STRENGTHEN YOUR SECURITY POSTURE WITH NATIONAL CYBER SECURITY AUDITING AND EVALUATION LAB at NUST

Cyber Security Lab MCS web cover

SDG 4_Quality Education

The Department of Information Security (IS) at the Military College of Signals (MCS) – NUST is the 1st ever institute in Pakistan to offer MS and PhD degrees in Information Security since 2001. 341 MS and 10 PhD students have so far graduated from this department, and currently 70 MS and 36 PhD students are enrolled. Recently, MCS has also launched a bachelor’s program BE Information Security, in 2019. Graduates of this department are serving the Nation in different industries including government, military, and private organizations.

Figure 1. National Cyber Security Auditing and Evaluation Lab hosted at Sharif Block - MCS
Figure 1. National Cyber Security Auditing and Evaluation Lab hosted at Sharif Block – MCS

Tremendous development in cyber technology has dramatically facilitated the job of intruders to break through security systems. To keep our nation in pace with the World, the Information Security department offers specializations in the fields of Network Security, Computer Security, Cryptology, Digital Forensics, Information Security Management, and many more. The department commits itself and all its resources to achieving the glory that is the aim of NUST.

The Information Security Department achieved a grant worth Rs 73.29 million in 2018 for the establishment of the National Cyber Security Auditing and Evaluation Lab (NCSAEL), a constituent lab of Pakistan’s First National Center for Cyber Security (NCCS). The lab officially commenced in February 2019. NCSAEL is Pakistan’s leading source of expertise in cybersecurity with an aim of making “Cyber Secure Pakistan”. The lab is headed by Prof. Dr. Haider Abbas. The HR includes team lead, BDM, research associates, developers, research assistants, MS, and PhD scholars. NCSAEL is envisaged to be an internationally recognized lab authorized to audit, evaluate, and issue cybersecurity certification to national/ international IT users/ enterprises. The lab contains necessary equipment including systems and servers for development and testing purposes, along with research activities.

Figure 2. Working Environment and Lab Equipment
Figure 2. Working Environment and Lab Equipment

The indigenously developed toolkits, research publications, services offered/areas of collaboration, and major projects undertaken by NCSAEL are detailed below:

a. NCSAEL’s Indigenously Developed Toolkits
NCSAEL is involved in the development of indigenous tools which are discussed below:

  • LYNX SIEM enables organizations to monitor their systems’ logs in an automated way.
  • WebSAT- Website Security Assessment Toolkit performs security analysis of web applications.
  • MobiHawk performs security assessment of mobile applications and detects vulnerabilities via static and dynamic analysis.
  • WebGuard – Website Defacement Toolkit detects web defacement attempts and is capable of screening multiple websites 24/7 for continuous monitoring.
  • Pasbaan is an AI-based Malware Analysis Sandbox capable of detecting malware that remains undetectable through conventional detection means like Antiviruses.
  • FEAST- Firmware Extraction Analysis and Security Assessment Toolkit performs security analysis of firmware binary present in Embedded/Networking devices such as routers and access points.
  • OSCT- Operating System Compliance Toolkit performs an in-depth scan of the system that facilitates the hardening of the OS and security compliance testing.
  • SVPN- Secure VPN provides users privacy in their digital communication channel while surfing the internet by ensuring anonymity and confidentiality.
  • LYNXCERT automates the task of cybersecurity information dissemination and alert generation.
Figure 3. Working Devices of SIEM Solution and FEAST
Figure 3. Working Devices of SIEM Solution and FEAST
Figure 4. SVPN - Secure VPN
Figure 4. SVPN – Secure VPN

b. Research Publications

NCSAEL has published 22 research articles.16 of them are published in reputed journals while 6 are published in conferences. The cumulative impact factor of the journal publication is approximately 142.9. Few of the articles published by NCSAEL are listed below:

  1. An Enhanced Deep Learning Based Framework for Web Attacks Detection, Mitigation, and Attacker Profiling” A framework based on a Deep Learning model nested with a Cookie Analysis Engine for web attack detection, mitigation, and attacker profiling in real-time has been proposed.
  2. A Framework to predict early news popularity using deep temporal propagation patterns” A deep neural network is proposed to predict the popularity of a news item by exploiting the temporal characteristics of the news item on Twitter.
  3. Forensic Analysis of Image Deletion Applications” The efficacy of the top five image deletion applications namely Shreddit, Android Eraser, Permanent Delete, Sdelete, and Safe Delete has been checked in perspective of the permanent deletion of images for Android, against NIST 800-88.

c. Services Offered/ Areas of Collaboration
NCSAEL offers various services which are listed below:

Figure 5. NCSAEL’s Services
Figure 5. NCSAEL’s Services
  1. Cybersecurity Audit according to the ISO-27001, NIST, and national standards issued by the GoP.
  2. Vulnerability assessment of websites, mobile applications, and embedded/networking devices.
  3. Automated compliance check of OS security configurations according to NIST and ISO-27001 standards.
  4. Malware analysis.
  5. Continuous scanning of the websites against attacks.
  6. SIEM & SOC services.
  7. Consultancy services regarding the cybersecurity requirements of an organization.
  8. Training programs covering different areas of Information Security.
Figure 6. Cross Lab Cyber-Security Trainings (2021 And 2022)
Figure 6. Cross Lab Cyber-Security Trainings (2021 And 2022)

The areas of collaboration include Auditing and Compliance, Indigenous products development, Secure solutions, and Malware analysis.

d. Major Projects Undertaken

NCSAEL has undertaken various projects for the military (SCO, AWT, CSD, Pakistan Air Force), government (NESCOM, FIA, Ministry of Finance, the Ministry of Foreign Affairs, the Ministry of Defense), and private institutions (Western Union, Tech Avenue). Moreover, NCSAEL has actively taken part in several technology-related events, such as the 2nd Annual ICCWS and DEVFEST 2021.

Figure 7. NCSAEL’s Services for Different Organization
Figure 7. NCSAEL’s Services for Different Organization
Figure 8. Highlights of Project Showing in DEVFEST, FIA, and AI TECHVERSE
Figure 8. Highlights of Project Showing in DEVFEST, FIA, and AI TECHVERSE

References

  1. Shahid, W. B., Aslam, B., Abbas, H., Khalid, S. B., & Afzal, H. (2022). An enhanced deep learning-based framework for web attack detection, mitigation, and attacker profiling. Journal of Network and Computer Applications, 198, 103270. DOI: 10.1016/j.jnca.2021.103270.
  2. Saeed, R., Abbas, H., Asif, S., Rubab, S., Khan, M. M., Iltaf, N., & Mussiraliyeva, S. (2022). A framework to predict early news popularity using deep temporal propagation patterns. Expert Systems with Applications, 195, 116496. DOI: 10.1016/j.eswa.2021.116496.
  3. Fatima, M., Abbas, H., Iqbal, W., & Shafqat, N. (2022). Forensic analysis of image deletion applications. Multimedia Tools and Applications, 81(14), 19559-19586. DOI: 10.1007/s11042-021-11619-z.

The author is Associate Head of the Information Security Department, and Think Tank MemberNational Cyber Security Auditing and Evaluation Lab established at Military College of Signals (MCS), National University of Sciences and Technology (NUST). He can be reached at waseem.iqbal@mcs.edu.pk.

Research Profile: https://bit.ly/3XIGh9e

Dr. Mian Waseem Iqbal, MCS, NUST
Dr. Mian Waseem Iqbal, MCS, NUST

Loading

Leave a Reply

Your email address will not be published. Required fields are marked *