Buffer Overflow • Cryptography • Security Dimensions
Security Personnel • Bioterroism Defense
Susan Gerhart, email@example.com
module provides an overview and interactive treatment of the buffer
overflow module specifically directed toward educators and students,
but also accessible to managers, journalists, and technology analysts.
heart of the module is an interactive demonstration of how a few kinds
of buffer overflow occur. As you work your way through the interaction,
you'll see the inner workings of a simple program with input coming
from an outside attacker.
module also provides economic background, leads to current defensive
techniques, and instructions for its use. The module may be used
stand-alone by different types of users or its core demonstration may
be used in a classroom setting by an instructor. We call this
interactive software a "module" because it's intended to be used as a
small part of a course, a software engineer's continuing education, or
a non-engineer's introduction to the topic.
Defense Tools, Exercises, Quizzes
NCISSE 2002 PowerPoint Overview:
Paul Hriljac, firstname.lastname@example.org
is a way of hiding secrets by applying mathematical functions to plain
text to produce text that is difficult to decrypt. This module
describes the mechanics of the DES (Data Encryption Standard) using
several Java applets. Other facets of encryption are also
demonstrated. As is, the module may be used by
an instructor familiar with the concepts of cryptography needing some
interactive demonstrations for classroom or laboratory work.
first version of the cryptography module will include history,
standards and evolution, an overview of the DES algorithm, keysize
issues, confusion and diffusion, block size, key size, number of
rounds, subkey generation algorithm, the avalanche effect,
cryptanalysis, Feistel structures, round functions, S-boxes, and
hardware encryption vs. software encryption.
Matt Jaffe, email@example.com
security does not stand alone, the most highly trusted software in the
world can't protect against electronic eavesdropping, for example. The
full scope of measures necessary to protect digital information
involves personnel security, physical security, cryptography,
operations security, and several other disciplines as well, all in
addition to the technical aspects of digital INFOSEC.
module includes a series of Powerpoint presentations defining the full
set of these disciplines and discusses their interactions and
inter-dependencies. The key technical concepts and issues associated
with each are defined, with significantly greater emphasis and depth on
INFOSEC itself, since other modules being developed under this grant
address several of these other areas in greater detail (e.g.,
cryptography and personnel security).
elements of the module include an interactive game-like scenario where
the user tries chooses among various individual security measures only
to have the attackers discover another flaw and exploit it, forcing the
user to deploy another countermeasure, and so on. Also available are
interactive online self assessment tools in the form of quizzes and
even a crossword puzzle of security terms and concepts.
Richard Bloom, firstname.lastname@example.org
module provides background on personnel issues.
to Bioterriosm Defense
Robin Sobotta, email@example.com
transportation networks are complex and
intermodal, involving combinations of automobiles, buses, airplanes,
and light and heavy rail. Today's transportation managers and
public policy makers require both strong intuition and operational
knowledge to prepare for and respond to bioterrorism attacks on this
module provides an interactive model for understanding intermodal
transportation networks and predicting patterns for travelers subjected
to a bioterrorism release. Using these tools, people will acquire
knowledge relating to a
variety of modes of transportation and understand some of
the differing characteristics of the vehicles that serve these
important terminals, stations, and depots. This model is the key to
grasping the gravity of the
bioterrorism threat in our society. Furthermore, the
model will help people to comprehend interrelationships between the
modes of transportation and related critical security concerns.
initial version of this module is a step toward helping students
to synthesize a variety of data relating to human biology,
transportation systems, public administration, and emergency response.
With further experience, students
will operationalize the knowledge gained in order
to determine preventative strategies and implement corrective actions.