The topic suggestions on this page are primarily aimed at our MSc in Computer Security and the MSc in Advanced Computer Science. Many of these projects could also be a first step towards a PhD; see also my list of possible PhD topics in Computer Science.
Trusted Platform Module versus return-oriented programming
Does the TPM help against buffer overflow attacks? At first sight, it may appear obvious that it should prevent attacks that inject malicious code. However, advanced buffer overflow attacks re-use existing code "gadgets" to construct a malicious interpeter for arbitrary code. Hence, the TPM may not be as effective in this regard.
Google Native Client
The project is a case study about using Google Native Client.
How secure are apps in Android or the iPhone? Specifically, how effective are the sandboxing techniques used, and could code transformation or analysis be used to enhance security?
Safer programming languages as an alternative to C
Some modern programming languages are designed to be suitable for writing code that would traditionally be written in C, but without the security problems that are widespread in C code. A project could be based on a case study, such as porting C code to a safer language. Some previous projects have successfully done so for Cyclone. Another language that would be interesting in this regard is the Go programming language under development at Google.
Security of anti-virus software
Anti-virus software is marketed aggressively, despite the fact that it is highly invasive (comparable to root kits) and so poses significant security risks itself. The recently published buffer overflow in Clam AV is a case in point. This project aims to assess the security risk (and other consequences) of AV software, ideally by auditing some open-sourcve AV (as it may be unfeasible to find information on commercial products, although using a debugger is a possibility). It is not necessarily expected that an actual exploit is found, but that the risk is put in perspective.
Using Java annotations for security
This project aims to use annotations in Java code to document good secure coding practice and to enable automatic tools to check this.
Economics of software security
One explanation of why computer security is so bad involves economic factors. Some of the relevant buzzwords from microeconomics are incentive incompatibility and information asymmetry. For instance, the cost of insecure code is often borne by someone else (a negative externality). Yet software engineering and software security lifecycles do not seem to take such problems into account. What happens when there are security holes in libraries or third-party components? Can things like contracts be extended with security guarantees to address security externalities?
Security implications of Java RMI
In Java, distributed systems can be programmed using Remote Method Invocation (RMI). As RMI can lead to dynamic class loading, there is a risk of malicious code injection, so that appropriate security checks need to be used. This project investigates techniques for doing so, focusing on passing remote and non-remote objects back and forth between client and server. A possible result of the project could be to identify Design Patterns for using RMI securely.
Understanding Java stack inspection
Stack inspection in Java is designed to prevent malicious code from mounting the "confused deputy" attack by calling methods to do its bidding. Stack inspection is a relatively new and in some ways ad-hoc mechanism. There is an active area of research that tries to put it into a more systematic framework for access control. The aim of this project is to review and build on this literature. Hence the project is largely dissertation, but it should include code examples.
Aspect oriented programming for security
Aspects can evidently be used for secure programming, such as adding access control to code. As aspects are a fairly new technology, it is not entirely clear how useable or scalable aspects are in this role. This projects examines some case studies of aspects for security and evaluates them. Ideally, aspects for security should also be compared to alternative forms of access control, such as Java stack inspection.
Defending against command injection attacks
One of the main avenues of attack on web applications consists of injection of SQL statements. Some recent research has developed defences against such attacks, based on parsing to check whether the input violates assumptions made by the programmer. The aim of this project is to build on the research, and perhaps to apply it to other relevant web technologies, apart from SQL; perhaps eval functions and the like.
Software security audit
We have had a very successful MSc project in which the code of a small software company was audited for security following the methodologies of Dowd et al and McGraw. It would be nice to have such projects again; the main difficulty is to find companies that are willing to trust a student with their code base. (The results would not be made public and only read by the supervisor and second marker.)
Game theory in computer security
Computer security can lead to arms races between attack and defence. For instance, some compiler techniques defend against the more straightforward kinds of stack buffer overflow; and in response, attackers use more devious attacks, leading to further defences. Game theory was developed to deal with strategic behaviour between adversaries (as in the Cold War). Can Game theory shed some light on this ongoing interaction between attacker and defence? Can it tell us how to get the most value for money in computer security?
To avoid having web content plagiarized, one may render the source unreadable by automatic obfuscation. This project should use a parser generator (like ANTLR, SableCC, JavaCC,...) to read the web source code, and then produce an obfuscated version.
Security in on-line games
Attacks on on-line games are predicted to be a growth area of computer insecurity. This project consists of cases studies of such attacks, focusing on the particular technical challenges of online games, such as distributed, highly concurrent software. For instance, race conditions could be an issue.