1P-1©2009 Raj JainCSE571SWashington University in St. LouisCSE571CSE571Project SelectionProject SelectionRaj Jain Washington University in Saint LouisSaint Louis, MO [email protected] slides are available on-line at:http://www.cse.wustl.edu/~jain/cse571-09/1P-2©2009 Raj JainCSE571SWashington University in St. LouisOverviewOverview! Sample Projects! Last Year’s Project! Project Schedule! HTML Intro1P-3©2009 Raj JainCSE571SWashington University in St. Louis1. Review Projects1. Review ProjectsReview of:!Network Attack tools!Network Protection tools!Wireless network attack tools!Wireless network protection tools!Digital Forensic Tools!Bot nets!Cross-site scripting!Anti-DNS Pinning!Hacker organizations, sites, …!War driving techniques and tools1P-4©2009 Raj JainCSE571SWashington University in St. Louis2. Hands2. Hands--on Projectson Projects!A tool to collect passwords in wireless!A tool to monitor network traffic in open ports!Using one the wireless attack tools to monitor the traffic and !Develop a web site to collect passwords and !Firewall bypass using port 80!A honey pot to catch crackers!Multi-Pot (multiple base stations to lure victims)!WEP crackdown using passive monitoring and plain text attacks!A tool to fool routers!Identity Stealing Tool using web sites!Identity Stealing Tool using phishing!SPAM without detection!Hardware to locate/pinpoint wireless access points1P-5©2009 Raj JainCSE571SWashington University in St. Louis3. Programming Projects3. Programming Projects!Compilation of Security Algorithms in C!Compilation of Security Algorithms in Excel!Efficient algorithm to find the private key from a given public key!Develop a root kit for Windows/Linux/MAC1P-6©2009 Raj JainCSE571SWashington University in St. Louis3. Survey Projects3. Survey ProjectsRecent Security Issues in Internet Engineering Task Force (IETF)!btns Better-Than-Nothing Security!dkim Domain Keys Identified Mail!emu EAP Method Update!hokey Handover Keying!ipsecme IP Security Maintenance and Extensions!isms Integrated Security Model for SNMP!keyprov Provisioning of Symmetric Keys!kitten Kitten (GSS-API Next Generation)!krb-wg Kerberos!ltans Long-Term Archive and Notary Services1P-7©2009 Raj JainCSE571SWashington University in St. LouisSurvey Projects (Cont)Survey Projects (Cont)!msec Multicast Security!nea Network Endpoint Assessment!pkix Public-Key Infrastructure (X.509)!saslSimple Authentication and Security Layer!smime S/MIME Mail Security!syslog Security Issues in Network Event Logging!tls Transport Layer Security1P-8©2009 Raj JainCSE571SWashington University in St. LouisSurvey Projects (Cont)Survey Projects (Cont)Recent Issues in Internet Research Task Force (IRTF)!Anti-Spam Research Group (ASRG)!Crypto Forum Research GroupRecent Security Issues in IEEE!IEEE!802.3ah EPON Security!802.21 Regional Area Networks Security!802.15.3 Personal Area/Sensor Networks Security!802.11i Security!802.16e WiMAX Security!802.20 Mobile Broadband Security1P-9©2009 Raj JainCSE571SWashington University in St. LouisSurvey Projects (Cont)Survey Projects (Cont)Current Security Issues in ITU!SG17 Security Study group!ICT Security RoadmapCurrent Security Topics in Leading Conferences!DEFCON1P-10©2009 Raj JainCSE571SWashington University in St. LouisLast Year’s ProjectLast Year’s Project! Hands-on Projects:" Cafe Cracks: Attacks on Unsecured Wireless Networks" Net Vigilant: Network Monitor" Secure Data Exchange System : Minimizing Security Attacks Risks while Preserving Bandwidth" PHP Vulnerabilities in Web Servers" Type 2 Cross-site Scripting: An Attack Demonstration1P-11©2009 Raj JainCSE571SWashington University in St. LouisLast Year’s Projects (Cont)Last Year’s Projects (Cont)! Survey Papers:" A Summary of Hacking Organizations, Conferences, Publications, and Effects on Society" Web Single Sign-On Systems" Wireless Hacking Tools" Survey of Current Network Intrusion Detection Techniques" A Survey of the Prominent Quantum Key Distribution Protocols" Secure Ballots Using Quantum Cryptography" A Survey of Peer-to-Peer Network Security Issues" Overview of Recent Developments on Generic Security Services Application Programming Interface1P-12©2009 Raj JainCSE571SWashington University in St. LouisProject ScheduleProject ScheduleMon 02/09/09 Topic Selection/ProposalWed 02/18/09Mon 02/23/09 References DueMon 03/02/09 Outline Due Mon 03/30/09 Final Report/Demo Due Mon 04/06/09 Reviews/comments ReturnedMon 04/13/09 Revised Report Due1P-13©2009 Raj JainCSE571SWashington University in St. LouisHTML HTML ––An IntroAn Intro<HTML><HEAD>…</HEAD><BODY>…</BODY></HTML>1P-14©2009 Raj JainCSE571SWashington University in St. LouisHTML Intro (2)HTML Intro (2)<HTML><HEAD><TITLE>CSE574S: Advanced Topics in Networking </TITLE><META NAME="AUTHOR" CONTENT="Raj Jain"> <META NAME="Classification" CONTENT="Technical"> <META NAME="Keywords" CONTENT="Quality of Service, Voice over IP”><META NAME="Description" CONTENT="Lectures and reports on recent advances in networking "> </HEAD><BODY><H1>CSE571S: Network Security </H1><H2>Issue 1: Introduction</H2>1P-15©2009 Raj JainCSE571SWashington University in St. LouisHTML Intro (3)HTML Intro (3)<H3>1.1 Local Area Networks</H3><UL><LI>Item 1</LI></UL><A HREF=“http://www.google.com”>Google</A><A HREF=“#section2”>Section 2</A><A NAME=“section2”><H2>Section 2</H2></A><IMG SRC="photos/ftp/jain5-s.jpg" ALT="[Raj Jain's Photo]" HEIGHT=150 WIDTH=102> </Body></HTML>1P-16©2009 Raj JainCSE571SWashington University in St. LouisSummarySummary! Report suitable for web publication! Strictly follow format, style guidelines ! No copyright violations! Technical quality1P-17©2009 Raj JainCSE571SWashington University in St. LouisHomework 1PHomework 1P! Search web pages, books, and journal articles from ACM Digital Library, Applied Science, Compendex, ABI/INFORM Complete, and Knovel databases at Olin Library for one of the following topics:" Network Security Trends" Cryptography Trends" Internet Security Trends" Hacking TrendsTrends = Recent developments, Recent Advances, …! On the web try the following search points:" http://library.wustl.edu/findart.html" http://library.wustl.edu/fulltext/" http://scholar.google.com" http://books.google.com" http://a9.com/1P-18©2009 Raj JainCSE571SWashington University in St. LouisHomework 1P (Cont)Homework 1P (Cont)" http://www.scirus.com/srsapp/" http://searchnetworking.techtarget.com/bestWebLinks/" See also