CS 451 Information Security
Candidate Course Project Ideas
In this course students will tackle a semester-long course
project. Students may self-select their groups. Each project group
– about three students – can then define their project. Your project may
require considerable research in the literature and on the web. It may
require your designing (and potentially implementing) a solution. Perhaps
you will also design attacks to test that solution.
Some candidate projects topics are sketched below.
Your group can select one of these. Alternatively, your group may have a
different idea for a project. If so, please discuss it with me.
Pick a security problem that is narrow enough in focus that
your group can perform the requisite research, design a solution, implement or
simulate parts of that solution, analyze any attacks that might be made against
your solution, and determine how you would counter those potential attacks –
all in less than a semester. All projects should be documented in a
professional report that is delivered to me on schedule. I will ask
selected groups to present their projects to the class.
the security functions for a smart card with the intent to make it
tamper-proof and hack-proof.
what approaches an attacker could use and how each approach could be foiled.
systems (including the legal system) make it difficult to impossible to
track an attacker back through the Internet and locate the attacker’s
bases of operation and his/her identity. Design a trace-back system.
IP v6 an adequate base?
legal/ethical impediments might there be to implementing your scheme?
performance costs of your trace mechanism.
would attackers seek to avoid your trace, and how you could counter their
Security for a Wireless Network
- PDAs, cell phones, and other mobile computing
platforms are increasingly connected. They have processing
capability, screens, and user input capability. Analyze their
relation and communication with servers and the rest of the
security is appropriate? Design and implement a cost effective
Configure for Forensics
multiple security attacks that might be made against a target
system. Then design the forensic data collectors and
attack-anticipation software functions that you would need to execute
before, during, and after the attack so that
attack is rapidly visible to administrators,
system collects and analyzes forensic data required to identify the
attacker and determine the extent of damage.
Stamp out SPAM
the state of the art in SPAM detection.
a best-of-breed technique for detecting and then eliminating SPAM.
You may want to make the detector domain-specific in some ways.
how attackers could create messages that would not be detected as SPAM.
your system incrementally learn so that as attackers became more
sophisticated, or observed your SPAM killer, that they could not use that
knowledge effectively to deter your detector.
Stamp out SPAM
a SPAM detector that accepts a file of user identified SPAM, and filters
out all future messages that look like the user identified SPAM.
Digital image Watermarks
L. Bachrach runs a set of upscale photography
franchises. He copyrights all his photo images (digitally produced
images, of course) and does not want the images to be used without his
permission. Devise a watermark technique that will not visibly mar Bachrach’s exquisite photos.
how someone who wants to scan in and manipulate the image would detect
that your watermarks exist. Could they effectively alter them?
Set out some Honey Pots
corporation maintains highly proprietary information and wants to use the
honey pot technique to test whether attackers who would steal the corporation’s
information are entering corporate systems.
the honey pots.
would you keep the intruders “at bay”, i.e. manage the intruders when they
Create a Sandbox
a scenario in which you wish to place attackers in a sandbox.
would you create the sandbox?
they detect that they have been corralled in your sandbox?
can you learn about them, their interests, and their knowledge about your
company through the sandbox technique?
large corporation has decided to issue passwords, but keep those passwords
in escrow – with a local bank.
the entire escrow system.
attacks could undermine the integrity of your system and how will your
escrow system defeat those attacks?
Detect Prowlers in your System
are working with a high profile citizens group. They want to know
how to build a system that would detect prowlers that might come into the
computer with the intent of defacing their web presence.
you prevent 100% of the defacement attacks?
“prowling” be categorized and quantified? How?
Crack Digital Satellite TV
the past history.
an approach to decode the digital satellite information and argue its
a system to authenticate cookies.
Secure Instant Messaging
the security issues with respect to Instant Messaging.
a security system to assure selected security properties for messaging.
Digital Media Copyright Protection
is the issue?
can protection be assured?
a specific application and design a biometric-based system that
an electronic voting system.
an intrusion detection system by:
code to Linux kernel for monitoring intrusions.
approach would be to minimize false alarms, and to assure that your
performance overhead is “acceptable”.
Create an OS fingerprint detector
operating system is different.
the “hallmark” characteristics of a variety of operating
a fingerprint detector.
Create a TCP/IP Hijacking tool
how to intrude upon a session without being observed.
would change messages, or insert your own messages.
Virtual Private Network for TCP and/or UDP packets using your own
a private network where all your data is encrypted.
the packet headers to determine which packets should be encrypted.
the data using your own encryption algorithm.