Attack/Tool Presentation
Guidelines
This is a task for a group of 2 students. Each student group is required to find a concrete
attack/vulnerability/exploit or a security tool to present in class. The
duration of presentation is 10-15 minutes.
Note that time is very limited, so preparation is key. The content needs to be
educational and you need to demonstrate an appropriate level of understanding of
the topic (get straight to the point and skip unnecessary
background/introduction). The format:
- The attack should be an interesting one. Explain the goal of the attack, e.g., what it can do, how dangerous they are.
- Explain how the attack works, preferably with key pieces of code (if applicable) shown to illustrate the attack process and why the vulnerability exists in the first place.
- Make a live demo when possible. Note it is not required that you implement the attack yourself. You only need to show that it works on a live system (many of attacks have source code available online). Some attacks are not possible to demo without the proper hardware or infrastructure, in which case the concept and effect of the attack should be clearly explained in sufficient detail.
- Discuss possible defenses (optional).
For security tool,
- Explain the background of the tool, e.g., what it does? who made it? how popular it is? mostly used in what circumstances?
- Show what the tool can do. Run the tool and demo (the tool should be demoable).
- Explain how the tool works behind the scene.
Please sign up in the sign-up sheet in Canvas.
Resources (you do not have to choose from the list)
Attacks/Exploits/Vulnerabilities (live demo when possible):- Control-flow exploitation [1] [2] [3]
- Compiler Trojan horse [1]
- Heartbleed
- Shellshock
- NSA toolbox
- Android malware [1] [2]
- Android root exploits [1] [2] [3] [4] ...
- iPhone jailbreak [1] [2]
- Sensor security [1] [2] [3]
- Adversarial machine learning [1] [2] [3]
- TCP attacks: [1] [2] [3] [4]
- DNS cache poisoning: [1] [2]
- TLS protocol attacks [1] [2] ...
- Web attacks (SQL injection, XSS, CSRF, DNS rebinding attacks, etc.)
- DDoS attacks (DNS and NTP reflection/amplification, SYN flooding, etc.)
- IMSI catcher [1] [2]
- General: CVE database
- General: VUPEN
- General: Blackhat
- General: Defcon
Presentation Schedule
The presentation is scheduled in several classes throughout the quarter. Please sign up on the sign-up sheet in Canvas. All empty slots are available to pick. Since the first few groups will have limited time to prepare, grading will be relatively generous.Topics are taken in a FIFO fashion. Sign up early to choose the topics that you'd like to present. Please be courteous and do not overwrite any existing records.