Class Presentation
Project Objectives
For this assignment, you will be providing an oral presentation to your peers in the Computer Network Security class.
Proposal
First, pick a topic that you would like to learn about in depth. The topic must be related to the broader field of computer security and have been in the news in 2021, 2022, or 2023. The topic should be technical in nature. The completed presentation should be 15 minutes in length and cover content at a technical level appropriate for students majoring in computer science or computer engineering.
Tip: The Security and Privacy News page aggregates current events from a variety of sources.
Tip: The SANS NewsBites newsletters are an excellent source of news on security. Just pick an archive issue at random, and you're almost guaranteed to find an interesting presentation topic within. Be sure to subscribe to stay current in the future!
Tip: The Security Now Podcast archives are also an excellent source of news on security. Full archives and detailed show notes are available.
Once you have picked your topic, write a proposal with the following information:
- The title of your presentation
- A 2 paragraph executive summary of the topic you intend to present on
- At least 3 links providing technical reference material on the selected topic
Presentation
After your project proposal is approved, read more about your chosen topic and understand it in detail. Then, prepare your presentation. You should provide enough detail and background information such that your peers (other students in the class) are able to understand and appreciate your presentation. The presentation length should be 15 minutes. You should provide 7-9 PowerPoint slides to convey useful figures and diagrams. Some of your peers are visual learners, not auditory learners, and will better appreciate your presentation by viewing a figure instead of listening to your words.
Recorded Video
Submit a video of your oral presentation with the supporting slides.
For the recorded presentation, don't use the most rudimentary method - pointing your phone camera vaguely towards your laptop screen and hitting record. There are myriad screen recorder applications that, combined with a microphone, will produce high quality visuals and audio. Or if you want to get fancy, something like Open Broadcaster Software Studio has a lot of power.
Peer Review
Every presentation will be reviewed by 3 of your classmates (randomly assigned) through a Canvas assignment that is due after presentations are submitted. Peer reviews are anonymous.
Selected Topics
Current Topics - 2023
| Name | Title |
|---|---|
| Acosta, Megan | March 2022 NVIDIA Data Breach (LAPSUS$) |
| Anbar Altayyar, Abdulaziz Omar G | ESXiArgs (ESXi ransomware) |
| Bernardino, Matthew | Malicious QR Codes |
| Chen, Tianfeng | ProxyLogon: A Backdoor on Microsoft Exchange Server |
| Dejeu, Kevin | John Deere / Right to Repair |
| Eisenstadt, Steven | Cuba Ransomware attacks / Hancitor malware |
| Ganganolla, Sricharan Reddy | Creating a Secure Password Policy for an Organization |
| Haidari, Mansoor | The Impact of Supply Chain Cyber Attacks: A closer look at “NotPetya” |
| Inala, Shruthi | Honeypots |
| Irshad, Eyman | ANoM backdoor app used to arrest criminals |
| Jones, Sam | Password Encryption fail, LastPass Data Breach 2022 |
| Kelly, Robert | -- |
| Lam, John | The Dangers of Deepfakes |
| Lee, Sage | SH1MMER - Chromebook Un-enrollment Exploit |
| Maheshwari, Vivek Kumar | Security Issues with the Internet of things Devices |
| Melugiriyappa, Vijeth | Apache Log4j Vulnerability |
| Mitic, Marco | LockBit 3.0 ransomware |
| Noto, Anna | Is private browsing actually private? |
| Paruchuri, Mohan Pavan Kumar | There’s a Pegasus in your Phone |
| Patel, Megha Chetankumar | Twitter data breach (2022) |
| Rahdert, Yukio | Cross Site Request Forgery - Azure |
| Ribbel, Ryan | Dangers of iOS vulnerabilities (2022 Zero-Day Vulns) |
| Singh, Arpit Kumar | T-Mobile Data Breach (2021,2022) |
| Upton, George | Uber data breach (2022) |
| Westbrook, Korie | -- |
Past Topics - 2022
| Title |
|---|
| CVE-2021-44228 |
| Log4j |
| Deep Fakes |
| Acer Data Breach (REvil attack / Desorden attack) |
| Conti Ransomware Attack on Ireland’s Public Health System |
| Polkit Exploit (CVE-2021-4034) A.K.A. Pwnkit |
| Use-after-free in Google Chrome could lead to code execution |
| Staying Ahead of Quantum Computing |
| UpdateAgent second-stage payload variants |
| Blockchain "Bridge" Exploited for $325 million |
| There’s a Pegasus in your phone |
| Blockchain and The Cybersecurity of Cryptocurrency |
| Malicious QR Codes |
| Emotet-The deadliest trojan |
| The security of NFTs |
| Ring Doorbells |
| Medusa & Flubot: Android banking Trojans |
| Adobe Acrobat Reader Out of Bounds Read Leads to Privileged Hacker |
| Clop Ransomware |
| Project Zero (NSO Zero-click iMessage Exploit) |
| Microsoft Exchange Server Hacking (ProxyLogon) |
| Colonial Pipeline (DarkSide ransomware) |
| Effect of COVID-19 on WFH and awareness of cybersecurity |
| Vulnerabilities in DNS software (DNSpooq cache poisoning) |
Past Topics - 2021
| Title |
|---|
| High Risk Attacks, High risk rewards: The dangers of Tech Duopolies |
| High Performance Compute Services Under Attack |
| Operation Nightscout |
| Agent Smith: Mobile malware hits millions of devices |
| TeamTNT: Open-Source Cloud-based Cybercrime |
| SD-WAN security |
| Phishing Services/Scams |
| Emotet Malware |
| Journey into Smart Home Security |
| How secure is AJAX within web applications? |
| Solar Wind’s Newly Discovered “Raindrop” Malware |
| Software Supply Chain Attacks |
| WastedLocker Ransomware Attack |
| FritzFrog: Hopping into Servers |
| The lost password of the Bitcoin wallet |
| TLS 1.3 - Transport Layer Security |
| Dangerous Botnet “Emotet” Taken Down by Europol |
| Trojan Banking - Trickbot |
| Ransomware Surge Is Threatening Hospitals and Medicare |
| Ransomeware in Hospitals / Healthcare (Trickbot) |
| The Mischief of the Kobalos Malware |
| Capital One Data Breach |
| Improving the Security of Connected Medical (IoMT) Devices |
| Top 10 Web Application Security Risks and Vulnerabilities to Watch Out for in 2021 |
| Snake Ransomware Attack in Fresenius’s System |
| Blockchain and The Cybersecurity of Cryptocurrency |
| Vulnerabilities in DNS software (DNSpooq) |
| Kobalos Malware |
| PayPal Phishing |
| Ripple20 Vulnerabilities Affect Millions of IoT Devices |
| Voting Machine Security |
| Zoom’s Spotlight |
Past Topics - 2020
| Title |
|---|
| BrowseAloud and Crypto-Mining |
| Connected Cars vs Hackers |
| Network Segregation |
| Security Systems in Network Infrastructure |
| BGP and Threats to Entire Internet |
| Satellite Cybersecurity |
| Denial of Service Attacks |
| Slow Loris - DDoS Revived |
| NetSupport School |
| Social Engineering Life Cycle |
| Active PayPal Phishing Scam Targets |
| Good Entertainment, Bad Realism (Hacking in Hollywood vs Reality) |
| EKANS Ransomware |
| Crypto Ransomware: CryptoPatronum |
| Ransomware in Healthcare |
| Emotet Malware |
| Equifax Data Breach (Apache Struts) |
| Remote Code Execution Vulnerability in Apple Safari |
| WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE |
| APT41 and Exploiting CVE-2019-3396 |
| Dynamic-Link Library (DLL) Side-Loading |
Grading
Proposal (10 pts)
- Executive summary of topic - 5 pts
- Reference links with technical information - 5 pts
Final Presentation (80 pts)
- Communication Effectiveness - 30 pts
- Sequencing of Information
- Effectiveness
- Use of Graphics
- Text - Font choice and formatting
- Spelling and Grammar
- Delivery
- Technical Content - 50 pts
- Technical content accuracy
- Technical content depth
Peer Review (10 pts)
- Completion of 3 peer reviews
Submission
Submit all files to the Canvas CMS site.
There will be separate Canvas assignments for:
- Proposal
- Presentation Video (link or .mp4 upload)
- Presentation Slides (PDF or PPTX)