This project explores how specialised programming frameworks called Guardrails, developed specifically for constraining large language models (LLMs), can prevent them from generating harmful, biased, or off-topic content. The goal of the project is to build simple examples using three leading guardrail frameworks implemented in Python: Guardrails AI, NeMo Guardrails from NVIDIA, and Llama Guard from … full description “A Comparative Analysis of Guardrail Frameworks for Large Language Models (available)”
Category: Systems Security
Automatic Patch-based Exploit Generation (completed)
When a vulnerability is found, it generally goes through a responsible disclosure process. This means that the vendor will be contacted to write a fix before the vulnerability is made public. The patch will be pushed to its users and the vulnerability details become public. In theory, this is a safe process for vulnerability exposure … full description “Automatic Patch-based Exploit Generation (completed)”
Autonomous Cars – Evaluation of Security Countermeasures (available)
Project Description Autonomous and connected vehicles will be a part of reality in the near future. There are many development efforts currently underway to pave the way for the deployment of autonomous vehicles (self-driving cars) in public areas. These vehicles are a collection of complex and sophisticated computational architectures. Cybersecurity is among many challenges that … full description “Autonomous Cars – Evaluation of Security Countermeasures (available)”
Building a dataset of IoT device firmwares (completed)
Performing security analysis of IoT devices is often expensive as it requires purchasing the IoT device, which is not practical at scale. To avoid this some researchers perform security analysis over the apps used by those IoT devices. Although this analysis can be useful it has some limitations as only one element of the ecosystem … full description “Building a dataset of IoT device firmwares (completed)”
Control-flow Bending POCs (completed)
Research has shifted over the years when it comes to binary exploitation. With more accurate and practical implementations of Control-flow Integrity (CFI) [1] [2] [3], the question arises as to what attack surface is still available – and how to exploit it. In particular, what attacks can be performed when staying within the boundaries of … full description “Control-flow Bending POCs (completed)”
Control-flow graphs for Automatic-Exploit Generation (completed)
Research has shifted over the years when it comes to binary exploitation. With more accurate and practical implementations of Control-flow Integrity (CFI) [1][2], the question arises as to what attack surface is still available – and how to exploit it. In particular, what attacks can be performed when staying within the boundaries of a (perfect) … full description “Control-flow graphs for Automatic-Exploit Generation (completed)”
Detecting broken security in hybrid Android apps (completed)
Many modern Android applications make use of a webview – a component providing easy access to the rendering engine and JavaScript interpreter of a full browser. The content shown by a webview can be loaded from a local resource or a remote server via HTTP and integrates seamlessly with the app. Webviews are popular with developers, … full description “Detecting broken security in hybrid Android apps (completed)”
Disassembling x86 binaries for static analysis and reverse engineering (completed)
The Jakstab static analyser for binaries automatically disassembles x86 binaries for Windows or Linux and reconstructs a control flow graph. It is particularly effective on targets that have been obfuscated with various tricks that throw off regular disassemblers such as IDA Pro. Jakstab disassembles one instruction at a time, translates it into an intermediate language, and then … full description “Disassembling x86 binaries for static analysis and reverse engineering (completed)”
Empirical evaluation of static verifiers for the Go programming language (available)
Go is a language that natively supports many constructs to synchronise concurrent threads. Because of this, developing code that contains subtle concurrency bugs is rather common. To address this problem, several groups of researchers have put forwards tools to find concurrency bugs in Go codebases. The objective of this project is to evaluate how some … full description “Empirical evaluation of static verifiers for the Go programming language (available)”
Formal Verification for Blockchains (completed)
In this project you will explore the world of formal verification andblockchains, specifically the new Ethereum 2.0 ‘Proof-of-Stake’ blockchain [1]. This is a more energy-efficient replacement for the original Ethereum ‘Proof-of-Work’ blockchain. As in any blockchain, correctness of thedistributed ‘consensus’ protocol [2] used to maintain the chain and extend it with new blocks is critical. … full description “Formal Verification for Blockchains (completed)”
Invisible Malware using Intel SGX Enclaves (completed)
A fundamental security problem when hosting applications on cloud platforms is the increased risk of sensitive data loss (e.g. due to negligent or malicious employees of the cloud provider). An exciting approach to mitigating such attacks are new trusted execution environments (e.g. Intel SGX), recently available on commodity CPUs. Intel SGX allows users to create … full description “Invisible Malware using Intel SGX Enclaves (completed)”
Security Evaluation of Broadcasting Network – Protecting the Entertainment Media (available)
Project Description With an increase in the use of internet technologies in various fields, the traditional broadcasting industry also started to adopt systems, software and services based on internet technologies to provide their contents to viewers. Most of the connected media devices deployed still tend to have a low-security threshold inherited from the era of … full description “Security Evaluation of Broadcasting Network – Protecting the Entertainment Media (available)”
Smart cars – Accident scene reconstruction (available)
Smart cars have a number of sensors monitoring the status of the vehicle and at the same time assisting the driver. These sensors traditionally monitor temperature, battery levels, etc. They are relatively simple circuits that may also alert the driver for possible vehicle damage. Some of these are also working towards collision mitigation by monitoring … full description “Smart cars – Accident scene reconstruction (available)”