CSE543/Fall 2007 - Course Project Assignments

Below are the options for projects in CSE 543 in the Fall 2007 semester. The idea is to review the information available regarding the projects to select a choice by 9/11/2007 at 5:00pm. The projects will be performed in groups of 4 and the plan is for one group per project. To resolve conflicts, please choose 3 project options which you may be interested in.

We will discuss these projects in class prior to the selection date. If you have any questions, please contact the course TA or instructor (contact information is available at the course homepage).

Topic Background Description Project Team

Password Cracking -- Keylogging


vs. XScreenSaver

Cache Miss Channels


SSL Timing Attacks

Keyboard Attacks

Side-channel attacks use covert mechanisms, such as power, timing, or cache usage, to extract secrects from a system. We want to look at the side channels available to unprivileged processes to extract secrets. Some initial work on unprivileged keyloggers has begun that this project can leverage. I want to know what side-channels are available to unprivileged processes, how they may be leveraged, and some prototypes for password cracking via cache and timing of entry, among others.



Trusted Computing

Linux IMA

Linux PRIMA.


The Bear.



Trusted computing hardware (e.g., Trusted Computing Group's Trusted Platform Module) provides computation that is protected from the CPU and its potentially compromised software. Trusted computing hardware can measure the host system securely and provide secure storage for it, but it is still not clear how to use this hardware to perform secure computations and ensure runtime security. This project will examine several execution scenarios.


Software Development for Security

Retrofit Security

Another Retrofit Approach

Java to secure Java


Privilege-Separated OpenSSH

Automating Privilege Separation


An old tenet of security is that you have to design it into the system from scratch. Other than military systems, this is never done, so the question is whether software engineering tools can help us. In this project, I want to consider what software engineering problems could use help, how this help may be given, whether existing tools fulfill these requirements, and prototype (extend) or evaluate existing prototypes for software development that provides security.





Playpen Vulnerability Testing


Hardening: Bastille Linux

Damn Vulnerable Linux

Linux iptables

Automated Firewall Checking

Rootkit Detection

Rootkit Hiding

We aim to build a vulnerability testing environment, called the Playpen, where we can collect information about a system to be tested, configure a compatible VM system on the Playpen, and destructively test that system (e.g., based on CERT vulnerabilities). I am curious how we can take a running system and test its security, perhaps by copying a subset of it. Also, I'd like to see how we can leverage a known, purposefully buggy Linux system, Damn Vulnerable Linux, for testing.




Multi-core Security

AMD Multi-core Whitepaper

Intel Multi-core Architecture Summary

IBM Cell Processor

Linux Page Writeback -- pdflush

Multi-core processors are upon us. The thought is that security can be enhanced by the use of multiple cores. In what ways will multicore enhance future security. What is a necessary environment for exploring security function in Multi-core systems? I want to explore how multi-core systems work, how to apply various forms of security function on such systems, and what benefits of using a multi-core platform can be identified.




Database and Web Server Security

Slammer Worm

IIS 5.0 Web server security

Preventing SQL Injections

Cross-site scripting

Database Security Approaches and Concepts

Web servers are often supported by databases, and together, they form a valuable target of attack. From web server vulnerabilities, such as Slammer that took advantage of configuration errors, and database vulnerabilities, that enable the theft of confidential data or code injection via SQL. I'd like you to explore vulnerabilities in each and those caused by the synergy between the two.





Virtual Machine System Security

Shamon Architecture

Shamon Initial System

Shamon Core TCB



Xen Security Modules

Xen sHype

Virtual machine systems are the next frontier in providing secure computation. VM systems provide isolation by default, provide a new layer of security decision-making, while still running legacy code. The question is how the virtual machine monitor below the operating systems should be used to enforce and manage security. In this project, I want to examine VMM designs/implementations, consider the removal of code from the TCB, consider management of VM policies, and provide ideas of how VMMs on different systems build trust.





Instant Messaging System Security

Instant Messaging Security

Securing Instant Messaging


Instant messaging systems are a ubiquitous form of communication, replacing the slower e-mail as the preferred means. In this project, I want to understand the systems architectures, how security is provided, collect the potential vulnerabilities, and explore how such vulnerabilities may be prevented in a rigorous way.





Removable Storage Security

Thumbdrive Attack

Thumbdrive Security Issues

23 Things You Can Do with A Thumb Drive

USB Devices Attack Windows

Just about everyone has used a USB thumbdrive to upload/download data easily from a system. However, these thumbdrives present threats to the host systems. However, the addition of hardware is deemed to be trusted (users must manual do it), such that a false sense of security is given to there (if a user plugs it in it must be all right). I want to determine the security issues with plugging in such devices (including low-level, novel attacks), and potential defenses and architectures in which these may be secured (particularly, for a MAC environment). If we really want to download secret data to a USB that can somehow be authenticated and authorized, how is this done?


User-compatible Security





Sharing Approach

Lately, security folks have put a lot of time into securing systems, e.g., via mandatory access control in Linux and BSD. However, supporting the user in securing their files is still primitive and does not interact well with system controls. I want to know what kind of attacks users are susceptible to, the gap between user understanding of what a system is doing and what the system is really doing, and how to close this gap (from a system standpoint). I wonder whether user-oriented approaches, i.e., providing a user model and securing based on it, may be devised that may prove useful in securing user data.




Securing Network Computations

Neighbor Discovery in IPv6

Securing Neighbor Discovery

Secure BGP

Secure SNMP

MAPsec -- Mobile Security

Shamon Core -- IPsec and Integrity Mearurement

Telecommunications Paper

Linux IMA

Open networks, such as the Internet, aim for largely independent computations, but nonetheless, various function depends on computations made on other devices. This is even worse for closed networks. Addressing many threats, such as DoS, depends on sharing of information, but how might this be done efficiently and securely? In this project, we will examine network computations for IPv6 (e.g., neighbor discovery) and Telco networks to determine what is necessary for one system to depend on another's input for its network processing.





Integrating Security Into Applications


SELinux Policy Server

Key Management of Hierarchies

So, you have an application and you want to add some security features to it for authentication, secure communication, and access control. How do you go about adding the function? How do you assess it's impact on performance, function, and security? I would be interested to see how such changes are done and how to evaluate their impact.





CSE 543 - Fall 2007