The project code for each project is given as a word in capitals before the project description. E.G the code for the first project described below is AIRCRACK1 . You will need to use the project code in the form to register the appropriate project. Please do not register any project until by considering required aims, objectives and available support technology and information resources, you are confident that you are willing and able to complete your registered project.

Where 2 projects with the same prefix are numbered 1 and 2, e.g. APACHEVS1 and APACHEVS2, these may be registered by a pair of students interested in working and cooperating with each other in order to have work assessed as a joint project. Please don't register any one of these unless you are willing to work with whichever student succeeds in registering the other. Please read the assignment brief to review additional requirements for pair projects.

1. AIRCRACK1 The student undertaking this must be able to use Linux in connection with WiFi and collaborate with the student undertaking Aircrack2. Download and install the Aircrack-ng tool suite and study the use of these tools in connection with a WiFi access point setup for the purpose of penetration testing. The student registering this must ensure that they are authorised to penetration test the access point to be tested by the owner of this access point. How long did it take to find the WEP keys ? Are attacks against WEP feasible without injecting traffic into the AP ? To what extent does the WEP key length affect the difficulty of obtaining the key ?
2. AIRCRACK2 see Aircrack1. This student should concentrate on configuration of the WiFi access point. Do the instructions available for the setup of the access point help or hinder security of this installation, e.g. in connection with use of good entropy and support for WPA and WPA2 to mitigate dictionary attacks ? To what extent has your understanding of this been changed in connection with the penetration testing undertaken ?
3. APACHEVS1 Install a recent copy of the Apache webserver program on Linux or another OS with equivalent multiuser capabilities and configure this server so that multiple users can operate their own web sites using the virtual server Apache facility. Study, test and write a user guide explaining relevant Apache and operating system configuration issues relevant to maintaining appropriate access controls. Report on what you have discovered about webserver security and access control.
4. APACHEVS2 as above, but one student should concentrate on the OS access control configuration including user file upload requirements for website maintenance, while the other should concentrate on the Apache configuration.
5. BACKUP Using Rsync (remote synchronisation) and SSH (secure shell) programs investigate procedures used for automating backups of a server to a remote machine You must use minimum bandwidth by only backing up changes after an initial full backup is taken. Investigate procedures for making sure that the data being transferred between machines is suitably encrypted. Write a userguide describing the setup of all programs.
6. BHISTLEAK Investigate use of the Javascript Document Object Model (DOM) by a website interested in discovering which known links to other websites have recently been visited by particular client browsers, based on how a visited link is rendered in the browser window. Develop a proof of exploit concept webpage which can tell browsers which of a set of URLs to other websites they have recently visited. Study the Javascript DOM and write a report on web-user privacy issues which this exploit demonstrates and how this problem might be mitigated. Further information is available here. and here.
7. BLOCKCIPHER Investigate, summarise and report upon cryptographic and security application issues concerning a selection of block cipher algorithms including DES1, triple DES, AES and any other relevant competing algorithms. You must be willing to study published materials concerning the peer review of relevant algorithms. Your report must demonstrate the development of your understanding of the mathematical issues encountered.
8. BUFFER1 Investigate buffer overrun attacks, and test and demonstrate proof of concept code within a VM environment. Write a report describing your investigation, experiments and conclusions.
9. BUFFER2 Investigate and apply technologies suitable for remediation of buffer overrun attacks, e.g. address space layout randomisation. How well can these be detected using static code analysis tools ?
10. CACHEPOISON Investigate the mechanisms by which a resolving DNS server which caches client requests using predictable pseudo-random numbers to generate query IDs and UDP source port numbers can be manipulated by an attacker in order to cause redirection of client queries to a spoofed website, e.g. for Internet banking, using a poisoned DNS cache. Write a report deriving lessons from the known history of discovered and patched vulnerabilities in BIND and other DNS servers, e.g. DJBDNS. Given the increase in bandwidth between attackers and likely DNS target servers, do you think further attack modes are likely to be discovered in currently fully patched DNS servers ? What can a site running a DNS server do to detect and prevent this kind of attack ? Report your investigation, wider study and conclusions.
11. CAPTCHA These initials stand for Completely Automated Public Turing test telling Computers and Humans Apart. Registering at a website or email provider often involves solving a puzzle, e.g. by reading obfuscated words or numbers encoded as graphics files. This has led to an arms race, with spammers allegedly employing low-wage labour to solve these puzzles and create spamming accounts cheaply, and investigating automated means of solving these puzzles, and those setting these puzzles devising more sophisticated means of making these more difficult to solve using automated means. Study and review the academic papers and resources available e.g. by starting at http://www.captcha.net/ and identify, obtain, download and experiment with available CAPTCHA software, write a HOWTO for this as your technical investigation and discuss trends in your context and conclusions report. See also http://www.theregister.co.uk/2010/07/01/animated_captcha/ .
12. CSSPRIV read http://dbaron.org/mozilla/visited-privacy and http://www.theregister.co.uk/2010/04/05/firefox_browsing_history_fix/ . Then study web technologies including Javascript and CSS to make sure you understand the implications of website operators being able to discover which other sites a client has visited, and technical measures and user precautions needed to avoid this privacy leak.
13. COOKIE Websites place and file cookies in the browser cache folders of user workstations for later retrieval, e.g. for web session authentication. Some cookies are useful for the end user as they enable you to access sites requiring authentication more easily. However, some of these cookies are of little use to the end user, but are of use to advertising conglomerates as these enable them to track many users across very many websites. Such cookies could be identified and removed using a simple text editor, but this was labour intensive, and likely not to be done regularly. Developments in web browsers using database tools also result in more opaque storage. Investigate the format by which cookies are stored, and develop a program specification to enable a user to accept and automatically remove cookies from unwanted advertisers in order to block cross site tracking. This program should help a user identify unwanted sites, while being able to operate without interfering with the use of wanted sites. Write this specification as your technical report and then study and report upon the wider issues raised by use of cookies in undermining user privacy and recommend countermeasures in your context and conclusions report.
14. CONVERGENCE1 The perspectives and convergence web browser plugins and servers offers an extended approach to HTTPS certificate validation, involving multipath checking to guard against man in the middle and forged certificate attacks. Install the Firefox browser plugin, study the academic papers concerned with key validation and other documentation at the perspectives site, and investigate how this software improves validation of self-signed web server certificates. Further information on Perspectives is available here and on Convergence here . To obtain high marks a student is expected to investigate installation of client and server software and join and make appropriate use of the developer mailing list. A student working on this is expected to collaborate with a student working on Convergence2 based upon negotiated division of work.
15. CONVERGENCE2 A student working on this is expected to collaborate with a student working on Convergence1 based upon negotiated division of work.
16. CRACKUNIX Install and use a cracking program designed to investigate password strength on Unix or Linux and weaknesses of a selection of passwords. Describe procedures which an attacker with access to the hardware containing the hash file but no logical access might need to use in order to copy this. Develop an organisational policy suitable for a company employing 300 people on password choice based on your tests. Write a report describing your investigation, experiments and conclusions. This project is suitable for a pair project collaborating with CRACKWIN.
17. CRACKWIN Install and use a cracking program designed to investigate password strength on Windows and weaknesses of a selection of passwords. Describe procedures used to obtain the password hash from the Windows registry which an attacker with physical but no logical access might need to use. Develop an organisational policy suitable for a company employing 300 people on password choice based on your tests. Write a report describing your investigation, experiments and conclusions. See also CRACKUNIX .
18. DANE This is for DNS Authentication of named entities. DNSSEC isn't just for validating DNS lookups, it also concerns use of the DNS for storage, retrieval and time limited cached provision of key materials for other applications, e.g. email. Study the use cases described in rfc6394 and research current uses of DNS for storage of key and authentication materials and write a report readable by non-technical but educated members of the public clarifying how DNSSEC may help enable other applications to be secured, discussing also the limitations in this approach.
19. DISKLEAK Many organisations need to dispose of outdated computing equipment in an environmental and community-friendly manner without disclosing any confidential information. A number of charities exist which will refit these computers, e.g. for developing country use. Investigate how information is physically stored on hard disks and how it may be restored if accidently deleted, and write a computer program which can delete everything on a hard disk securely. Investigate other software packages, and policies and procedures suitable for an organisation that wants to dispose of such equipment without totally destroying it, and can not rely on any outside party securely to erase confidential information on redundant computers. Write a policy and procedures document suitable for an organisation providing probation and related criminal-justice services that employs 100 staff.
20. DNSBL1 This miniproject will suit a student who has an internet connection capable of forwarding incoming connections from an infrequently changing external IP address on port 25. Study the use of DNS technology in distributing information to email servers concerning Internet hosts relaying spam email. Your report will cover the history of this technology and explain why DNS provides a suitable protocol for this purpose. Obtain DNS content records for your email server. Configure this to use a DNSBL and compare the results when more than one DNSBL blacklist is used.
21. DNSBL2 As above, but one student can concentrate on DNS configuration issues while the other can concentrate on SMTP server configuration.
22. DNSSEC Study and summarise the DNSSEC standards, pilots and current implementation experience. How would use of this standard within a group of participants willing to register subdomains within a particular internet domain enable them to solve known scalability and trust problems associated with the development of a PKI (Public Key Infrastructure) ?
23. DOMINATOR This (currently beta) project involves installing debuggers and a plugin to Mozilla web browsers for the purpose of assisting with automated detection of cross site scripting (XSS) vulnerabilities based upon what the Javascript code from a suspect website is doing within the browser environment in real time. This would suit a student who either already has Javascript skills and wishes to extend these or who has skills in another programming language who wishes to study Javascript and web site vulnerabilities. Install this program, use it to test and find a popular but XSS or CSRF vulnerable website. Describe the use of this program and provide an analysis of the vulnerability discovered. Further information is available. A student undertaking this project should be willing to work with the student undertaking DOMSNITCH .
24. DOMSNITCH This tool is similar to Dominator but works on the Chrome web browser. A student undertaking this should be willing to work jointly with the student undertaking DOMINATOR. Further information is available.
25. DRMVIDEO Carry out a review into current DRM technologies applied to video content and the status of published countermeasures, e.g. to enable access for disabled users or for long term historical preservation purposes. This project may be unsuited to students intending to travel to the United States or any country with laws similar to the US Digital Millenium Copyright Act, unless the student undertaking this review intends to keep aspects of the knowledge likely to result from this review confidential.
26. DRMAUDIO See Drmvideo, but investigate application for audio content.
27. DRMBOOK See Drmvideo, but investigate application for e-book content.
28. DRRK Investigate the open source DR rootkit and install it as a Linux kernel module on a test Linux installation. Carry out whatever observations you can to investigate how it might be used to hide processes, files and network sockets and write a technical report and then a context report based on the wider issues concerning what a systems administrator of a hosted network server farm would need to know to detect the presence of rootkits on managed Linux servers. This would suit a student willing to compile Linux operating system kernels from source code.
29. EVILMAID1 Someone ostensibly working as a hotel maid will often have access, for a few minutes, to laptop computers left in rooms being serviced. The USB boot key carrying Evil Maid software is designed to install additional software on a laptop which implements disk encryption. Evil Maid records the encryption password next time this is input, so this can be obtained on the following visit by the hotel maid to the room. A description of the software is here. Obtain a copy and experiment with the use of this on a laptop on which TrueCrypt disk encryption has been installed. Write a howto guide showing how the password can be obtained.
30. EVILMAID2 As above, but one student is to concentrate on the user of the Evilmaid program, while the other is to study TrueCrypt and other disk encrption approaches and consider how the laptop could be setup with further protections in order to make the hotel maid's job take longer and be exposed by other means, e.g. checksumming or use of programmed audible alarms.
31. FIRESHEEP Firesheep is the name of a Firefox browser plugin which monitors shared network connections (e.g. as are likely to occur between users of an open or cracked WiFi hotspot) for website authentication cookies. For example, an initial Facebook or Gmail login is likely to be encrypted using HTTPS, but subsequent client requests are likely to be unencrypted, making use of the cookie issued at login instead of the password to continue the authenticated session. Carry out experiments using this plugin over the use of an open network setup for this purpose, and establish what other measures need to be carried out to use a cookie obtained using Firesheep to enable e.g. an existing Facebook or Gmail session to be hijacked. A student registering this project must use this approach only to demonstrate the feasibility of hijacking a logged in web session in respect of their own account credentials or with the informed consent of the account owner in order to ensure this activity is carried out legitimately.
32. FLASHDISK Solid State Disks and similar devices are known to use seperate physical blocks and pages from the equivalent logical structures as presented to the device control interface, with a layer of pointers between these. This approach enables overprovision of physical blocks so that wear-levelling capabilities built into the device can retire blocks once these have been written too many times for reliability reasons, and to move physical blocks around in order to prevent overuse of a few physical blocks and underuse of the rest. This approach leads to problems for responsible users concerned about data protection at the end of life of these devices, as well as presenting opportunities for forensics investigators to obtain information stored on blocks marked inaccessible using direct hardware access, e.g. following unsoldering flash chips. Investigate current standards, forensic approaches and designs, e.g. to determine whether current ONFI interface standards are adequate for legitimate data protection obligations affecting those processing personal data.
33. FUZZ1 Investigate and report on the use of fuzzing to find security weaknesses in a program which should be secure but isn't. You should also apply this technique to a specific and up-to date program of your choice. Two students can undertake this project, but both students undertaking this must identify a different and relevant program to be evaluated, the name of which must be agreed with module coordinator. This would suit students with the programming ability needed to make progress. Write a personal report describing your investigation, implementation, experiments and conclusions. Before starting on this project you must ensure agreement with the module coordinator on aims and objectives and the program you will investigate by this means.
34. FUZZ2 see Fuzz1
35. GPG Investigate and develop a policy for signing and distributing encryption keys to be used for GPG authentication and encryption of email to be used between a team of artists and technicians working on the development of a major new Hollywood movie. Note that different individuals within this team will be using Windows and Linux. Investigate the installation and configuration support requirements for email clients and cryptographic programs and write a userguide. Write a report describing your investigation, experiments and conclusions.
36. GSMPHONE Review published resources concerning how easy or difficult it is to crack GSM phone communications with base stations. Start at http://lwn.net/Articles/367949/ .
37. HASH Investigate, summarise and report upon cryptographic and security application issues concerning a selection of hashing algorithms including MD5 and SHA1 and any other relevant competing algorithms. You must be willing to study published materials concerning the peer review of relevant algorithms. Your report must demonstrate the development of your understanding of mathematical issues encountered.
38. HTTPS Configure and install an intranet webserver capable of supporting the HTTPS protocol. Investigate configuration of the server giving privileged access based on the use of cryptographic certificates installed within client web browsers and servers, e.g. for an intranet application to support home workers. Write a userguide and a report describing your investigation, experiments and conclusions.
39. HDCP This system is used to encrypt high definition video streams between devices in order to enable intellectual property owners to maintain control of the distribution of their programmes and movies etc. However, in September 2010 the master key was leaked. Would creation of an unlicensed device using this key require custom hardware or could this be done using software, and if the latter then how could this be done in practice ? To what extent does the release of this key compromise the system it protects, or are there other factors (e.g. hardware licensing regimes backed by law) limiting the range of exploits and the number of people able to carry out exploits in practice. Compare the current state of this technology to the compromised DVD (search for DVDCSS) content scrambling system. Starting points include: http://www.freedom-to-tinker.com/blog/felten/understanding-hdcp-master-key-leak and http://lwn.net/Articles/405683/ .
40. HTTPSEVERYWHERE1 Making your web browser use HTTPS in preference to HTTP on sites which support this improves both privacy and security. As a starting point read https://www.eff.org/https-everywhere and install this Firefox extension. But how easy is it for a webserver operator to upgrade to HTTPS from HTTP and how much does this cost for a modular website divided into 20 virtual domains, where the list of subdomains frequently needs to be changed ? Do the websites on the list supported by the Firefox plugin work as efficiently in secure mode ? Either test a ruleset in the HTTPSEverywhere developers pending rules or develop your own set of rules for a website for which rule development has not yet occurred, and write a report describing your experiences. You should attempt to input your work into the collaborative development and testing of this plugin. Your report might usefully review the collaborative development experience of using this tool.
41. HTTPSEVERYWHERE2 Collaborate with the student registering HTTPSEVERYWHERE1. One student should develop a new ruleset for a website not yet covered which supports optional use of HTTPS and input this into the collaborative development process. The other student should test a ruleset already in the pending rules area. Both should provide feedback as part of the EFF development process.
42. IPV6PROT Study and report on the security provisions within the IP version 6 protocol and compare these to IP version 4. Study the relevant RFC standards and the current state of IPV6 implementation. Which security problems of IPV4 is IPV6 likely to resolve ? Report on your technical investigation and on the impact of any security issues on the likelyhood of IPV6 adoption. Suitable for 2 students willing to collaborate on condition they are willing to experiment with use of IPV6 between 2 different operating systems.
43. ISPLOCAL What can and should ISPs do when customer systems are compromised ? How would they know ? To investigate these questions you should be willing to discuss these with ISP technical staff e.g. using relevant on-line forums, and have an interest in router technology. Write a report describing your investigation and conclusions. This project could either be done individually, or jointly with another student undertaking Ispremote.
44. ISPREMOTE What procedures can be used to identify a remote ISP responsible for an attack origin based on a known IP address ? How should communication with an identified ISP proceed and do any standards exist for this purpose and are any being actively proposed ? Write a report describing your investigation, experiments and conclusions. See also Isplocal.
45. JSCRIPT Study and report on the security design behind the development of the JavaScript programming language for the purpose of providing client-processed active web content. Your report must cover programming language design and implementation design issues. Historically, what weaknesses have had to be addressed ? This project might be done collaboratively with a student studying server side language issues, see PHP.
46. KERBEROS1 agree to work with other student undertaking Kerberos 2. As a team of 2, install and configure Kerberos AS, TGS, Kerberos authenticated client and service providing server implementations. Write a personal report on work undertaken and userguide for AS and Kerberos client installation.
47. KERBEROS2 See Kerberos 1. Agree to work with other student undertaking Kerberos 1. Write a personal report on work undertaken and userguide for TGS and service providing server.
48. NFS1 Install and configure an NFS (Network File System) server and client. Write a userguide. Investigate security issues concerned with the development of NFS services and summarise these. If someone were proposing to implement NFS over a wide area network what recommendations would you give for security configurations and feasible applications and why ? Write a report describing your investigation, experiments and conclusions.
49. NFS2 See NFS1. This project can be undertaken by 2 students agreeing to collaborate with each other. The student undertaking NFS2 should investigate client side security issues, the student undertaking NFS1 should concentrate on server side issues.
50. NULLPTR Null or zero pointers normally do not reference data, and are used in the 'C' programming language to mark the end of useful data, none useful data, or uninitialised data. But situations may exist in a kernel where a zero address maps useful data. This has led to the discovery of a important new class of vulnerability in the Linux Kernel in 2009, if use of an pointer marked uninitialised can be made not to lead to a hardware exeption. How has this problem been exploited and has it been fixed ? What about older Kernels still in use e.g. in your ADSL router ? How would a cracker go about exploiting this type of problem and how can this kind of exploit be defended against ? This miniproject would suit a student with some 'C' programming knowledge.
51. PAYMENT Investigate security drivers concerning development of an Internet payment protocol. How do your identified important security issues influence the design of this system and protocol? Before agreeing to undertake this project make sure that you have adequate documentation available to carry out your investigation in connection with the protocol you want to investigate. If another student has registered this, further Yourchoice projects on this topic will be accepted in respect of different payment systems. To obtain a high mark a thorough protocol analysis and understanding will be required.
52. PRIVEMAIL1 Anonymous remailer services are operated to provide people living in countries with repressive laws and corrupt police and security services with the ability to communicate, to exercise rights of freedom of speech considered legitimate elsewhere and to do so as safely and securely as possible. Carry out an investigation into the legal, anti-spam and other security issues concerned with provision of such a service.
53. PRIVEMAIL2 Investigate email client and encryption software from a security perspective, suitable for use by a civil rights activist in a country with repressive laws and/or corrupt police and security services to enable this individual to communicate with contacts abroad in as secure a manner as possible. You may assume that this individual is able to receive computing support and training when travelling abroad but not when inside the country from which and in which their communications must be secured. This individual is assumed to have very limited computing knowledge. Write a report giving reasons for your choice of software together with an installation, configuration and user guide. It should be possible for the user to memorise all relevant and neccessary details from the user guide. See Privemail1.
54. REPUTATION1 Many online services allow users to score each others reputation, but these systems can sometimes be gamed through the creation of false on-line identities or through deliberately false reports. Carry out a comparative review of reputation mechanisms used for a type of on-line service and report on the internal mechanisms and policies which detect cheating or which make this more difficult. Sybil attacks must be researched in relation to manipulation of current reputation systems.
55. REPUTATION2 See Reputation 1. Students working together on Reputation 1 and 2 must investigate 2 different on-line services e.g. email and auctions, where reputation is relevant.
56. ROOTKIT Investigation into rootkits and countermeasures in general. What are rootkits, which ones currently exist in the wild and what do these do to mask their activity? How effective are current countermeasures and how can current tools be used more reliably ? If you encountered a new rootkit, how would you investigate what it did ? Research and answer these questions and write a guide for prospective rootkit hunters and trackers. Write a report.
57. SAMBA1 When a Samba server is used as a fileserver within a small company, using Windows clients and a Linux fileserver, what security configurations should be applied ? Write a userguide based on your installation, research and testing experience and a report.
58. SAMBA2 See Samba1. One student should concentrate on making Windows clients communicate with a Linux fileserver, the other should concentrate on making Linux clients communicate with a Windows fileserver.
59. SAMBAFOUR Samba version 4 is a development version capable of providing an open source Active Directory domain controller. Currently this needs to be installed using source code. Follow the instructions in http://wiki.samba.org/index.php/Samba4/HOWTO to install and configure Samba 4 and describe the technical problems you were able to solve and those which you had to communicate upstream to the developers, if any aspect of the above Howto were incorrect. Your context and conclusions report should describe the current status of Samba 4 development. This project would suit a student with strong Linux or Unix skills, including some prior experience of installation of software using source code, with an interest in Windows/Linux network integration.
60. SANDBOXIE Experiment with this sandboxing program in connection with secure use of untrusted programs and carry out a thorough set of tests evaluating configuration and use of this tool Carry out a comparison between this and similar sandboxing techniques, e.g. use of virtual machines. start at http://www.sandboxie.com/
61. SANDBOXVB Investigate and test procedures for use of VMs making use of VirtualBox VMs for securely testing untrusted and suspicious software. The procedures you develop should be useful in helping make life easier than it now is for others wanting to do this. Write a report on what you have discovered on security applications of virtual machine technlogy and on sandboxing generally. See also Sandboxvmw
62. SANDBOXVMW Investigate and test procedures for use of VMs making use of VMWare VMs for securely testing untrusted and suspicious software. The procedures you develop should be useful in helping make life easier than it now is for others wanting to do this. Write a report on what you have discovered on security applications of virtual machine technlogy and on sandboxing generally. This is suitable for a joing project involving a pair of students working on Sandboxvb and Sandboxvmw.
63. SANDBOXVPC Investigate and test procedures for use of VMs making use of Microsoft Virtual PC for securely testing untrusted and suspicious software. The procedures you develop should be useful in helping make life easier than it now is for others wanting to do this. Write a report on what you have discovered on security applications of virtual machine technlogy and on sandboxing generally.
64. SELINUX1 This is a security technology which has been added to the Fedora and Red Hat distributions of Linux to provide mandatory access control (MAC). Opinion on this amongst the Linux system administration and developer communities is divided. Some think it is too complicated and causes too many new bugs to be of practical use. Others believe that it is neccessary in order to limit what applications can do to what they were designed to do in order to prevent security compromises. Start by reading the article and discussion on http://lwn.net/Articles/288507/ . Then install Fedora and attempt to configure a security policy for a simple application installed from source without an existing Fedora security policy. If, as expected, this turns out to be difficult, attempt to obtain support from the Fedora community support resources relevant to this activity. Depending upon how far you achieve a working set of MAC labels and rules for your application either write a report describing how you went about this and achieved this, or describing what would need to be done to improve tools or support resources and activities to make this activity easier in future.
65. SELINUX2 See SELINUX1 . This project can be conducted by 2 students working collaboratively. They could either divide the work so that one student reports on how to achieve a working MAC policy and the other reports on how support resources and activities could be improved, or by the students collaborating on understanding SELinux generally while working on MAC policies for 2 different applications.
66. SELINUX_HTTPD Starting at this SELinux resource investigate and experiment with the process of using SELinux to harden an Apache webserver installation. Your webserver should be capable of supporting a dynamic web application - e.g. a Webmail program such as Squirrelmail. Your technical report should describe the set of features and security contexts and labels required and should provide an installation and configuration procedure.
67. SERVERNAMEINDICATION Many webserver operators avoid using secure HTTP (HTTPS) due to the requirement for one certificate and IPV4 address per virtual domain, in situations where many web domains and subdomains are provided using the same server in virtual domain hosting mode. Use http://en.wikipedia.org/wiki/Server_Name_Indication as a starting point. Setup an Apache webserver with SNI technology enabled providing 2 domain names, and experiment using a selection of web browsers and either using self-signed certificates or free certificates. Investigate backwards compatibility issues for a web server operator providing multiple web domains using a single IPV4 address to users with a variety of web browsers and operating systems intending to improve security by encrypting web sessions involving authentication of clients and use of cookies. Report on issues which need to be resolved before this technology can be implemented more widely.
68. SETUID Experiment using Linux virtual machines to create an insecure setuid program using an interpreted language. Develop an attack script using the same language to compromise local security. Develop a proof of concept script which exploits the race condition between the 2 stages of execution of the setuid script in order to demonstrate how a soft link to the script can be redirected. Develop a secure wrapper script using a compiled language which can run a (possibly modified) version of the setuid script application in a manner resistant to the attack you have experimented with. Write technical and context reports describing what you have done and learned concerning this aspect of system security.
69. SKIPFISH Investigate web application security scanning tools including Skipfish and Nikto. Starting point: http://www.theregister.co.uk/2010/03/23/google_skipfish_web_app_security_scanner/
70. SNORT Install the Snort intrusion detection system on a suitable host exposed to the internet. Investigate the reports generated by this program and the kinds of attack which it provides some degree of protection against. Provide a userguide for someone intending to use this program to protect against the attacks which it detects on your system.
71. SPAMORIG Investigate standards and implementations concerned with identification and evaluation of the responsible Internet domain for sending unwanted email. Write a report summarising your review, experiments and findings and explaining current development activities.
72. SPAMECON Investigate economic incentives for perpetrators, ISPs and users in email security and spamming. Which spammers are making money, and how are they doing this ? Investigate current laws affecting those sending unsolicited bulk email in at least 3 countries. Write a report summarising your findings and identifying legal loopholes enabling spammers operating from these countries to continue doing so.
73. SPAMTRAP1 Study the use of spamtraps used for the purpose of identifying Internet hosts responsible for sending or relaying large volumes of spam. How is a large spamtrap built, and how is the data obtained likely to be used. What are the precautions someone using this data to create a blacklist likely to need to take to avoid false positives ? This miniproject will suit a student who has an internet connection capable of forwarding incoming connections from an infrequently changing external IP address on port 25.
74. SPAMTRAP2 One student can concentrate on setting up a spamtrap, the other can concentrate on analysing live data captured by this means.
75. SQLI1 Investigate SQL injection attacks, and test and demonstrate proof of concept code in connection with a web application with an SQL database within a VM environment. Write a report describing your investigation, experiments and conclusions.
76. SQLI2 One student should concentrate on setting up and configuring an SQL server and the other a networked application which accesses the SQL server.
77. SSHD1 Investigation into secure shell (ssh) server exposures. Install and configure an operating system running the sshd server program and check log activity. What risks does someone who needs to use secure shell login to administrate a remote server undertake, how can risks be mitigated through a more secure configuration and use of other programs and procedures etc. Write a report describing your investigation, experiments, recommendations and conclusions.
78. SSHD2 One student should concentrate upon Secure shell server installation and administration. The other should concentrate on attack patterns in the wild and mitigation measures, e.g. through use of Iptables or programs such as Denyhosts.
79. TOMANDJERRY_L This project concerns defending against the possibilities an employee being offered a mouse (or similar standard peripheral) of conventional appearance but with unusual embedded capabilities. A starting point concerning this attack is the article linked here. On Linux the command: lsusb discloses the serial numbers of USB connected hardware, making feasible approaches for identifying hardware not on an approved list, and similar possibilities for defending against unauthorised hardware are likely to exist on other operating systems. Look into the requirements for modifying the Linux an operating system against such an attack and study the capabilities of existing security products or subsystems intended or suitable for this purpose. A student undertaking this project must have an interest in exploring how security modules interact with operating systems either at the kernel or at the scripting level. Use this code for the Linux version of this project. Collaboration opportunities exist, see the other TomandJerry projects.
80. TOMANDJERRY_W as above, but student undertaking this project must investigate Microsoft Windows equivalent operating system vulnerabilities and programmed defences. Collaboration opportunities exist, see the other TomandJerry projects.
81. TOMANDJERRY_X as above, but student undertaking this project must investigate Apple Mac OS X or other Bsd Unix equivalent operating system vulnerabilities and programmed defences. Collaboration opportunities exist, see the other TomandJerry projects.
82. VIRUS Investigate the use of virtual machine environments for the responsible study and secure containment of software viruses. Obtain a virus sample which can be investigated within a secure environment and study its behaviour. This should be a virus known to have spread widely and be currently in the wild rather than proof of concept code. This project should not be registered by anyone unconfident in being able to obtain and responsibly contain a suitable virus sample. Write a userguide describing secure containment procedures and a report describing your investigation, experiments and conclusions.
83. VPN1 With another student undertaking VPN2, investigate technologies suitable for implementing a virtual private network (VPN) between 2 computers which must communicate securely over the Internet. Install, configure and test suitable programs. Install server software for an insecure protocol e.g. SMTP, FTP or Telnet and configure routing to enable provision of service to the other machine. Write a personal report describing your investigation, implementation, experiments and conclusions.
84. VPN2 With another student undertaking VPN1, investigate technologies suitable for implementing a virtual private network (VPN) between 2 computers which must communicate securely over the Internet. Install, configure and test suitable programs. Install client software for an insecure protocol e.g. SMTP, FTP or Telnet and configure routing to enable provision of service to the other machine.Write a personal report describing your investigation, implementation, experiments and conclusions.
85. WIRESHARK Install Wireshark on a suitable host for the purpose of monitoring network traffic. Which security threats can this program detect ? Given the history of security issues concerning the special privileges this program runs with, investigate means of seperating the packet analysis facilities of this program from the packet capture facilities so that the analysis can be carried out in a safer environment.
86. WORM Is the Internet as susceptible to the same level of attacks using network worms as it was five years ago ? If it isn't why not, and if it is, what vulnerabilities can still be exploited ? Write a report describing your investigation and conclusions.
87. XSRF Investigate cross site request forgery attacks. Before undertaking this make sure you are able to setup web server application to test and demonstrate proof of concept within an emulated environment. Write a report describing your investigation, experiments and conclusions. A student working on this may undertake a joint project with the student undertaking Xss
88. XSS Investigate cross site scriping attacks. Before undertaking this make sure you are able to setup web server application to test and demonstrate proof of concept within an emulated environment. Write a report describing your investigation, experiments and conclusions. See also XSRF.
89. YOURCHOICE1 If you don't like any of the above projects, or the projects you want to do have all been taken first by other students, or if there is a security investigation you have in mind and are keen to do, propose a project yourself of a similar level of security theory interest and practical difficulty to the module coordinator as those described above but which is clearly different from any other project. Make your proposal to the module coordinator by email. This must include a clearly written paragraph describing what you will investigate, identification of the information resources you will read, experiments you want to carry out, programs you will configure and test, any programs if any (these must be within your abilities) which you want to develop to help in your security investigation, and your documentation deliverables in connection with your project report. You will receive a reply by email, either accepting your proposal, accepting it with suggestions to improve it, or rejecting it giving reasons, e.g. because it is considered too difficult, too vague, not relevant or too easy, or because your idea is unoriginal, (another student has already agreed to do the same project) or because there is insufficient information identified or likely to be available.
90. YOURCHOICE2 see Yourchoice1
91. YOURCHOICE3 see Yourchoice1
92. YOURCHOICE4 see Yourchoice1
93. YOURCHOICE5 see Yourchoice1
94. YOURCHOICE6 see Yourchoice1
95. YOURCHOICE7 see Yourchoice1
96. YOURCHOICE8 see Yourchoice1
97. YOURCHOICE9 see Yourchoice1
98. YOURCHOICE10 see Yourchoice1
99. YOURCHOICE11 see Yourchoice1
100. YOURCHOICE12 see Yourchoice1
101. YOURCHOICE13 see Yourchoice1
102. YOURCHOICE14 see Yourchoice1
103. YOURCHOICE15 see Yourchoice1
104. YOURCHOICE16 see Yourchoice1
105. YOURCHOICE17 see Yourchoice1
106. YOURCHOICE18 see Yourchoice1
107. YOURCHOICE19 see Yourchoice1
108. YOURCHOICE20 see Yourchoice1
109. YOURCHOICE21 see Yourchoice1
110. YOURCHOICE22 see Yourchoice1
111. YOURCHOICE23 see Yourchoice1
112. YOURCHOICE24 see Yourchoice1
113. YOURCHOICE25 see Yourchoice1
114. YOURCHOICE26 see Yourchoice1
115. YOURCHOICE27 see Yourchoice1
116. YOURCHOICE28 see Yourchoice1
117. YOURCHOICE29 see Yourchoice1
118. YOURCHOICE30 see Yourchoice1
119. YOURCHOICE31 see Yourchoice1
120. YOURCHOICE32 see Yourchoice1
121. YOURCHOICE33 see Yourchoice1
122. YOURCHOICE34 see Yourchoice1
123. YOURCHOICE35 see Yourchoice1
124. YOURCHOICE36 see Yourchoice1
125. YOURCHOICE37 see Yourchoice1
126. YOURCHOICE38 see Yourchoice1
127. YOURCHOICE39 see Yourchoice1
128. YOURCHOICE40 see Yourchoice1
129. YOURCHOICE41 see Yourchoice1
130. YOURCHOICE42 see Yourchoice1
131. YOURCHOICE43 see Yourchoice1
132. YOURCHOICE44 see Yourchoice1
133. ZZZTEST used for testing the project registration system only. As this is not a real project please do not attempt registering it.