Group
Presentation Papers
and Presentations
Cryptography
Topic: PGP has been used for more than a decade now,
but many people are unaware of the rich and tangled history of the
system. Neither are they aware of how the algorithm works, the
underlying technologies, or what the future holds for PGP. This paper
will attempt to address all of those points to give readers a good idea
of how PGP works, how its development has continued since its original
creation, and the impact that PGP has had both in its current uses and
the potential uses for public key cryptography in the future.
[Paper]
[Presentation]
Database
Security
Topic: While developing any application,
developers must keep in mind the language s inherent vulnerabilities.
For an SQL database, SQL injection is that ever-present risk on a good
developer s mind. SQL injection is a serious security vulnerability
used to retrieve or modify unauthorized information. It exploits the
same flexibility that makes the databases so powerful, especially in
versatile web applications. However, due to recent awareness of the
problem and better industry-wide coding practices, most forms of the
attack are easy to protect against. This paper will progress through
the development of a SQL injection attack and will include the
detection of vulnerabilities. It will then introduce various forms of
the attack, retrieving and editing specific desirable information. With
a basic understanding of the threat, the paper will debrief the user on
the current solutions and preventative measures to secure a SQL
Database.
[Paper]
[Presentation]
Internet Security
Topic: Common wisdom says that the Internet is a
decentralized network, possessing enough redundancy to route traffic
from any location to another. The events of the last few years have
shown us that this assumption is simply not true. As technology
improves each year, attackers have developed more knowledge and better
tools able to knock the entire Internet offline.
(InfoWorld) The technological sophistication available to defenders of
our infrastructure and those who wish to attack it, have demonstrated
that the Internet as a whole is vulnerable to attack. The main purpose
of this paper is to project the effects of a worst case
scenario type attack on our critical infrastructure. We have
decided to focus on four main areas of Internet Security: history of
attacks, Internet structure, attack and defense tactics, and takedown
scenarios.
[Paper]
[Presentation]
Malicious Code
Topic: Viruses, either helpful or damaging, are
conceived by their authors for many differing reasons. Whether for
academic reasons, money, fame, protection, or just an attempt to
illegally gain access to unauthorized information, all computer viruses
bring with them side effects that are typically damaging. By exploring
these motivations and studying the impacts of various viruses, it is
possible to gain insight into the not so evident reasons for their
creation as well as what side effects have occurred as a result of
their release.
[Paper]
[Presentation]
Wireless Network Security
Topic: Wireless networks are becoming more
ubiquitous every year, but they face a unique security hurdle: the fact
that the link layer is impossible to secure. Anyone within range can
sniff the packets in a wireless network. This paper analyzes WEP, WPA,
and 802.11i and how each security mechanism fails or achieves its
objectives. Recommendations on securing a local area network are also
made. Finally, a case study of the Georgia Tech Local Area
Wireless/Walkup Network is explored through the security methods it
implements and how those methods relate to the previously mentioned
security techniques. Two sections are included at the end to explain
the many acronyms used throughout the paper and the references used in
the paper.
[Paper]
[Presentation]
Legal Aspects of Information
Security
Topic:
Encryption is the process of encoding a message so that its meaning is
not obvious (Pfleeger 36). While seemingly simple, this
technology has become a contentious issue around the world. With the
advent of mass communication technology, encryption flourished as a way
to keep otherwise public communications private. In the Internet age,
remote banking and electronic commerce demand the use of encryption
technology to protect the identity and finances of those involved in
the transactions. In spite of the benefits to society, many governments
around the world seek to control the use and distribution of this
technology to both protect national interests and to aid in law
enforcement.
[Paper]
[Presentation]
Program Security
Topic:
Program Security has been a concern in the computing world for the more
than thirty years. It first became a topic that was explored and
studied in the early 1970s ( History of Computer Security ). One of the
earliest known documents concerning Program Security was written by
James Anderson in 1972 and presented the original guidelines for
computer security. It is interesting that this paper described methods
for auditing and logging user activity, monitoring and conducting
surveillance, as well as intrusion detection; all of which are aspects
of modern day program security (Anderson 1972). The final report of
Anderson s early work was published in 1980 and proposed ways to
improve both surveillance and auditing of computer systems (Anderson
1980).
[Paper]
[Presentation]