Below are some example projects. . For each project, we will be applying a real attack, then we will detect it, and we will demonstrate how to mitigate these attacks.
First, you will be proposing a team and a proposal paragraph on your project where you will be explaining which environment you are targeting, what kind of attacks you will be applying, how you are planning to detect and also mitigate them. I will be reviewing your submissions and accept or deny your proposals with some feedbacks. Upon successful acceptance, you can work on your project. At the end of the semester, you will be writing a full report and you will be uploading all your codes, examples, etc. with a detailed readme file.
1. PDF file scripting attack: In this project, the team will create malicious pdf files that will execute a malicious script when opened. The team will also demonstrate a defence mechanism against this attack.
2. Ransomware attack & protection: The team will be applying a ransomware attack scenario: The victim will download a malicious code and the ransomware will affect the system. Also, a defence mechanism needs to be demonstrated.
3. Buffer overflow attack: You will be applying a buffer overflow attack and demonstrate how it can give access to the attackers, how we can prevent, and defend our environment against such attacks.
4. Defense against Distributed Denial of Service (DDoS) Attacks: In this project, the team will show different techniques to detect and protect against DoS attacks. The team will create a DoS attack library with minimum 3 different types of attacks and demonstrate a defence algorithm.
5. Browser attacks: In this project, the team will create a malicious website that will infect a chosen web-browser (e.g., Firefox). A mitigation method will be also demonstrated.
6. ID management: Finding/implementing multiple different authentication mechanisms (username, password, 2-factor authentication, biometrics, and more), showing their pros and cons, combining them to create secure ID management.
7. Blockchain-based solutions: Implementing blockchain-based mechanism for storage, identity or computation, etc. along with the attack scenarios and possible mitigations.
Any other project ideas are more than welcomed but not guaranteed to be accepted.
The abstract will have three things: title, project team members, and one paragraph abstract explaining your approach for your project.
A small report will be provided showing what has been accomplished, what problems are solved, etc. This will be a report showing your current state and if you will be able to finish the project. This report will be at max half a page.
The final report will be submitted in PDF format showing your problem statement, your approach, your solution, your experiments, your results, and a summary/conclusion. This will be like a conference paper. You will be also uploading the system all your codes, files, examples with a readme file.