Olympiad "I am a professional" track "Information and cyber security"
We continue to talk about the student competition “ I am a professional ”, which is organized by the Russian Union of Industrialists and Entrepreneurs, the public organization “Business Russia”, “Yandex”, as well as the country's strongest universities, including ITMO University.
Another direction (track), which is supervised by ITMO University at the Olympiad, is “Information and cyber security”. The winners of the Olympiad will receive the highest score on the profile exam for admission to the magistracy / graduate school, a cash prize and a job offer in the best IT companies in Russia.
The task of the Olympiad is to help talented students from the regions to get acquainted with the real requirements of employers, to get a job, as well as the opportunity to study and achieve scientific victories in the best universities of the country.
')
Today we will talk about how the ITMO University is developing the direction of cybersecurity, which projects in this area the University supports and why “I am a professional” is a great opportunity to join one of our cyber-developments.
At ITMO University, several departments of the Faculty of Information Technology Security are engaged in the cybersecurity and protection of information systems. They work on security issues of computer , cyber - physical systems and machine design of on-board electronic computing equipment.
For most students, the choice of this direction is deliberate and balanced - the “information security” direction is well known, students entering there know what they want to do and which companies will be able to work in the future. For example, the assistant of the department of design and security of computer systems, Andrei Yuganson, said that he had a good idea of where he was going, and subsequently chose the most interesting direction for research and development:
Consciously entered the PBIT [Faculty of Information Technology Security]. Today, my area of interest is in the methods and means of ensuring internal auditing and monitoring the status of software that is under the influence of threats to its information security. In other words, reverse engineering software to detect vulnerabilities and prevent their use.
This section of information security fascinated me after learning the language Assembler. Since childhood I have been very curious, and at the university I mastered the tools with which I could get into the essence of the most complex software solutions and examine them from a security point of view.
In order, like Andrei, to take part in the developments that are conducted at the department, it is not necessary to wait for a diploma - students of ITMO University under the guidance of tutors and teachers are actively engaged in research in this area. For example, Zakhar Dementyev, a student at the Department of Secure Information Technologies at ITMO University, is working on the issue of attacks against the motherboard firmware.
In his project, he parses the attack vectors and modern defense mechanisms. The main idea of the work is to organize protection against attacks, including overwriting firmware, with the help of a hypervisor.
A number of laboratories also operate at the Faculty of Information Technology Security, in particular, the Laboratory of Computer Forensics and Information Technology Crime Investigations.
Employees of this laboratory are engaged in the examination of computer technology and help customers respond to information security incidents. Its director, Pavel Kuzmich, says that the laboratory conducts scientific and applied research in the field of analyzing attacks that have already been carried out and predicting exactly which threats will be relevant to a particular system during a specific period of its “life” (so-called Digital Forensic Science).
Other young scientists of the ITMO University are engaged in development in this direction. For example, Igor Pantyukhin, a tutor, a graduate student in the department of secure information technologies at ITMO University, is working on projects in the field of post-incident audit:
At ITMO University, I, along with masters and students of the secure information technology department, do research (Digital Forensic Science) and develop new methods and approaches (for example, computer incidents research methods based on analysis of attributes and their values only). They will reduce the computational complexity of the process of investigating computer incidents and improve the accuracy of their detection. The obtained results can be applied when a potential cyber attack performer is detected and its sequence of actions is determined.
More development: CODA project
In addition to the work of laboratories and departments, ITMO University also supports other projects in the field of information security. An example is the CODA project , which is being worked on by the staff of ITMO University, tutor of the secure information technologies department and CODA general director Arthur Khanov, and senior lecturer in the secure information technologies department Maxim Baklanovsky.
The project fixes the program's calls to the system kernel to detect potentially harmful activity. “On these applications to the core of the system, we build a computer model that allows us to distinguish one process from another. We can keep a record of all processes with no more than 10% of the load on the system, and we have learned to distinguish one process from another, ”commented the development of Artur Khanov.
The team confirmed the performance of the system: 60,000 malicious programs were launched on the virtual machine network in May 2016. After half an hour of training in a “conditionally healthy system,” CODA found over 90% of them. The number of false positives did not exceed 4%.
"Work" projects and employment prospects
Naturally, in order to work in the field of information security, it is not necessary to remain from the walls of Alma Mater:
I believe that after graduating from ITMO University in the direction of training "Information Security", graduates have high chances of employment. Today, FBIT cooperates with many Russian and international companies, including JSC Kaspersky Lab, Digital Security, Positive Technologies, CJSC Laboratory of Countering Industrial Spying and others. The demand for specialists is very high.
Graduates have the opportunity to respond to the following vacancies: an information security specialist, a vulnerability scanner, an information security analyst. In business, skills in working with modern software, hardware and software to protect information from unauthorized access, firewalls, antivirus tools, as well as the skills of identifying information security threats and technical information leakage channels are widely demanded.
- Andrei Yuganson
Some of the graduates of ITMO University not only achieve success in their career as an information security specialist, but also talk about it in Habré. For example, Andrewaeva , a graduate of the department of secure information technologies, Andrewaeva writes about one of his developments in this post.
How to increase the chances of admission: Olympiad "I am a professional"
“Information security” is a popular area of study at ITMO University, so it’s not easy to enter there: the competition is quite high. The applicants of ITMO University entering this area demonstrate one of the highest rates of the Unified State Examination score - 88.9.
However, in this case there are exceptions to the rule: for example, this year Ilya Glebov, a schoolboy who discovered the VKontakte vulnerability, entered the ITMO University for information security. He was not able to score the required EGE score in mathematics, but the University made an exception, since Ilya showed really outstanding knowledge in the profile direction. By the way, to notice the gifted entrant his post on Habré helped - we already told about it here .
Of course, this case is unique: “The story of Ilya’s admission to the ITMO University is a coincidence that became possible due to the fact that the staff and students of our university regularly read this blog. If you want, then we can say that the post has fallen into the right hands of an employee of the Admissions Committee, ”says Nikolay Pshenichny, head of the department of vocational guidance and work with talents of the Strategic Communications Department.
Therefore, for guaranteed admission, it is better to additionally insure yourself - for example, to take part in the competition “I am a professional”, the winners of which receive the highest score for the profile exam when entering a university (which is very important in the case of “Information Security”) .
Unfortunately, schoolchildren will not be able to enter the university for this Olympiad: it is designed for those entering the magistracy and graduate school. However, all participants will be able to test themselves in business and work on case studies compiled with the participation of real businesses, since one of the project’s tasks is to introduce students to employers' young professionals.
Partners from the business in this track are: Kasperskiy Lab, INFOWATCH, CheckPoint, Positive Technologies, Digital Security, Neobit and others.
You can register for the Olympiad now. The qualifying round for the “Information and Cybersecurity” track starts on December 6 and runs until December 10. By the way, the qualifying round is not required for those who have certificates with “Good” or “Excellent” marks for the Cybersecurity Fundamentals from EdX and Applied Cryptography from Coursera. And all the useful information about participation in the Olympiad in this area is collected here .