30 likes | 135 Views
Dennis Mirante New PhD Student. Advisor Prof. Cappos. Work Accomplished. Technical Report With Prof. Cappos Study on Password Database Compromises Analyzed 34 Recent Password Database Compromises Findings:
E N D
Dennis MiranteNew PhD Student Advisor Prof. Cappos
Work Accomplished • Technical Report With Prof. Cappos • Study on Password Database Compromises • Analyzed 34 Recent Password Database Compromises • Findings: • SQL Injection attacks are most prevalent and largely driven by vulnerable PHP applications • Only 33% of the sites utilized best practices to protect passwords: Use of salts and secure hashes • Approximately 20% stored passwords insecurely in plaintext • Many sites now moving to two factor authentication
Future Work • Rail Security • Collaborating With Outside Rail Security Experts • Researching Current Infrastructure As Well As Current And Proposed Security Standards To Assess Vulnerabilities And Possible Attack Scenarios • Propose Standards/Policies To Preclude/Mitigate them