Homeworks (and thesis) for the course Computer Security (02KRQ) of the Politecnico di Torino academic year 2013-2014

Prof. Antonio Lioy < lioy @ polito.it > version 1.0 of 5/12/2013
1

Homework

max grade: 27 for the written part 3 for the oral presentation (optional) report: use Latex (see example at the web site) about 30 pages (optional) PPT slides for a brief talk (15-20) can be delivered at any time but to record the grade in a certain session MUST compulsory be delivered respecting the following deadlines: 14/2/14 for recording the grade in February 2014 11/7/14 for recording the grade in July 2014 12/9/14 for recording the grade in September 2014

Homework outline

meet your tutor to define your workplan write down your workplan and send it to your tutor and the teacher for approval send periodic updates to the tutor and the teacher brief (no more than 30 lines) with clear reference to the workplan (items completed) it's possible to deliver ONE (at most TWO) draft version of the report to get feedback from the tutor/teacher: assuming that the draft is delivered well in advance of the deadline for the final version once the final report is delivered, it will be graded without any chance to further amend it please note that teacher and tutors are NOT available during August

Report skeleton

introduction and state-of-the-art description of the new technique / analyzed solution advantages and disadvantages residual risks (when applicable) experimental performance analysis if the homework included the development or use of some programming code: user manual (how-to for installation and use) programmer manual (program logic, data and functions, how-to build) bibliography / sitography SHOULD DEMONSTRATE KNOWLEDGE OF COURSE'S TOPICS without useless repetitions

Picking up an homework

contact the tutor to evaluate: your real understanding of the subject pre-requisites homeworks already assigned are marked with one or more X in the title (one X per person, up to the maximum number of people allowed for the homework)

Note about homeworks with several students

the role of each student must be clear (to get individual evaluation) at the same time, it must be clear the benefit of having done a joint homework (i.e. some common part such as a common introduction or a joint experiment)

Homework and graduation work (thesis)

your homework may be the first part of your final graduation work (a.k.a. thesis) if you want to do your thesis in the computer security area then let the teacher know this before getting the homework in this case do NOT select a specific homework but select a thesis project and contact the teacher for getting a suitable subject inside the project thesis subjects related to EU research projects often have a possible direct connection with: a stage or job at one of the project's partners pursuing a PhD title

Final notes

look for of updates of this document (e.g. subjects already assigned, addition of new subjects) each version is identified as X.Y (major.minor) the major number is changed when new subjects are added the minor number is changed when a subject is assigned to a student if you are interested in computer security but cant find a suitable subject in this list (are you kidding me?) then you can propose your own subject

Elenco dei progetti di ricerca per tesi / Possible research projects for thesis

Research projects (I)

SECURED project (www.secured-fp7.eu) medium (3 M Euro) EU project for offloading security from user terminals to a secure and trusted network element at the edge of the network partners: POLITO, Telefonica, HP, PrimeTel, UNICRI, UPC, VTT possible subjects: security policies (specification, management and translation) ontologies and automatic reasoning automatic network and system configuration of security parameters security optimization trusted network connections trusted execution environment (based on virtual machines) remote attestation requirements: C or Java programming environment: Linux (preferred) or Windows contact: LIOY or BASILE / cataldo.basile@polito.it
10

Policy-based security management

security policy system description security checker configuration generator security audit

security capabilities

security technology mapper

security deployment engine

security controls
11

Trusted Computing, i.e. what is my trust foundation?

in my network are there only my computers? my computers are running only the sw selected by me? is the sw configured in the proper way? when I use a public network (e.g. Internet) rather than a private network, am I really connected to the expected node? when I am connected to a server, how can I verify its application sw is the good one or it has been altered?

TRUST & INTEGRITY

answers: Trusted Computing (and Trusted Network Connection) TPM for desktop, MTM for mobile (or equivalent solutions) TC-enhanced Linux + trusted virtualization remote attestation & TLS

12

Components of a TC system
isolation execution in separate domains / compartments / environments

local / remote attestation proof of configuration (whole sw stack)

secure I/O towards the user among various components

protected memory hw key container data encryption data sealing

13

Research projects (II)

ASPIRE project (http://www.aspire-fp7.eu/) partners: U. Gent, Gemalto, Nagravision, POLITO, Safenet, U. East London, contact: BASILE (cataldo.basile@polito.it / 7173) topic advanced software protection project objective improve software protection with new advanced and stronger techniques precisely measure the reached level of protection target mobile platforms features work on a challenging research topic ASPIRE looks for solution against powerful Man-at-the-End attackers face with real problems from market leading companies abstract research topics are leveraged by real problems from world leading companies having high security requirements

14

ASPIRE subjects

research objectives remote software attestation software optimization empirical analysis of software protection remote attestation develop a framework to add remote attestation functionality to an existing program investigate new criteria for attesting software formal model of software attacks and protection models to understand how to protect a software given the assets given attacks and software protection dependencies optimization of software protection given the formal model, define optimization programs to select which is the best way to protect a software and we invite you to participate to contests to empirically evaluate the strength of developed software protections
15

Research projects (III)

STORK 2.0 project (www.eid-stork2.eu) large (58 partners, ~10 M Euro) EU project for interoperability of e-ID possible subjects: digital identity (SAML, XACML, id federation) public-key certificates, digital signatures, PKI e-ID implementation (smart-card, smartphones, NFC, ) e-government applications requirements: Java programming web programming environment: Linux (preferred) or Windows contact: LIOY or BERBECARU / diana.berbecaru@polito.it

17

Research projects (IV)

CLIPS project European project to be started on February 2014 security of cloud computing possible subjects: risk analysis of specific architectures integration of Stork e-ID with cloud management systems remote attestation and secure log of activities requirements: C or Java programming environment: Linux

18

Research projects (V)

TENACE project Italian project to be started in 2013 trusted and secure environment for protection of critical infrastructures (CI) possible subjects: security model of CI security policy for a CI automatic analysis / simulation of a CI requirements: C or Java programming environment: Linux

19

Elenco delle tesine / tesi proposte (in aggiunta alle tesi sui progetti di ricerca) / Possible homeworks and thesis (in addition to the thesis subjects associated to the research projects)

21

(thesis) remote attestation framework

tutor: BASILE (cataldo.basile@polito.it /7173) ASPIRE project (http://www.aspire-fp7.eu/) topic: define an architecture to deploy remote attestation protections into a software define client/server component libraries for remote attestation define some sample (basic) remote attestations e.g., hash or random walks into data and source memory pages define advanced remote attestation protection people: 1-2 references: selected documents (papers + project internal documents) outline (details to be agreed with the tutor): (Topic 1) definition of the architecture + basic remote attestations skill/background: software engineering, architecture design, API definition, C programming, basic Java programming, OS (basic), Linux (Topic 2) investigate advanced remote attestation techniques skill: C programming, OS (basic), Linux interest for theoretical security and protocols

22

(thesis) modelling software protections

tutor: BASILE (cataldo.basile@polito.it /7173) ASPIRE project (http://www.aspire-fp7.eu/) topic: define a model to describe the software protection knowledge domain including assets, attacks, attackers, software protections, compilers, etc. define methods to deduct information about this domain people: 1 references: selected documents (papers + project internal documents) outline (details to be agreed with the tutor): define a meta-model of the software protection knowledge domain e.g., an OO class diagram or an ontology define algorithms to propose how to use software protections to address protect assets, in isolation or in combination skill: software engineering, modelling, Java programming
23

(thesis) modelling networked systems

tutor: BASILE (cataldo.basile@polito.it /7173) topic: use network and vulnerability scanners to describe a networked information system for security purposes people: 1 references: selected documents (papers + project internal documents) web sites and documentation of network and vulnerability scanners outline (details to be agreed with the tutor): in-depth analysis of main network and vulnerability scanner s classification of the information they acquire generation of a system description skill: attitude for command line tools use, Linux, OO modelling, Java programming
24

(thesis) application layer conflict analysis

tutor: BASILE (cataldo.basile@polito.it /7173) topic: policy conflict analysis of application layer filters people: 1

references: selected documents (papers + project internal documents) outline (details to be agreed with the tutor): analyse main application layer firewalls features (e.g., squid, apache, l7filter) identify missing features in our conflict analysis tool complete the tool support for application layer filters publish on sourceforge and on our internal website skill: regular expressions, Java programming, attitude for theoretical computer science

25

(homework) evaluation of L7 classifier

tutor: BASILE/VALLINI (cataldo.basile@polito.it / 7173) topic: l7filter is a classifier for Netfilter purpose of this homework is to evaluate the performance of l7filter classifier people: 1 references: http://l7-filter.sourceforge.net/ http://nmap.org/nping/ outline: installation and configuration of l7filter on Linux definition of different filtering rule sets (e.g., considering rule positions, general and specific rules definition and generation of different traffic types using nping evaluation of performance according to rule sets and traffic

26

(thesis) reachability analysis tool

tutor: BASILE (cataldo.basile@polito.it /7173) topic: perform network reachability analysis by means of structured queries people: 1 references: selected documents (papers + project internal documents) outline (details to be agreed with the tutor): analyse our query syntax and propose updates model reachability queries on networked systems including firewalls, NAT and channel protection devices derive rich information (e.g., logging decisions and transformations) build the reachability tool based by extending our formal policy library already supports firewall, NAT policies and their compositions and publish it on sourceforge and on our internal website skill: Java programming, graphs
27

(thesis) firewall builder

tutor: BASILE (cataldo.basile@polito.it /7173) topic: firewall builder is a vendor independent firewall configuration management tool that lacks some advanced security analysis functionality people: 1 references: selected documents (papers + project internal documents) web site and firewall builder documentation outline (details to be agreed with the tutor): analyse firewall builder internal format evalute functionalities integrate with our tools reachability analysis policy conflict analysis and publish them as firewall builder plug-ins skill: Java programming, XML/XMLSchema

28

(thesis) EMBRANE Heleos

tutor: BASILE/LIOY (cataldo.basile@polito.it /7173) topic: Embrane heleos is a distributed software platform that exploits virtualization for agile development of application-centric network services including firewalls, VPN termination, server load balancers and SSL offload lacks advanced security analysis functionality people: 1 references: selected documents (papers + project internal documents) web site and Embrane heleos documentation direct contact with Embrane heleos developers outline (details to be agreed with the tutor): analyse Embrane heleos internal format and evalute functionalities integrate with our tools reachability analysis, policy conflict analysis, packet transformations logging and define ad hoc plug-ins skill: Java programming, XML/XMLSchema
29

(thesis) distributed packet inspection

tutor: BASILE/VALLINI (cataldo.basile@polito.it / 7173) topic: packet inspection and deep packet inspection are resource consuming tasks distributed and collaborative approach among controls improve the overall performance people: 1 references: selected documents (papers + internal documents) outline (details to be agreed with the tutor): definition of advanced techniques to select the best configurations for (deep) packet inspection (firewalls) performance evaluation of distributed approach

30

(thesis) security optimization & multi-objective problems

tutor: BASILE/VALLINI (cataldo.basile@polito.it / 7173) topic: manually deriving configurations for security mechanisms in distributed systems is a complex and error prone task automated tools can give a tangible improvement (move from satisfactory/ Whatever Works configurations to the best configurations) typical problem of competing objectives (e.g., perfomance vs. costs) people: 1-2 references: selected documents (papers + internal documents) outline (details to be agreed with the tutor): (1) definition of advanced techniques to select the best configurations for filtering devices (firewalls) (2) develop a methodology to generate optimal configurations for channel protection policies (IPsec + SSL/TLS) skill: attitude for mathematical modelling, Java programming, optimization
31

(homework) analysis of symmetric crypto algorithms

tutor: BASILE (cataldo.basile@polito.it /7173) topic: symmetric encryption algorithms are the basic building blocks of todays security classify algorithms so that automatic systems can decide what to use when policies conflict e.g., IDEA vs. RC2-128 people: 1 references: selected documents (papers + project internal documents) project (details to be agreed with the tutor): list known hash and encryption algorithm (e.g. from openssl) test performance (with openssl) evaluate strength based on online reputation, known attacks and vulnerabilities define orderings among algorithms to decide in case of conflicts
32

(homework or thesis) Timestamping

tutor: LIOY / lioy@polito.it / 7021 subject: TSP (Time-Stamping protocol) and TST (Time-Stamping Token) people: 1 (or 2 if thesis, that would include also secure NTP)

references: IETF RFC-3161 and successors openSSL-based TSP tool outline: description of the protocol and data formats experimental evaluation of an open-source implementation

33

(homework) PDF security

tutor: LIOY / lioy@polito.it / 011-5647021 students: up to 3 for signature creation, signature verification, encryption topic: analysis of the PDF format and its support for PKI-based security object: study and document the security features of PDF use a POLITO certificate to sign/encrypt a PDF document references: web tasks: technical documentation of the PDF security features how-to manual to use POLITO certificates with Acrobat prerequisites: asymmetric crypto note: may become a thesis if all work done by a single student
35

(homework) mobile OSs analysis

tutor: ATZENI (shocked@polito.it /7192) topic analysis and comparison of the security model of recently released mobile operating systems people: 1-3 co-work with Telecom Italia Lab reference: Ubuntu Touch, Firefox OS, Tizen, WebOS, project (details to be agreed with the tutor and Telecom Italia Lab researchers): theoretical analysis of the mobile OS platform practical testing on physical HW

36

(homework) innovative authentication protocol

tutor: ATZENI / shocked@polito.it / 7192 topic: the J-PAKE protocol is an innovative protocol based on Password-Authenticated Key Exchange, with a presently available implementation in OpenSSL and OpenSSH purpose of this homework is to present the features and implement a demo of what offered by J-PAKE people: 1-2 example references: grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf outline: protocol analysis and comparison with other authentication mechanisms analysis of libraries provided by OpenSSL and OpenSSH implementation of a test program using those libraries description of the work done in a programming manual

37

(homework) smartphone file system encryption

tutor: ATZENI / shocked@polito.it / 7192 topic: proliferation of powerful but easy-to-steal or to-lose devices (e.g. smartphone) increase as well needs of confidential storage. this homework aims is to analyze and evaluate the performance and the security provided by secure storage solutions, detailing the suitability in constrained environments (e.g. smartphones) people: 1 example references: http://en.wikipedia.org/wiki/List_of_cryptographic_file_systems outline: selection of suitable file systems definition and deployment of the test environment testing and analysis of the selected solutions analysis of the selected solutions

38

(thesis or homework) mobile applications danger level evaluator

tutor: ATZENI / shocked@polito.it / 7192) topic in a past thesis a framework to assess dangerousness of iOS apps has been developed. This work should be improved developing modules for smart assess of mobile applications. Furthermore, the framework should be adapted and enriched for different architectures (e.g. Android). people: 1-2 (development of iOS modules, development for non-iOS architectures) co-work with Telecom Italia Lab project (details to be agreed with the tutor and Telecom Italia Lab researchers): analysis of the state-of-the-art for application security evaluation analysis of the developed framework definition and design of novel modules implementation and testing of new modules. `

39

(thesis) formal security testing

tutor: ATZENI (shocked@polito.it /7192) topic: automatic and formal testing to asses security properties like confidentiality and integrity, particularly in large-scale software infrastructure, is a complex task. This thesis plan to improve the state of the art by automating specific steps and developing usable solution for complex software infrastructures people: 1 example references: http://dx.doi.org/10.1016/S0164-1212(97)00167-2 http://www.csc.kth.se/utbildning/kth/kurser/DD2495/natsak12/anteckningar/F8.pdf project (details to be agreed with the tutor): state of the art review identification of weaknesses design of automatable steps development of a working prototype

40

(thesis) usable security

tutor: ATZENI (shocked@polito.it /7192) topic often, security is developed not devoting proper care to usability. Since the user base is largely composed by unaware security people, this aspect have to be refined, mixing up concepts from different disciplines (e.g. cognitive science, user friendliness) to enrich the security model. people: 1-2 example references: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.89.6079&rep=rep1&typ e=pdf http://www.computer.org/portal/web/csdl/doi/10.1109/ARES.2011.115 project (details to be agreed with the tutor): critical analysis of present security models, with respect to usability development and refinement of the present usability models , with respect to tangible results like privacy preserving interfaces design and development of selected prototypes assessment of results with practical experiments (e.g. focus groups)
41

(thesis) cloud risk-analysis/management tool

tutor: ATZENI (shocked@polito.it /7192) topic during last decade, many risk-analysis (RA) methodologies have been developed. Since the large-scale adoption of cloud-based solutions, it is desirable to update the risk-analysis flow to this new paradigm people: 1 references: example of tools available in risk-analysis (e.g. Pilar: http://www.artools.com/en/index.html) and vulnerability assessment and mitigation tools (e.g. nexpose http://www.rapid7.com/products/nexpose/ ) project (details to be agreed with the tutor): analyze available RA methodologies and computer aiding tools to identify weaknesses in respect of cloud-based assessment identify weak points (in respect of cloud-based solutions) design improvements implement selected improvements

42

(homework) OpenAttestation state-of-the-art

tutor: SASSU / roberto.sassu@polito.it / 7192 topic: OpenAttestation is a framework to perform remote attestation (i.e. evaluating the integrity of a remote platform) using the Trusted Computing technology recently, a new version (2.0) has been released to the open source community, which departs significantly from the old stable version (1.6) purpose of this work is to explore the source code of OpenAttestation in order to document precisely its architecture and interactions between components people: 1 (2 for a more detailed analysis) example references: https://01.org/openattestation outline: overview of the features offered by OpenAttestation 2.0 detailed description of the architecture and interactions between components main differences between version 1.6 and 2.0 results of this study should be published in a report difficulty: 3/5 required competences: JAVA (good level), software design

43

(homework) OpenAttestation access control

tutor: SASSU / roberto.sassu@polito.it / 7192 topic: OpenAttestation is a framework to perform remote attestation (e.g. evaluating the integrity of a remote platform) using the Trusted Computing technology currently, it lacks of two important features: the possibility for the user to display in the Portal (web site) the requests he made and the results of the remote attestation the ability to filter requests depending on the users identity implementing access control for all API can be the subject for a thesis people: 1 example references: https://01.org/openattestation work objectives enhance the Portal with a new web page containing requests issued by an user store into the OpenAttestation database a user identifier obtained from SSL client authentication into the database perform SSL client auth on the Portal and filter attestation requests by user difficulty: 4/5 required competences: JAVA, TOMCAT, database, PHP 44

(thesis) Transport layer security for IoT devices

tutor: Ramunno (gianluca.ramunno@polito.it / 7081), Pastrone (ISMB) topic: design and implementation of a transport layer security mechanism for resource constrained Internet-of-Thing devices people: up to 2 site: ISMB (www.ismb.it) references http://tools.ietf.org/html/rfc4944 (6LoWPAN, also refer to RFC6282, 6775) http://www.contiki-os.org/ http://tools.ietf.org/html/rfc6347 (DTLS) http://cnds.eecs.jacobs-university.de/archive/msc-2012-vperelman.pdf http://cnds.eecs.jacobs-university.de/software/contiki-dtls/ outline analysis of existing standard solutions including DTLS security analysis design+implementation of a transport layer security mechanism for constrained devices adopting Contiki OS (extending current open source libraries) prerequisites: C/C++ programming network and wireless technologies

45