1 / 3

Dennis Mirante New PhD Student

Dennis Mirante, a new PhD student advisor working with Prof. Cappos, analyzed 34 recent password database compromises. The report highlights prevalent SQL injection attacks, lack of best practices, and insecure storage methods. Future work involves rail security collaboration to research infrastructure, security standards, and propose policies for mitigation.

harry
Télécharger la présentation

Dennis Mirante New PhD Student

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dennis MiranteNew PhD Student Advisor Prof. Cappos

  2. Work Accomplished • Technical Report With Prof. Cappos • Study on Password Database Compromises • Analyzed 34 Recent Password Database Compromises • Findings: • SQL Injection attacks are most prevalent and largely driven by vulnerable PHP applications • Only 33% of the sites utilized best practices to protect passwords: Use of salts and secure hashes • Approximately 20% stored passwords insecurely in plaintext • Many sites now moving to two factor authentication

  3. Future Work • Rail Security • Collaborating With Outside Rail Security Experts • Researching Current Infrastructure As Well As Current And Proposed Security Standards To Assess Vulnerabilities And Possible Attack Scenarios • Propose Standards/Policies To Preclude/Mitigate them

More Related