Changes

Jump to: navigation, search

Security/Automation/Winter Of Security 2015

1 byte added, 19:02, 15 July 2015
Student projects
[http://mig.mozilla.org Mozilla InvestiGator (MIG)] is a digital forensics platform used by Mozilla to monitor the security of servers. MIG deploys an agent on systems that is used to maintain the security of the infrastructure. The goal of this project is to add a log monitoring component to the MIG agent to continuously read the logs of a system and trigger alerts on specific patterns (string matching, repeated message within a sliding window, etc...). The log monitoring component must be built in the Go language and must support Linux, MacOS and Windows log analysis. Beyond basic log monitoring, a successful team will be encouraged to evaluate heuristic based threat detection, and how groups of agents can be used together to identify unusual behaviors.
=== MIG Agent sandboxing ===* Mozilla Advisor: [https://mozillians.org/en-US/u/kang/ Guillaume Destuynder] and [https://mozillians.org/en-US/u/alm/ Aaron Meihm]* Difficulty: high* Language: english or french[http://mig.mozilla.org Mozilla InvestiGator (MIG)] is a digital forensics platform used by Mozilla to monitor the security of servers. MIG deploys an agent on systems that is used to maintain the security of the infrastructure. The agent currently runs as root in order to run investigation modules that have low-level access to the system. The goal of this project is to sandbox the MIG Agent on Linux in a way that allows each part to perform investigative work while having as little privileges as possible. The team will have to use the [https://en.wikipedia.org/wiki/Seccomp Linux Seccomp] mechanism, and the existing [https://chromium.googlesource.com/chromiumos/platform/go-seccomp/+/master Go library], to implement a sandbox in the Agent. If possible, the team will also evaluate sandboxing on MacOS and Windows. The ideal team will have proven experience in Golang and Linux systems architecture. === Menagerie - a collection of tests and demos for security headers and TLS configurations ===
* Mozilla Advisor: [https://mozillians.org/en-US/u/mgoodwin/ Mark Goodwin] and [https://mozillians.org/en-US/u/april/ April King]
* Difficulty: Low
** CSP examples (good and bad)
** HSTS examples
 
=== MIG Agent sandboxing ===
* Mozilla Advisor: [https://mozillians.org/en-US/u/kang/ Guillaume Destuynder] and [https://mozillians.org/en-US/u/alm/ Aaron Meihm]
* Difficulty: high
* Language: english or french
[http://mig.mozilla.org Mozilla InvestiGator (MIG)] is a digital forensics platform used by Mozilla to monitor the security of servers. MIG deploys an agent on systems that is used to maintain the security of the infrastructure. The agent currently runs as root in order to run investigation modules that have low-level access to the system. The goal of this project is to sandbox the MIG Agent on Linux in a way that allows each part to perform investigative work while having as little privileges as possible. The team will have to use the [https://en.wikipedia.org/wiki/Seccomp Linux Seccomp] mechanism, and the existing [https://chromium.googlesource.com/chromiumos/platform/go-seccomp/+/master Go library], to implement a sandbox in the Agent. If possible, the team will also evaluate sandboxing on MacOS and Windows.
 
The ideal candidate will have proven experience in Golang and system architecture.
=== MozDef Virtual Reality Interface===
Ulfr
Confirm
529
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1084971"

Navigation menu