This document provides information about the Computer Security Group (CSG) Spring 2022 kickoff event. It introduces CSG as a weekly security-focused student group. It also describes the Scholarship for Service program, lists the CSG leadership team, and advertises upcoming technical talks on topics like embedded systems, Python, anonymity, and fuzzing. Members are encouraged to attend weekly meetings, join the Discord server, and suggest additional talk topics.

1. CSG Spring
2022 Kickoff

2. Sign In! Please sign-in via QR Code or
https://bit.ly/35pDWuh

3. What is CSG?
● Computer Security Group
● A group of security minded
people
● Weekly talks Wednesdays at
7pm, except for the first
Wednesday of the month
○ Dallas Hackers
Association (DHA)
3

4. Scholarship For Service (SFS)
● Scholarship for Service
● Graduate level or Fast Track
● Benefits:
○ Full tuition and fees
○ Stipend:
■ 25k undergrad
■ 34k grad/phd
● Requirements:
○ GPA >= 3.2
○ US citizen or resident
○ Become a fed after graduating
● https://csg.utdallas.edu/sfs/
4

5. The Team
● President: Charles Averill
@caverill_
● Vice President: Jerry Teng
@Jerry
● Secretary: Vishvak Bandi
@DeluzianDoggo
● Treasurer: Payton Harmon
@Stanky
5
● Lathe Abusaid @oragamihawk
● Suraj Khosla @Khreator
● Tahlla Taylor @tahlla
● Elliot Tarbet @e1li
● Kai Huang @Kiwids
● Segev Eliezar @User3

6. Faculty Advisors
Dr. Kamil Sarac Dr. Kangkook Jee
6

7. How to join ⁉⁉
● Come to weekly meetings!
● Join our Discord ->
7
https://discord.gg/YCbsueRZFQ

8. Tech Talks
● Wednesdays at 7 PM
● Tentative list of topics:
○ Embedded Systems
○ Python/PyJails
○ Anonymity
○ Game Hacking
○ Fuzzing
● Feel free to suggest topics!
8

9. Corporate Talks
9

10. Fire Talks
● Short talks given by members of the
community
● Talk about anything cool that you
want to share with others
https://bit.ly/3uQohOY
10

11. Questions?

12. Privacy and
Anonymity

13. Accessing a website or service
13
***GENERALLY AND SIMPLIFIED
Client
(you)
ISP
Destination
DNS

14. Part 1: Client Security
14
You

15. 15
Client
cats.com
I would like to see your
finest webpage of blue
kittens please
Good choice. Here you go;
please take these cookies
too :)
#1337
Cookie
Basics
#1337

16. Cookie
Basics
16
cats.com
I would like to visit your
kittens homepage.
HTTP
HEADER
Here you go :)
Cookie #1337
really likes blue
kittens.
Client
#1337

17. Examining the Cookie
17
Various purposes, but most often used for…
● Tracking users
● Session Persistence
Client

18. Cookies
Bad?
18
*Unique Web Servers
This cookie shows this user’s
activity on other sites
includes XYZ
(Third Party Cookie)
and
I recognize this cookie.
This users activity on our
site is XYZ
(First Party Cookie)
Allows first and third party websites to
track activity of users

19. Fingerprinting
19
A website will request or resolve as much data about your
device as it can
Canvas Size OS + Architecture + RAM Javascript - Among other
things, can track client location
some examples:

20. Fingerprinting
20
Device data
collected can be
used to differentiate
users
deviceinfo.me

21. Part 2: ISP and DNS
21
DNS
ISP

22. Connecting to a website
22
Client
(you)
ISP
DNS
?
cats.com
What’s IP Address
of cats.com?
cats.com

23. Connecting to a website
23
Client
(you)
ISP
DNS
cats.com
cats.com resolves
to 133.71.133.71
?
cats.com

24. Connecting to a website
24
Client
(you)
ISP
DNS
cats.com
133.71.133.71
cats.com

25. What’s the issue?
25
DNS
ISP
● ISPs and DNS servers log ALL of your activity
● Profiles users and stores indefinite logs
● Data is likely to be distributed to third parties, especially for
advertising

26. Custom DNS Server
26
● Either No-Log or Temp-Log
○ “Cleaner” logs, IP Address not
logged for example
● Data not used for advertising

27. Network level blocking of
trackers via DNS
27
Client
(you)
Request:
cats.com
cdn.cats.com
tracking.io
“tracking.io” is on our
master list of tracking
domains.
Return:
cats.com : 133.71.133.71
cdn.cats.com : 133.71.133.71
tracking.io : BLOCKED

28. Encrypted Packet
Encrypted Packet
Eyes off my data!!!
VPN
28
Client
(you)
ISP
#########
Idk what’s in this packet,
but it is going to VPN.tld
#########
VPN.tld
cats.com
cats.com

29. UDP Packets
29
Client
(you)
#########
VPN.tld cats.com
cats.com
VPN

30. TOR
30

31. The Onion Router
31

32. A TOR Weakness
32
Hackerman

33. Virtual Machines
33

34. An “All-in-one” Solution
34

35. Some other Misc. tracking concepts
35
Other Fingerprinting
● Analyzing text linguistics
● Keystroke pacing and pattern
Analysis
● Mouse movement Analysis
● File Metadata
● Packet Timing/Tempo Analysis
Fed Toolkit
● Facial + Iris + Tattoo recognition
● Stingrays (Mimic Cell phone
towers)
● Section 702 “Up/Down stream
surveillance” (all your data are
belong to us)

36. Questions?

37. Thanks Everyone!!!