1. Workshop on Network Packet Analysis
We started with an introduction of the wireshark tool; a tool used for network packet analysis.
We then discussed when is it illegal to capture traffic?
For example, if you are at Starbucks, and it provides free wifi. You start capturing traffic, which contains people’s data then it is not considered bad because you are intruding someone’s privacy.
The speaker mentioned the use of website [1] to see real time attacks source and target countries.
The speaker mentioned the use of website [1] to see real time attacks source and target countries.
We then learnt how to capture network traffic using wireshark and analyzed sample pcap files.
We first analyzed the pcap files containing traffic of DoS attacks. We saw the flooding using syn packets.
We then analyzed the Pandora pcap file which contained traffic of a user listening to music on Pandora's website. It was interesting to know that Wireshark is able to capture the actual user data is also sent along and that we can actually download it. We then downloaded the actual music listened by the user on pandora.
To find packets containing a certain type of file, we used Edit -> Find Packet->mp4 as a string.
This showed us the packets containing music files.
To save the music file we clicked on file ->export objects -> http->saveas-> song.mp4. Through the saved file we found out that the user was listening to Ariana Grande's song.
References:
1. http://map.ipviking.com
This was my first ever CTF. We formed teams of four. The teams competed with each other on a set of cyber security challenges. Each challenge was shown over a particular country on the map and was worth a certain number of points. Our team---Cyber Angels scored 3100 :-)
References:
1. https://wicys.fbctf.com
2. http://overthewire.org
3. Talk: What I Know Now...That I Wish I Knew Then
This amazing talk was given by Tracy Camp, Colorado School of Mines. The speaker said she was utterly shocked that she became an ACM
Fellow. How was that possible, when one considers all the mistakes she made in her career!
My takeaways from this talk are:1. Find a group of mentors.
2. Focus on the four D's-Delete,Delegate,Delay
3. Learn to say no- Read this book
4. Read thecyberwire.com to remain updated about cyber security related news.
Here is a link to her talk at another venue - https://www.youtube.com/watch?v=YNsDYXS3bkw&feature=youtu.be
4. Poster Competition
I participated in the poster competition and presented one of my Ph.D. dissertation projects titled "Gamified Permission Model for Facebook's Third Party Applications". I received a nice little tote as a participation prize.
No comments:
Post a Comment