Special Topics in Software Engineering: Dependable Systems

ECE 1724, Fall 2007
University of Toronto

validate
Instructor: Ashvin Goel
Course Number: ECE 1724
Course Time: Thursday, 4-6 pm
Course Room: GB 221
Start Date: Sep 20, 2007

Project Suggestions

Some suggested projects are described below.

1. A Study of Phishing Sites
   
   The SpyProxy, HoneyMonkeys and the crawler-based study of spyware papers described methods for detecting malicious content on the web. This project will involve doing a crawler-based study of phishing sites on the web. Is it easy to detect phishing sites? How long do phishing sites exist on the web? How would you do such a study? Talk to the instructor for ideas.
   
   
2. Analyzing Buffer Overflow Attacks
   
   Replay frameworks have several applications such as debugging applications as well as analyzing intrusions. In this project, you will use a simple existing replay technique to analyze intrusions. Choose a common application such as a web browser with known buffer-overflow vulnerabilities. Similar to Rx, replay the application in a different environment (e.g., different address space layout) to test if the attack was successful (e.g., buffer overflow failed with a different address space layout) by comparing the outputs of the application during the original application and the replay.
   
   
3. A Debugging and Profiling Tool for Isolation Environments
   
   The instructor's research group has developed a prototype system that allows running applications with restricted privileges in a file-system based isolation environment. Applications running in this isolation environment can sometimes fail mysteriously because the application does not have sufficient privileges to execute correctly. In this project, you will develop a profiling tool that helps extract the correct set of privileges needed to run applications in the isolation environment and that also allows debugging the isolation environment.
   
   
4. Mashup OS for Firefox
   
   The Mashup OS paper described protection mechanisms for web browsers. This paper implemented these mechanisms in the Internet Explorer. In this project, you will implement a subset of the mechanisms in the Firefox browser.
   
   
5. A Safe Password Manager
   
   The Information Flow Control For Standard OS Abstractions paper describes the Flume system that uses the (Decentralized Information Flow Control) DIFC model for protecting privacy and integrity of applications running on standard OSs. Choose an application such as a password manager (e.g., gnome-keyring-manager or gpass) and use the Flume system to provide strong privacy for passwords.
   
   
6. Detecting Windows Rootkits
   
   The Automated Detection of Persistent Kernel Control-Flow Attacks paper discusses a variant of the control-flow integrity property that is used to detect rootkits in the Linux kernel. The aim of this project is to perform an analysis of Windows rootkits to determine whether the same CFI property can be used to detect Windows rootkits. The project requires experience with Windows and virtual machine programming.
   
   
7. Implementing a Windows Rootkit Framework
   
   The aim of this project is to understand how hackers subvert OSs. You will study how a Windows Rootkit can be built and start the initial design and implementation of a framework for implementing Windows rootkits. Talk to the instructor for ideas. You must have strong Windows programming skills.
   
   
8. Recovery via Restarting Applications
   
   The "Microreboot" paper described a method by which parts of an application are rebooted to allow recovery of the application. This approach gets rid of faulty state in the application. In this project, you will choose either a content download application (e.g., bittorrent) or an instant messaging application (e.g., gaim) and implement a recovery via "reboot" method for this application. You need to make sure that the persistent data (e.g, the music repository or the instant messages received) in the application is not lost. How fine is your reboot granularity? Can you tune it? How often is reboot possible? What types of faults or bugs can the reboot handle? How does the reboot affect user perception?
   
   
9. Application-Level Undo and Recovery
   
   The "Undo for Operators" paper implemented an undoable email service. In general, their application-level undo and recovery service requires applications whose operations have well-defined semantics and can be serialized. Another example that satisfies this criteria is a calendar service. Can you think of other such applications? Choose a calendar service or any one such application and implement an undoable service for that application. Describe the properties of this undoable application. How does application-specific recovery improve on generic recovery as described in the "Exploring Failure Transparency" paper?
   
   
10. Misconfiguration Detection
    
    The "PeerPressure" paper automatically detected misconfiguration in the Windows registry by comparing the registry entries across multiple machines. This comparison was done using a simple heuristic that determined whether a registry entry was very similar or dissimilar across machines. In this project, choose other heuristics such as clustering to determine misconfiguration. Compare this approach with the original PeerPressure approach. You can use any registry-like application.