4MMSR-Network Security 2012-2013-other random ideas

• • Comparison of Web Client Side Vulnerabilities Fuzzers
  • Antivirus Fuzzer
  • Coverage Metrics in Grey-Box Fuzzers for Memory Corruption Vulnerabilities
  • Fuzzing wireshark dissectors
  • Nintendo GameCube games backup fuzzer
• 4MMSR-Network_Security-2012-2013-antivirus_fuzzer
• 4MMSR-2012-2013-project-malware_analysis
• Malware Analysis:
  • metrics, classifications

• learning / inference:
  • analayze the exploration strategies of current ajax web-crawlers and improve one

• reversing:
  • reverse the new structures of the Windows 8 kernel

• exploit writing:
  • exploiting a recent in memory vulnerability that was disclosed max: 2 months old. Preferably on closed source programs.
  • HTML5 heap spraying [1]

• active test generation, FUZZING:
  • over the wire .. with scappy
  • wireshark dissectors fuzzer
  • the windows kernel fuzzer

• antivirus security:
  • antivirus fuzzing
  • experiment on detection limitation of at least two antiviruses
  • rooting an antivirus: read SophFail by @taviso, and apply similar techniques to the antivirus we choosed together.

TBC!!!!!!!!!

• static obfuscation:
• javascript
  • virtual machine:
• implementing a tool that obfuscate using the methods A, B, C

• forensics: ios 5 data protection

• PKIX+DNSSEC: write a state of the art and set-up an infrastructure of virtual machines implementing the following "protocols": PKI, DNSSEC, DANE, CAA (ref: DNSSEC à la rescousse de PKIX, Florian Maury (HSC), MISC n 63, Sept/Oct 2012, p76-82)

• malware classification: define metrics