Skip to content

Project ideas

Below is a list of project ideas. You can also find a long list of projects in previous runs of CSE 291 and CSE 227. And, of course, you are welcome to come up with your own ideas.

  • Can we solve :visited once and for all? How much of the Web will we break if we want to have a same-origin policy for history?
  • Revisit browser private modes and evaluate tracking protection mechanisms in modern browsers (e.g., Firefox and Brave).
  • Evaluate the effectiveness of Spectre-like timing attacks in deployed, noisy systems.
  • Evaluate the security guarantees of out-of-browser HTTP clients (e.g., wget, cURL, and Node.js' HTTP client) especially when compared to modern browser security. Are libraries and applications handling security exceptions (e.g., redirects to HTTP) securely?
  • Identify if implicictly-shared state in modern browsers can be used to fingerprint users, leak browsing history, etc.
  • Evaluate Site Isolation and Cross-Origin Read Blocking implementations.
  • Evaluate the effectiveness of DeterFox.
  • Implement a boring, secure-by-construction Web framework (e.g., by fleshing out Frankie).
  • Revisit binding bugs in Node.js and the findbugs in third-party code (the NPM ecosystem).
  • Are JavaScript bitcoin wallets (e.g., https://www.bitaddress.org) secure?
  • Is JavaScript crypto in the wild safe? (Some of the measurements in CT-Wasm indicate they may be prone to timing channels.)
  • Can we transparently expose SGX to Node.js or browsers (e.g., to allow applications to execute JavaScript code on user data while preserving confidentiality)?
  • Evalute if Rust unsafe code in the wild is actually unsafe?
  • Are Rust crypto implementations constant-time? Explore macro-based approach to generating constant-time code (much like FaCT).
  • Extend Rocket with security enforcement.
  • Extend our robust-library sandboxing framework to Rust.
  • Does WebAssembly make it easier to address memory and type safety for legacy, unsafe applications?
  • Build a secure package manager, potentially using ML or PL techniques to identify malicious install-time behavior.
  • Can we sandbox Haskell install-time and compile-time code? (See this for motivation.)
  • Measure the effectiveness of off-the-shelf sandboxes (e.g., FireJail) and their policies?
  • Extend the Johnny-Five IoT platform with a safety- and security-enforcement layer.
  • Evaluate the security guarantees of an existing IoT or CPS device. For example, OpenThings, August lock, Dexcom CGM, or Medtronic insulin pump.
  • Evaluate the security of building systems or critical city infrastructure.
  • Evaluate the security of vehicle-to-vehicle protocols.