Homeworks (and thesis) for the course Computer Security (02KRQ)of the Politecnico di Torinoacademic year 2013-2014

Prof. Antonio Lioy< lioy @ polito.it >

version 1.0 of 5/12/2013

1

Homework max grade:

27 for the written part 3 for the oral presentation (optional)

report: use Latex (see example at the web site) about 30 pages (optional) PPT slides for a brief talk (15-20’)

can be delivered at any time but – to record the grade in a certain session –MUST compulsory be delivered respecting the following deadlines: 14/2/14 for recording the grade in February 2014 11/7/14 for recording the grade in July 2014 12/9/14 for recording the grade in September 2014

2

Homework outline meet your tutor to define your workplan

write down your workplan and send it to your tutor and the teacher for approval

send periodic updates to the tutor and the teacher brief (no more than 30 lines) with clear reference to the workplan (items completed)

it's possible to deliver ONE (at most TWO) draft version of the report to get feedback from the tutor/teacher: assuming that the draft is delivered well in advance of the deadline for the final

version once the final report is delivered, it will be graded without any chance to further

amend it please note that teacher and tutors are NOT available during August

3

Report skeleton introduction and state-of-the-art description of the new technique / analyzed solution advantages and disadvantages residual risks (when applicable) experimental performance analysis if the homework included the development or use of some programming code:

user manual (how-to for installation and use) programmer manual (program logic, data and functions, how-to build)

bibliography / sitography

SHOULD DEMONSTRATE KNOWLEDGE OF COURSE'S TOPICS … without useless repetitions

4

Picking up an homework contact the tutor to evaluate:

your real understanding of the subject pre-requisites

homeworks already assigned are marked with one or more X in the title (one X per person, up to the maximum number of people allowed for the homework)

5

Note about homeworks with several students the role of each student must be clear (to get individual evaluation) at the same time, it must be clear the benefit of having done a joint homework

(i.e. some common part such as a common introduction or a joint experiment)

6

Homework and graduation work (thesis) your homework may be the first part of your final graduation work (a.k.a.

thesis) if you want to do your thesis in the computer security area then let the teacher

know this before getting the homework in this case do NOT select a specific homework but select a thesis project and

contact the teacher for getting a suitable subject inside the project thesis subjects related to EU research projects often have a possible direct

connection with: a stage or job at one of the project's partners pursuing a PhD title

7

Final notes look for of updates of this document (e.g. subjects already assigned, addition

of new subjects) each version is identified as X.Y (major.minor) the major number is changed when new subjects are added the minor number is changed when a subject is assigned to a student

if you are interested in computer security but can’t find a suitable subject in this list (are you kidding me?) then you can propose your own subject

8

Elenco dei progetti di ricerca per tesi

/

Possible research projects for thesis

9

Research projects (I) SECURED project (www.secured-fp7.eu)

medium (3 M Euro) EU project for offloading security from user terminals to a secure and trusted network element at the edge of the network

partners: POLITO, Telefonica, HP, PrimeTel, UNICRI, UPC, VTT possible subjects:

security policies (specification, management and translation) ontologies and automatic reasoning automatic network and system configuration of security parameters security optimization trusted network connections trusted execution environment (based on virtual machines) remote attestation

requirements: C or Java programming

environment: Linux (preferred) or Windows

contact: LIOY or BASILE / cataldo.basile@polito.it10

securitycapabilities

securitychecker

configurationgenerator

securitytechnology

mapper

securitydeployment

engine

securitycontrols

securityaudit

systemdescription

securitypolicy

Policy-based security management

11

Trusted Computing, i.e. what is my trust foundation? in my network are there only my computers? my computers are running only the sw selected by me? is the sw configured in the proper way? when I use a public network (e.g. Internet) rather than a private network, am I

really connected to the expected node? when I am connected to a server, how can I verify its application sw is the

“good” one or it has been altered?

answers: Trusted Computing (and Trusted Network Connection) TPM for desktop, MTM for mobile (or equivalent solutions) TC-enhanced Linux + trusted virtualization remote attestation & TLS

TRUST & INTEGRITY

12

Components of a TC system

isolationexecution in separate

domains / compartments /environments

local / remote attestationproof of configuration

(whole sw stack)

protected memoryhw key containerdata encryption

data sealing

secure I/Otowards the user

among various components

13

Research projects (II) ASPIRE project (http://www.aspire-fp7.eu/)

partners: U. Gent, Gemalto, Nagravision, POLITO, Safenet, U. East London, contact: BASILE (cataldo.basile@polito.it / 7173)

topic advanced software protection

project objective improve software protection with new advanced and stronger techniques precisely measure the reached level of protection target mobile platforms

features work on a challenging research topic

ASPIRE looks for solution against powerful Man-at-the-End attackers face with real problems from market leading companies

abstract research topics are leveraged by real problems from world leading companies having high security requirements

14

ASPIRE subjects research objectives

remote software attestation software optimization empirical analysis of software protection

remote attestation develop a framework to add remote attestation functionality to an existing

program investigate new criteria for attesting software

formal model of software attacks and protection models to understand how to protect a software given the assets given attacks

and software protection dependencies optimization of software protection

given the formal model, define optimization programs to select which is the best way to protect a software

…and we invite you to participate to contests to empirically evaluate the strength of developed software protections

15

Research projects (III) STORK 2.0 project (www.eid-stork2.eu)

large (58 partners, ~10 M Euro) EU project for interoperability of e-ID possible subjects:

digital identity (SAML, XACML, id federation) public-key certificates, digital signatures, PKI e-ID implementation (smart-card, smartphones, NFC, …) e-government applications

requirements: Java programming web programming

environment: Linux (preferred) or Windows

contact: LIOY or BERBECARU / diana.berbecaru@polito.it

17

Research projects (IV) CLIPS project

European project to be started on February 2014 security of cloud computing possible subjects:

risk analysis of specific architectures integration of Stork e-ID with cloud management systems remote attestation and secure log of activities

requirements: C or Java programming

environment: Linux

18

Research projects (V) TENACE project

Italian project to be started in 2013 trusted and secure environment for protection of critical infrastructures (CI) possible subjects:

security model of CI security policy for a CI automatic analysis / simulation of a CI

requirements: C or Java programming

environment: Linux

19

Elenco delle tesine / tesi proposte(in aggiunta alle tesi sui progetti di ricerca)

/

Possible homeworks and thesis(in addition to the thesis subjects

associated to the research projects)

21

(thesis) remote attestation framework tutor: BASILE (cataldo.basile@polito.it /7173)

ASPIRE project (http://www.aspire-fp7.eu/) topic:

define an architecture to deploy remote attestation protections into a software define client/server component libraries for remote attestation define some sample (basic) remote attestations

e.g., hash or random walks into data and source memory pages define advanced remote attestation protection

people: 1-2 references:

selected documents (papers + project internal documents) outline (details to be agreed with the tutor):

(Topic 1) definition of the architecture + basic remote attestations skill/background: software engineering, architecture design, API definition,

C programming, basic Java programming, OS (basic), Linux (Topic 2) investigate advanced remote attestation techniques

skill: C programming, OS (basic), Linux– interest for theoretical security and protocols 22

(thesis) modelling software protections tutor: BASILE (cataldo.basile@polito.it /7173)

ASPIRE project (http://www.aspire-fp7.eu/) topic:

define a model to describe the software protection knowledge domain including assets, attacks, attackers, software protections, compilers, etc.

define methods to deduct information about this domain

people: 1

references: selected documents (papers + project internal documents)

outline (details to be agreed with the tutor): define a meta-model of the software protection knowledge domain

e.g., an OO class diagram or an ontology define algorithms to propose how to use software protections to address protect

assets, in isolation or in combination skill: software engineering, modelling, Java programming

23

(thesis) modelling networked systems tutor: BASILE (cataldo.basile@polito.it /7173) topic:

use network and vulnerability scanners to describe a networked information system for security purposes

people: 1

references: selected documents (papers + project internal documents) web sites and documentation of network and vulnerability scanners

outline (details to be agreed with the tutor): in-depth analysis of main network and vulnerability scanner s classification of the information they acquire generation of a system description

skill: attitude for command line tools use, Linux, OO modelling, Java programming

24

(thesis) application layer conflict analysis tutor: BASILE (cataldo.basile@polito.it /7173) topic:

policy conflict analysis of application layer filters people: 1

references: selected documents (papers + project internal documents)

outline (details to be agreed with the tutor): analyse main application layer firewalls features (e.g., squid, apache, l7filter) identify missing features in our conflict analysis tool complete the tool support for application layer filters …publish on sourceforge and on our internal website

skill: regular expressions, Java programming, attitude for theoretical computer science

25

(homework) evaluation of L7 classifier tutor: BASILE/VALLINI (cataldo.basile@polito.it / 7173) topic:

l7filter is a classifier for Netfilter purpose of this homework is to evaluate the performance of l7filter classifier

people: 1

references: http://l7-filter.sourceforge.net/ http://nmap.org/nping/

outline: installation and configuration of l7filter on Linux definition of different filtering rule sets

(e.g., considering rule positions, general and specific rules definition and generation of different traffic types using nping evaluation of performance according to rule sets and traffic

26

(thesis) reachability analysis tool tutor: BASILE (cataldo.basile@polito.it /7173)

topic: perform network reachability analysis by means of structured queries

people: 1

references: selected documents (papers + project internal documents)

outline (details to be agreed with the tutor): analyse our query syntax and propose updates model reachability queries on networked systems including firewalls, NAT and

channel protection devices derive rich information (e.g., logging decisions and transformations) build the reachability tool based by extending our formal policy library

already supports firewall, NAT policies and their compositions …and publish it on sourceforge and on our internal website

skill: Java programming, graphs27

(thesis) firewall builder tutor: BASILE (cataldo.basile@polito.it /7173)

topic: firewall builder is a vendor independent firewall configuration management tool

that lacks some advanced security analysis functionality people: 1

references: selected documents (papers + project internal documents) web site and firewall builder documentation

outline (details to be agreed with the tutor): analyse firewall builder internal format evalute functionalities integrate with our tools

reachability analysis policy conflict analysis

…and publish them as firewall builder plug-ins skill: Java programming, XML/XMLSchema 28

(thesis) EMBRANE Heleos tutor: BASILE/LIOY (cataldo.basile@polito.it /7173) topic:

Embrane heleos is a distributed software platform that exploits virtualization for agile development of application-centric network services including firewalls, VPN termination, server load balancers and SSL offload

lacks advanced security analysis functionality people: 1 references:

selected documents (papers + project internal documents) web site and Embrane heleos documentation direct contact with Embrane heleos developers

outline (details to be agreed with the tutor): analyse Embrane heleos internal format and evalute functionalities integrate with our tools

reachability analysis, policy conflict analysis, packet transformations logging …and define ad hoc plug-ins

skill: Java programming, XML/XMLSchema29

(thesis) distributed packet inspection tutor: BASILE/VALLINI (cataldo.basile@polito.it / 7173)

topic: packet inspection and deep packet inspection are resource consuming tasks distributed and collaborative approach among controls improve the overall

performance people: 1

references: selected documents (papers + internal documents)

outline (details to be agreed with the tutor): definition of advanced techniques to select the “best” configurations for (deep)

packet inspection (firewalls) performance evaluation of distributed approach

30

(thesis) security optimization & multi-objective problems tutor: BASILE/VALLINI (cataldo.basile@polito.it / 7173)

topic: manually deriving configurations for security mechanisms in distributed systems

is a complex and error prone task automated tools can give a tangible improvement (move from “satisfactory”/

”Whatever Works” configurations to “the best” configurations) typical problem of competing objectives (e.g., perfomance vs. costs)

people: 1-2

references: selected documents (papers + internal documents)

outline (details to be agreed with the tutor): (1) definition of advanced techniques to select the “best” configurations for

filtering devices (firewalls) (2) develop a methodology to generate optimal configurations for channel

protection policies (IPsec + SSL/TLS) skill: attitude for mathematical modelling, Java programming, optimization

31

(homework) analysis of symmetric crypto algorithms tutor: BASILE (cataldo.basile@polito.it /7173) topic:

symmetric encryption algorithms are the basic building blocks of today’s security classify algorithms so that automatic systems can decide what to use when

policies conflict e.g., IDEA vs. RC2-128

people: 1

references: selected documents (papers + project internal documents)

project (details to be agreed with the tutor): list known hash and encryption algorithm (e.g. from openssl)

test performance (with openssl) evaluate strength based on online reputation, known attacks and

vulnerabilities define orderings among algorithms to decide in case of conflicts

32

(homework or thesis) Timestamping tutor: LIOY / lioy@polito.it / 7021 subject:

TSP (Time-Stamping protocol) and TST (Time-Stamping Token) people: 1 (or 2 if thesis, that would include also secure NTP)

references: IETF RFC-3161 and successors openSSL-based TSP tool

outline: description of the protocol and data formats experimental evaluation of an open-source implementation

33

(homework) PDF security tutor: LIOY / lioy@polito.it / 011-5647021 students: up to 3

for signature creation, signature verification, encryption topic:

analysis of the PDF format and its support for PKI-based security object:

study and document the security features of PDF use a POLITO certificate to sign/encrypt a PDF document

references: web

tasks: technical documentation of the PDF security features how-to manual to use POLITO certificates with Acrobat

prerequisites: asymmetric crypto

note: may become a thesis if all work done by a single student

35

(homework) mobile OSs analysis tutor: ATZENI (shocked@polito.it /7192) topic

analysis and comparison of the security model of recently released mobile “operating systems “

people: 1-3 co-work with Telecom Italia Lab reference:

Ubuntu Touch, Firefox OS, Tizen, WebOS, … project (details to be agreed with the tutor and Telecom Italia Lab researchers):

theoretical analysis of the mobile OS platform practical testing on physical HW

36

(homework) innovative authentication protocol

tutor: ATZENI / shocked@polito.it / 7192 topic:

the J-PAKE protocol is an innovative protocol based on Password-Authenticated Key Exchange, with a presently available implementation in OpenSSL and OpenSSH

purpose of this homework is to present the features and implement a demo of what offered by J-PAKE

people: 1-2 example references:

grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf outline:

protocol analysis and comparison with other authentication mechanisms analysis of libraries provided by OpenSSL and OpenSSH implementation of a test program using those libraries description of the work done in a programming manual

37

(homework) smartphone file system encryption

tutor: ATZENI / shocked@polito.it / 7192 topic:

proliferation of powerful but easy-to-steal or to-lose devices (e.g. smartphone) increase as well needs of confidential storage. this homework aims is to analyze and evaluate the performance and the security provided by “secure” storage solutions, detailing the suitability in constrained environments (e.g. smartphones)

people: 1 example references:

http://en.wikipedia.org/wiki/List_of_cryptographic_file_systems outline:

selection of suitable file systems definition and deployment of the test environment testing and analysis of the selected solutions analysis of the selected solutions

38

(thesis or homework)mobile applications danger level evaluator

tutor: ATZENI / shocked@polito.it / 7192) topic

in a past thesis a framework to assess dangerousness of iOS apps has been developed. This work should be improved developing modules for smart assess of mobile applications. Furthermore, the framework should be adapted and enriched for different architectures (e.g. Android).

people: 1-2 (development of iOS modules, development for non-iOSarchitectures)

co-work with Telecom Italia Lab project (details to be agreed with the tutor and Telecom Italia Lab researchers):

analysis of the state-of-the-art for application security evaluation analysis of the developed framework definition and design of novel modules implementation and testing of new modules.

� `

39

(thesis) formal security testing

tutor: ATZENI (shocked@polito.it /7192) topic:

automatic and formal testing to asses security properties like confidentiality and integrity, particularly in large-scale software infrastructure, is a complex task. This thesis plan to improve the state of the art by automating specific steps and developing usable solution for complex software infrastructures

people: 1 example references:

http://dx.doi.org/10.1016/S0164-1212(97)00167-2 http://www.csc.kth.se/utbildning/kth/kurser/DD2495/natsak12/anteckningar/F8.pdf

project (details to be agreed with the tutor): state of the art review identification of weaknesses design of automatable steps development of a working prototype

40

(thesis) usable security

tutor: ATZENI (shocked@polito.it /7192) topic

often, security is developed not devoting proper care to usability. Since the user base is largely composed by unaware security people, this aspect have to be refined, mixing up concepts from different disciplines (e.g. cognitive science, user friendliness) to enrich the security model.

people: 1-2 example references:

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.89.6079&rep=rep1&type=pdf

http://www.computer.org/portal/web/csdl/doi/10.1109/ARES.2011.115 project (details to be agreed with the tutor):

critical analysis of present security models, with respect to usability development and refinement of the present usability models , with respect to

tangible results like privacy preserving interfaces design and development of selected prototypes assessment of results with practical experiments (e.g. focus groups)

41

(thesis) cloud risk-analysis/management tool

tutor: ATZENI (shocked@polito.it /7192) topic

during last decade, many risk-analysis (RA) methodologies have been developed. Since the large-scale adoption of cloud-based solutions, it is desirable to update the risk-analysis flow to this new paradigm

people: 1 references:

example of tools available in risk-analysis (e.g. Pilar: http://www.ar-tools.com/en/index.html) and vulnerability assessment and mitigation tools (e.g. nexpose http://www.rapid7.com/products/nexpose/ )

project (details to be agreed with the tutor): analyze available RA methodologies and computer aiding tools to identify

weaknesses in respect of cloud-based assessment identify weak points (in respect of cloud-based solutions) design improvements implement selected improvements

42

(homework) OpenAttestation state-of-the-art tutor: SASSU / roberto.sassu@polito.it / 7192 topic:

OpenAttestation is a framework to perform remote attestation (i.e. evaluating the integrity of a remote platform) using the Trusted Computing technology

recently, a new version (2.0) has been released to the open source community, which departs significantly from the old stable version (1.6)

purpose of this work is to explore the source code of OpenAttestation in order to document precisely its architecture and interactions between components

people: 1 (2 for a more detailed analysis) example references:

https://01.org/openattestation outline:

overview of the features offered by OpenAttestation 2.0 detailed description of the architecture and interactions between components main differences between version 1.6 and 2.0 results of this study should be published in a report

difficulty: 3/5 required competences: JAVA (good level), software design

43

(homework) OpenAttestation access control tutor: SASSU / roberto.sassu@polito.it / 7192 topic:

OpenAttestation is a framework to perform remote attestation (e.g. evaluating the integrity of a remote platform) using the Trusted Computing technology

currently, it lacks of two important features: the possibility for the user to display in the Portal (web site) the requests he

made and the results of the remote attestation the ability to filter requests depending on the user’s identity

implementing access control for all API can be the subject for a thesis people: 1 example references:

https://01.org/openattestation work objectives

enhance the Portal with a new web page containing requests issued by an user store into the OpenAttestation database a user identifier obtained from SSL client

authentication into the database perform SSL client auth on the Portal and filter attestation requests by user

difficulty: 4/5 required competences: JAVA, TOMCAT, database, PHP 44

tutor: Ramunno (gianluca.ramunno@polito.it / 7081), Pastrone (ISMB) topic: design and implementation of a transport layer security mechanism for

resource constrained Internet-of-Thing devices people: up to 2 site: ISMB (www.ismb.it) references

http://tools.ietf.org/html/rfc4944 (6LoWPAN, also refer to RFC6282, 6775) http://www.contiki-os.org/ http://tools.ietf.org/html/rfc6347 (DTLS) http://cnds.eecs.jacobs-university.de/archive/msc-2012-vperelman.pdf http://cnds.eecs.jacobs-university.de/software/contiki-dtls/

outline analysis of existing standard solutions including DTLS security analysis design+implementation of a transport layer security mechanism for constrained

devices adopting Contiki OS (extending current open source libraries) prerequisites:

C/C++ programming network and wireless technologies

(thesis) Transport layer security for IoT devices

45