Design/Implementation Labs
The objective of the design/implementation labs is to
provide students with opportunities to apply security principles
in
designing and implementing systems.
They help students achieve learning by system development.
- Capability Lab: design and implement
a capability-based access control system (a comprehensive project) for Minix.
- Role-Based Access Control (RBAC) Lab
(New):
design and implement an integrated access control system (for Minix)
that uses both
capability-based and role-based access control mechanisms (a comprehensive
project for access control).
- Encrypted File System Lab
(Recently Revised):
design and implement an encrypted file system for Minix (a comprehensive project).
- Set-RandomUID Lab: design and
implement a simple sandbox for Minix.
- IPSec Lab:
implement the IPSec protocol (simplified) for Minix (a comprehensive
project).
- Firewall Lab
(New):
implement a simple firewall (called minifirewall) for Minix.
- Address Space Layout Randomization (ASLR) Lab
(New):
randomize stack and heap in Minix to improve security.
Exploration Labs
The objective of the exploration labs is two-fold: the first is
to enhance students' learning via observation, playing and exploration, so
they can see what security principles ``feel'' like in a real system;
the second objective is
to provide students with opportunities to apply security principles
in
analyzing and evaluating systems.
The exploration labs provide a feasible means by which the students have
"a direct encounter with the phenomena being studied rather than merely thinking
about the encounter, or only considering the possibility of doing something
about it".
- Set-UID Lab:
explore the Set-UID
mechanism and the vulnerabilities of Set-UID programs.
- SYN Cookies Lab
(New):
explore the SYN Cookies mechanism in Linux.
- Pluggable Authentication Modules (PAM) Lab:
explore a flexible authentication technique.
- RBAC Exploration Lab (under development)
- Capability Exploration Lab (under development)
- Encrypted File System Exploration Lab (under development)
- IPSec and VPN (Virtual Private Network) Exploration Lab (under development)
- Intel 80386 Protection Mode Exploration Lab (under development)
Vulnerability and Attack Labs
People learn from mistakes. In security education, we study mistakes
that lead to software vulnerabilities. Studying mistakes from the
past not only help students understand why systems are vulnerable, why
a "seemly-benign" mistake can turn into a disaster, and
why many security mechanisms are needed. More importantly,
it also helps students learn the common patterns of vulnerabilities,
so they can avoid making similar mistakes in the future.
Moreover, using vulnerabilities as case studies,
students can learn the principles of secure design, secure programming,
and security testing.
(1) Software in general
-
Buffer Overflow Vulnerability Lab:
exploit the buffer overflow vulnerability.
-
Return-to-libc Attack Lab (New):
exploit the buffer-overflow vulnerabilities using return-to-libc attacks.
-
Format String Vulnerability Lab:
exploit the format string vulnerability.
-
Race Condition Vulnerability Lab:
exploit the race condition vulnerability.
- Chroot Sandbox Vulnerability Lab:
explore how the chroot sandbox can be broken.
-
Input Validation Vulnerability Lab: exploit the vulnerabilities
caused by incorrect/missing input validation.
- Misc. Vulnerability Lab (an old lab
that we developed before): identify and exploit various vulnerabilities.
(2) Network Protocols
- ARP/IP/ICMP Attack Lab:
exploit the vulnerabilities of the ARP, IP, and ICMP protocols.
- TCP Attack Lab: exploit the vulnerabilities
of the TCP protocols.
- DNS Pharming Attack Lab
(New):
exploit the vulnerabilities of the DNS protocol to
launch Pharming attacks.
(3) Web Applications
-
Cross-site Scripting Attack Lab
(New):
exploiting cross-site scripting vulnerabilities.
-
SQL-Injection Attack Lab: experience the SQL-Injection attacks
Other Labs that we plan to develop
- Access Control List Lab
- Reference Monitor Lab:
explore the reference monitor of Minix.
- Mandatory Access Control Lab (Simplified from SELinux)
- Jail Sandbox Lab (Simplified from FreeBSD).
- Sniffer Lab
- Firewall Lab
- Routing Security Lab
- Intrusion Detection Lab
- Kerberos Lab