CS266 Spring 2015 SRE Project Ideas

Note: You may choose your platform: Windows, Mac, Linux, iOS, Android, etc..

1. Bytecode or machine code visualization/analysis tool.

2.
Bytecode or machine code automated patching tool.

3.
Bytecode or machine code obfuscation tool.
    3a.
Source code obfuscation.
    3b.
Bytecode or machine code obfuscation.
        3b1.
Control-flow obfuscation.
        3b2.
Computational obfuscation (protect conditional statements against live analysis).

4.
Tool for applying protections against decompiling or debugging bytecode or machine code.
    4a.
Opaque predicates (static analysis).
    4b.
Control-flow (static and live analysis).

5.
Enhance an existing tool that does any of the above (1-4) and contribute it to open source.

6.
Create a plug-in for OllyDbg, IDA pro that aids in static or live analysis of machine code.

7.
Augment an existing binary with new functionality using code injection.
    7a. A couple of code injection tools you may want to try:
        7a1. Frida which uses JavaScript to inject code into machine code.
        7a2. Dyninst which is introduced in this paper.

8.
Monitoring tool that leverages intrusion detection techniques to determine whether a system is compromised.
    8a.
Establish and continually recompute what constitutes *normal* usage of a system.
    8b.
Use native APIs to monitor processes, files, networks to detect abnormal usage and alert the user.

9.
Editor/visualization tool for proprietary file formats (reversing file formats).
    9a.
*.docx, .pptx, mp3 tags (ID3V2), mp4 etc...
       
Note that ID3V2 has dynamic offsets.

10.
Load client-side or server-side encrypted scripts (bootstrap).
    10a. JavaScript, Python, Ruby, Perl.