Lab 4 - Project Topic Selection
In this lab, you will finalize your project topic selection. Email a few
paragraphs describing your selected topic to my Helios accounts.
Topic Ideas
- Cryptography
- Cryptanalysis of an encryption or message digest algorithm (survey of
others cryptanalysis or your own)
- Develop your own encryption or message digest algorithm
- Public key infrastructure - current proposals, research into new methods
- Authentication protocols - survey of protocols using cryptographic
methods or propose your own
- Digital signatures - analysis of security, survey of methods, etc
- Use of message digests for integrity protection
- Vulnerability Analysis
- Pick a class of vulnerabilities and analyze them. Try to apply the
vulnerability analysis models to them.
- Survey papers on vulnerability analysis that have been published since
Aslam's paper.
- Malicious Logic
- Choose several recent "in the wild" attacks and analyze them
- Research predicted trends in malicious logic techniques
- Survey the most commonly targetted systems
- Trusted Systems
- Survey seminal papers on the concept of assurance in computing
- Survey or develop assurance techniques for a specific application
such as spacecraft
- Look into current system evaluation policies
- Look into current research in formal verification
- Confidentiality and Integrity Policies
- Present a survey of policies not covered in class (Bell-LaPadula, Biba
and Clarke-Wilson will be covered in class)
- Analyze a specific application such as a medical clinic and describe what
policies would best suit their confidentiality/integrity needs
- Survey languages for expressing confidentiality and/or integrity policies
- Look in to papers that detail the shortcomings in the policies covered
in class.
- Intrusion Detection/Prevention/Response
- Differences between signature and anomaly based detection
- Current research trends in intrusion prevention and response
- Detection of variants or novel attacks
- Artificial immune systems as a way of intrusion detection
- Network Protocols
- Survey methods for detecting phishing, spam and other unsolicited e-mail
- Survey proposed standards to add encryption to previously plain text
protocols
- Chose your favorite protocol and describe how it could be improved from
a security standpoint
- Ethics, Legal Issues, Policy
- Survey current thoughts on responsible vulnerability disclosure
- See what the current state of risk analysis and cost vs benefit analysis
is in academia and industry