Below is a list of 4080/4480 projects proposed by faculty members for Summer 2021. More project descriptions may be added once they come in. Please contact the supervisor directly you are in interested in a project. You can also contact faculty members individually to discuss possible projects. Click here to see a list of faculty members, their research areas and their contact information.

Supervisor: Jonatan Schroeder

Contact: jonatan@yorku.ca

Unit testing platforms like JUnit and Unity provide a simple interface to evaluating the correctness of individual functions in a large project. These platforms can also be used in an academic environment to automatically test student-submitted code in programming assignments and generate a grade based on if these tests pass or fail. However, given that these platforms were originally developed for running code that is expected to be trusted, this practice can lead to a potential risk if students are able to provide code that causes the test to pass without resulting in the expected value (see https://www.seas.upenn.edu/~hanbangw/blog/hack-gs/). While most modern autograding platforms introduce security practices to avoid this kind of code from receiving a valid grade, some vulnerabilities still exist.

For this project you will strengthen the security of an autograder process for C code for the PrairieLearn platform. You will start by creating possible attack vectors in the form of code that is expected to cause the autograder to pass a test without actually returning the expected results. Examples of attack vectors include code that saves or outputs well-formatted values that are interpreted by the autograder as a success, and/or crashing the original autograder process. Then you implement safeguards that ensure student-submitted code is unable to bypass container sandbox limitations, and that ensure that malicious student code does not result in a successful grade.

Required skills: Must have completed EECS 2031 with an A/A+. Must have solid programming skills in C. Ability to work independently.

Recommended skills: EECS 3221 is highly recommended. Experience with Docker containers is helpful but can be obtained during the project. Git experience is helpful.