Masterprojekt ATsec
Master Project: Advanced Topics in IT Security
Students will work on an either self-choosen or provided research topic in groups of two or (with instructor approval) individually.
The topics and the course of action will be described at the course kickoff in the first week of the semester.
Projects may cover any topic of interest in network security, interpreted broadly. Ties with current research are encouraged. You can choose your topics on your own, or you can choose from a list of topics that will be provided by the course instructors.
Potential topics are:
- Analysis of current network protocols
- Network monitoring and intrusion detection
- Modern networking approaches like SDN or TSN
- Cryptographic protocols and their security issues
- Denial of service
- Worms and Malware
- Reverse engineering
- Forensics
Most projects will fall into one of the following general categories:
1. Analyze. Undertake an analysis/assessment of security issues for a given networked system. For example, to what degree does Zoom expose its users to remote compromise? Preserve their privacy? Monitor their communications? Admit misuse of the system to aid in denial-of-service attacks? Have vulerabilities that enable fraud? What steps could be taken to strength Zoom in this regard? What can you say about the expected efficacy of those steps?
Note: it need not be an application nor involve endsystems. You can consider schemes relevant to other layers of the networking stack, or that concern infrastructure/internal components.
2. Measure. Empirically explore and characterize a network security issue. For example, under what circumstances and to what degree do nodes in the Tor anonymizing network alter the content that passes through them?
3. Innovate. Devise and analyze (and possibly implement) a new mechanism, technique, or architecture. For example, this could be a new way to protect servers from application-level denial-of-service attacks; a new detector for some type of malicious activity; or a novel approach to email or social networking identity that provides better properties regarding the threats of impersonation, Sybils, or account compromise.
4. Test. Take a result in the literature and undertake a thoughtful and meaningful reproduction of it to assess to what degree you obtain the same results, and why.
5. Attack. Develop a new threat. Assess its efficacy, countermeasures/defenses, and likely "arms race" evolution.
6. Research. Conduct a deep, thoughtful literature survey of a particular area in network security. Assess the strengths and weaknesses of the published papers in the area, delimit the boundaries of the state of the art, identify themes and abstractions, frame avenues for future work.