Mini-Projects Track

Students may choose to either the Research Projects track or the Mini-Projects track to earn points for the “Projects” portion of the course grade. This page describes the Mini-Projects track.

Overview

While all students are encouraged to choose the Research Projects track, some students may prefer a more directed, hands on set of programming assignments. The Mini-Projects track provides a series of smaller projects that relate more directly to the course material. There is one project for each major topic focus of the course. The projects require a range of programing as well as open-ended investigation.

Project Grading

The Mini-Projects track is out of 400 points distributed as follows

Project 1: Crypto

Due: Mon Feb 15

The goal of this assignment is to provide an introduction to using cryptographic APIs. Specifically, you will need to specify a secure mode of operation (we are using GCM), correctly using initialization vectors, and ensuring both message integrity and confidentiality. You will also be getting first-hand experience in how Diffie-Hellman works, and its susceptibility to middle-person attacks.

For more details, see the assignment description.

Project 2: Network Security

Due: Mon Mar 15

The goal of this project is to learn how to perform an audit on a network with the intention to discover interesting characteristics and phenomena. The project is mostly open-ended and students will be required to be creative and learn new tools.

For more details, see the assignment description.

Project 3: Systems Security

Due: Mon Apr 12

The goal of this project is to gain practical experience with least-privilege access control policy. Specifically, you will be exploring the sandbox permissions provided by Flatpak, an emerging package distribution format for Linux desktop applications. The project emphasizes security and usability trade-offs, as well as the importance of policy specification when creating a secure system.

For more details, see the assignment description.

Project 4: Privacy

Due: Fri Apr 30

The goal of this project is to gain a deeper understanding into mobile application privacy and to develop skills for empirical investigation. Specifically, students will use the Amandroid static program analysis tool to identify privacy leaks in Android applications. Amandroid will be applied to a small corpus of applications, and a report will classify and describe the findings.

For more details, see the assignment description.