Comp 527: Final Project Ideas

A course similar to this one was done at U.C. Berkeley. You might want to visit their final project ideas page as well as the work their students actually did.

Below are various ideas you might also consider.

Operating Systems

Build ACLs

Windows NT supports fairly complex access control lists, but only very expensive ``secure'' versions of Unix have ACLs. Build support for ACLs into the filesystem of a free Unix. How can your ACLs be backward-compatible with traditional applications like rcs that read and write the security bits? How should you handle the sticky bits in traditional Unix? What about umasks?

MLS

Classified, secret, top-secret, and so forth. Building a complete multilevel system for Unix is far too big for a final project, but there are a number of interesting sub-problems you might consider.

• Add security labels to the file system and to users and build the appropriate security checks into the kernel.
• Measure the bandwidth of various timing channels. This could be anything from modulating the system load, the disk load, the virtual memory load, or even the cache hit rate.

Firewalls

Add firewall-style support to an operating system. You could try developing application-level gateways for several of the common protocols. You could also look at building an efficient router. Rather than just hacking away, you might also look at the software engineering aspect and look at some kind of firewall architecture that has inherent strengths against attacks on any of its protocols.

Replace Setuid

Too many Unix tools are setuid root. Clark-Wilson recommends having certain types of data files restricted to only being accessible by certain programs. Do this for Unix.

Cryptography / Networking

Login authentication

Modern Unix systems support pluggable authentication modules (PAM). Write a PAM that uses a smart card or a PalmPilot or some other interesting technique.

Transparent cryptography

SSL can be added on an application-by-application basis, but it does not happen for free. Add SSL (or equivalent) to the shared library to make all networking calls encrypted. Find a way for the client machine to interrogate the server machine to see if it supports transparent encryption and gracefully fall back to non-encrypted communication (or optionally fail, depending on an environment variable).

High performance ciphers

How fast can you go? RC4 can theoretically be tuned to go the speed of memcpy(3C). What if you wire together gzip (or some other compression system) with an encryption system? Can you go faster with the two systems optimized together than running them separately? Compare the performance of several different ciphers (either with code you get from the net or from Schneier's book). Fine tune the inner loop at the raw assembly level if you have to.

Cryptanalysis

Did you like the RC4 assignment? There's a whole world of cryptosystems waiting to be broken. You can make statistical studies (as you did in assignment 4) or you can apply yourself to the raw algorithms. Remember, the output of a good cryptosystem should resemble ``perfect'' random numbers.

One-time pad management

Assume the worst case: all traditional cryptosystems have been broken, P=NP, and evil attackers are actively in control of every network. This means the only remaining cryptosystem is the one-time pad. How would you do the equivalent of digital signatures? How would you do the equivalent of public key infrastructure? How would you securely exchange pad bits? Work out the models on paper and write a program that implements them.

TCP/IP protocol stuff

Generic TCP/IP is vulnerable to all kinds of attacks. Design and implement other protocols that might be stronger, but still preserve the efficiency of TCP/IP. For example, an attacker can emit a RST packet which closes the connection. That's a denial-of-service attack. Can you build an efficient networking protocol that's resistant to this attack? What about session hijacking?

Applications

Auditing infrastructure

The DIDS paper discussed a networked audit facility for intrusion detection. But what happens if the centralized audit machine is successfully attacked? Build a truly decentralized system where, even if some number of systems go down, you still have a complete record of what happened.

Spam filtering

Write a classification system that can distinguish spam from normal mail. I have several years of spam saved that you can use to train your system. Another related project would be writing a Web proxy server that filters out advertisements.