Skip to content

Capstone

Click the image to see the website!

I am thankful to be a part of a capstone group that I think is focusing on a very important aspect of technology and IT in general: security. The goal of the project is to develop a resource that can teach the general populace about some of the dangers of open/public networks and provide tips for protecting themselves when using these networks. The capstone project consists of 3 main components:

  • Educational website information
  • Bookworm device
  • Hands-on demonstration

The website is both an introduction to us and our project, as well as an educational resource that people can consult for some knowledge around safe habits to practice and tools to use. The Bookworm device is a new device of our own creation. It is a hollowed-out book that houses a microcomputer (currently utilizing a Raspberry Pi) which will connect to a network and monitor the traffic using detection software like Wireshark to capture packets for the demonstration.

The demonstration component is where the major impact of our project takes place. We have reached out to businesses for potential demonstration venues to benefit their own customers and patrons. The demonstration will follow a simple procedure:

  1. Setup a station within the venue, turn on and activate Bookworm, and place promotional material
  2. When approached by patrons and customers, explain who we are, what we are doing why we are doing it, and this procedure
  3. If they want to participate, we take down and IP address of the patron that is connected to the public network at the venue
  4. Setup a filter on the Bookworm to monitor traffic to/from that IP address
    • We are not storing data
  5. When they are finished on the network, they return to the station where we can show them the various packets we were able to capture
  6. Explain the packet protocols we captured, what data they potentially contain, and what the risks are if a malicious individual can see the information
    • We are not looking at the contents of the packets, only the header to verify the IP address, time, frequency, and protocol used for the communication
    • Example: “We see you sent many SMTP packets, meaning you were sending emails. If your email service doesn’t support encryption, we could potentially look into the packet and be able to see content of the emails you sent”
  7. Concluding the interaction with that patron, we provide them a business card with our website URL and QR code on it and encourage them to navigate to our website where they can learn some tips for securing their traffic and activity on public networks

Due to the nature of data and information sensitivity, we declare that we do not save, store, send, or duplicate any data used for the demonstration purposes. Following the demonstration, any data we have collected is deleted and purged, no patron information except for their name and IP address is collected, and none of it is recorded. We really want to make sure the participants understand we are not doing this to collect information, but instead to show them that it is possible, and provide ways to protect against it.

If you’re even vaguely interested, stay tuned here and/or head on over to our capstone project website! The project is still a work in progress, and we currently have the deadline of early December to have it up and running.

As I mentioned at the start, I am really thankful to have been a part of such a motivated and intelligent group of peers. These are people who have persevered through this program with me, and I hope out paths continue to cross again into the future! Thank you everyone for your hard work and dedication throughout this project!