The Secure Software Lab offers a number of student projects. These projects are suitable for both undergraduate final-year projects and summer vacation internships.
Read up on individual project courses here, or check out all CECS projects here. Note that project ideas are often quite flexible, so if you have your own idea or would like to discuss a variant we’d love to hear from you.
Vulnerability Research and Discovery
Vulnerability research (VR) is the process of analyzing a system to find, understand, or exploit one or more vulnerabilities. In the Secure Software Lab, we are interested in developing and applying advanced program analysis techniques to improve the automation of VR. These techniques include, but are not limited to, fuzzing (e.g., improving tools such as AFL or its successors, developing new program instrumentation using the LLVM compiler toolchain), symbolic execution (e.g., building upon angr and S2E), and source/binary static analysis (e.g., developing Ghidra plugins).