CS3235—Computer Security
Fall 2005
|
1 Late Breaking News
- The first class will be on August 11 from 4-6pm in LT34. This is the
lecture theater (the top one) in SOC1, behind the B04 bus stop on Lower
Kent Ridge Road. SOC1 faces the Science co-op and LT27.
- The home page for last year's offering of the course is here.
2 Administrative Stuff
The textbook for the class is Introduction to Computer Security
2nd edition, by Hugh Anderson which should be available at the
Science co-op for $14.10. This is the first course in Computer Security and
no prior background on the subject is assumed. The lecturer for the course
is (no surprise) Hugh Anderson. The course has tutorials but some tutorials
have been (transparently) replaced by labs i.e., on some weeks the tutorial
hour will discuss labs. We are experimenting with labs for the first time
this semester and it's our hope that they will give you ample hands on
experience with various security tools.
The class meets on thursdays from 4-6pm in LT34.
2.1 Grading
This is subject to change but as of now we have the following distribution.
| Task | Weightage
|
| Quiz 1 (MCQ) | 8%
|
| Quiz 2 (MCQ) | 8%
|
| Tutorials | 4%
|
| Labs (3+1) | (12+18)%
|
| Final | 50%
|
3 Exam Related
Please verify all your marks for correctness and in case of any discrepency,
contact Hugh urgently either by e-mail or by phone (6874-6903). We don't
have marks for the final project assignment yet but we are busily grading them
at this moment.
The grading policy for the tutorials has been revised and is
now in line with previous offerings of the course. Sandeep was following
his own grading scheme earlier for his tutorial groups but that was not the
official policy. This policy applies to the whole class. There are
no marks for participation. A grade of B for an attempted
question will fetch you 1.5 marks. A B+ is 2 marks. An A is
2.5 marks. A B- is 1 mark and so on. The maximum marks you can get
is 4.
| Matric | Labs (/12) | Tuts (/4) | Quiz 1 (/33) | Quiz 2 (/29)
|
| Hugh | 12 | 4 | 33 | 29
|
| NT050118B | 1.5 | 2 | 17 | 15
|
| NT050154N | 11 | 1.5 | 23 | 15
|
| NT050168H | 10.5 | 4 | 25 | 20
|
| NT050248M | 11 | 4 | 26 | ABSENT
|
| NT050279M | 9.5 | 4 | 23 | 23
|
| NT050371U | 10 | 1.5 | 14 | 14
|
| NT050385L | 11 | 4 | 19 | 21
|
| NT050389H | 2 | 3.5 | 27 | 18
|
| NT050414Y | 10.5 | 3 | 23 | 15
|
| NT050422X | 10 | 2 | 31 | 25
|
| NT050498N | 10.5 | 1.5 | 20 | 23
|
| NT050544L | 9 | 3 | 24 | 19
|
| NT050577J | 9 | 3.5 | 23 | 20
|
| NT050660E | 11.5 | 1 | 17 | 14
|
| U026962U | 10.5 | 4 | 21 | 18
|
| U026970R | 9 | 4 | 23 | 19
|
| U027010B | 11.5 | 2 | 14 | 11
|
| U027027A | 12 | 4 | 22 | 18
|
| U027071N | 10.5 | 4 | 24 | 22
|
| U027116U | 11.5 | 4 | 24 | 14
|
| U027226M | 0 | 1.5 | 27 | 23
|
| U027230N | 9 | 3 | 24 | 11
|
| U027244H | 9.5 | 1.5 | 27 | 24
|
| U027283E | 10 | 1.5 | 24 | 11
|
| U027406R | 10 | 3 | 26 | 16
|
| U027423Y | 10 | 3 | 26 | 8
|
| U027440H | 9.5 | 0 | 24 | 21
|
| U027444A | 8.5 | 0 | 18 | 12
|
| U027887N | 12 | 3.5 | 26 | 19
|
| U027894B | 12 | 4 | 26 | 25
|
| U027904J | 12 | 1 | 25 | 15
|
| U027915R | 12 | 3 | 26 | 16
|
| U027922A | 12 | 3.5 | 25 | 20
|
| U027932Y | 12 | 3 | 27 | 24
|
| U027962M | 12 | 4 | 23 | 18
|
| U027986B | 10 | 1.5 | 27 | 19
|
| U027989L | 10 | 0 | 23 | 12
|
| U034945W | 9.5 | 3.5 | 20 | 14
|
| U034946H | 10 | 1.5 | 16 | 10
|
| U034948E | 10 | 2.5 | 21 | 12
|
| U034951W | 11 | 1.5 | 21 | 17
|
| U034965M | 11.5 | 4 | 19 | 14
|
| U034966Y | 9.5 | 3 | 24 | 22
|
| U034968X | 9.5 | 3.5 | 22 | 18
|
| U034976W | 11 | 1.5 | 19 | 18
|
| U034978U | 9 | 0 | 21 | 14
|
| U034980X | 11 | 2.5 | 20 | 13
|
| U034983H | 12 | 2 | 24 | 18
|
| U034995B | 11.5 | 4 | 19 | 14
|
| U035001B | 10 | 0 | 26 | 21
|
| U035014H | 11 | 2.5 | 25 | 16
|
| U035020H | 9.5 | 3.5 | 27 | 20
|
| U035024A | 10 | 1.5 | 23 | 16
|
| U035028Y | 5 | 0 | ABSENT | ABSENT
|
| U035034Y | 10 | 1.5 | 27 | 18
|
| U035042X | 11 | 4 | 20 | 16
|
| U035044W | 10 | 0 | 25 | 17
|
| U035061A | 9.5 | 1.5 | 19 | 13
|
| U035067X | 11 | 4 | 23 | 22
|
| U035072L | 9.5 | 1 | 27 | 14
|
| U035077U | 10 | 1 | 24 | 14
|
| U035078E | 11 | 0 | 21 | 15
|
| U035080J | 10 | 3 | 26 | 18
|
| U035081W | 4.5 | 1.5 | 21 | 19
|
| U035088B | 11.5 | 2 | 21 | 13
|
| U035091R | 4.5 | 3 | 23 | 13
|
| U035093N | 11 | 3 | 27 | 20
|
| U035100M | 10 | 3.5 | 22 | 20
|
| U035106H | 9.5 | 1.5 | 24 | 19
|
| U035122A | 7.5 | 4 | 29 | 21
|
| U035130B | 11.5 | 2 | 26 | 24
|
| U035132Y | 11.5 | 0 | 24 | ABSENT
|
| U035134X | 11 | 1.5 | 27 | 21
|
| U035143H | 6.5 | 3 | 18 | 17
|
| U035155B | 10 | 4 | 20 | 16
|
| U035170L | 6.5 | 1 | 21 | 13
|
| U035187M | 9.5 | 2 | 15 | 12
|
| U035201X | 9 | 3.5 | 21 | 19
|
| U035209N | 12 | 2.5 | 17 | 11
|
| U035238R | 11 | 1.5 | 21 | 11
|
| U035252N | 9.5 | 3.5 | 29 | 20
|
| U035259W | 7.5 | 2 | 22 | 16
|
| U035273U | 7.5 | 1 | 20 | 13
|
| U035278B | 8.5 | 3.5 | 19 | 15
|
| U035284B | 0 | 0 | 15 | 7
|
| U035287L | 7.5 | 0 | 19 | 17
|
| U035288X | 10 | 1.5 | 21 | 17
|
| U035297H | 10 | 4 | 22 | 10
|
| U035298U | 10 | 3 | 20 | 16
|
| U035340U | 4.5 | 4 | 22 | 18
|
| U035349X | 4.5 | 0 | 21 | 17
|
| U035379L | 6.5 | 2 | 27 | 24
|
| U035842H | 11 | 1.5 | 26 | 18
|
| U035843U | 12 | 3 | 23 | 24
|
| U035845R | 9.5 | 3 | 25 | 15
|
| U035850E | 12 | 4 | 29 | 17
|
| U035852A | 8.5 | 1 | 24 | 21
|
| U035854B | 11 | 4 | 24 | 16
|
| U035855M | 12 | 4 | 23 | 17
|
| U035862Y | 12 | 4 | 25 | 26
|
| U035873H | 11.5 | 4 | 29 | 26
|
| U035909B | 7.5 | 0 | 24 | ABSENT
|
| U035915B | 6 | 1.5 | 23 | 17
|
| U035921B | 6 | 0 | 17 | 11
|
| U035934H | 3 | 3.5 | | 13
|
| U047113E | 12 | 4 | 29 | 24
|
| U047130M | 6.5 | 3 | 21 | 10
|
| U047155M | 11.5 | 3 | 16 | 18
|
| U047157L | 9 | 4 | 21 | 17
|
| U047165J | 9 | 2 | 22 | 17
|
| U047291Y | 11 | 3 | 21 | 17
|
| U047349J | 10 | 4 | 21 | 15
|
| U047383Y | 11.5 | 4 | 20 | 16
|
4 Lectures
| Date | Contents
|
| Aug 11 | Introduction. Please prepare by reading Chapter 1 of
the textbook.
Lecture Notes.
|
| Aug 18 | Lecture Notes.
|
| Aug 25 | Lecture Notes.
|
| Sep 1 | Lecture Notes.
|
| Sep 8 | Lecture Notes.
|
| Sept 15 | Lecture Notes.
|
| Sept 22 | No class. Mid semester break.
|
| Sep 29 | Lecture Notes.
|
| Oct 6 | Lecture Notes.
|
| Oct 13 | Lecture Notes.
|
| Oct 20 | Lecture Notes.
|
| Oct 27 | Quiz II. Lecture Notes.
|
| Nov 3 | No class. Hari Raya holiday.
|
| Nov 10 | Double header. Lecture Notes.
|
5 Tutorials
The tutorial schedule is as follows.
| Tut Group | Time | Room | Tutor
|
| 1 | Tue 2-3pm | S16/431 | Sandeep
|
| 2 | Tue 3-4pm | S16/431 | Sandeep
|
| 3 | Tue 4-5pm | S16/431 | Pradeep
|
| 4 | Tue 5-6pm | S16/431 | Pradeep
|
| 5 | Wed 10-11am | S16/431 | Sandeep
|
| 6 | Wed 11-12noon | S16/431 | Sandeep
|
5.1 Assignments
The provided solutions are not model answers; rather
they are suggestions for possible answers.
5.2 Tutorial marks
The grading policy for the tutorials has been revised and is now in line
with previous offerings of the course. It applies to the whole class. There
are no marks for participation. A grade of B for an attempted
question will fetch you 1.5 marks. A B+ is 2 marks. An A is
2.5 marks. A B- is 1 mark and so on. The maximum marks you can get
is 4.
6 Labs
You must keep copies of all lab projects you submit until your final
grade for the course is released. This can help resolve disputes in case we
can't locate a specific submission of yours or in case one of them is
accidently lost.
Do not construe your
freedom (and our encouragement in doing so) to experiment with security
vulnerabilities and exploits, hacker tools, etc. within the confines of the
security lab as implicit approval in any way of such and similar
activities on other public, private, and corporate networks. Such activity
is illegal and not condoned by me in the least. You will face the
consequences of your actions if you are caught doing such activities in
external networks (which includes the Starhub cable network that some of
you may have at home).
6.1 Lab 1—Nmap (4 marks)
The lab1 description is
here. It should be
mostly complete and accurate but some minor parts may change as you try out
the lab for yourselves and report problems and bugs to us.
6.2 Lab 2 (4 marks)
6.3 Lab 3 (4 marks)
The lab description is
here. The binary for
tcp_rst is
here while its latest source is
here. This binary will only work on Linux so the
machine from which you generate a TCP RST should be a Linux box. A makefile
that compiles it against an existing libnet.a is
here. If you have questions about the lab, post
them to IVLE and I'll try to answer them.
7 Project ≡ Lab 4 (18 marks)
Each group will comprise of a maximum of four students. The following
project descriptions serve only as starting points for further
exploration. Feel free to choose your own, or adapt and refine our
suggestions to suit your tastes and expertise. We'd like you to be
independent in finding and solving new problems, so you're encouraged to
propose things on your own that you are motivated to do. However, picking
one of the following is also OK subject to the constraints on the maximum
number of groups doing a particular project.
7.1 Projects offered this semester
7.1.1 Face maps with a 3D scanner (2 groups)
Use the available 3D scanner to scan and efficiently (figure out how
to do this) store 3D maps of human faces. Consider most of your classmates
as samples for this database! Design and implement appropriate
verification (or identification) algorithms that are both
efficient and can perform approximate matching to determine the closest
match of the presented sample against the database. This can then be used
for biometric identification. Evaluate some 3D comparison algorithms.
7.1.2 Fingerprint reader—Hamster (1 group)
Use the SecuGen Fingerprint SDK to write software that can be used to drive
an actuator that causes a side effect in the physical world, such as
controls access to a room at NUS. It'd be sufficient for this project to
successfully authenticate the user seeking access and upon successful
verification to drive the serial port of the PC to generate a command such
as "open door", or to play appropriate music clip that signals success. For
the former, you can assume that the other end of the serial line is
connected to an actuator that understands RS232 and a simple command
set. We ought to be able to put a dumb serial terminal at the RS232 output
and see the command set that you're generating.
7.1.3 Fingerprint reader—Mouse (2 groups)
Use the SecuGen Fingerprint SDK to write a
Pluggable Authentication
Module (PAM) that uses a mouse-based fingerprint reader to validate
logins to a Linux-based PC in lieu of or in addition to password based
authentication. You can get a lot of help about using the SecureGen SDK
from
Janakiraman Rajkumar, a
graduate student in the Computer Science department.
The idea is that when a user logs in to the computer, he not only types
in a password but also places his thumb on the side of the mouse and the
system accepts the user if both his password is correct and his fingerprint
matches within an acceptable tolerance level. The procedure to read and
match a presented fingerprint should in principle be do different than the
previous project and you may borrow from them. Your work will be primarily
cenetered around creating a PAM module that encapsulates this functionality.
7.1.4 Fingerprint Matching Algorithms (2 groups)
Study feature set extraction methods used for fingerprint matching (here's
one) and how
the features are used for fingerprint comparison and assessing proximity of
match. Implement some (at least one) using the provided fingerprint SDK and
compare them for accuracy, speed, memory requirements etc. This requires a
good understanding of computer graphics and image processing.
7.1.5 War Driving (1 group)
Use a USB WiFi to construct a Dish Antenna and measure its utility for
wardriving.
7.1.6 Wireless Keyboard (1 group)
Use the USB IrDa to monitor and record (say) a wireless KbD. Use for
stealing passwords or some such.
7.1.7 Developing Webcam API (2 groups)
Design and implement a suitable high-level API that can be used with
the network cameras that are available in the lab. Some of them are just
16M ARM-based linux boxes and their likely interface to the external world
is through standard TCP/IP. Your high level API would of course be driven
by the usage scenarios that the cameras would eventually be put
to. Ideally, you'd study a broad class of applications that the cameras can
be put to and attempt to distill the common tasks needed in these usage
scenarious to build a framework within which they can be easily and
efficiently realized. For this project just consider a few security
applications and build an API around them. Examples of tasks that such
applications might require are snapshotting, retrieving images at a
regular rate, image differencing etc.
7.1.8 Developing fake fingerprints (1 group)
Recently, a Japanese researcher named Tsutomu
demonstrated how fingerprints left by casual
contact can be "lifted" off glassware and other surfaces to make fake
fingerprints that can be transferred to an adhesive tape and used for
fooling biometric authenticators. In this project you will attempt to
duplicate his result to the extent possible using equipment available in
the lab. This project is best suited for engineering students who have
hands on experience with PCB etching techniques and who are generally
resourceful and pretty hands on.
7.1.9 Webcams for face authentication (2 groups)
Use the webcams available in the lab for retrieving face images, locating
the face within the captured image, and comparing it with the purported
identity. You can be more ambitious in that you can expect to match against
a pre-specified pose of the user, say their smile, their frown, etc.
Coaxing a webcam to get an image should be no more difficult than
installing a driver for it. Identifying the bounding box within the image
that contains the face is difficult but fortunately the OpenCV libraries
will easily do that. Extracting features from the face and comparing it to
a known face is difficult but again the research of Dr. Terence Sim comes to the
rescue. Contact his graduate student Zhang Sheng for how to use the library
that they've developed for this purpose.
7.1.10 Building a Linux Wireless AP
In
this project, you will take a Linux box and a wireless PCMCIA card to build
an access point (AP) as shown in the image on the right (a software version
of it) that you should be able to use with
real wireless devices
such as other laptops. An access point is essentially a network
bridge whose one endpoint is a wireless network interface, and whose
other endpoint is a wired interface. For example, when you connect to
NUSNET over a wireless connection, your wireless connection (from your
laptop) terminates at an
access point not very dissimilar to the one
you see in the image.
Linux is a powerful operating system that can be made to receive and
process wireless datagrams (these are 802.11 MAC frames), convert them into
Ethernet (802.3 MAC) frames for forwarding to the wired network and vice
versa to forward Ethernet frames to 802.11 frames to forward datagrams to
laptops. There is a lot of existing software to do exactly that. Just feed
linux access point into your favorite search
engine to pull up a good list of references. Here's
one.
Once you are done with the basic AP installation, you should add a
security component to your project — for example, MAC address based
filtering in which the AP only forwards datagrams for an authorized set of
MAC addresses on the wireless side.
7.1.11 Running IPSec
Believe it or not, despite the availability of technical standards for
implementing IPSec since the mid to late 90's, we still don't find IPSec
deployed ubiquitously on desktops. A lot has to do with the ease of
configuring end systems to get IPSec running, and for users to be able to
manipulate it for their purpose. In this project, you will study what it
takes for dissimilar systems (such as Windows XP & Linux) to establish
a secure connection using IPSec and give a running demo of the setup.
7.1.12 Generating keys from voice
Look at Fabian Monrose's work on how to do this.
7.1.13 Implementing simplified TLS
It's not ultra difficult to write TLS in pure Java that uses a single
cipher suite to connect to a standard TLS server. You can use all the power
of Java libraries to implement your client. By the end of the project you
will have mastered the multitude of detail that is needed to write an
industrial-strength protocol such as SSL/TLS.
Eric Rescorla's SSL and TLS: Designing and Building Secure
Systems is an outstanding reference in this regard. You can also
discuss the TLS protocol and its implementation details with Chew En Yung, an HYP student in SOC.
Q&A
- Does implementing a TLS client mean implementing the TLS layer, or
are we supposed to write an application based on TLS?
The former of course. The latter would be too simple, especially
given the power of google these days :-).
- If we have to build the TLS layer, can we use some existing TLS
libraries like pureTLS, or are we restricted to the standard java
library?
No, you can't use PureTLS directly but you can study the PureTLS
code, learn from it and rewrite parts of it that you need, yourself. You
may use the Cryptix library if you so desire and anything in JDK1.5.
- Is there a TLS server in SoC that is public available? If yes, what
network applications are running on the server?
Nearly every SSL implementation these days will support TLS. TLS
is essentially SSL 3.1. You could write a simple TLS server at the
application layer using the JDK SSLSocket library. That's part of your
answer to question 1. Just googling for it should find you plenty of
sample code.
- What are the grading criteria for the project?
That it works, that you understand how TLS works, and that the
code is modular and readable. Efficiency is not important.
7.1.14 Breaking GSM Security
Use the SIM card reader available in the lab to implement the attack
mentioned in Lauri Pesonen's
paper
and implemented at
ISAAC. A lot
has probably happened since the time of these publications. You should
also do a literature search on the state-of-the-art in GSM security and
incorporate some of those attacks into your project. Feed
gsm
cloning into
scholar.google.com to get
additional references. Also feel free to talk with other groups doing the
same project.
Here are some more references to look at:
7.1.15 Integrate P3P-style processing into Web browsers
7.1.16 Breaking WEP Encryption
Use laptops (just two will do) to create a wireless ad hoc network between
them and use publicly available tools such as Kismet, Airsnort etc. to
crack the WEP encrypted traffic between them. Demonstrate it for a WEP key
that we choose.
7.1.17 Rachna Dhamija's ideas on combating phishing
See The Battle Against Phishing: Dynamic Security Skins, Rachna
Dhamija and J.D. Tygar, to appear in the Proceedings of the Symposium on
Usable Privacy and Security (SOUPS) 2005, July 2005.
7.1.18 Electronic purse (2 groups each)
Develop an electronic purse (wallet) or something similar using the Basic
or Java cards for some hypothetical client.
7.1.19 Bluetooth (2 groups)
Use the available USB bluetooth adapter for interrogating local
phones/devices + perhaps attempt at some hack? One possibility is to study
the insecurities that exist in the Bluetooth architecture and try to
exploit some of them and give a demo.
Another possibility is to use a portable Bluetooth device such as a cell
phone to act as a proximity indicator to signal whether the currently
logged-in user is present at the console. In a simple case, after
successful user login, a Bluetooth-based process is started on the desktop
which continually monitors for authentication messages from the cell phone,
and starts a screen locking program when it fails to hear such messages for
some time period.
7.1.20 Usable Security — a contradiction? (3 groups)
In a paper titled
Usability of
Security: A Case Study by Alma Whitten and Doug Tygar, they state that
Human factors are perhaps the greatest current barrier
to effective computer security. Most security mechanisms are simply too
difficult and confusing for the average computer user to manage
correctly.
In this project you will select a security mechanism that you like; some of
its representative implementations (many of them have free trial versions),
and determine how usable these implementations are within their broad class
of security mechanism. Usability will actually be determined by real users
of these applications, not by you. You will devise and conduct a survey
that will help you answer that question.
Before you can devise a good survey, you will need to study the
mechanism that you've chosen and play with their implementations yourself
to get a good feel for what works and what doesn't. You may need to
understand whether there are peculiarities of the mechanism that makes it
inherently less usable or unfriendly. Such insight might help
establish a bound on how good any implementation of the mechanism
can possibly be. For e.g., some implementations of secure e-mail might not
have a well designed GUI interface and that's what makes them less usable
than others; but it may also turn out that the whole concept of Public Key
Infrastructure is so complicated for the ordinary user that it has an
inherent unusability that can only at best be mitigated by a well
designed GUI.
Some examples of security mechanisms and their possible implementations
are:
- Packet Filters: iptables, ZoneAlarm, guarddog.
- Virus scanners:...
- Secure e-mail: kpgp,...
You will work on this project in consultation with Dr. Irene Woon in the IS department. In
order to minimize the number of times that Dr. Woon has to explain this
project, all groups who sign on for this project must endeavor to go down
to her office together.
7.1.21 Secure Programming — a myth in current times-to-market? (3 groups)
Despite the acknowledgment by security and software engineering experts
that
good software engineering practices can have a big impact on
the robustness (and consequently security) of the finished software
product, it'd appear from the abundance of low-quality software products
(even those touting to be security products) that such practices are not
followed either by individual programmers, or by companies as an internal
best practices mandate. While the problem of determining the stage in the
software life cycle at which security vulnerabilities are introduced has
been studied well, the human centric reason of why they continue to appear
has not been.
In this project you will attempt to discover exactly that. Is it merely
that reduced times-to-market have overburdened the ordinary programmer who
wants to follow good software hygiene but doesn't have the time? Is it that
programmers are simply unaware of good practices; or that they are unaware
of the consequences of unsecure software? What other reasons are there?
What is the proportion of each of these reasons?
You will study the problem in depth and devise a survey that'll help you
answer these questions. You will administer the survey to relevant people,
analyze the responses and detail your results. You will work on this
project in consultation with Dr. Irene Woon in the IS department. In
order to minimize the number of times that Dr. Woon has to explain this
project, all groups who sign on for this project must endeavor to go down
to her office together.
7.2 Project allocations
All groups doing the same kind of project must eventually make sure
that there are differentiators among their projects. I should be convinced
that one project was not essentially equivalent to variable renaming
of one of the others.
| Group | Group Members & Title | Project
|
| Huynh Phung Chinh; Trinh Thi Bich Ha. Fingerprint recognition.
Equipment: Fingerprint reader/Hamsters.
|
|
| Tan Wee Kek. Fingerprint based access control.
Equipment: Fingerprint reader/Hamsters.
|
|
| Goh Lik Pin; Tey Siew Choon; Tan Siok Peng; Mustafa
Yucefaydali. War driving with creative home made antennas.
Equipment: USB Wifi adapter.
|
|
| Chua Zhiqun; Fock Jiun Hao; Tong Rong Xiang. War Driving.
Equipment: USB Wifi adapter.
|
|
| Christian Hennigfeld; Taneli Rautio. Experiments with
wireless keyboard.
Equipment: USB IrDas.
|
|
| Liu Qiusheng; Oen Geok Hua; Mohamed Shahnaz Bin Mohamed Hussain.
Experiments with wireless keyboard.
Equipment: USB IrDas.
|
|
| Lin Ting; Wong Qing Feng Eugene. Experiments with wireless keyboard.
Equipment: USB IrDas.
|
|
| Björn Harald Fotland; Robert Leland; Christian Keimel. Webcams for face authentication.
Equipment: USB Camera/Webcam.
|
|
| Desmond Tang Ing Song; Ezekiel Eugene Ephriam; Gan Jin Cheng; Koh
Yong Kuan. Breaking GSM Security.
Equipment: USB/Sim card reader/writers each with 1 SIM card.
|
|
| Chua Chong Tat, Freddy; Chum Wei Jong, Raymond. Breaking GSM Security.
Equipment: USB/Sim card reader/writers each with 1 SIM card.
|
|
| Pham Hong Son; Tran Viet Hung; Nguyen Phuc Loc; Nguyen Huu Thong. Breaking GSM Security.
Equipment: USB/Sim card reader/writers each with 1 SIM card.
|
|
| Ang Wee Woon; Teo Kai Xiang; Teo Yiqiang; Yip Wai
Peng. Implementing an electronic purse.
Equipment: BasicCard SDK.
|
|
| Chua Zhixian; Seah Ru Hong; Yeo Ketang; Tay Kan Kiat, Clinton. Bluetooth security.
Equipment: USB Bluetooth adapters.
|
|
| Tang Anh Quy; Nguyen Duc Hung; Nguyen Vu Hoang An; Nguyen Son Tung Bluetooth security.
Equipment: USB Bluetooth adapters.
|
|
| Vincent Semeria; Ngai Cho Sau; Leung Yuen Fai. Bluetooth security.
Equipment: USB Bluetooth adapters.
|
|
| Lim Tingyang; Tan Chiew Boon; Wong Hai En; Poh Choon Huat Clarence. Bluetooth security.
Equipment: USB Bluetooth adapters.
|
|
| Teng Gim Loong; Lim Tong Li, Peter; Low Weiming, Ivan; Tan Chin Tsong. Bluetooth security.
Equipment: USB Bluetooth adapters.
|
|
| Lai Zhen Nan; Ngo Keh Kuan; Quah Junliang Joseph. Usable Security - a contradiction?
|
|
| Ching Sieh Woon; Lee Koon Teng; Yap Neng Giin. Usable Security - a contradiction?
|
|
| Rebecca Sherrill. Usable Security - a contradiction?
|
|
| Lin Chen; Zhang Binyue; Liu Boyang; Yang Yunqi. Secure Programming.
|
|
| Linda Ho Hui Ting; Lim Wai Kwok; Laura Maria Andreescu; Lim Chun Yang Kelvin.
Secure Programming.
|
|
| Kenneth Mock Weiliang; Wang WeiSheng Wilson; Liang Tiancong; Jeow
Li Fook. WEP encryption.
Equipment:
|
|
| Tan Ying Kiat Jonathan; Loh Kai Dih, Aaron; Chan Phui Mun. WEP encryption.
Equipment:
|
|
| Chan Tai Yao. WEP encryption.
Equipment:
|
|
| Loh Chin Choong; Tan Yingjie; Winson Chan; Vemmy Joko Benjamin. WEP encryption.
Equipment:
|
|
| Ho Keat Fang; Ng Eng Khoon. Why does phishing happen?
Equipment: N/A
|
|
| Ashish Puliyel; Mahawaduge Nipuna Niranjan Perera; Mimrah Mahmood;
Shashin Jawahirlal Surti. IPSec on disparate machines.
Equipment: N/A
|
|
| Huynh Gia Huy. IPSec on disparate machines.
Equipment: N/A
|
|
| Li Mengran; Wu Xiandan; Xing Dongfeng. Simplified TLS in Java.
Equipment: N/A
|
|
| Fahad Ehsan; Leow Chin Siang; Lim Si Seng; Ng Tuen Yau. Simplified TLS in Java.
Equipment: N/A
|
|
| Chua Kim Siong; Chong Wai Mun; Soe Hla Win. Building a wireless AP.
Equipment:
|
|
| Ng Yeow Chung; Lee Hanyong; Tan Howe Yi. Building a wireless AP.
Equipment:
|
|
| Koh Ri Rong; Nai Kim Tee. Building a wireless AP.
Equipment:
|
|
| Nasri Bin Najib. Phishing - Security options to date.
Equipment: N/A
|
|
| Ulf Lennart Svensson; Jean Michel Henri Detoeuf; Bertrand Henri
Decoux. Face maps with a 3D scanner.
Equipment: N/A
|
|
| S. Prabhu; Ganesan Shree Ramakrishnan. Java Smart Cards for user
authentication (JSC-UA).
Equipment: N/A
|
|
8 Generic Resources on Computer Security