Project 2
Computer
Security I, Dr. Lawlor
The project is designed as a way for you
to do hands-on work with security topics in a field of your
choice.
Each project should contain at least some of each of these three
things:
- Research: look up the prior work, to see what other people
have done. Prioritize books or PDF academic papers over HTML
(blog posts, comments, Wikipedia). Students taking the
graduate section will be expected to present the prior academic
work using actual citations, and format
their writeup like a scientific paper.
- Code: write some actual hands-on crypto code. Any language is
fine, although what you turn in should be structured nicely and
well commented.
- Analysis: check the statistics, histograms, or correlations of
your output. Or measure the runtime performance, in nanoseconds
per byte or round. Or *something* quantifiable and numeric.
Deadlines
November 2017
Su Mo Tu We Th Fr Sa
26 27 28 29 30 <- Topic due in class
December 2017
Su Mo Tu We Th Fr Sa
1 2
3 4 5 6 7 8 9 <- Rough drafts due on Blackboard
10 11 12 13 14 15 16 <- Presentations in class, final version due on Blackboard
Thursday, November 30, in class: Be ready to talk for 2 minutes about your project topic.
Tuesday, December 5: Turn in rough draft / proof of concept. Rough draft needs to run, and have at least some of
the features of the final version, but does not need to do
everything you wanted, and does not need to be pretty or polished.
Tuesday, December 12, 10:15 a.m.-12:15 p.m.: Project presentations
(during final exam timeslot). Have 10 minutes of good material ready: *prepared* examples, figures, diagrams, etc. Bring an HDMI capable device, or email me your examples beforehand.
Thursday, December 14, midnight: Project final version due.
Suggested
Topics
Feel free to pick one of these, combine
two or more, or pick some unlisted topic!
Extend project 1:
- Does it work on other platforms (Linux, Android, Windows, OS X?) Can you make it work there?
- What's a better design for the system you examined? Are people working on it?
Forensics:
- Grab a hard
drive from the dump. Figure out what's on it, and what
story it tells.
- Pick a storage
device that you own, like a microSD card from digital camera
or phone. Extract as much as possible from it, including
hidden and deleted files (e.g., PhotoRec,
ddrescue).
Network Services:
- Pick a CVE that sounds
interesting to you, and has proof of concept code
available. Install the vulnerable service, and run the
code against the service. Use a debugger to watch the
attack succeed or fail. Test countermeasures like firewalls, ASLR, DEP, SElinux, Microsoft EMET, etc.
- Write your own
vulnerable network service (e.g., C program with buffer
overflow vuln, PHP program with SQL injection vuln, etc),
write code to exploit the vulnerability, and write the patch
to fix your service.
- Design & implement a toy version of a sensitive web service, such as a online bank (customers: depositors and debtors), cryptocurrency (drug dealers & money launderers), or a web-based grading script (instructors & students).
Cryptography:
- Implement a cryptanalytic attack, like brute force key
enumeration (pick a managable keyspace), meet-in-the-middle
hashtable attack for split keys, or any of the many flavors of
statistical analysis.
- Implement your own Feistel-type symmetric cipher, or a
Feisteloid round-style cipher. Be sure to analyze the runtime
performance, differential behavior, and statistical output of
your cipher for varying keys and number of rounds.
- Implement your own round-based cryptographic hash function,
using a non-invertible round function. Again, analyze the
statistics and differential output of your hash for varying
number of rounds.
- Implement any decent existing cipher or hash (AES, DES, RC5,
SHA-1, SHA-256 are all reasonable choices).
- Decrypt any of the more complex CTF crypto examples.
Adversarial Thinking:
- Pick any presentation from Black Hat (or any other attack-focused tool). Analyze their technique from the point of view of a white hat: rank countermeasures by your predicted effectiveness.
- Pick any enterprise security solution (or any other defensive tool). Analyze the enterprise's total security from the point of view of a black hat: rank attacks by predicted effectiveness.