Computer and Systems Security

CS 205 - Spring 2024

OverviewSchedule/ReadingsAttack/Tool PresentationsCourse Project

Attack/Tool Presentation

Guidelines

This is a task for a group of 2 students. Each student group is required to find a concrete attack/vulnerability/exploit or a security tool to present in class. The duration of presentation is 10-15 minutes. Note that time is very limited, so preparation is key. The content needs to be educational and you need to demonstrate an appropriate level of understanding of the topic (get straight to the point and skip unnecessary background/introduction). The format:

For attack/vulnerability/exploit,
  1. The attack should be an interesting one. Explain the goal of the attack, e.g., what it can do, how dangerous they are.
  2. Explain how the attack works, preferably with key pieces of code (if applicable) shown to illustrate the attack process and why the vulnerability exists in the first place.
  3. Make a live demo when possible. Note it is not required that you implement the attack yourself. You only need to show that it works on a live system (many of attacks have source code available online). Some attacks are not possible to demo without the proper hardware or infrastructure, in which case the concept and effect of the attack should be clearly explained in sufficient detail.
  4. Discuss possible defenses (optional).

For security tool,

  1. Explain the background of the tool, e.g., what it does? who made it? how popular it is? mostly used in what circumstances?
  2. Show what the tool can do. Run the tool and demo (the tool should be demoable).
  3. Explain how the tool works behind the scene.

Please sign up in the sign-up sheet in Canvas.

Resources (you do not have to choose from the list)

Attacks/Exploits/Vulnerabilities (live demo when possible): Security tools (preferablly new ones): [1] [2]

Presentation Schedule

The presentation is scheduled in several classes throughout the quarter. Please sign up on the sign-up sheet in Canvas. All empty slots are available to pick. Since the first few groups will have limited time to prepare, grading will be relatively generous.

Topics are taken in a FIFO fashion. Sign up early to choose the topics that you'd like to present. Please be courteous and do not overwrite any existing records.