New Research Projects
- [Taken!] Analyzing CVE Trends / Predicting Vulnerabilities: When a vulnerability is found, it is categorized via Common Vulnerabilities and Exposures (CVE) and the NVD database. Information goes back as far as 1999 in csv format. Can we utilize classifiers to determine vulnerability trends and make predictions about the future? Classifiers can include severity level, access vector, complexity, class of vulnerability, class of affected applications, and more. Having taken the Intelligent Systems class would be helpful with this project.
- Defeating cryptoware/ransomware attacks: Can we write an open-source anti-malware program to detect and stop ransomware based on patterns of file system behavior? The student involved in this project must first research exactly how ransomware works, identify a type of ransomware to protect against, design an app or kernel driver with sufficient privelage to take action that cannot be killed, and test the app or kernel driver in a virtualized environment.
- [Taken!] Creating new LAMP Security CTF machines and walkthroughs: (Note, this project is suitable for a NaSA major but not CS BS due to the concentration.) LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach linux,apache,php,mysql security. Unfortunately, many of the virtual machines and applications used are older. This project would involve creating two new virtual machines and documentation to teach various pen testing methods (similar to CTF4 and CTF5), as well as creating a new vulnerable virtual machine (similar to CTF9) with no solution documentation. The new CTF virtual machines must be running up-to-date operating systems with reasonably-recent applications. In addition, at least one of the CTF virtual machines must have a non-web-based vulnerability. The new CTF machines must have roughly the same amount of activities/services as the old machines. You must have taken System Security or had CTF experience to do this project.