Summary
Mars Cheng is a Cyber Threat Researcher with TXOne Networks’s IoT/ICS Security Research Labs and Trend Micro. His research interests include ICS/SCADA security, threat hunting for IoT and ICS/SCADA, cryptography, and Web/IoT/Mobile/ICS/SCADA penetration testing. Before joining TXOne, Mars was a security engineer at National Center for Cyber Security Technology (NCCST) in Taipei, Taiwan. Mars has given several talks at HITB, HITCON CMT, TWISC@NCHU, and etc. Moreover, he was also lecturer at HITCON Training, Ministry of Education (Information Security Incubation Program, ISIP), Ministry of National Defense in Taiwan, and etc. Since 2018, he delivered more than 10+ CVE-IDs, and 3 SCI top journals about cryptography.
Security Skills
- ICS/SCADA Security Research
- Threat Hunting
- ICS/SCADA Penetration Testing
- Web Penetration Testing
- Mobile APP Penetration Testing
- IoT Device Penetration Testing
- Cryptography
Recent Talks
-
Mars Cheng, Terence Liu, Selmon Yang, "Dissecting the Industrial Communication Protocols for Cybersecurity Risks", ICS Cyber Security Conference USA 2019 (October 21, 2019), Altana, USA - Link: https://agenda.icscybersecurityconference.com/event/TZ65/dissecting-the-industrial-communication-protocols-for-cybersecurity-risks
Mars Cheng, Selmon Yang, "The Sum of All Fears, When ICS/SCADA are Compromised", HITB+CyberWeek Abu Dhabi (October 16, 2019), Abu Dhabi, UAE - Link: https://cyberweek.ae/session/the-sum-of-all-fears-when-ics-scada-are-compromised/
Mars Cheng, Selmon Yang, "About ICS/SCADA, You Must Need to Know", HITCON Community 2019 (August 24, 2019), Taipei, Taiwan - Link: https://hitcon.org/2019/CMT/agenda
Lecture experiences
- IoT Security Practice and Analysis, HITCON Winter Training 2019 (December 17-18, 2019), Taipei, Taiwan
- When ICS/SCADA meets Hackers, HITCON Winter Training 2019 (December 16, 2019), Taipei, Taiwan
- Penetration Test on Critical Infrastructure, (Project Training) Ministry of National Defense in Taiwan (September 29-30, 2019), Taipei, Taiwan
- Penetration Test on Critical Infrastructure, (Project Training) Ministry of National Defense in Taiwan (September 23-24, 2019), Taipei, Taiwan
- IoT Security Practice and Analysis, Information Security Incubation Program (ISIP), Ministry of Education (September 21-22, 2019), Taipei, Taiwan
- When IoT meets Hackers, HITCON Summer Training 2019 (August 20, 2019), Taipei, Taiwan - Link: https://hitcon.org/2019/CMT/training
- When ICS/SCADA meets Hackers, HITCON Summer Training 2019 (August 19, 2019), Taipei, Taiwan - Link: https://hitcon.org/2019/CMT/training
CVE-IDs
- CVE-2018-9149
- CVE-2018-9156
- CVE-2018-9157
- CVE-2018-9158
- CVE-2018-11491
- CVE-2018-11492
- CVE-2018-16656
- CVE-2019-15067
- CVE-2019-15068
- CVE-2019-15069
- Pending...
Academic
-
Cheng-Chi Lee, Chun-Ta Li, Chung-Lun Cheng, Yan-Ming Lai, “A Novel Group Ownership Transfer Protocol for RFID Systems,” accepted (Apr. 28, 2019) in Ad Hoc Networks (SCI, Impact Factor: 3.151, 2017 JCR: 29/148=0.19, subject categories COMPUTER SCIENCE, INFORMATION SYSTEMS)
-
Cheng-Chi Lee, Shun-Der Chen, Chun-Ta Li, Chung-Lun Cheng, Yan-Ming Lai, “Security Enhancement on An RFID Ownership Transfer Protocol Based on Cloud,” accepted (Oct. 22, 2018) in Future Generation Computer Systems (SCI, Impact Factor: 4.639, 2017 JCR: 7/103=0.07, subject categories COMPUTER SCIENCE, THEORY & METHODS)
-
Cheng-Chi Lee, Chun-Ta Li, Chung-Lun Cheng, Yan-Ming Lai, Athanasios V. Vasilakos, “A Novel Group Ownership Delegate Protocol for RFID Systems,” accepted (Feb. 14, 2018) in Information Systems Frontiers (SCI, Impact Factor: 2.521, 2016 JCR: 20/104=0.19, subject categories COMPUTER SCIENCE, THEORY & METHODS)
-
Cheng-Chi Lee, Shun-Der Chen, Chun-Ta Li, Chung-Lun Cheng, Yan-Ming Lai, “Cryptanalysis of An RFID Ownership Transfer Protocol Based on Cloud,” IEEE Proceedings of The 5th IEEE International Conference on Cyber Security and Cloud Computing (IEEE CSCloud 2018), Shanghai, China, June 22-24, 2018 [EI]
-
Cheng-Chi Lee, Chung-Lun Cheng, Yan-Ming Lai, Chun-Ta Li, “Cryptanalysis of Dimitriou’s Key Evolving RFID Systems,” ACM Proceedings of The 5th International Conference on Network, Communication and Computing (ICNCC 2016), Kyoto, Japan, Dec.17-21, 2016 [EI]
Certifications
- CEH, EC-Council Certified Ethical Hacker
- ECSA, EC-Council Certified Security Analyst
- BS 10012:2017 Personal Information Management System (PIMS) Lead Auditor
- CCPA, Cellebrite Certified Physical Analyst
Contact Information
- E-mail: chunglun.tw@gmail.com
- Twitter: marscheng_
- Linkedin: Mars Cheng