TDDD17 Information Security, Second Course
Projects List
Project id | Project name | Supervisor | Assigned students | |
001 | Hardware attacks against smart cards | Anna Vapen | Taken |
Anton Nilsson Tommy Persson |
002 | JavaCard security | Anna Vapen | Taken | Rickard Bondesson David Skoghem |
003 | Attack tree explaining attacks against smart cards | Anna Vapen | Taken | Manasa Veeragandham Yaochuan Chen |
004 | Literature study of the use of Trusted Platform Modules in computers | Anna Vapen | Available | - |
005 | Handwritten signature recognition | Viiveke Fåk | Available | - |
006 | Literature study of the state of the art for one specific biometric method | Viiveke Fåk | Taken | Tierry Fomene Jonas Nyasulu |
007 | Deeper study of face recognition | Viiveke Fåk | Taken | Ove Callheim |
008 | Card security | Viiveke Fåk | Taken | David Eriksson |
009 | Phase space analysis of network protocols | David Byers | Taken | Thomas Sundmark Dinesh Theerthagiri |
010 | WPAN security | David Byers | Taken | Shannon Ryke Mousa Al-Kfairy |
011 | Practical WLAN security | David Byers | Taken | Johannes Larsson Gustav Nykvist |
012 | DNS security | David Byers | Taken | Simon Boman Patrik Hellström |
013 | Checklists for Qualitative risk analysis | Almut Herzog | Available | - |
014 | Risk assessment for Product-Oriented and Knowledge-Based Companies | Almut Herzog | Available | - |
015 | An Example Hazard Analysis | Almut Herzog | Taken | Muhammad Farhan Khan Muhammad Fahadullah |
1. Hardware attacks against smart cards
Smart cards are considered to be tamper-resistant and therefore suitable for secure storage of information and, if the card is equipped with a microprocessor, also a secure platform for executing programs. However, there have been many successful hardware attacks against smart cards.
In this project you will read about hardware attacks against smart cards and understand how they can be executed. Then you will discuss which attacks that are still possible with cards used today and how these attacks could be mitigated.
Refernces:
References:
Hardware attacks: http://www.cl.cam.ac.uk/~rja14/Papers/SE-14.pdf
Tamper-resistance: http://www.cl.cam.ac.uk/~rja14/tamper.html
2. Javacard security
The JavaCard is a smart card that has a microprocessor and is designed to run a small Java environment where several applications, JavaCard applets, can be placed. In this project you will study the different security features of JavaCards and explain how they work. You should analyze the features and describe how they can be used. Are there some features that you think should be implemented to provide even more security to a JavaCard?
References:
JavaCard: http://java.sun.com/products/javacard/
3. Attack tree explaining attacks against smart cards
In this project you will learn how attack trees are used to describe attacks against a system, in this case a smart card. An attack tree is used to show in what different ways a certain attack could be executed and how easy it would be for the attacker to succeed. You will model an attack tree showing how an attacker could steal sensitive data stored on a smart card. By modelling we mean that you build an attack tree and in detail explain and analyze the different attacks. Your attack tree should cover both memory smart cards and microprocessor smart cards and describe all possible attacks, for example cryptographic attacks, hardware attacks, eavesdropping, and software attacks.
References:
Attack Trees: http://www.schneier.com/paper-attacktrees-ddj-ft.html
Hardware attacks: http://www.cl.cam.ac.uk/~rja14/Papers/SE-14.pdf
General smart card security:
http://people.cs.uchicago.edu/~dinoj/smartcard/security.html
Tamper-resistance: http://www.cl.cam.ac.uk/~rja14/tamper.html
4. Literature study of the use of Trusted Platform Modules in computers
A Trusted Platform Module (TPM) is used in computers to offer facilities for e.g. secure generation of cryptographic keys and it can be implemented on software or hardware. Security experts have different ideas about pros and cons of the use of TPM. For example some security experts discourage the use of TPMs because they fear that computer and software companies increase their control over users by using TPMs. In this project you will first perform a survey study of state of the art for software and hardware-based TPM architectures and will identify pros and cons of using a TPM. Then you will perform an analysis of security threats that a TPM faces.5. Handwritten signature recognition
In the basic course on computer security, one lab session uses a special plate and pen to capture the dynamics of written signatures. Then a very simple system is used to extract what should be individual characteristics from these data. Can you improve the performance through some simple methods? You are free to use the lab equipment for any attempts that you feel should be studied. Also negative results are valid, as long as you have a good motivation for why you wanted to try your approach and a good analysis of why it did not work in the end. This was a project also last year, but there is plenty of room for different ideas and improvements.
6. Literature study of the state of the art for one specific biometric method
Choose one biometric method except fingerprints and written signatures. Find as much information on it as you can within the time limits of this project, make a good summary of its properties and available products and evaluate its prospects in the future for different applications, like entry systems on guarded premises, ATM user authentication and passenger screening at airports.
7. Deeper study of face recognition
Last year one project group compared two face recognition systems, and found that only one of them was of any real use, and then only at the high security setting. Follow up their study by making more consistent tests of the actual strength of the system in this high setting! Find out as much as you can about exactly what it measures and how. Do this both by trying different effects on the system and by reading about this system and also studying general texts on what face recognition normally uses. Do not use any reverse engineering, since the attack should be evaluated in settings where you do not break even the harshest laws against such attacks. Then use this knowledge to simulate attacks where one of you tries to get consistently accepted as the other. Also use friends etc. to test the probability that you are likely to find a co-attacker, who is accepted by the system.
8. Card security
In spite of their obvious weakness, magnetic stripe cards are still much used for entry systems, low amount payment systems etc. But how difficult is it to get relevant information for forgery? How much would it cost to attack such a system? Do a study on for example an entry system, where you find out:
Since this could easily grow into a full master thesis, make sure that you spend a reasonable time on each part, including the necessary time for writing the report.
9. Phase space analysis of network protocols
The security of some important protocols, such as TCP and DNS, relies on random numbers. In the case of TCP, preventing blind connection
spoofing relies on the randomness of the initial sequence number. In DNS, spoofing is also prevented through the randomness of the query
ID. A few years ago, a technique known as "delayed coordinates" was
applied to attempt prediction of ISNs, and it was found that many implementations of TCP were very vulnerable to this kind of attack.
Today, most implementations have improved significantly, but the
attack is still a cause for concern. New implementations and protocols
may not take this attack into account; updated implementations
sometimes have regressions; and a lot of small embedded systems are
getting TCP capabilities, and we don't know how resilient they are.
Furthermore, delayed coordinates is an extremely simple technique, so
it is possible that the method can be significantly refined.
In this project you will study the original two papers on predicting
random numbers using delayed coordinates, as well as the mathematical
background (which is quite simple). You will reproduce some of the
original experiments, and evaluate some types of systems that have not
yet been tested (e.g. printers, thin clients, or PDAs). To do this,
you will have to implement a small set of tools to collect and process the information needed for the attack. You are also encouraged to see
if there are other types of phases spaces than delayed coordinates
that could be applied to this attack.
Prerequisites: strong programming skills required, or implementation
will take too much time. This project requires a good understanding of
computer networking, at least to the level of the basic network
course.
10. WPAN Security
Personal area networks are starting to become popular. Bluetooth has
been around for a while, and IEEE 802.15.1 WPAN is based on the
Bluetooth 1.1 specification. You will study these technologies from a
security point of view. You will also study weaknesses that have been
published (or merely indicated) in the protocols, and in specific
implementations of the protocols. If you want to, and are able to, you
may substitute some theoretical work for a practical experiment with
WPAN security of your own design.
Prerequisites: This project requires a basic understanding of computer
networking, at least to the level of the basic network course. If you
choose to do a practical experiment, this will require a high level of
skill with the platform you choose as the base for your experiment.
11. Practical WLAN security
Wireless networks present some particularly difficult security
problems since physical access to the networks are not limited. In
this project you will study the known security issues with 802.11
networks and the various mechanisms (WEP, WPA, RSN) that have been
proposed to improve security. You will also study denial of service
attacks and mitigation methods, as these are not part of WEP, WPA or
RSN and the physical aspects of wireless security and intrusion
detection in wireless networks.
You will also launch at least two serious attack on a wireless network
using a Linux laptop as your platform. Specific attacks and targets
will be chosen in cooperation with course staff. At least one of these
attacks will be demonstrated live in class.
Prerequisites: This project requires a good understanding of computer
networking, particularly of protocols such as Ethernet, IP, TCP and
DNS. Completing the practical part of this project will require
previous experience with Linux networking. You will probably have to
learn new tools, install and configure network services, and you may
have to write or modify low-level network code (e.g. to do spoofing or
custom packet injection), so you need to know C.
12. DNS Security
The Domain Name System is a critical part of the Internet. It is
the directory service responsible for (among other things) translating
domain names to IP addresses. Since it is such a critical component,
security is a very important issue in DNS. In this project, you will
study the domain name system and the security issues related to it.
You will study security incidents involving DNS, and how they were
resolved. You will study how the protocol and its implementation have
evolved to meet security challenges.
Prerequisites: This project requires a fairly good understanding of
how DNS works, at least to the level of the basic network course.
13. Checklists for Qualitative risk analysis
Provide a template for a qualitative risk analysis containing checklists for assets, threats, vulnerabilities, controls suitable for the risk analysis for a small- to medium-sized IT company with mobile workers. Assume that the company is running *nix servers and Win/Linux/MacOS PCs. Checklists should be well-founded, not only from the top of your head. Convince the reader of the completeness of your information.
14. Risk assessment for Product-Oriented and Knowledge-Based Companies
What is the difference in the risk assessment process for a product-oriented company compared to a knowledge-based company? Perform a risk assessment for two hypothetical companies with 10-80 employees and compare. Do some literature research in the area. Provide guidelines for a risk analyst how to address the different company types.
15. An Example Hazard Analysis
Perform a hazard analysis of a system that you are familiar with and have insight into. Use two different methodologies to do the hazard analysis and compare the suitability of the two methods for your chosen system. What did you gain from the one or other method? Did you see potential for any improvements of the methods? Describe those improvements.