CSCD 303 Projects
Due: See Dates Below
- Hackers. Investigate a group of hackers.
You can choose from an existing groups such as Legion of Doom or Masters of Deception, or Chaos Computer Club.
Or, you can pick regionally. China, Russia, Eastern Europe, Brazil. Find out all you can about them.
Motivation: White hats or Black Hats, money, hacktivism, etc. What success so they have? Exploits or web sites.
Publications by members. Targets ... who should fear them? What if anything can be done to thwart them.
- Social Engineering. Research these techniques
to see what is typically done. See how far you can get by doing any or
all of the following: Dumpster diving, dressing up as something you are
not, calling for information over the phone and recording conversations, shoulder surfing. If doing
this at work, ask permission first. If you find actual information, you
are on your honor to not abuse this. Report how successful you are. Write up background research on topic also.
Also, report if there are defenses that could be used against your actions.
- User Education. Users in general don't want to be bothered with security. Come up with creative
fun ways to educate them. Could be a game, quiz, video ... something fun.
Try to treat security as a reward instead of negative as something to avoid.
Actually try to create something, test it out and report user's reactions.
- Cyber Terrorism. Research this topic and report: How likely is this to happen from
others views, your own views. Could even interview people to see if they are afraid of this
type of thing taking place. Support your views with research including references.
- Laws. There are now many laws on the books. What are the laws governing cyber crime or hacking
in general? Are the current laws hard to enforce and if so, why? What laws seem to be unfair or even invasive of innocent
people's rights? EFF is a good source for this kind of topic.
- Cloud Computer Security. How is security affected by the Cloud Platform? What types of exploits exist or
are possible in the Cloud? What protection is used or is missing from Cloud platforms? Flesh out this topic
with questions of your own.
- Suggest a topic of your own
- Exploit a Vulnerability. Research it. Write an exploit to take advantage of it. Only for classroom use.
Not to be released into the wild.
- Protect against an Exploit. Maybe inject packets to obfuscate traffic. Hide IP address but still
allow the network to work. Or, do some other kind of hiding to fool bad guys.
This will result in a proof of concept tool
- Detect intruders or exploit. How would you figure out if a computer has been compromised.
Here ... like intrusion detection, log file analysis or some other way of gathering information
in an automated way. Should result in a proof of concept tool.
- Create a lab for the class. Must coordinate with me for this to fit into our lab schedule. Research and
create a lab for this class. Must write it up, practice it and create questions for the class.
You will be in charge of conducting the lab.
- Visualize security. Security is hidden and sometimes hard to visualize. Write something
that will make data from security more visible and undestandable. Should be a tool or proof
- Suggest a topic of your own
- Turn in your selection of a topic by the due date below. Just a short couple of paragraphs
- Turn in a paper if it is a research topic or a project write-up if a technical or social
issue topic. Papers are to be around 5 pages and have references. Project write-up should
have screen shots and be 4 pages or so.
- Presentation. All projects or papers will have an associated presentation.
Must have something visual. Slides and/or include a demo. Think of this as teaching
something to the class. More on how to do this later.
- If Project has code or survey results, these should be turned in as well
1. October 31st - Decide on a Project or Topic. Turn in a Brief description to me.
2. Date for Final Project - To be determined, usually last day of class.