Stjepan Groš

Home
Students

Student projects

On this page you'll find information about potential projects you could work on as part of your thesis. Note that the projects here are part of the projects I'm working on, but also some exploratory projects in a sense that I'm experimenting with potential new directions.

Current and Future

Cyber Conflict Simulator

A lot of student projects are related to the project Cyber Conflict Simulator (CCS). CCS allows us to have a simulation environment in which we can experiment with different scenarios that otherwise would not be possible to experiment with. Note that CCS is not a technical level simulator, i.e. it will not replicate what's happening during a buffer overflow attack, or XSS attack, etc. Some examples of what has been worked on but also that has not yet been tackled with are:

• methods and tools of attack planning,
• methods and tools of collecting and organizing information during incident handling,
• creating parametrized environments and exercises,
• automatically generating topologies,
• connecting real world with simulation environment,
• estimating costs and damages during an incident,
• creating simulation environment based on network scans.

PSD2 security

PSD2 (description 1, description 2) is a directive by EU that requires each bank that operates within EU to open up access to accounts through standardized APIs. The intention is to foster innovation and competition in a banking sector. This opens new attack vectors towards banks, so this project is about analyzing what threats are there and how to protect from them. Banks and their users are constantly under attack by cyber criminals, so it is expected that this will also be the case with PSD2. But, since PSD2 is relatively new, and not much used at this moment, there are not many attack on it. So, one of our goals is to anticipate what cyber criminals might do.

Executing PLC firmware in a firmware

Programmable Logic Controllers (PLCs) are specialized computers used in industrial systems and critical infrastructure. As such, they represent a very important component from a security perspective who's compromise might lead to a catastrophic consequences. As an example, Stuxnet incident was actually an attack on PLCs which controlled uranium enrichment centrifuges. Even though they are used for specialized purpose, unlike "classical" computer we use every day, they share a lot of technologies from classical computers. This means that they have the same vulnerabilities, but also that common attack techniques could be applied on them as well. Yet, due to their specialized purpose, and historical developments, they are not as researched regarding security vulnerabilites as classical computers.

This project has a goal of applying fuzzing techniques to search for vulnerablities in PLC firmware and make it accessible to broad vulnerability reasearch community. In essence, the idea is to use Qemu to emulate PLC hardware and use AFL+ to fuzz the firmware.

Security of Croatian Web space

The goal of this project is to develop tools and methods to monitor Web space to detect compromised Web pages. It is supposed to be used to make project eSkole more secure. This is a hard task as compromitation can come in number of ways, some of which not known at this moment. To make things more demanding, we monitor only main pages of Web sites, i.e. we do not do a deep crawl. So, if a web site is compromised it should be determined indirectly. We have some ideas on how to do that, but this is still in a research phase. A number of diploma and bathcelor theses were writen with a goal to explore different approaches.

Combating hate speech, fakenews, misinformation, etc.

Hate speech, as well as fakenews, are a big problem today. This problem is further made hard due to relative anonymity that users can achieve. This project explores what is possible to find out from anonymous comments that users leave on different news portals.

Cyber Threat Intelligence

This is a huge area of security in which current emphasis is placed in two directions. The first direction is education of CTI analysts. The second direction is creating tools that could help CTI analysts in their jobs.

Security of a Fiscal System

In Croatia, but also a number of other countries, a fiscal system is used to combat tax fraud. Due to its heavy use, it is important to keep this system secure. In one paper I analyzed security of the whole system, and the conclusion was that the weakest links will be client implementations. To make them more secure, and thus the whole system more secure, appropriate testing framework is necessary. This project strives to define security testing protocol and implementation of an appropriate tool.

Old projects

These projects are not so actively worked on at the moment, which doesn't mean they could not be reactivated.

Cryptographic protection of data in a cloud

Machine based decompilers

Copyright(c) Stjepan Groš
Style respectfully borrowed from Blue Robot's Layout Reservoir
Last change: Sunday, 07-Aug-2022 22:40:51 CEST