CS551: Security and Privacy on the Internet, Fall 2000
Lectures |
Manifests |
Problem Sets |
Projects |
Midterm |
Final |
Resources |
Syllabus |
Challenges |
Calendar
|
Project Ideas
This page lists a few ideas for course projects. You are not limited to projects on this list; any topic that is relevant to this course may be proposed.Design
Password RemindersMany web sites provide a means to retrieve a lost password by email. Analyze the security of this approach and explain possible attacks. Propose and implement an alternative scheme.Reputation ServerServices like eBay depend on tracking a history of individual behavior. Involvement in a number of good transactions enhances ones reputation, and the threat of bad feedback motivates people to behave well. Describe potential attacks on eBay's reputation. Design (and optionally implement) a more secure reputation service.Static Security AnalyzerDesign and build a tool that analyzes source code for a common security vulnerability.Security User InterfaceHow can reference monitors present security violations to users in a way they understand? (And not pop-up so many false alarms that users learn to reflexively ignore warnings?)Word Macro FilterProtect users from Melissa/ILoveYou type viruses.Mail Privacy FilterAnonymous SurveysDevise and implement a system for conducting anonymous surveys on the Internet.Protecting CopyrightsSecure Chat RoomSecure Internet GamblingAnalyze the trust issues for a gambling application. Design and implement a scheme for secure gambling on the Internet. Your scheme should be more secure than ASF Software's.Intellectual Property ProtectionLow-Tech CipherDesign and analyze a cipher that can be encrypted and decrypted using readily available devices. (For inspiration, see Bruce Schneier's Solitaire encryption algorithm.)Assessment
Conduct a security assessment of an existing or proposed system. Your analysis should include a description of vulnerabilities and potential attacks.Some interesting choices include:
- eBay
- PayPal (could they protect against this?)
- Cell phone protocols (GSM, CMEA)
- Microsoft's Passport protocol (see Rubin and Kormann's paper)
- Zero Knowledge's Freedom
- ZixMail (especially securedelivery.com)
- Perform a cost/security analysis of different digital money schemes
- Compare schemes for intellectual property protection: Microsoft Reader, Intertrust, etc.
- Compare commercial virus scanners
Survey
Conduct a research survey in an interesting area, such as:
- Quantum Cryptography
- Virus propagation
- Information survivability
- Denial-of-service attacks
- Active networks
- Secure Multicasting
- Tracking Intellectual Property
- Protecting Intellectual Property
- Privacy
Other Courses
You may also find some ideas for projects from other security course:
University of Virginia Department of Computer Science CS 551: Security and Privacy on the Internet |
David Evans evans@virginia.edu |