The following projects are presented in alphabetical order on the supervisor's last name:

Supervisor: Suprakash Datta

Required Background: CSE4480 prerequisites

Description

A key infrastructural problem in wireless networks is localization (or the determination of geographical locations) of nodes. A related problem is the tracking of mobile targets as they move through the radio ranges of the wireless nodes.

If security is not a concern, then any of numerous existing algorithms can be implemented to get reasonably accurate location estimates of nodes or targets. These algorithms typically involve nodes sharing locations and assume that there are no malicious nodes and no privacy issues in sharing locations. However, localization or target tracking in the presence of malicious nodes or nodes that do not wish to disclose their locations is much more difficult.

This project will look at current research on localization algorithms. The student will read papers to learn about existing work and then implement a few algorithms to compare their performance. Then, with assistance from the supervisor, (s)he will attempt to propose improvements and/or combinations of ideas from the papers in a Java/C/C++/MatLab simulator.

Expected learning outcomes: Apart from familiarity with the current literature, the project will provide the student an introduction to scientific research and analysis of experimental data.

Skills required: Proficiency with one of Java, C, C++, MatLab; interest in developing algorithms for distributed systems; interest in experimental approaches to problems.

References:

1. Multiple target localisation in sensor networks with location privacy, Matthew Roughan, Jon Arnold· Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks (ESAS'07), Springer-Verlag, 2007

2. Defending Wireless Sensor Networks against Adversarial Localization, Neelanjana Dutta, Abhinav Saxena, Sriram Chellappan, Proceedings of the 2010 Eleventh International Conference on Mobile Data Management (MDM '10).

Supervisor: Natalija Vlajic

Required Background: CSE4480 prerequisites

Description

Distributed Denial of Service (DDoS) attacks are recognized as one of the most serious threats to today's Internet due to the relative simplicity of their execution and their ability to severely degrade the quality at which Web-based services are offered to the end users. An especially challenging form of DDoS attacks are the so-called Application-Layer DDoS attacks. Namely:

1. In Application-Layer DDoS attacks, the attackers utilize a flood of legitimate-looking Layer-7 network sessions (i.e., sessions that are generally hard to detect and/or filter out by a firewall or an IDS system)
2. Increasingly, these sessions comprise HTML requests generated by a cleverly programmed crawler that executes a semi-random walk over the web site links, thereby attempting to appear as a legitimate human visitor.

The goal of this project is to investigate the state of the art in malicious web crawler design. In particular, the project will look into the challenges of designing a smart-DDoS-crawler from the attacker point of view - one of these challenges being the estimation of web-page popularity assuming no a priori access to the web-logs of the victim web-site.

Supervisor: Natalija Vlajic

Required Background: CSE4480 prerequisites

Description

GFI Sandbox is a sophisticated industry-leading tool for quick and safe analysis of malware behaviour. The goals of this project are:

1. familiarize yourself with the operation of GFI Sandbox;
2. using readily available GFI Sandbox Feeds (i.e., ThreatTrack Feeds), build a database of malware designed specifically for execution of DDoS-attacks - the so-called botnet malware;
3. examine the behaviour of the collected malware 'upon execution';
4. propose and build an environment - comprising the standard freeware security tools - for longer term (beyond immediate execution) analysis of the collected malware.