Applied Security Analysis (IN4253ET)
About this courseIn this course, you will gain practical experience in assessing the security and vulnerabilities of IT systems. You will perform an evaluation of the design and the security of a real-world IT system. In case of a security issue, you will develop a proof-of-concept exposing a vulnerability, and go through the process of responsible disclosure with the vendor.
The course is done team-oriented, in a group of up to four students. Students can select from a wide range of available project topics (which have been curated before for feasibility) within the first week. In the first lecture, all of the topics are presented and teams are formed, afterwards each team has individual one-one-one meetings with the instructor and domain coach.
The goal of this course is to learn the process of security analysis on a small scale, and to create awareness for our dependency on IT systems and the impact of vulnerabilities that could be embedded within. Examples of past projects:
- Firmware and Supply Chain Security: modification of the firmware of a networking card so that it processes network traffic and react to specifically crafted packets containing commands. In this example, a malformed magic packet that is normally dropped by the network lets the malicious networking card modify the login routines so that anyone can log in as root. Can we trust the hardware and peripherals we connect to PCs?
- Metadata Leakages: devices and communication protocols frequently leak large amounts of meta-data which allows the unique identification of its owners possible. To create awareness and make this problem tangible for end users, in this project we developed a portable sensor that collects the probe packets sent out by WiFi devices and correlate these against publicly available data. At an information display, users could see what their devices leaked about them and show a guess on their identity.
- Communication Protocol Security: smart locks offer flexibility in granting and changing user access permissions. In this project, we did a cryptographic analysis of the authentication protocol of an electronic lock, and discovered that the authentication actually allowed an eavesdropper to assemble copies of the key. A PoC was created, and the project ran through the vulnerability disclosure process with the manufacturer.