Security

Hobbies: CTFs/Dev Projects, Entrepreneurship, Baseball, Music, Stocks

 

This Presentation is...

  • Learning how to approach this semester with a plan.
  • Taking advantage of the resources available this semester
  • How to look to apply cyber skills in other places

This Presentation is not ...

Itinerary

  • Evaluating where you are now
  • Goal Setting and Schedule Planning
  • Ways to Get Involved in UMD/CSEC
  • Questions

Where are you now?

Evaluate Where You are Now

  • Evaluate your skills on a chart 
    • Recommend 0 (beginner) - 3 (expert)
    • CTF Challenge Categories are a good way to evaluate
  • Circle/Mark the categories you want to focus on
  • Write down why you want to focus on it 

Setting Goals For The Semester

You want to get better at cyber

  • You might have some expertise
  • You might have none 
  • How do you take advantage of the semester?

Set Specific Goals

  • Concentrate on what you want to improve on
  • Measurable progress
  • Can be broken down into further goals
  • Follow a framework (like SMART) 

Example:

  • Improve on Reverse Engineering
    • Solve 20 Reverse Engineering problems this semester
    • Watch LiveOverflow's video series about Reverse Engineering
    • Become proficient at X86 Assembly

Set Specific Timeframes

  • Can hold you accountable. 
  • More likely to actually work on the goal
  • Helps to determine if goal is reasonable, too ambitious
  • Know your own limits
    • School
    • Personal life

Set Specific Timeframes

Set a Schedule

  • Schedule time to learn CSEC skills in your week
  • Have a morning routine
    • I wake up either at 6:30 am (work) or 8 am (non-workday)
  • Schedule some fun in your workweek
  • Being organized can help you get work done in an efficient manner

Tools I Use

  • Google Calendar
  • Trello
  • Asana
  • Github/GitLab project board for specific projects

Have Some Fun and Get Some Exercise!

Building Skills?

Find a Group of Freinds

  • UMDCSEC is a great group of friends interested in Cyber
  • Ask questions and share what you are doing
  • Ask other friends not in the club if they want to join you with cyber-related projects/events

Participate in CTFs

  • Focus on a category (or two) for the CTF. 
    • If you finish one category or get stuck, move on. 
  • Focus on a category you are not familiar with 
  • Watch YouTube Videos
    • John Hammond
    • LiveOverflow

More About CTFS

  • Persistence is key to success
  • Solutions are not going to be obvious
    • Learn to use Google
  • Ask questions to organizers and friends
  • Figure out how the challenges were developed 
  • Read writeups (even during competition)

Apply Security to Projects

  • Break software that you build
  • Use your skills with CSEC
    • Website/Infrastructure
  • Use hackathons as a way to build cybersecurity projects
    • Build a set of vulnerable code
    • Build tools to help you solve CTF challenges (or pen testing)

Talk to Professors

  • Learn about the research they do and some suggestions regarding research
  • Participate in research activities
    • Breakerspace
  • This can lead to graduate school

Generating Ideas for Projects

  • How can someone break this software?
  • What am I having difficulty with and how can I make it easier?
  • What do people seem to be having difficulty figuring out? 
  • How can I protect this better? 
  • Why did someone implement this and how can I make it better?

My Project Ideas

  • Create a binary analysis framework that hooks into Binary Ninja
    • Research/For Fun
  • YouTube/Blog related to Reverse Engineering and Binary Exploitation
    • Teach skills to others
  • Create CTF Challenges

Participate in Other Clubs (including CSEC) 

  • Diversify Interests - Be Curious
  • NETWORKING
    • One of my closest professional relationships advised Startup Shell
  • Apply Cyber Security skills to the other club

Questions?