Tool-based approaches to Software Security – Topics (2014)

Topic 0 – From 0 to Migrate in ?? Seconds

Advisor: Kevin Falzon

Description: System-level virtual machines (VMs) execute directly above hardware, and simulate some subset of a machine’s capabilities. One can pause a VM and resume its execution on a completely different physical machine, through a process termed migration. One may even migrate a machine while it is still executing, giving rise to live migration.
Predictably, migration, live or otherwise, comes at a cost. Your task is to quantify this cost for a number of existing virtualisation engines (ex. Xen and KVM). First, you will become familiar with the field, investigating the mechanisms and different approaches to virtualisation and migration. You must then design a series of experiments that provide a fair comparison between different frameworks. By the end of this seminar, you will have a solid understanding of hardware-level virtualisation, both theoretical and practical. In addition, you will acquire experience in designing and executing a rigorous evaluation, and in compiling a scientific report.

This task can be conducted as a group, in which case each member would evaluate a specific framework.

Topic 1 – Evaluation of Static Data Flow Algorithms

Advisor: Steven Arzt

Description: Static taint tracking is an important mechanism for detecting malware applications, especially those that detect and evade runtime scanners. There is a large variety of existing solutions in the area which all differ in their features, precision, recall, and speed. In this seminar, you will be given a set of papers as a starting point and compare the respective tools and algorithms they advertise as well as look for further papers and tools. The result will be an overview article and comparison table regarding the aspects named before.

Topic 2 – Comparison of Call Graph Algorithms for Static Analysis

Advisor: Steven Arzt

This topic requires some knowledge about call graph algorithms – either from previous lectures or as a self-study.

Description: Static taint analysis tools are nowadays used for detecting malware application in various app stores. Such large-scale analyses need to be fast, yet sufficiently precise and complete. These are however contradictory goals between which a tradeoff is required. One such possibility for a tradeoff is the choice of the call-graph algorithm.

Inter-procedural static analysis tools heavily rely on a central data structure, the call graph. There are various algorithms to compute the call graph, with different tradeoffs between precision and runtime performance. Using the FlowDroid tool, you will evaluate how such tradeoffs actually affect the outcome of real-world Android app analyses. Are imprecise algorithms always faster? Do more precise algorithms actually reduce the number of false positives? Write a short survey about your findings.

Topic 3 – Static Analysis Feature Comparison

Advisor: Steven Arzt

Description: Security analysts who want to detect malware applications are faced with time- and precision constraints. With hundreds of new applications being released every day, a malware check may not take too long. On the other hand, it is important not to overlook to many malicious apps or to reject too many benign ones. These constraints also affect the automatic analysis tools.

Most static taint tracking tools can be customized with a variety of parameters that can affect precision, recall, and performance. In this topic, you will analyze the impact of these parameters on the analysis results for real-world Android applications. How much precision is necessary not to get overwhelmed by false positives and which features can safely be disabled to improve performance? Write a report on your findings.

Topic 4 – Analysis of the Challenges of Developing Secure Software Using the Agile Approach

Advisor: Lotfi ben Othmane

Description: Several researchers claim that secure software development and the agile approach contradict; they argue about the challenges for developing secure software using the agile approach. The goal of this work is to objectively evaluate these challenges. The work would include an analysis of the validity of the argumentation that supports the claims.

Topic 5 – Evaluation of Existing Methods for Developing Secure Software

Advisor: Lotfi ben Othmane

Description: There are several methods for developing secure software claimed to be agile, such as Microsoft Software Development Life Cycle. The goal of the work is to select the most known ones and verify their claim to be agile using the literature that describes them. The work would include developing criteria to evaluate whether an evaluated method produces secure software or not and whether it is agile or not.

This topic is intended for a group of two to three students.

Topic 6 – The Current State of Android Exploitation

Advisor: Andreas Follner

Description: With Android growing more popular every year, it also becomes more attractive for hackers. In this topic you will analyse what attacks exist (e.g., code injection, RoP, data leakage, etc.), what built-in defenses Android provides to make such attacks more difficult (e.g., sandboxing, ASLR, XN, etc.), and if / how they can be bypassed. The seminar paper should focus on native code but managed code should not be disregarded.

Topic 7 – The Current State of Android Exploitation Mitigation

Advisor: Andreas Follner

Description: With Android growing more popular every year, it also becomes more attractive for hackers. In this topic you will analyze proposed solutions against Android exploitation and make a comparison of how effective they are against various kinds of attacks.

Topic 8 – Security and Advertising Models of Novel Mobile Operating Systems

Advisor: Eric Bodden

Description: Everyone knows iOS and Android by now, but many novel mobile operating systems are on the rise. Windows Phone is gaining significant market share at least in the business sector, Jolla is promoting Sailfish OS and the Mozilla Foundation their Firefox OS. Especially the latter is interesting because the Mozilla Foundation is the only promoter who plans not to base their revenue model on advertisement, and thus not on the gathering of private user data. The goal of this seminar work is to compare and contrast at least the three operating systems mentioned above, both in terms of their security model and in terms of their revenue model. Which kinds of advertisement are allowed? Which ones are found in practice? How careful/careless to these ads deal with private user data?

This is a highly scalable topic which can be given to groups of 1-3 students.

<!–

Merits and Limitation of Online Malware Analysis Services for Android Applications

The unregulated app markets and diversity of Android-based devices ensures that cyber criminals will find greater success targeting the Android platform. There exist different kinds of Android malware which is tried to be analyzed or automatically detected by various online malware services. This seminar is more of a practical nature and addresses the evaluation of different online malware analysis services such as “Anubis”. An introduction into Android malware and different online services will be given.

This topic is intended for a group of two students.

Mobile Malware Obfuscation Techniques

Good malware intends to be as unrecognizable as possible. There are different kinds of techniques for being unrecognizable against different kinds of analysis techniques. The focus of this seminar topic is more on obfuscation techniques for applications on mobile devices (e.g., Android, iOS, Windows Phone, etc.). It will cover obfuscation techniques for Android applications against anti-static analysis (e.g., callgraph obfuscation, dynamic code loading, etc.) and anti-runtime analysis techniques (e.g., debugger detection, emulator detection, etc.). The student(s) should investigate these two aforementioned techniques. They will be introduced into the topic by the supervisor.

This topic is intended for a group of two students.

An Evaluation of Reverse Engineering Tools for Android Applications

It is well known that there exists malicious applications for the Android platform. In order to understand the behavior of those applications, one needs to reverse engineer the application. There are many different kinds of reverse engineering tools for the analysis of Android applications. This topic is more of a practical nature and covers the pros and cons of different reverse engineering tools. The students should investigate the kind of detection mechanism of the tools, their limitations, their advantages and maybe some attack vectors how one could easily circumvent those. The tools are given by the supervisor.

This topic is intended for a group of two students. –>