|
UNIVERSITY OF WINDSOR
|
Lecture Notes:
PROJECT
MANET
Simulation Use Firefox or
Chrome to download this power-point file.
Notes
on Installation of NS2_ Windows Notes
on Installation of Windows_ Linux
OmnetInstallationGuide
Surveys
S.No.
|
Title
|
Reference Papers
|
Names
|
1
|
Intrusion Detection System for Mobile Ad Hoc Networks – A
Survey
Report
|
[1] Aleksander Byrski1 and Marco Carvalho: Agent- Based Immunological Intrusion
Detection System for Mobile Ad-Hoc Networks. (2008)
http://www.springerlink.com.ezproxy.uwindsor.ca/content/j41l856754175068/fulltext.pdf
accessed on Nov. 12, 2009
[2] Shukor Abd Razak, Steven Furnell, Nathan
Clarke, and Phillip Brooke: A
Two-Tier Intrusion Detection Systemfor Mobile Ad Hoc Networks – A
Friend Approach (2006)
http://www.springerlink.com.ezproxy.uwindsor.ca/content/y216646691427603/fulltext.pdf
access on Nov. 15, 2009
[3] Farhan A.F. , Zulkhairi D. , M.T. Hatim:
Mobile Agent Intrusion Detection System For Mobile Ad Hoc Networks: A
Non-overlapping Zone Approach (2008)
http://ieeexplore.ieee.org.ezproxy.uwindsor.ca/stamp/stamp.jsp?tp=&arnumber=4655310&isnumber=4655300
accessed on Nov. 21, 2009
[4] Shukor Abd Razak, Normalia Samian, Mohd.
Aizaini Ma’arof, S. M. Furnell, N. L. Clarke, P. J. Brooke: A Friend
Mechanism for Mobile Ad Hoc Networks (2009)
http://www.mirlabs.org/jias/razak.pdf
access on Nov. 22, 2009
|
Faisal Mahmood
|
2
|
|
|
|
3
|
|
|
|
2007 Survey
|
IDS for wireless network
Report
Presentation
|
1. R. Goss, M. Botha, R. Solms,
“Utilizing fuzzy logic and neural networks for effective, preventative
intrusion detection in a wireless environment”, Proceedings of the 2007
annual research conference of the South African institute of computer
scientists and information technologists on IT research in developing
countries SAICSIT '07, October 2007, Publisher: ACM Press
2. E. Derrick, R. Tibbs, L. Reynolds,
“Investigating new approaches to data collection, management and
analysis for network intrusion detection”, Proceedings of the 45th
annual southeast regional conference ACM-SE 45, March 2007, Publisher:
ACM Press
3. L. Tan, T. Sherwood, “A high throughput string
matching architecture for intrusion detection and prevention”,
Proceedings of the 32nd International Symposium on Computer
Architecture (ISCA’05), Page(s):112 - 122, 4-8 June 2005
|
Adnan, Md Ashif
et al
|
Fall 2009
Assignment 1,
Project 1
No.
|
Title
|
Reference
Papers
|
Names
|
Date of
Presentation
|
Assignment
Project
|
1
|
VulnerabilityScan&Attacks
Presentation
|
[1]
Nmap Home Page http://nmap.org/ accessed on Oct 16, 2009.
[2]Nessus
Home Page http://www.nessus.org/nessus/ accessed on Oct 16, 2009.
[3]Metasploit
Home Page http://www.metasploit.com/ accessed on Oct 16, 2009.
|
Li
Chun
|
|
2
|
TrueCrypt:
Analysis and Implementation
|
[1] “TrueCrypt Free Open Source
On-The-Fly Encryption”, http://www.truecrypt.org/docs/
[2] Bruce Schneier, “Bruce Schneier:
Twofish”, http://www.schneier.com/twofish.html
[3] Antoon Bosselaers, “The RIPEMD
Page”, 25 August 2004,http://homes.esat.kuleuven.be/~bosselae/ripemd160.html,
[4] “Serpent Homepage”, http://www.cl.cam.ac.uk/~rja14/serpent.html
[5] Paulo S. L. M. Barreto, “Whirlpool Homepage”, 25
November 2008 http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html
[6] William Stalling, Cryptography
and Network Security Principles and Practices 4th Edition,
Pearson Education 2006
[7] W. Trappe, L. C. Washington,
Introduction to Cryptography with Coding Theory 2nd Edition,
Pearson education 2006
[8] Phillip Rogaway, Efficient Instantiations of Tweakable Blockciphers and
Refinements to Modes OCB and PMAC, 24 September 2004,http://www.cs.ucdavis.edu
/~rogaway/papers/offsets.pdf
[9] Luther Martin, Voltage Superconductor: Under standing
AES-XTS, http://superconductor.voltage.com/
2009/07/understanding-aesxts-part-1.html
[10] http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf,
page 16
[11] B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall,
N. Ferguson, “Twofish: A 128 bit block Cipher”, NIST AES Submission,
June 15th 1997
[12] Morris Dworkin, CSRC Cryptography Toolkit, December 4
2001, http://csrc.nist.gov/archive/aes/index.html
|
Daniel Denomme
|
|
3
|
a) Use Firefox
or Chrome to download:
IDS
using SAX and WIRESHARC
b) Use any browser to download the
pdf file:
IDS
using SAX and WIRESHARC
ProjectPresentation
|
[1] Book Network Defense and
Countermeasures: Principles and Practices, Chuck Easttom.
Prentice Hall, 2006. accessed on Sept 26/ 27/
28/ 29, 2009
[2]
Appendix B. SAX 2.0 Features and Properties, O’Reilly.
http://docstore.mik.ua/orelly/xml/jxml/appb_01.htm
accessed on Sept 30, 2009
[3]
Class notes 0360564 Intrusion detection
http://web2.uwindsor.ca/courses/cs/aggarwal/cs60564/materials.htm
accessed on Sept 30, 2009
[4]
What is network intrusion system?
http://www.linuxsecurity.com/resource_files/intrusion_detection/network-intrusion-detection.html#1.1
accessed on Oct 01, 2009
[5]
Architecture
http://www.linuxsecurity.com/resource_files/intrusion_detection/network-intrusion-detection.html#2.
accessed on Oct 01, 2009
[6]
Policy and prevention
http://www.linuxsecurity.com/resource_files/intrusion_detection/network-intrusion-detection.html#3.
accessed on Oct 02, 2009
[7]
IDS and firewalls
http://www.linuxsecurity.com/resource_files/intrusion_detection/network-intrusion-detection.html#7.
accessed on Oct 5, 2009
[8]
Intrusion detection Systems - Wikipedia
http://en.wikipedia.org/wiki/Intrusion-detection_system
accessed on Oct 03, 2009
[9]
Intrusion and intrusion detection
John
McHugh, Alan Christie, and Julia Allen
Software
Engineering Institute, CERT Coordination Center
http://www.cs.virginia.edu/~jones/IDS-research/Papers.html
accessed on Oct 05/ 06, 2009
DOWNLOAD
Sax2
Intrusion detection System (freeware) 3.1
http://www.tucows.com/preview/601069
accessed on Oct 02, 2009
WIRESHARK
(freeware)
http://www.wireshark.org/download.html
accessed on Oct 01, 2009
Colasoft
Packet Builder 1.0 (freeware)
http://www.colasoft.com/packet_builder/
accessed on Sept. 25, 2009
|
Faisal
Mahmood
|
|
4
|
a) Use
Firefox or Chrome to download:
Smurf
Attack
b) Use any browser to download the
pdf file:
Smurf
Attack
Project1
c) Use Firefox or Chrome to download:
Presentation
|
[1] Smurf
attack, from Wikipedia: http://en.wikipedia.org/wiki/Smurf_attack
as of
[2] smurf.c,
[Online document] Available: http://personal.telefonica.terra.es/web/alexb/e/smurf.c
[3] The Internet
Control Message Protocol, from Wikipedia: http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
[4] Ping,
from Wikipedia: http://en.wikipedia.org/wiki/Ping
[5] The ICMP
Header. [Online document] Available: http://blog.csdn.net/xuhx/archive/2008/04/16/2297266.aspx
[6] How a
Broadcast Address Works. [Online document] Available: http://learn-networking.com/network-design/how-a-broadcast-address-works
[7]
Denial-of-service attack, from Wikipedia: http://en.wikipedia.org/wiki/Denial-of-service_attack
[8] Nemesis
Packet Injection Tool Suite. [Online document] Available: http://nemesis.sourceforge.net/
[9] Manpage
of NEMESIS-ICMP. [Online document] Available: http://nemesis.sourceforge.net/manpages/nemesis-icmp.1.html
[10]
Wireshark. [Online document] Available: http://www.wireshark.org/
[11] Securing
Cisco Routers with No IP Directed-Broadcast. [Online document]
Available: http://learn-networking.com/network-security/securing-cisco-routers-with-no-ip-directed-broadcast
[12] Craig A.
Hugen, The latest in denial of service attacks: "Smurfing".
Description and information to minimize effects. [Online document] Available: http://www.pentics.net/denial-of-service/white-papers/smurf.cgi
|
Farhan
Sajjad
|
|
5
|
a)
E-mailCapturing&Encryption
b)
Use Firefox or Chrome to download:
Presentation
|
The GNU
Privacy Guard - GnuPG.org. Web. <http://www.gnupg.org/>.
"Enigmail:
Download Enigmail." Enigmail: A simple interface for OpenPGP email
security. Web.
<http://enigmail.mozdev.org/download/index.php>.
"How to
encrypt your email - Downloads - Lifehacker." Lifehacker, tips
and downloads for getting things done. Web.
<http://lifehacker.com/180878/how-to-encrypt-your-email>.
"Overview
of PGP." The International PGP Home Page. Web.
<http://www.pgpi.org/doc/overview/>.
"The
comp.security.pgp FAQ." Top Level page for www.pgp.net at
cam.ac.uk.pgp.net [08040909]. Web.
<http://www.pgp.net/pgpnet/pgp-faq/>.
"Pretty
Good Privacy." WWW.GAMERS.ORG. Web.
<http://www.gamers.org/~tony/pgp.html>.
"How PGP
works." The International PGP Home Page. Web.
<http://www.pgpi.org/doc/pgpintro/#p1>.
"What is
WPA security?" Belkin : WPA. Web.
<http://en-us-support.belkin.com/app/answers/detail/a_id/34>.
"WPA Wireless
Security for Home Networks." Microsoft Corporation. Web.
<http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx>.
"Cracking_wpa."
Aircrack-ng. Web.
<http://aircrack-ng.org/doku.php?id=cracking_wpa>.
"Openwall
wordlists collection for password recovery, password cracking, and
password strength checking." Openwall Project - Information
Security software for open environments. Web.
<http://www.openwall.com/wordlists/>.
"Packet
Sniffing - Part 1 (wiretaps, protocol decoding and surveillance)."
SuraSoft - Keeping your computer safe! AntiSpyware & Security
Information. Web.
<http://www.surasoft.com/articles/packetsniffing.php>.
FrontPage - The Wireshark Wiki. Web.
<http://wiki.wireshark.org>.
|
Mohit Sud
|
|
6
|
ManInTheMiddle
Presentation
|
|
John Ouimet and Kyle Newman
|
|
7
|
OpenVPNSecureBridgeImplementation
|
A
method to prevent source address spoofing in TCP/IP based networks so as
to reduce the risk of Denial of Service (DoS) attacks on any host in
the network: Background. (n.d.). Retrieved October 16, 2009,
from IP.com Prior Art Database:
http://www.priorartdatabase.com/IPCOM/000021778/
Arpi.
(2004, August 5). Linux Kernel Mailing Lists. Retrieved October
16, 2009, from how to read /proc/net/arp properly:
http://linux.derkeiler.com/Mailing-Lists/Kernel/2004-08/1302.html
Bart
De Schuymer, N. F. (2003, November 9). ebtables/iptables interaction
on a Linux-based bridge. Retrieved October 17, 2009, from Ebtables:
http://ebtables.sourceforge.net/br_fw_ia/br_fw_ia.html
darkness.
(2006, March 3). Selectively firewalling OpenVPN users. Retrieved
October 14, 2009, from darkness:
http://darkness.codefu.org/wordpress/2006/03/03/228
Difference
in Hub, Switch, Bridge, & Router. (2004,
November 20). Retrieved October 16, 2009, from Nutt.net:
http://www.nutt.net/2004/11/20/difference-in-hub-switch-bridge-router/comment-page-1/
Feilner,
M. (2006). OpenVPN: Building and Integrating Virtual Private
Networks. Birmingham: PACKT Publishing.
Luk,
P. (2009, August 19). Using linux ethernet bridge to counter arp
posioning. Retrieved October 9, 2009, from Peter Luk's Blog:
http://staff.ie.cuhk.edu.hk/~sfluk/wordpress/?p=535
OpenVPN
on Sourceforge. (n.d.). Retrieved October 14, 2009, from
Sourceforge: http://sourceforge.net/projects/openvpn/
OpenVPN
Technologies. (n.d.). Howto. Retrieved October 5, 2009, from
OpenVPN:
http://www.openvpn.net/index.php/open-source/documentation/howto.html
OpenVPN
Technologies. (n.d.). OpenVPN. Retrieved October 5, 2009, from
Ethernet Bridging:
http://www.openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html
RTNETLINK
(Linux Manual Pages). (1999, 04 30).
Snyder,
J. (n.d.). BR-NF Packet Flow. Retrieved October 17, 2009, from
Ebtables: http://ebtables.sourceforge.net/br_fw_ia/PacketFlow.png
Various.
(2004, September 21). RARP support disapeard in kernel 2.6.x ? Retrieved
October 16, 2009, from Linux Kernel Mailing Lists: http://linux.derkeiler.com/Mailing-Lists/Kernel/2004-09/6619.html
|
David Michael
Andrews
|
|
8
|
MIMAttack_Assignment
|
- Man
in the Middle attack from http://www.owasp.org/index.php/Man-in-the-middle_attack
- About
Secure socket layer from Wikipedia (http://en.wikipedia.org/wiki/SSL)
- Ettercap
information from http://ettercap.sourceforge.net/
- Winpcap
information can be read at http://en.wikipedia.org/wiki/WinPcap#WinPcap
- MITM attack
document wiki by http://it.toolbox.com/wiki/index.php/Man-in-the-Middle_Attack
- Attack
on SSL using MITM document http://www.docstoc.com/docs/11837353/A-Real-Life-Man-in-the-Middle-Attack-on-SSL
|
Rajashekar
Rao Bandari
|
|
9
|
FeaturesOfNetcat_Assignment
Project
|
[1] Brian
Baskin, Netcat Power Tools, Syngress Publishing Inc, Burlington,
MA, 2008.
[2] Netcat: the TCP/IP swiss army: http://nc110.sourceforge.net
[3] Netcat. From Wikipedia: http://en.wikipedia.org/wiki/Netcat
[4] Ncat
Users’ Guide: http://nmap.org/ncat/guide/index.html
[5] Mati
Aharoni, Netcat Security:
http://www.webpronews.com/topnews/2003/10/20/netcat-security
[6] Nmap -
Free Security Scanner For Network Exploration & Security Audits:
http://nmap.org/
[7] Nmap.
From Wikipedia: http://en.wikipedia.org/wiki/Nmap
[8] NetCat Tutorial: http://www.securitydocs.com/library/3376
|
Jeffrey M. Kurcz
|
|
|
10
|
TCPSYNFlood-DoS
|
[1] Wikipedia: Transmission Control Protocol http://en.wikipedia.org/wiki/Transmission_Control_Protocol,
Accessed October 9, 2009
[2] Wireshark http://www.wireshark.org/about.html,
Accessed October 9, 2009
[3] Engage Security http://www.engagesecurity.com/products/engagepacketbuilder,
Accessed October 9, 2009
[4] Internet server unavailable because of
malicious SYN attacks http://support.microsoft.com/default.aspx?scid=KB;en-us;142641&,
Accessed October 17, 09
[5] How
To: Harden the TCP/IP Stack http://msdn.microsoft.com/en-us/library/aa302363.aspx, Accessed October 15, 2009
[Figure 2] File:Tcp synflood.png http://en.wikipedia.org/wiki/File:Tcp_synflood.png,
Accessed October 15, 2009
[Figure 8] Internet server unavailable because of
malicious SYN attacks http://support.microsoft.com/default.aspx?scid=KB;en-us;142641&,
Accessed October 17, 2009
|
Seung Jae Won
|
|
11
|
PortScanning/Vulnerability
Scanning/PenetrationTest/NIDS
|
1.
Overview of Metasploit taken from
http://en.wikipedia.org/wiki/Metasploit
2.
Overview of Snort taken from
http://en.wikipedia.org/wiki/Snort_(software)
3.
Windows Exploit summary taken from:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
Downloads:
4.
Nmap:
http://nmap.org/download.html
5.
Nessus 4:
http://www.nessus.org/download/
6.
Metasploit:
http://www.metasploit.com/framework/download/
7.
Snort:
http://www.snort.org/downloads/
8.
WinPcap:
http://www.winpcap.org/install/default.htm
9.
Sun VirtualBox:
http://www.virtualbox.org/wiki/Downloads
10.
Windows SP2 ISO image:
http://msdn05.e-academy.com/uwindsor_cs/index.cfm?loc=main
|
Imran Ahmed
|
|
Fall 2007
SURVEY
Requirements:
It is to be a survey of recent
developments, based on the papers selected by you.
n
ISSUES TO BE
STUDIED:
n
Introduction to the
field of research in the area
n
the basic new
ideas, stated in the papers
n
the methods of
testing and validating the ideas in each of the three papers
n
your own thoughts
about weaknesses of the papers and your suggestions about strengthening
security, along with a chosen example to illustrate your ideas.
NO PLAGIARISM WHATSOEVER
- Please
write the survey in your own words.
- Short
quotations (in quotation marks along with the reference and page
number of the reference) may be used, where necessary.
- Please
do not copy any part of text or figure from any paper or book.
- If
you want to give any figure from a paper or a book in your Report,
you need permission of the authors.
- You
are not to do any copyright violations
Plagiarism
will result in forfeiture of grades even after
graduation.
Assignment 3
Survey
(Presentation Date: 25/11/2007)
S.No.
|
Title
|
Reference Papers
|
Names
|
1
|
IDS for wireless network
Report
Presentation
|
1. R. Goss, M. Botha, R. Solms,
“Utilizing fuzzy logic and neural networks for effective, preventative
intrusion detection in a wireless environment”, Proceedings of the 2007
annual research conference of the South African institute of computer
scientists and information technologists on IT research in developing
countries SAICSIT '07, October 2007, Publisher: ACM Press
2. E. Derrick, R. Tibbs, L. Reynolds,
“Investigating new approaches to data collection, management and
analysis for network intrusion detection”, Proceedings of the 45th
annual southeast regional conference ACM-SE 45, March 2007, Publisher:
ACM Press
3. L. Tan, T. Sherwood, “A high throughput string
matching architecture for intrusion detection and prevention”,
Proceedings of the 32nd International Symposium on Computer
Architecture (ISCA’05), Page(s):112 - 122, 4-8 June 2005
|
Adnan, Md Ashif, Alam,
Mohammad Omair and AKM, Aktaruzzaman
|
2
|
Man-in-the-Middle attack, peforming
both a passive and an active attack
Project
2
Presentation
|
??
|
Bobek,
Robert,
|
3
|
a research report on the 802.11
specification
Project
2
Presentation
|
1. IEEE Computer Society, IEEE-SA
Standards Board, Information technology Telecommunications and information
exchange between systems Local
and metropolitan area networks
Specific requirements
Part 11: Wireless LAN Medium Access Control (MAC) and Physical
Layer (PHY) Specifications. 1999, Reaffirmed June 2003. IEEE-SA
Standards Board. [http://standards.ieee.org/getieee802/download/802.11-1999.pdf].
Accessed Nov.
18, 2007.
2. IEEE Computer Society, IEEE-SA Standards Board,
Telecommunications and information exchange between systemsLocal
and metropolitan area networksSpecific requirementsPart 11: Wireless
LAN Medium Access Control (MAC) and Physical Layer (PHY)
specificationsAmendment 1: High-speed Physical Layer in the 5 GHz
band. 1999, Reaffirmed June 2003.
[http://standards.ieee.org/getieee802/download/802.11a-1999.pdf].
Accessed Nov.
18, 2007.
3. IEEE Computer Society, IEEE-SA Standards Board,
Supplement to IEEE Standard for Information technology -
Telecommunications and information exchange between systems - Local and
metropolitan area networks - Specific requirements Part 11: Wireless LAN Medium Access
Control (MAC) and Physical Layer (PHY) specifications: Higher-Speed
Physical Layer Extension in the 2.4 GHz Band. 1999, Reaffirmed
June 2003.
[http://standards.ieee.org/getieee802/download/802.11b-1999.pdf].
Accessed Nov.
18, 2007.
4. IEEE Computer Society, IEEE-SA Standards Board,
IEEE Standard for Information technologyTelecommunications and
information exchange between systemsLocal and metropolitan area
networksSpecific requirementsPart 11: Wireless LAN Medium Access
Control (MAC) and Physical Layer (PHY) specificationsAmendment 4:
Further Higher-Speed Physical Layer Extension in the 2.4 GHz Band.
2003. [http://standards.ieee.org/getieee802/download/802.11g-2003.pdf].
Accessed Nov.
18, 2007.
|
Ruston, Matthew
|
4
|
Mobile Agent for Securing Web Service
Report
Presentation
|
1. Zhang, Junqi; Wang, Yan;
Varadharajan, Vijay; "Mobile
Agent and Web Service Integration Security Architecture" , IEEE
International Conference on Service-Oriented Computing and
Applications, 2007. SOCA '07, 19-20 June 2007, page 172-179.
2. Hyun Sik Hwang; Hyuk Jin Ko; Kyu Il Kim; Ung
Mo Kim; Dong Soon Park; "Agent-Based Delegation Model for the
Secure Web Service in Ubiquitous Computing Environments",
International Conference on Hybrid Information Technology, 2006. ICHIT
'06. Volume 1, Nov. 2006, page 51-57.
3. Maamar, Z.; Mostefaoui, S.K.; Yahyaoui, H.;
"Toward an agent-based and context-oriented approach for Web
services composition", IEEE Transactions on Knowledge and Data
Engineering, Volume 17, Issue 5, May 2005, page 686-697.
|
Debashis,
Roy,
Moazzami,
Katayoon,
Rachita,
Singh
|
5
|
Mobile
IP
Project
2
Presentation
Presentation
|
1. Mobile IP: A Solution for
Transparent, Seamless Mobile Computer
Communications
J. Redi a, P. Bahl b
a Dept.of Electrical and Computer Engineering,
Boston University, redi@acm.org
b Microsoft Research, Redmond, WA, bahl@microsoft.com
2. Mobile IP Resources
Neda Document Number: 103-101-04
Doc. Revision: 1.1
Payman Arabshahi
Neda Communications, Inc.
17005 SE 31st
Place
Bellevue, WA 98008
3. MOBILE NETWORKING THROUGH MOBILE
IP, CHARLES E. PERKINS, Sun Microsystems
|
Sejdini, Valon,
Chowdhury, Hasan,
Li, Xiaoming
|
6
|
Firewall
Report
Presentation
Presentation
|
1. An embedded firewall based on
network processor
Quan Huang; Shengke Qiu; Shicun Qin; Cheng Cao;
Embedded Software and Systems, 2005. Second
International Conference on
16-18 Dec. 2005 Page(s):7 pp.
2. Mobile personal firewall
Ying Qiu; Jianying Zhou; Feng Bao;
Personal, Indoor and Mobile Radio Communications,
2004. PIMRC 2004. 15th IEEE International Symposium on
Volume 4, 5-8 Sept. 2004 Page(s):2866 - 2870
Vol.4
3. Personal firewall for Pocket PC 2003: design
& implementation
Susilo, W.; Ang, R.J.; McDonald, C.A.G.; Jianyong
Huang;
Advanced Information Networking and Applications,
2005. AINA 2005. 19th International Conference on
Volume 2, 28-30 March 2005 Page(s):661 - 666
vol.2
|
Ying,
Chen,
Dou,
Wang,
Jiaying,
Shi
|
7
|
Protecting Ad Hoc Networks in
real-time
Report
Presentation
|
1. A. Fourati and K. Al Agha, “An
IDS First Line of Defense for Ad Hoc Networks”, In IEEE WCNC'07:
Wireless Communications and Networking Conference, Hong Kong,
China, p.p. 2619 - 2624, March 2007.
2. X. Su and R. Boppana, “On Identifying
Malicious Nodes in Ad Hoc Networks”,International Conference on
Communications and Mobile Computing Proceedings of the 2007
international conference on Wireless communications and mobile
computing, Honolulu, Hawaii, USA, p.p. 254 - 259, 2007.
3. L. Stamouli, P.G. Argyroudis and H. Tewari,
“Real-time intrusion detection for ad hoc networks”, Sixth IEEE
International Symposium on a World of Wireless Mobile and Multimedia
Networks, p.p. 374 - 380, June 2005.
|
Farhat,
Fadi,
|
8
|
Attack – Smurf
Report
Presentation
|
[1]
Luo Hongli and Shyu Mei-Ling, Protection of QoS for Multimedia
Transmission against Denial of Service Attacks, Proceedings of
seventh IEEE International Symposium on Multimedia, 2005
[2] Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger,
and Scott Shenker, DDoS defense by Offense, Proceedings of
the 2006 conference on Applications, technologies, architectures, and
protocols for computer communications SIGCOMM, 2006
[3] Yun Huang, Xianjun Geng, Andrew B. Whinston Defeating DDoS
Attacks by Fixing the Incentive Chain, ACM Transactions on
Internet Technology (TOIT), 2007
|
Dissanayake,
Aqila, Olalekan, Habib Kadri
|
9
|
Security and wireless sensor networks
Report
Presentation
|
1. Anthony D. Wood, Lei Fang, John
A. Stankovic, Tian He . "SIGF: A Family of Configurable, Secure
Routing Protocols
for Wireless Sensor Networks",October 2006
Proceedings of the fourth ACM workshop on Security of ad hoc and sensor
networks SASN '06
Publisher: ACM Press
2. Tim Leinm|ller, Christian Maihvfer, Elmar
Schoch, Frank Kargl "Improved Security in Geographic Ad hoc
Routing through
Autonomous Position Verification", September
2006 Proceedings of the 3rd international workshop on Vehicular ad hoc
networks VANET '06
Publisher: ACM Press
3. Nael Abu-Ghazaleh, Kyoung-Don Kang, Ke Liu
,"Wireless network security II: Towards resilient geographic
routing in WSNs ",October 2005 Proceedings of the 1st ACM
international workshop on Quality of service & security in wireless
and mobile networks Q2SWinet '05
Publisher: ACM Press
|
Xin, Wu,
Da, Teng,
Yufei, Xu
|
10
|
New Improvement on Ad hoc Network
Security
Report
Presentation
|
1. Jin, Lu; Zhang, Zhongwei; Zhou,
Hong; "Deliberation and Implementation of Adaptive Fuzzy Logic
Based Security Level Routing Protocol for Mobile Ad Hoc Network",
Consumer Communications and Networking Conference, 2007. CCNC 2007.
2007 4th IEEE Jan. 2007 Page(s):479 - 483.
2. Selma Boumerdassi;Papa Kane Diop;Iric
Renault;Anne Wei; ''A new two-message authentication protocol for RFID
sensor networks",ACM International Conference Proceeding Series;
Vol. 115,Proceedings of the 3rd international workshop on Middleware
for pervasive and ad-hoc computing table of contents Grenoble, France,
Pages: 1 - 7.
3. Ghalwash ;Youssif; Hashad; Doss; "Self
Adjusted Security Architecture for Mobile Ad Hoc Networks
(MANETs)", 6th IEEE/ACIS International Conference on Computer and
Information Science (ICIS 2007), 2007,icis, pp. 682-687.
|
Patel, Amar,
Zhao, Shushan, Mokbel,
Fadel Mohammad
|
Assignment 2,
Project 1
No.
|
Title
|
Reference
Papers
|
Names
|
Date of
Presentation
|
Assignment
Project
|
1
|
Eavesdropping
attack, over Wi-Fi
Presentation
Project
Files
|
1. M. Domenico, A. Calandriello, G. Calandriello and A. Lioy. Dependability
in Wireless Networks: Can We Rely on WiFi?. IEEE Security and Privacy,
5(1):23-29, 2007
2.http://www.tscmvideo.com/eavesdropping/eavesdropping-device.html
3. LucidLink, the network security products
company, WiFiTheft.com, wifi.weblogsinc.com, WarDriving.com, Wigle.net,
www.intelligentedu.com
4. Wikipedia encyclopedia.
5. http://www.sciam.com/article.cfm
6. Eavesdropping on Wi-Fi, chapter 6 page 122
|
Fadi Farhat
|
8 November
|
2
|
Denial
of Service (DoS) attack with UDP Flood in wire network
Denial
of Service (DoS) attack with UDP Flood
|
1. Distributed Denial of Service
Attacks
Felix Lau,Stuart H. Rubin,Michael H.
Smith,Ljiljana Trajkovic,Simon Fraser University of Burnaby, BC, Canada
2. Measuring Denial Of Service
Jelena Mirkovic,Peter Reiher,Alefiya Hussain,Sonia
Fahmy,Stephen Schwab,Roshan Thomas,Calvin Ko
University of Delaware
3. Distributed Denial of Service:Taxonomies of
Attacks, Tools and Countermeasures
Stephen M. Specht,Ruby B. Lee
Princeton University
|
Valon
Sejdini , Hasan Chowdhury, Xiaoming Li
|
13 November
|
3
|
TCP
SYN Flood DoS Attack Experiments in Wireless Network
Presentation
TCP
SYN Flood DoS Attack Experiments in Wireless Network
Project
Files
|
1. Carnegie Mellon University's Computer Emergency Response Team.
http://www.cert.org/ 2. ftp://info.cert.org/pub/cert_advisories/CA96.26.ping
3. ftp://info.cert.org/pub/cert_advisories/CA96.21.tcp_syn_flooding
4. SYN Flood DoS Attack Experiments http://www.niksula.hut.fi/~dforsber/synflood/result.html
5. TCP Header Format http://www.scit.wlv.ac.uk/rfc/rfc7xx/RFC7932.gif
6. Transmission Control Protocol Specification http://www.nic.funet.fi/pub/doc/rfc/rfc793.txt
7. Wireshark User's Guide http://www.wireshark.org/docs/ 8. http://www.winpcap.org
9. http://wiki.wireshark.org/CaptureSetup
10. TCP SYN Flooding Attacks and Remedies http://www.networkcomputing.com/unixworld/security/004/004.txt.html
11. http://en.wikipedia.org/wiki/Nmap
|
Ashif Adnan, Aktar-uz-zaman, Alam Mohammad
|
13 November
|
4
|
Disassociation
Attack: DoS Attack in 802.11 Wireless Network
Presentation
Attacking
and Detection: DoS in Wireless Network by Injecting Disassociation
Frames through Data Link Layer
|
1. “Host AP driver for Intersil
Prism2/2.5/3” [Online] Available: http://hostap.epitest.fi
2. S. Anderson “A Linux Wireless Access
Point HOWTO” chapter 4, v0.1, 2003, June 6, [Online]
Available: http://oob.freeshell.org/nzwireless/hostap.html
3. Source Location for
downloading Hostap-0.0.4 driver, [Online], Available:
http://hostap.epitest.fi/releases/
4. Source Location for downloading
libwlan-0.1, [Online] Available: http://wirelessexposed.blogspot.com/2007/03/hakcing-tools-at-your-disposal.html
5. Pablo Brenner “A Technical Tutorial on
the IEEE 802.11 Protocol” 1996. Breeze.com
6. Allison H. Scogin “Disabling a Wireless
Network via Denial of Service” Technical Report MSU-070424
7.
http://www.intel.com/support/wireless/wlan/sb/CS-025325.htm
|
Yufei Xu, Xin Wu and Da
Teng
|
13
November
|
5
|
System
Penetration with Metasploit Framework and nmap
Presentation
System
Penetration with Metasploit Framework
|
1. Peltier, J. “Metasploit Tuorial – A New
Day for System Exploits”. The Ethical Hacker
Network.
URL:http://www.ethicalhacker.net/content/view/29/24/
2. Saita, Anne. ”Windows image flaw now 'extremely critical'. Information
Security Magazine. Dec 29, 2005.URL:http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1154914,00.html
3. “Computer Security”.Wikepedia: The
Free Encyclopedia.
URL: http://en.wikipedia.org/wiki/Computer_security
4. “Software Bug”. Wikepedia: The
Free Encyclopedia.
URL: http://en.wikipedia.org/wiki/Computer_bug
5. “Microsoft Security Bulletin MS06-001”.
Microsoft Tech Net.
URL: http://www.microsoft.com/technet/security/bulletin/MS06-001.mspx
6. “Exploit (computer security)”.Wikepedia:
The Free Encyclopedia.
URL: http://en.wikipedia.org/wiki/Exploit_(computer_security)
|
Robert Bobek
|
15
November
|
6
|
Fragmentation
Attack on a Wireless Network
Fragmentation
Attack on a Wireless Network
|
1.Jason
Anderson, An Analysis of Fragmentation Attacks, http://www.ouah.org/fragma.html;
March 15, 2001 (as of Nov 04, 07)
2.spoonfork, Understanding IP Fragmentation, http://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=4005;
October 16, 2001 (as of Nov 04, 07)
3.Thomas Lopatic, NT Fragmentation Attack http://insecure.org/sploits/NT.no_first_fragment.IP_frag.attack.html;
10 July 1997 (as of Nov 04, 07)
4.William K. Hollis , http://digital.net/~gandalf/Rose_Frag_Attack_Explained.htm
(as of Nov 04, 07)
5.http://nemesis.sourceforge.net/#unix (as of Nov 04, 07)
6.http://www.wireshark.org (as of Nov 04, 07)
7.http://www.snort.org (as of Nov 04, 07)
8.http://www.winpacp.org (as of Nov 04, 07)
9.MS00-029: Windows Hangs with Fragmented IP Datagrams, http://support.microsoft.com/default.aspx?scid=kb;en-us;259728&sd=tech,
Article ID: 259728, Revision: 8.3, May 12, 2007 (as of Nov 04, 07)
10.http://www.cisco.com/warp/public/707/cisco-sa-19980910-pix-cbac-nifrag.shtml
(as of Nov 04, 07)
11.G. Ziemba Alantec D. Reed Cybersource P. Traina cisco
Systems, Category: Informational http://community.roxen.com/developers/idocs/rfc/rfc1858.html;
October 1995 (as of Nov 04, 07)
12.Mogul, J., "Simple and Flexible Datagram Access Controls
for Unix-based Gateways", Digital Equipment Corporation, March
1989.
13. http://www.packetfactory.net/projects/nemesis/.
|
Amar B. Patel,
Mohammed Fadel Mokbel,
Shushan Zhao
|
15
November
|
7
|
Xmas
Tree Scan Wireless Jamming (DoS) attack
Presentation
Xmas
Scan Detection with Snort Using CommView and Nmap
Project
Files
|
Kumar,
Sanjeev., Smurf-based Distributed Denial of Service (DDoS) attack
amplification in Internet, Internet Monitoring and Protection, 2007.
ICIMP 2007. Second International Conference on 1-5 July 2007 P.25 25, 2007.
Mirkovic, Jelena., Reiher, Peter., A taxonomy
of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer
Communication Review, Volume 34 Issue
|
Aqila Dissanayake
Olalekan Kadri
|
15
November
|
8
|
ARP
Spoofing and Man in the Middle attack using Ettercap
ARP
Spoofing and Man in the Middle attack using Ettercap
|
1.
ARP spoofing, http://www.webopedia.com/TER/
A/ARP_spoofing.html
2.
ARP spoofing, http://en.wikipedia.org/wiki/ARP_spoofing
3.
Wireless Man in the Middle Attack Part I, http://blogs.ittoolbox.com/wireless/networks/archives/wireless-man-in-the-middle-attack-part-i-7422
4.
Wireless Access Point and ARP Poisoning, http://www.packetnexus.com/docs/arppoison.pdf
5.
Xarp 0.1, http://www.governmentsecurity.org/
archive/t9274.html
6.
ARPwatch, http://www.securityfocus.com/tools/142
7.
Nmap, http://en.wikipedia.org/wiki/Nmap
8.
An Ettercap Primer , https://www2.sans.org/
reading_room/whitepapers/tools/1406.php?portal=9b1a0c905186c3963b683660224c6b0b
9.
ETTERCAP – An Easy Tutorial, http://www.openmaniak.com/ettercap.php
|
Debashish Roy ,Rachita
Singh,Katayoon Moazzami
|
20
November
|
11
|
+ Wireless Attack – DoS
|
1.
Allison H. Scogin, Disabling a Wireless Network via Denial of
Service, Technical Report MSU-070424.
2. S. Harris, CISSP Certification, 2nd Edition,
McGraw-Hill/Osborne, Emeryville, CA, 2003, p. 873.
3. Basic Digital Forensic Investigation Concepts,
http://www.digitalevidence.
org/di_basics.html (current Mar 1, 2007).
4. M. S. Gast, 802.11 Wireless Networks: The
Definitive Guide, 2nd Edition, OReilly Media, Inc., Sebastopol,
California, 2005.
5. R. Power, 2000 CSI/FBI Computer Crime and
Security Survey, Computer
Security Journal, vol. 16, no. 2, 2000, pp.
33-49.
6. A. S. Tanenbaum, Computer Networks, 4th
Edition, Prentice Hall, Upper Saddle River, New Jersey, 2003.
7. http://salis.iisc.ernet.in/soho/hostap_documentation1.htm,
2007 for hostap installation
8.
http://www.wirelessdefence.org/Contents/Void11Installation.htm, 2007
for void11 installation
|
Dou Wang, JiaYing Shi, Ying Chen
|
20
November
|
12
|
Wired
SYN Flooding as a DoS Attack
Wired
TCP SYN Flooding and Snort IDS
Project
Files
|
1.
Clayton Bolz, W. Romney, Brandon L. Rogers, from Brigham Young
University, Provo, UT. Safely train security engineers regarding
the dangers presented by denial of service attacks, Conference
On Information Technology Education Proceedings of the 5th conference
on Information technology education, 2004
2. Tao Peng, Christopher Leckie, Kotagiri
Ramamohanarao from the Department of Computer Science and Software
Engineering, The University of Melbourne, Australia. Survey of
network-based defense mechanisms countering the DoS and DDoS problems,
ACM Computing Surveys (CSUR), Volume 39, Issue 1 (2007).
|
Matthew
Ruston
|
20
November
|
Assignment 1 on
Privacy
S.No.
|
Title
|
Reference
Papers
|
Names
|
Date of
Presentation
|
1
|
Analysis
of privacy risks and measurement of privacy protection in web services
complying with privacy policy
PresentationSlides
|
1. Yee, G., “Visual Analysis of Privacy Risks in Web
Services”, IEEE
International Conference on Web Services, pp. 671-678, July. 2007.
2. Yee, G., Korba, L.,”Privacy
policy compliance for Web services”, IEEE International Conference on Web
Services, pp. 158-165, July. 2004.
3. Yee, G., “Measuring Privacy Protection
in Web Services”, International Conference on
Web Services, pp. 647–654, Sept. 2006.
|
Adnan, Md Ashif, Alam,
Mohammad Omair and AKM, Aktaruzzaman
|
Thurs,
October 11
|
2
|
HTTP
COOKIES: EXPLOITING THE USER
PresentationSlides
|
1. Kristol, M. D., “HTTP Cookies:
Standards, Privacy, and Politics“,
ACM Transactions on Internet
Technology, vol. 1, no. 2, pp. 151-198, Nov. 2001.
2. Chan, T.S. A., "Mobile Cookies Management
on a Smart Card", Communications of the ACM, vol. 48, no. 11, pp.
38-43, Nov. 2005.
|
Bobek,
Robert,
|
Thursday,
October
4
|
3
|
Enriching
Privacy in Personalized Search
PresentationSlides
|
1. Xeuhua S., Bin, T. and
ChenXiang, Z., “Privacy
Protection in Personalized Search”,
ACM SIGIR Forum, vol. 41, no.
1, pp. 4-17, June 2007.
2. Xu, Y., Wang, K., Zhang, B., and
Chen, Z., “Privacy-Enhancing
Personalized Web Search”,
Proceedings of the 16th
international conference on World Wide Web, pp. 591-600, May.
2007.
|
Ruston, Matthew
|
October
16
|
4
|
Mobile
RFID Privacy Protection
PresentationSlides
|
1. Lee, H. and Kim, J.,
"Privacy threats and issues in mobile RFID", The First
International Conference on Availability, Reliability and Security, pp.
510-514, 2006.
2. Kim, I. J., Choi, E.Y., and Lee, D. H., ”Secure
Mobile RFID system against privacy and security problems", Third
International Workshop on Security, Privacy and Trust in Pervasive and
Ubiquitous Computing, pp. 67-72, 2007.
3. Kim, S. C., Yeo, S. S. and Kim, S. K., "MARP: Mobile
Agent for RFID Privacy Protection”, Seventh Smart Card Research and Advanced Application IFIP
Conference (CARDIS '06), Lecture Notes in Computer Science, pp.
300-312, 2006.
|
Debashis,
Roy,
Moazzami,
Katayoon.
|
October
16
|
5
|
Internet
Privacy issues, Modified SSL to the rescue
PresentationSlides
|
1. Rabinovitch, E., “Protect your Users
against the lates web-based threat: Malicious Code on Caching servers”, IEEE
Communication Magazine, vol. 45, no. 3, pp. 20-22, March.
2007.
2. Earp,
J.B., Anton,
A.I., Aiman-Smith,
L. and Stufflebeam,
W.H., “Examining Internet Privacy
Policies Within the Context of User Privacy Values”, IEEE Transactions on Engineering
Management vol. 52, no. 2, pp. 227-237, May. 2005.
3. My Dad's computer, A
conversation with internet security expert- William R. Cheswick (2005)
in IEEE Spectrum[/list]
|
Olalekan,
Habib Kadri
|
October
9
|
6
|
Privacy
protection of grid service in distributed architectures
PresentationSlides
|
1. Smith, M., Engel, M., Friese,
T., Freisleben, B., Koenig, G.A., and Yurcik, W., “Security
issues in on-demand grid and cluster computing,”
Sixth IEEE International Symposium
on Cluster Computing and the Grid Workshops, vol. 2, p. 24, 2006.
2. Porras, P.A., “Privacy-Enabled Global Threat
Monitoring”,
IEEE Security & Privacy Magazine, vol. 4, no.
6, pp. 60-63, Nov.-Dec. 2006.
3. Jiong, Y., Yuanda, C., Yonggang, L., and Tan,
L., “Research
on Security Architecture and Privacy Policy of
Grid Computing System”, First International Conference
on Semantics, Knowledge and Grid, p. 3, Nov. 2005.
|
Jiaying,
Shi
|
October
11
|
7
|
Privacy
in e-commerce
PresentationSlides
|
1. Odlyzko, A., “privacy in e-commerce:
Privacy and the clandestine evolution of e-commerce”, Proceedings
of the Ninth international conference on Electronic commerce, vol. 258,
pp. 3-6, Aug. 2007.
2. Moores,
T., “Do consumers
understand the role of privacy seals in e-commerce?” Communications of the ACM, vol. 48, no.
3, pp. 86-91, March. 2005.
3. Berendt, B., G|nther, O., and Spiekermann,
S., “Privacy in
e-commerce: stated preferences vs. actual behavior”,
Communications of the ACM, vol. 48, no. 4, pp. 101-106, April 2005
|
Sejdini, Valon,
Chowdhury, Hasan,
Li, Xiaoming
|
October
9
|
8
|
Privacy
in Electronic Voting
PresentationSlides
|
1. Keller M. A., Mertz, D., Hall
J.L. and Urken, A., “Privacy issues in an electronic
voting machine”,
Proceedings of the 2004 ACM workshop on Privacy
in the electronic society, pp. 33-34, 2004.
2. Mercuri, T. R. and Jean, C. L., “The code of elections”,
Communications of the ACM, vol. 47, no. 10, pp. 52-57, Oct. 2004.
|
Groves,
Chris
|
Thursday,
October
4
|
9
|
Privacy
in Email System
PresentationSlides
|
1. Armour, Q., Elazmeh, W.,
El-Kadri, N., Japkowicz, N., and Matwin, S., “Privacy Compliance Enforcement in Email”, Advances in
Artificial
Intelligence, Berlin: Springer,
2005, pp.
194-204.
2. Schlegel, R. and Vaudenay, S., “Enforcing Email Addresses Privacy Using Tokens”, Lecture
Notes in Computer Science, vol. 3822,
pp. 91-100, 2005.
3. Butler,
K., Enck, W., Plasterr, J., Traynor, P. and McDaniel, P., “Privacy Preserving Web-Based Email”, Lecture
Notes in Computer Science, vol. 4332, 2006.
|
Ying
Chen,
Dou
Wang
|
Thursday,
October
4
|
10
|
Achilles
Heel in the Philosophy of Prometheus Boundless Security
PresentationSlides
|
1. Paine, C., Joinson, N. A.,
Buchanan, T. and Reips, U., “Privacy and
Self-Disclosure Online”, Conference on Human Factors in
Computing Systems, pp. 1187-1192, Apr. 2007.
2. Flinn, S. and Stoyles, S., “Omnivore:Risk
Management through Bidirectional Transparency”, Proceedings of the 2004
workshop on New security paradigms, p. 9, Sep. 2004.
3. Grande D. E. R. and Zorzo, D. S.,”Privacy
Protection Without Impairing Personalization by Using the
Extended System MASKS and the Extended
Contextualized P3P Privacy
Policies”, Proceedings of the 12th Brazilian
symposium on Multimedia and the web WebMedia”, p. 10, Nov.
2006.
|
Mokbel,
Fadel Mohammad
|
Thursday,
October
4
|
11
|
Privacy
management mechanisms
PresentationSlides
|
1. Razavi, N. M. and Iverson, L., “A grounded
theory of information sharing behavior in a personal learning
space", Proceedings of the 20th anniversary conference on
Computer, pp. 459–468, 2006.
2. Jason, I.,
Jennifer, D., Lederer, S. and Landay, J. A.,"Privacy risk models
for designing privacy-sensitive ubiquitous computing systems",
Proceedings of the 2004 conference on Designing interactive systems:
processes, practices, methods, and techniques, pp. 91-100, 2004.
|
Farhat,
Fadi,
Singh, Rachita
|
October
11
|
12
|
DRM
and Google’s Threat to Privacy
PresentationSlides
|
1. Conti, G., “Recipes for disaster:
Googling considered harmful”, Proceedings of the 2006
workshop on New security paradigms NSPW '06, pp. 67-76, 2006.
2. “Vicarious
Infringement Creates a Privacy
Ceiling”
Tsai , J. Y.,
Cranor, L. F. and Craver, S.,
Proceedings of the ACM workshop on Digital rights
management DRM '06, pp. 9-18, 2006.
|
Dissanayake,
Aqila
|
October
9
|
13
|
source-location
privacy in wireless sensor network
PresentationSlides
|
1. Kamat, P., Zhang, Y., Trappe, W.
and Ozturk, C., “Enhancing
Source-Location Privacy in Sensor Network Routing”,
Proceedings of the 25th IEEE International
Conference on Distributed Computing Systems,
pp. 599-608, June 2005.
2. Zhang, L.,”A self-adjusting directed
random walk approach for enhancing source-location privacy in sensor
network routing”, Proceedings of the 2006 international
conference on Wireless communications and mobile computing, pp. 33-38,
2006.
3. Ozturk, C., Zhang, Y. and
Trappe, W., ”Source-location
privacy in energy-constrained sensor network routing”, Proceedings of the 2nd ACM
workshop on Security of ad hoc and sensor networks SASN '04, pp. 88-93,
Oct. 2004.
|
Xin, Wu,
Da, Teng,
Yufei, Xu
|
Tuesday,
October
9
|
14
|
Protecting
Privacy in Mobile Ad-hoc Networks
PresentationSlides
|
1. Zhang, Y., Liu, W. and Lou, W., “Anonymous Communications in
Mobile Ad Hoc Networks”, Proceedings of the 24th Annual Joint Conference of the
IEEE Computer and Communications Societies, vol. 3, pp 1940-1951, 2005.
2. Jacobsson, M. and Niemegeers, I., “Privacy and Anonymity in Personal
Networks”,
Proceedings of the Third IEEE International Conference on Pervasive
Computing and Communications Workshops, pp.
130-135, 2005.
3. Doetzer, F.,”Privacy
Issues in Vehicular Ad Hoc Networks”, Workshop on Privacy Enhancing Technologies,
May-Jun. 2005.
|
Patel,
Amar,
Zhao,
Shushan
|
October
16
|
|
WINTER
2006
Selected
Snort Signatures
IMPORTANT:
PLEASE SEND the problems, that you may have encountered and the solutions
you found while working on your project, to me so that these may be used
to update the following three FAQs:
FAQ
for Snort on Windows: compiled by
Mr. Tarik El Amsy.
FAQ for Snort on Linux:: compiled by Mr. Abu Naser Mohammed Mazher Uddin.
Common FAQ for MySQL: to be compiled
by Mr. Ejelike Ositadimma.
SURVEYS
Group
No.
|
Names
|
Selected
Papers
|
1
|
Tahira Farid, Anitha
Prahladachar
PRESENTATION:
Saturday, 8th April 2006
PRESENTATION
REPORT
|
1. Yuxia Lin, A. Hamed Mohsenian Rad, Vincent W.
S. Wong, Joo-Han Song,” Experimental Comparisons between SAODV and AODV
Routing Protocols,” Proceedings of the 1st ACM workshop on Wireless
Multimedia Networking and Performance modeling, WMuNeP Oct 2005
2. Perkins, C.E.; Royer, E.M,” Ad-hoc On-Demand
Distance Vector Routing,” Proceedings of the Second IEEE Workshop on
Mobile Computing Systems and Applications, WMCSA ’99
3. Pirzada, A.A.; McDonald, C,” Secure Routing
with the AODV Protocol,” Proceedings of the Asia-Pacific Conference on
Communications, Oct 3-5, 2005
4. Bhargava, S.; Agrawal, D.P.,” Security
Enhancements in AODV protocol for Wireless Ad Hoc Networks,” Vehicular
Technology Conference Oct 7-11, 2004, IEEE VTS 54th Vol. 4
|
2
|
Abu Naser Mohammed Mazher Uddin, Md Shamual Farhanur Rahaman
PRESENTATION:
Saturday, 8th April 2006
PRESENTATION
REPORT
|
1.
Holgersson, J.; Soderstrom,
E.; “Web service security - vulnerabilities and threats within the
context of WS-security”, The 4th Conference on Standardization and
Innovation in Information Technology, 2005. 21-23 Sept., 2005
Page(s):138 – 146
2.
Nasution, B.B.; Kendall,
E.A.; Khan, A.I.; “Algorithm Exchange of a Security Control System for
Web Services Applications”, Proceedings
of the 38th Annual Hawaii International Conference on System Sciences,
2005. HICSS '05. 03-06 Jan. 2005 Page(s):167a - 167a
3.
Carminati, B.; Ferrari, E.; Hung,
P.C.K,”Web Service Composition: A Security Perspective,” Web
Information Retrieval and Integration, 2005. WIRI '05. Proceedings.
International Workshop on Challenges in 08-09 April 2005 Page(s):248 –
253, Digital Object Identifier 10.1109/WIRI.2005.36
4.
Rao, G.S.V.R.K ,”Threats and
security of Web services - a theoretical short study,”
Communications and Information
Technology, 2004. ISCIT 2004. IEEE International
Symposium on Volume 2, 26-29 Oct. 2004 Page(s):783 - 786
vol.2, Digital Object Identifier 10.1109/ISCIT.2004.1413823
|
3
|
El Amsy, Tarik
and Duan, Lihua, Muhammad Naushin Hasan
PRESENTATION: Monday,
10th April 2006
PRESENTATION
REPORT
|
Authentication
Protocols for Mobile Networks
[Aydemir05]
O. Aydemir and A. Selguk, “A strong user authentication protocol for
GSM”, 14th IEEE International Workshops on Enabling Technologies:
Infrastructure for Collaborative Enterprise, pp.150-153, 2005.
[Kim03] H.
Kim and H. Afifi, “Improving mobile authentication with new AAA
protocols,” Proc. IEEE Int. Conf. on Communications, Vol.1, pp.
497-501, May 2003.
[Liang04] W.
Liang and W. Wang, “A lightweight authentication protocol with local
security association control in mobile networks”, IEEE Military
Communications Conference(MILCOM 2004), Vol. 1, pp. 225-231,
2004.
[Long04] M.
Long, C. J. Wu, and J. D. Irwin, “Localized authentication for wireless
LAN inter-networking roaming”, IEEE Wireless Communications and
Networking Conference (WCNC), Vol.1, pp. 264-267, 2004
|
4
|
Ejelike Ositadimma and Radjabalipour Bahman
PRESENTATION: Monday,
10th April 2006
PRESENTATION
REPORT
|
Electronic
Cash: Security and Privacy
[1] Xiaosong
Hou; Chik How Tan, "A new electronic cash model," Information
Technology: Coding and Computing, 2005. ITCC 2005. International
Conference on , vol.1, no.pp. 374- 379 Vol. 1, 4-6 April 2005
[2] Bo Meng;
Qianxing Xiong, "Research on electronic payment model,"
Computer Supported Cooperative Work in Design, 2004. Proceedings. The
8th International Conference on , vol.1, no.pp. 597- 602 Vol.1, 26-28
May 2004
[3] Byler,
R. What is money?. In Proceedings of the 2nd Annual Conference on
Mid-South College Computing (Little
Rock, Arkansas,
April 02 - 03, 2004). ACM International Conference Proceeding Series,
vol. 61. Mid-South College Computing Conference, Little Rock, Arkansas,
200-209. 2004.
[4] Peha, J. M. and Khamitov, I.
M. PayCash: a secure efficient Internet payment system. In
Proceedings of the 5th international Conference on Electronic Commerce
(Pittsburgh, Pennsylvania, September 30 - October 03, 2003). ICEC '03,
vol. 50. ACM Press, New York, NY, 125-130. 2003.
|
5
|
Vic Ho, Kashif Saeed
PRESENTATION:
Saturday, 8th April 2006
PRESENTATION
REPORT
|
"Multilevel Secure Database system":
[1] A dynamic method for handling the inference problem in multilevel
secure databases
Chen, X.; Wei, R.; Information Technology: Coding and Computing, 2005.
ITCC 2005. International Conference on Volume 1, 4-6 April 2005 Page(s):751
- 756 Vol. Digital Object Identifier 10.1109/ITCC.2005.7
[2] A Multi-Purpose
Implementation of Mandatory Access Control in Relational Database
Management Systems
Rjaibi,
W; Bird, P.; Proceedings of the 30th VLDB Conference, Toronto, Canada, 2004. Page(s):
1010-1020
[3] An Introduction to
Multilevel Secure Relational Database Management Systems
Rjaibi, W; Proceedings of the 2004 conference of the
Centre for Advanced Studies on Collaborative research (CASCON), October
5-7, 2004,
Markham, Ontario, Canada.
Page(s): 232-241
[4] Toward
a Multilevel Secure Relational Data Model
Sushil, J ; Ravi, S.; ACM Sigmod
International Conference on Management Data, Denver, Colorado.
May 1991,
Page(s): 50-59
|
6
|
Shamsul Wazed and
Quazi Rahman
PRESENTATION
REPORT
|
Secure
Protocol in Wireless Sensor Networks
[1] N. Aboudagga, M.T.
Refaei, M. Eltoweissy, L. DaSilva and J. Quisquater, “Authentication
Protocols for Ad Hoc Networks :
Taxonomy and Research Issues,” in Proceedings of the 1st ACM
international workshop on Quality of service & security in wireless
and mobile networks, Quebec, Canada, 2005, pp. 96-104.
[2] W. Du, R. Wang and P.
Ning, “An Efficient Scheme for Authentication Public Keys in Sensor
Networks,” In Proceeding of 6th ACM International Symposium on Mobile
Ad Hoc Networking and Computing (MobiHoc), IL, USA, 2005, pp.
58-67.
[3] H. Cam, S. Ozdemir, D.
Muthuavinashiappan and P. Nair, “Energy Efficient Security Protocol for
Wireless Sensor Networks,” Vehicular Technology Conference, 2003, vol.
5, pp. 2981-2984.
[4] C. Karlof and D. Wagner,
“Secure Routing in Wireless Sensor Networks: Attacks and
Countermeasures”, in Proceedings of the 1st IEEE International Workshop
on Sensor Network Protocols and Applications, Anchorage, AK, 2003.
|
7
|
Zillur Rahman, S S
Ahmedur Rahman, Lawangeen Khan
PRESENTATION
REPORT
|
"Data
Mining-based Intrusion Detection Systems"
1.
Bruce D. Caulkins USA, Joohan Lee, Morgan Wang,”
PacketVsSessionBasedModelingForID,” Proceedings of the International
Conference on Information Technology: Coding and Computing (ITCC’05)
2. Chang-Tien Lu,
Arnold P. Boedihardjo, Prajwal Manalwar,” Exploiting Efficient Data
Mining Techniques to Enhance Intrusion Detection Systems,”
3. Animesh Patcha and Jung-Min Park,”
Detecting Denial-of-Service Attacks with Incomplete Audit Data,”
4. Daniel Barbara, Julia Couto,
Sushil Jadodia, Ningning Wu,”ADAM: A Detecting Intrusions by Data
Mining,” Proceedings of the IEEE Workshop on Information Assurance and
Security, United States Military Academy, West Point, NY, 5-6 June 2001
|
Assignment II
and Project
ASSIGNMENT ON SECURITY ISSUES FOR DESIGN OF SYSTEMS
FOR PRIVACY
S.No.
|
Title
|
Authors
|
Comments
|
1
|
Security
Policy for Banking Organization using Smartcard
|
Anitha Prahladachar
Tahira Farid
|
Comments
2_3
|
2
|
A
proposed Policy Document and Technical specification for a university’s
student information system, ensuring almost complete privacy and
security at individual level
|
Uddin, Abu
Rahaman, Shamual
|
Comments
3_4
|
3
|
Security and Privacy Planning for WalMart
|
Lihua Duan,
El Amsy Tarik
|
Comments
4_5
|
4
|
Electronic
Passports: Security and Privacy Issue
|
Ejelike
Ositadimma, Bahman
Radjabalipour
|
Comments
5_6
|
5
|
Security
and Privacy Policy in Health Insurance Company
|
Chun-Hsien (Vic) Ho, Kashif
Saeed
|
Comments
6_7
|
6
|
Maintaining
of Secured Owner-Controlled
Clinical Data
|
Md. Shamsul Wazed,
Quazi Rahman
|
Comments
7_8
|
7
|
|
Muhammad Hasan,
Dorian Stoilesc
|
|
8
|
Security
and Privacy Policy of ZAK Airlines for Smart Card Technology
|
Zillur Rahman, S S Ahmedur Rahman, Lawangeen Khan
|
Comments
1_2
|
FALL
2004
LIST
OF SURVEY PAPERS
Project-II :
Project-I :
WINTER
2004
Project-I :
Project II:
Survey :
FALL
2003
Project I:
·
NetScan Tools
4.22 NETSCAN
·
NetXRay
NETXRAY
·
SATAN SATAN
·
Nmap NMAP
·
ISAP IP
Packet Filter IPFILTER
·
ANT
2.7
ANT 2.7
·
CISCO Secure Scanner CISCO
·
Analyzer ANALYZER
1. JORDAN source-code.zip
2.
KIM source-code.zip
|
|
Home
| Syllabus
| Assignments
| Materials
|
|
|
|