You are here: Home / Past Courses / Fall 2016 - ECPE 177 / Presentations / Presentation 2 - Security and Privacy

Presentation 2 - Security and Privacy

For this assignment, you will be providing an oral presentation to your peers in the networking class.

What do I need to do?

  1. Pick a single topic related to either network privacy or security that has been in the news in 2015 or 2016.
  2. Talk to or email the instructor for topic approval by posted deadline
    1. Provide a 3-sentence summary of your proposed topic
      Topic approval will prevent overlap in topics
  3. Read about your chosen topic and understand it in detail
    1. You should know more detail than what is actually covered in your presentation, because your peers or the instructor might ask a question at the end...
  4. Prepare a presentation for the class.  You should provide enough detail and background information such that your peers (other students in the class) are able to understand and appreciate your presentation.
    1. The presentation length should be 12-13 minutes plus 1 minute for questions.
    2. You should provide 7-9 PowerPoint slides -or- use the whiteboard during the presentation to convey useful figures and diagrams. (Some of your peers are visual learners, not auditory learners, and will better appreciate your presentation by viewing a figure instead of listening to your words).
  5. Upload your PowerPoint slides to the Canvas site by the posted deadline (midnight the day before). They will be assembled into a single file on the instructor machine, so we don't need to switch laptops during the class. (and you don't need to bring your own).
  6. Present! (during normal class time)

 

Topics from Prior Years

(Some topics are still relevant in 2016, while others may be "old news".  You are highly encouraged to suggest topics not listed here!)

Tip:  The SANS NewsBites newsletters are an excellent source of current events news on security.  Just pick an archive issue at random, and you're almost guaranteed to find an interesting presentation topic within. 

  • EverCookie (persistent cookies)
  • DNSsec (encrypted DNS starting at the root name servers)
  • IPv6 and security - What does it make easier? What does it make harder?
  • Cross-site scripting (XSS) - Why is this a problem?
  • Privacy within social media sites
  • Tor (anonymity network) and "Onion routing"
  • FreeNet - decentralized, distributed data store
  • SOPA / PROTECT laws (and implications for DNS)
  • WikiLeaks - Who are they? Arguments of proponents and opponents?
  • Future internet designs - How can we make the Internet more secure?  New architectures...
  • Cloud Computing and security implications
  • Password cracking
  • Password generation / password managers
  • Any one of numerous examples of malicious activity:
    • Spam - particular spam rings?
    • Viruses / Worms / Trojans - pick one that is network-related
    • Malware / spyware - pick one that is network-related
    • Phishing attacks - Lots of attacks on social media sites
    • DDoS attacks - Who is the latest victim? What was the largest attack in the past?
    • DNS cache poisoning or DNS cache hijacking - What is the last victim? How do these attacks work?
    • ARP cache poisoning or spoofing
    • Botnets
    • Keystroke loggers
    • Root kits
    • Man-in-the-middle attacks
    • SQL injection attacks
    • Timing attacks
    • etc...

 

Selected Topics / Presentation Order 

Thursday, November 3rd, 2016

  • Trojans - Bryan Ching
  • Phishing - Taylor Osterchrist
  • Mirai malware - John Volpi
  • Spam - David Bergstrom
  • WikiLeaks - Blake Lemons

 

Thursday, November 10th, 2016

  • Google "Verified Access APIs" - Sidney Brooks
  • Kernel encryption (or lack thereof) - Jerrell Gardner
  • Linux "Dirty Cow" privilege escalation vulnerability - Obaid Rehman
  • SQL Injection - Justin Hyunjun Park
  • End-to-end message encryption (e.g. Facebook messenger) - Jose Meza

 

Tuesday, November 15th, 2016

  • DDoS (in general) - Tianxiang Liu
  • Password generation, password managers, 2FA - Eric Beutler
  • Password cracking - Kyle Phan
  • Dropbox (2012 password breach, announced in 2016) - Cody Berchem
  • Web auth mechanisms (Basic HTTP, OAUTH2, Cookies, Sessions, etc...) and Vulnerabilities - Miguel Cervantes
  • TOR - Curtis Klein
  • Cloud computing - Lonny Rasberry