Practical Lab on System and IoT Security
- Date: Oct. 22nd, 2018, 10:30
- Location: Building S4|14, Mornewegstr. 32, room 3.02.6
In this practical course, the students deal with different aspects of (mobile and IoT) system security. The projects target operating system security in general. They comprise the following areas:
- System programming in general
- Design and implementation of selected software attacks
- Design and implementation of secure applications
- Modifications of and Experiments with Linux kernel based systems
Students who want to participate in the course should
- have solid knowledge of OS concepts/architectures
- be familiar with programming and debugging in C/C++
Actual programming experience on low-level system components or embedded platforms on the OS-level are not a prerequisite, but definitively an advantage.
The programming tasks are solved in teams of 2-3 students. At the beginning of the course, a kick-off lab-session is given to present the topics. The participants are required to form teams of 2-3 students.
At the midterm of the semester, each team has to hand in a short progress report and at the end of the semester a concluding lab-session is held in which every team has to shortly present its work/results.
Participating groups must send an email to Patrick Jauernig and Tigist Abera with name and matriculation numbers of their members and a ranked list of three favorite topics, before Friday 26 October, 23:59 CEST.
|1||Kernel-aided data hiding||Tommaso, Patrick||Create a lightweight kernel context switch to hide secret data from the remaining part of the application||link|
|2||Check KPTI Patches||David||link|
|3||Software & Hardware security analysis of fitness trackers||Hossein||The students will be analysing communication protocol, firmware and Hardware of selected fitness trackers to find some vulnerabilities.||link|
|4||Mirai botnet experiment||Thien||The students will setup Mirai servers, find and infect vulnerable devices run Mirai attacks and do the same to other malware.||
1 2 3|
|5||Application-specific Fuzzing||Patrick, Tommaso||The students will create an instruction set fuzzer for ARM to discover undefined opcodes (similar to Sandsifter)||link|
|6||Implement Meltdown/Spectre Attacks||Emmanuel, Ferdinand||The students will be implementing Meltdown or Spectre Attacks||1 2|
|7||Search for data-only gadgets in applications||Emmanuel, Ferdinand||The students will use existing software tools to search for data-only gadgets in applications||1 2|
|8||Code execution exploit in browser||Tigist||The students will write a browser exploit using Metasploit Framework||link|
|9||Cache side-channel attacks||Ghada||Implement and evaluate simple cache side-channel attacks (flush-and-reload & prime-and-probe) on an architectural simulator gem5||link|
|10||Fuzzing the RIPE benchmark||Ghada, Tommaso||Fuzzing the RIPE benchmark for maximum coverage to generate a large input corpus and executing RIPE on each of the inputs to generate a dataset||
1 2 3|