Hacking and Information
Security Projects
236349
Contact Person:
Amichai Shulman
Mobile: 054-5885083
eMail: Shulman@imperva.com
Project 1: Throwing the Net to Catch Hackers
General Description
One of the tools used by security researchers to learn about actual attacks is to deploy a
“Honey Pot”. This is a server intentionally exposed to the Internet coupled with a
monitoring device. Any access to the server is recorded and later analyzed to capture
actual trends in hacking techniques.
While deploying a general Honey Pot to study network level attack is a relatively easy
task, doing the same with the purpose of studying web application attacks is quite a
challenging one. One of the more effective techniques for implementing a web
application Honey Pot is actually staging a proxy server.
The purpose of this project is to create and deploy a web application Honey Pot and
collect sample data.
Requirements
Given a server machine and an Internet connection, students will have to design and
deploy an application level Honey Pot.
The focus of data analysis and study of this semester is about discovery methods (how
the Honey Pot is discovered by hackers) and information proliferation (how do other
hackers know about it).
Goals
Create essential tools for the research of application level hacking techniques.
Get the chance for a sneak preview into the world of hackers and crackers, their
methodology and tools.
Prerequisites
Knowledge of TCP/IP, HTTP and HTML
Programming knowledge (preferably Java)
Computer Security Course
Project 2 - Vulnerability Detection in Oracle Database
Packages
General Description
The Oracle database server is delivered with numerous internal software modules called
“Packages”. While packages are written in a language that draws from the standard SQL
language, they are stored within the server in an obfuscated manner called “wrapped”
format.
The built-in packages in the Oracle server have been notoriously susceptible to various
types of security vulnerabilities such as buffer overflow and SQL injection. Some work
has been done recently by researchers in order to overcome the obfuscation technique and
access the original code of the packages. Yet a different type of research effort was aimed
at looking for potentially vulnerable PL/SQL code.
Requirements
Based on an infrastructure laid down by students from previous semesters, in this
semester the students will focus on the following:

Reducing false positives by distinguishing externally accessible procedure from
internal service procedures

Extending coverage by looking for chains of calls

Extending coverage to detect buffer overflow vulnerabilities

Extending coverage to detect potential Lateral SQL Injection

Looking into Oracle 11g packages
Goals
Get an understanding of coding techniques that result in security vulnerabilities.
Get the chance for a sneak preview into the world of hackers and crackers, their
methodology and tools.
Prerequisites
Acquaintance with database servers (and preferably Oracle)
Strong background in programming and debugging applications
Project 3 - Time Based Identification of Web Attackers
General Description
When an attack against a web application is detected, one of the obvious questions is who
the real source for the attack is. In particular, attackers are commonly using compromised
computers to serve as proxies for their attacks, making hard to track back the actual
attacker.
An interesting first step into identification of the actual attack source is being able to tell
whether a request is conveyed through a proxy or not, assuming of course the use of
anonymous proxies.
Requirements
The students will be required to implement and evaluate various algorithms for detecting
whether an HTTP request is being sent directly to a target server or through a proxy
server, based on timing attributes of the request and response.
The project will include analysis and refinement of 2 or 3 suggested algorithms,
implementation of the algorithms and analysis of collected data in order to evaluate the
effectiveness of the algorithms.
Goals
Get acquainted with real-life web security problems
Experiment with combining mathematical algorithms with real-life web security
solutions.
Prerequisites
Programming skills (Java or C++)
Good understanding of TCP/IP and HTTP protocols