ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Project CodeFaculty NameProject TitleAbstractPre-Requisites
2
ProjCode-001 Prof. Saravanan Vijayakumaran Building Light Clients for Blockchains using Folding Schemes
Blockchain light clients are resource-constrained devices which rely
on full nodes to get information about the state of the blockchain. Malicious
full nodes can mislead light clients that can result in loss of funds for users.
This can be avoided if full nodes provide a SNARK proof of the correctness of
the state they supply to light clients. Existing constructions from teams like
ZeroSync and Succinct Labs require a computationally intensive recursive SNARK proof for every block. Folding schemes like Nova and SuperNova can be used to fold the statements for all blocks into a single statement, potentially reducing the prover's computation by an order of magnitude. The goal of this project is to build light clients for Bitcoin and Tendermint-based chains using folding schemes like Nova and SuperNova.
1. Basics of Cryptography and Blockchains,
2. Experience with Rust
3
ProjCode-002 Prof. Biswabandan PandaTracking and Mitigating Row-Hammer Attack in Data CentersThe Row-Hammer attack on modern DRAM systems is here to stay as the number of row activations required to induce a DRAM bit flip (Row-Hammer threshold) is following a trend of concern: 100K activations in 2014 to a few hundred activations in recent years. Hardware mitigations of Row-Hammer attacks need a Row-Hammer tracker that can track the DRAM row activations, and trigger the Row-Hammer mitigation.
Prior approaches on Row-hammer tracking and mitigation have been proposed for desktop systems and show good promise in terms of performance, storage, and security guarantee. However, these techniques are not evaluated in data centers, where row-hammer is a bigger problem. The goal of this project is to design scalable Rowhammer tracker and mitigation techniques for data center memory systems.
Through this project, you will be working with PhD and MS students of the CASPER research group, who are working on mitigating Rowhammer attacks with minimum performance and storage overhead. The project outcome will lead to a publication at top computer architecture and security conferences (https://www.cse.iitb.ac.in/~biswa/forums.html). Students can audit CS683 and CS773 as part of the pre-doc program.
1. Good programming skills in C/C++, scripting using Python and other tools
Tools/simulators of interest: https://github.com/ChampSim/ChampSim

2. Basics of processor, cache, and DRAM organization and architecture.
https://www.cse.iitb.ac.in/~biswa/courses/CS305/schedule.html
Lectures: 29, 30, 31, 38, 39

3. Basics of Rowhammer attacks and its mitigation:
https://people.inf.ethz.ch/omutlu/pub/onur-RowHammer-UBC-Sep-20-2022-withbackup.pdf


4. Intro. to architecture security: https://eprint.iacr.org/2016/613.pdf
4
ProjCode-003Prof. Biswabandan PandaDesigning Secure Memory hierarchies in the world of unknown transient execution attacksAttacks like Spectre and Meltdown have opened Pandora’s box called transient microarchitectural attacks, which is here to stay thanks to 30 years of microarchitecture innovations that led to these attacks. With recent attacks like Phantom, it is an unknown world with unknown attack vectors. On top of that, recent mitigation techniques have been compromised in the form of new attacks, leading to a cat-and-mouse game between attacker and mitigation techniques. State-of-the-art mitigation techniques are heterogeneous in nature that use multiple mitigation techniques causing significant performance and power overheads. The goal of this project is to design a secure memory hierarchy keeping all the attack vectors (even the unknowns) in mind. The project outcome will lead to a publication at top computer architecture and security conferences (https://www.cse.iitb.ac.in/~biswa/forums.html). Students can audit CS683 and CS773 as part of the pre-doc program.1. Good programming skills in C/C++, scripting using Python and other tools
Tools/simulators of interest: https://github.com/ChampSim/ChampSim

2. Basics of processor, cache, and DRAM organization and architecture.
https://www.cse.iitb.ac.in/~biswa/courses/CS305/schedule.html
Lectures: 29, 30, 31, 38, 39

3. Basics of Rowhammer attacks and its mitigation:
https://people.inf.ethz.ch/omutlu/pub/onur-RowHammer-UBC-Sep-20-2022-withbackup.pdf

4. Intro. to architecture security: https://eprint.iacr.org/2016/613.pdf
5
ProjCode-004 Prof. G SivakumarEngineering a SOC with FOSS toolsDesigning and implementing a scalable, plug and play architecture to integrate the best of breed FOSS tools into a harmonious centralized Security Information and Event Management system. The goal is to develop a Linux distribution that allows easy and reliable deployment Security Operations Centre (SOC) customizable to the needs of various organizations. 1. System and Network Security,
2. Security Protocols,
3. Linux, Virtual Machines, Containers,
4. Programming Language : Python/Java/C++
6
ProjCode-005 Prof. Chethan Kamath,
Prof. Sruthi Sekar
& Prof. Manoj Prabhakaran
Theoretical cryptography In this project, we will explore cryptography from a theoretical perspective. The typical work-flow involves reading research papers, identifying
open problems in them, and then attempt to solve them. Some of the potential sub-areas are proof systems (e.g., zero-knowledge proofs, SNARKs) and multi-party computation (MPC).
1. Discrete mathematics
2. Probability
3. Basic knowledge of cryptography is a plus
7
ProjCode-006 Prof. Chethan Kamath,
Prof. Sruthi Sekar
& Prof. Manoj Prabhakaran
Applied cryptographyIn this project, we will look at some protocols deployed in the real world, and then try to ascertain its security. The typical work-flow involves identifying real-world protocols, abstracting it out, and then modelling and analysing its security. Some of the potential sub-areas are secure messaging (e.g., Signal) and verifiable delay functions.1. Discrete mathematics
2. Familiarity with programming languages
3. Basic knowledge of cryptography is a plus
8
ProjCode-007 Prof. Kameshwari ChebroluPractical and Upbeat Labs for Security Education (PULSE)

Our goal is to develop auto-graded security labs covering a range of security topics that can run on the cLab platform. Topics include: web security, network security, OS security, hardware security, enterprise security, popular open source security tools etc. These labs will be conducted at scale, across different student operating systems with minimal setup costs and with support for automated assessment. To support security labs, the platform needs to be extended to support multi-containers, per-student environment customization, and obfuscation to prevent students accessing lab internal client-based evaluation scripts! Work would involve digging into a variety of security topics, understanding the same and creating lab content, environment and autograders for the same. In addition, also work on the platform to extend it to support the created labs as mentioned above.
1. Strong interest in security
2. Solid CS background in core CS subjects like networks, OS, web.
3. Security background and knowledge of open source security tools/platforms like Mitre att&CK, OSSIM, OSSEC, Metasploit, pen-testing etc desirable, though not essential
4. Good coding skills specifically knowledge of Linux, System administration, bash scripting, python
5. Knowledge of Django rest framework, Electron, React, docker, docker networking
9
ProjCode-008 Prof. Vinay RibeiroIncentivizing peers in blockchain P2P networksCurrent permissionless blockchain systems are built on peer-to-peer networks. They function on the assumption that an honest group of peers form a connected network. For example, peers are expected to forward information to others without censoring and without much delay. In this project, we will develop an incentivization scheme so that rational peers will be encouraged to behave honestly.1. Knowledge of game theory,
2. Peer to peer networks, and
3. Blockchains would help
10
ProjCode-009 Prof. Varsha Apte
Secure Conduct of Programming Lab Exams
EvalPro (Evaluation of Programming Assignments) is an Autograder for programming assignments in a home-grown course management system (Bodhitree) at IIT Bombay.
The autograder application often needs to be used in an 'exam' setting for
selection sets, or midterm or final exams in programming lab courses. In such a situation, there is a need for running a 'secure' exam where
(1) external browsing is not permitted
(2) copying between candidates or from anywhere else should be prevented
(3) submission of the programme from outside the exam hall should be disallowed.
Other requirements include ensuring secure exams even in the presence of disruptions such as lab machine failures or server failure.
In this project, you will explore designs to solve these security issues, and
implement them in EvalPro.
1. Good programming skills, preferred:
2. familiarity with Django-Python and React,
3. Good aptitude and
4. Knowledge in systems and networks
11
ProjCode-010Dr. Kshitij JadhavHIerarchical FEDERAted Learning for the INdian healthcare SYSTem (HI-FEDERAL-INSYST)The decentralized nature of healthcare data contributes to the difficulty in implementation of Machine Learning (ML) in the hospital ecosystem. A new method, Federated Learning (FL) has emerged as a promising solution enabling a central entity to gather insights from decentralized sources without sharing raw data. However, even application of FL in the Indian healthcare system presents unique challenges. Firstly, the data sharing rules vary within and outside organizations, leading to a complex hierarchy of trust. Secondly, different healthcare facilities use varied data acquisition devices and protocols, leading to disparities in data distribution. Thus, the decentralized nature of healthcare data and the hierarchical structure of the Indian healthcare system pose significant obstacles to the successful application of ML and classical FL.
To address these challenges, we propose a partially decentralized FL design. Our research will focus on resolving the following key questions: 1) how to design a hierarchical communication topology and aggregation algorithms across different data distributions, 2) how to reason about different levels of privacy and convergence across different levels of hierarchy, and 3) rigorously evaluate the effectiveness of our proposed FL algorithm and other federated learning algorithms on healthcare datasets within a hierarchical topology.
1. Good knowledge of Python
2. Basic understanding of Federated Learning
12
ProjCode-011Prof. Vinay Ribeiro &
Co - advisor - Prof. Devashish Gosain
A longitudinal study of Internet-wide scansNetwork ports are gateways through which data flows in and out of a device
over a network. Each port is associated with a specific service or
protocol. For example, port 80 is commonly associated with HTTP (web)
traffic, while port 22 is with SSH traffic. Port scanning is a technique for discovering open computer or networkdevice ports. While malicious actors often use such scanning to findvulnerable systems, it's also a legitimate tool for network professionalsto troubleshoot network issues and bolster system security.
The existing body of literature has thoroughly defined a taxonomy for port scanning, detailing various scan types and techniques. Numerous scanning
tools exist, such as Nmap, Zmap, and Masscan, each potentially yielding different outcomes, mainly when scans originate from diverse geographic locations. Thus, our research aims to conduct a longitudinal measurement study to understand how factors like geographic variation, scanning frequency, and potential firewall interference impact the effectiveness of Internet-scale scans.
The project outcome can lead to a publication at top computer measurements or security conferences (e.g., IMC, PAM, NDSS, Usenix Security, etc.)
1. Good programming skills in C/C++
2. scripting using Python and other tools
3. Knowledge of Computer Networks
4. https://nmap.org/
5.https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_durumeric.pdf
6. https://jhalderm.com/pub/papers/zmap10gig-woot14.pdf
7. https://arxiv.org/pdf/2303.11282.pdf
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100