Theory and Practice of Secure Systems

Projects

CS 380S - Theory and Practice of Secure Systems (54910)

Fall 2009

Projects

Proposals. Project proposals are due September 29. A proposal should be 2-3 pages long, and include the following:

Names of team members (no more than 2 members per team).
Description of the system or network protocol that you are planning to analyze or implement, or the tool that you intend to build or extend.
Description of security properties you intend to investigate.
Tools and/or analysis techniques you are planning to use.
Clear description of project deliverables. Possible deliverables are a software prototype, a substantial case study, or, in the case of a purely theoretical study, proofs (manual or machine-assisted).

Evaluation. At the end of the project, each team should produce a workshop-quality 10-page paper with novel research results.

Project ideas. Some ideas are suggested below, but you may propose your own topic.

Sample projects from past years

Static analysis tool for finding cross-site scripting vulnerabilities in Web applications implemented using the Django framework.
Formal study of authentication in Bluetooth device pairing.
Virtual environment for safely extracting shellcodes from malware and determining their function.
Privacy-preserving graph algorithms.
Secure checking of mobile devices' locations.
Formal analysis of network denial of service.
Authentication system based on semantic features of images.
New kernel rootkit for FreeBSD.
Security analysis of an open-source Voice-over-IP PBX (private branch exchange).
Modeling and verification of the Internet Key Exchange protocol with ACL2.
Security analysis of an open-source game engine.

Analyze a software system

Analyze a substantial program or suite of programs. Your objective is to verify the presence of known vulnerabilities, or try to find new ones. Look for both design and implementation vulnerabilities. I suggest choosing a popular open-source program from, for example, SourceForge. Pick a program that you find interesting and would like to learn more about.

I recommend using an analysis tool to start. Sample tools include Pixy, MOPS, Cqual, flawfinder, and Splint. Feel free to use a tool not from the list, or even develop your own tool. If you use an existing tool, your report should include a detailed evaluation of its strengths and weaknesses.

Implement a software protection method

Design and implement a prototype of a new tool for preventing or containing execution of malicious code. Evaluate its usefulness against various attacks. Examples:

Implement a novel containment mechanism and/or reference monitor for untrusted applications. Possibilities include virtual machines, system transactions, privilege separation, run-time sandboxes that restrict usage of system resources, etc.
- For example, use system transactions to efficiently implement reference monitors around untrusted processes.
Build a tool for detecting when a Web application's behavior deviates from "normal."
Create a tool for verifying whether the observed behavior of a program or a network protocol complies with its specification.

Design a secure software system

You have a lot of freedom choosing your system, but your proposal must be very specific about the project's goals and deliverables.

Design a defense against distributed denial of service attacks staged by zombie "botnets" that does not require any modifications to the existing TCP/IP clients and servers.
Analyze security requirements of attached network storage and propose a practical method for achieving these requirements.
Design a practical logging system to support secure audit and forensic analysis.
Design a new distributed application that takes advantage of tamper-proof "trusted computing" hardware.
Add security and privacy protections to a realistic RFID application.
Define what HTTP security means, and implement a network filter for securing HTTP communications.
Implement a tool for inferring the global "security perimeter" of the network from the local policies of firewalls, intrusion detection systems, and so on.

Design and/or investigate a privacy protection system

Choose an existing or proposed privacy-enhancing system, and rigorously analyze its strengths and/or weaknesses. You may also propose and implement a new tool for protecting privacy. Examples:

Develop an enforcement mechanism for enterprise privacy policies based on decentralized information flow control.
Investigate privacy aspects of a popular networking protocol, and design a new, privacy-preserving version.
Investigate algorithmic aspects (decidability, complexity, etc.) of some legally mandated privacy policy. For example, what does it take to enforce HIPAA for medical data, or Gramm-Leach-Bliley for financial data?
Develop a method for enforcing user accountability in an existing anonymity network such as Tor or JAP.
Implement a prototype of a privacy-preserving data mining system, or propose a new privacy-preserving data mining algorithm.

Perform formal analysis of a network protocol

Using a formal verification method to analyze a network protocol for the presence of security flaws.
Examples of protocols (ask instructor for specific references):

Secure voice-over-IP protocols (for example, Skype)
802.11i wireless security
Secure multicast and group key management
Authentication in Bluetooth
Secure location verification for mobile devices
Secure routing in ad-hoc networks

Examples of protocol analysis tools: ProVerif; Murphi; AVISPA; Constraint solver (see also CoProVe); MOCHA.

Do a theoretical study

Examples:

Develop a cryptographic proof of security for a network protocol such as TLS, IKE, or Kerberos.
Apply algorithmic techniques for efficient analysis of large datastreams to the detection of distributed botnet activity.
Design and analyze a privacy-preserving version of some common distributed protocol.

Talk to the instructor if you are interested in a more theoretical project.