Final project

Last update: September 11, 2017

Objective: The goal of the final project is to produce a deep security solution in an existing large-scale system, as well as high quality class presentations of the project.

Form: Students in this project work in a group (up to four students). You need to notify our TAs of your group members and the topic before working on the project. Please send email to cs5231ta@googlegroups.com.

Topic: A set of research topics are suggested (see below). You can also propose your own topics in which you are interested. However, please discuss with me before getting started if your group work on your own topic.

Components: You are expected to write a project proposal, a progress report, deliver a final report, and give a final project presentation. A well-prepared presentation is necessary since this could be one of your chances to convince me and your classmates how good your project is.

Grading Criteria: Be clear that plain summary or introduction papers won't be considered as a good output. Reports with good (comprehensive and systematic) insight and analysis on the issues are welcomed. The project grade will be based on project proposal (10%), progress report (10%), final report (60%), and presentation (20%). The grading will mainly base on the novelty, solidity, and completeness of the conducted work.

Honor Code: The papers are expected to include your own ideas in your own words. Please do not attempt to cut-and-paste or borrow others ideas without adequate and clear citations. The soft copies of your submissions need to go through NUS's turn-it-in service. For more information about this service and plagiarism prevention, as well as NUS policies on plagiarism, please refer to http://www.cit.nus.edu.sg/plagiarism-prevention/.

Project topics

Our TAs are prepared in supporting projects in the following directions. For other directions, please make sure you have enough knowledge or support in carrying out the projects.

Direction 1: System Security

Base System and Tools:

  1. Malicious Code Sandboxing Malicious code causes damages through the interaction with its environment. For example, viruses delete files via the system call interface. As another example, malware on smart-phones steals contact information by querying the interface provided by the phone OS. Without such interaction, malicious code can do nothing but computation.

    In this project, you are expected to build an event interceptor and use it to analyze and sandbox the behavior of some malware. You can choose the targeted platform: Linux, Windows, Browsers, Android, or even iPhone (if you can).

    Related resources:
    Janus: An Approach for Confinement of Untrusted Applications
    Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs
    Source code of Alcatraz
    Source code of Etrace, the system call tracing utility used by Alcatraz

  2. Linux Container: Container technology (e.g. Docker, LXC) has been widely used in industry for app development and management. For example, Linux Container offers a neutral environment for developers to create and tune their own container platform using Linux kernel features such as kernel namespaces, CGroups, AppArmor, SELinux, etc.

    You can either use LXC to build you own container platforms with your own taste in security, or find and exploit vulnerabilities in existing container platforms.

    Related resources:
    LXC security
    Docker security
    NCC Group Whitepaper: Understanding and Hardening Linux Containers

Direction 2: Software Security and Binary Analysis

Base System and Tools:

  1. Buffer Overflow Attack Diagnosis For a software company, it is very important to quickly respond to newly discovered vulnerabilities of its products. The goal of this project is to assist software developers to diagnose buffer overflow vulnerabilities quickly.

    Suppose we already know a program is vulnerable, and have an exploit input to demonstrate the vulnerability. Our tool TEMU can produce a trace of all instructions executed by the vulnerable program during the attack, but the trace is hard for manual analysis. In this step, you need to create a tool to visualize the trace structure to help developers to diagnose the vulnerability.

    Resources:
    TEMU installation and user manual

Direction 3: Mobile Security

Base System and Tools:

  1. App obfuscation or repackaing detection. Code obfuscation is actively used by attackers and developers to make code analysis harder. Attackers often repackage benign apps to insert malicious activities. Your objective is to either develop new obfuscation/repackaging techniques, or develop detection mechanisms.

    Resources:
    Android Setup on Google Galaxy Nexus

Direction 4: Web Technology Security
  1. Analyzing HTML-based mobile applications HTML-based mobile applications are getting popular. Frameworks support such applications include PhoneGap. Design a dynamic or static solution to analyze such applications for malicious behaviors or security vulnerabilities.

    Resources:
    Chromium
    Webkit Developer Repository
    Android WebView
    PhoneGap Attacks on PhoneGap application Open source PhoneGap plugins Vulnerable Android apps

Other Directions
  1. Building secure apps using trusted hardware features. Intel SGX is a newly added CPU feature starting from Intel 6th generation processor family, Skylake. With the BIOS support, it can securely run the user-space application in an isolated environment "enclave", making it less vulnerable to threats from the underlying OS. That being said, any implementation flaws in the enclave can break the security from the inside.

    Rust is a newly developed programming language featuring built-in memory safety practices and fast execution speed. An open-source project based on Rust, rust-sgx-sdk, is trying to ease the effort on writing secure enclave code with the language-level benefits from Rust.

    Resources:
    Intel SGX
    Rust programming language
    Baidu rust-sgx-sdk

  2. Your Own Idea ...