Re: Need help with research topics

[Joseph McCray <joe () learnsecurityonline com>]

Here are a few topics I would say are of interest (at least to me).


Modern IDS evasion
==================
Gone are the days of whisker and simple obfuscation/ADMutate based IDS
evasion techniques. Sourcefire/Snort gurus are very accessible and with
the magic of VMWare and time you'd really be able to test some really
cool stuff. You could probably get some pretty skilled pentesters from
this list what would be interested in doing the stuff that got us into
this field in the first place - you know actually having fun hacking -
trying new stuff and learning from each other. Heck, I'd even lend you a
dual processor VMWare GSX server for this type of research. 

http://blackhat.com/presentations/bh-usa-06/BH-US-06-Caswell.pdf
http://blackhat.com/presentations/bh-federal-06/BH-Fed-06-Zanero.pdf


Sub-Topic:
Detecting Today's Packet Crafters:
http://www.secdev.org/conf/scapy_pacsec05.pdf
http://blackhat.com/presentations/bh-federal-06/BH-Fed-06-Zanero.pdf


Post Exploitation
=================
Anti-Forensics:
http://blackhat.com/presentations/bh-usa-05/bh-us-05-grugq.pdf
http://blackhat.com/presentations/bh-federal-06/BH-Fed-06-Rutkowska/BH-Fed-06-Rutkowska-up.pdf
http://www.toorcon.org/2005/slides/vliu-metasploitantiforensics.pdf

Fun with Skype
==============
http://blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf




On Tue, 2006-10-03 at 19:55 +0000, graceandglory13 () sbcglobal net wrote:
> Hello, 
>   This is my first posting.  I am a PhD student at Nova and I needed some help finding new research topics to write 
> about in the areas of Computer Forensics, Network Security, Information Security etc.  I am new to this school and I 
> haven't done much research before.  My problem is that to me it seems that everything has been done before.  I am 
> also afraid of choosing a topic that I will not be able to write code for or build later (in two months).
>   Below is the assignment:
> For those in DCIS 830, a reminder.  I need for you to include in your proposal what you are planning to do.  Exactly 
> what you are planning to do.  Phrases like "I plan to investigate...", 
> "I will review...", and "I would like to research..." don't tell me much.  Alternatively, phrases like "I will 
> develop a prototype _____ and use data from ____ to test the effectiveness of this approach", or "I will conduct a 
> case study of four ______ efforts and create a set of best practices from the lessons learned" are much more 
> specific.  I don't need to know your 
> results (you won't have those until you've finished the work) but I do need to understand the research process that 
> you will be following.
> Dr. C
>
> The objective of this exercise is to provide students with the experience of
> conducting research and writing an article on information security for
> submission to a peer reviewed journal. The project involves the submission of
> a preliminary report and the final paper.
> (Note: Topics must be approved in advance by the instructor)
> Proposal (Due October 8, 2006)
> The preliminary report should be in the form of a research plan. You must state
> the targeted journal for your manuscript. The preliminary report should follow
> the style required by the journal and address the following issues:
> 1. Problem addressed
> Clearly state the research problem that you plan to address.
> 2. Prior research
> Briefly discuss the body of literature that is used to motivate the
> research. Emphasize the shortcomings in the prior literature that
> you plan to address.
> 3. Significance
> Explain why you think your work makes a significant contribution
> to the field. Cite references wherever possible to establish that
> there is a consensus among researchers that the problem
> addressed in the article is indeed an important one.
> 4. Methodology
> Discuss the methodology you plan to use for the study. Justify the
> appropriateness of the selected methodology. Be as precise as
> you can. Identify the knowledge representation scheme and the
> search strategy where appropriate.
> Make sure that you cite all relevant articles that are referenced in your paper.
> Please submit a copy of the paper that you believe is most significant in
> motivating your work. If relevant, you may also send copies of any other
> supporting articles.
> Final Report 
> This is the final manuscript that you plan to submit to the targeted journal. You
> should use the style and the format that is appropriate for the journal, (note: the
> use of the GSCIS Idea Paper format is not acceptable). A suggested guideline
> for the article is presented below. Note that this is just a suggested outline and
> that your article need not have the same structure.
> 1. Introduction
> Provide the necessary background and discuss the relevant
> literature to motivate the research problem that your article
> addresses.
> 2. The Problem
> Discuss the problem in detail and formulate it a manner that
> makes it tractable.
> 3. The Method
> Describe the method used to address the problem. Justify the
> approach that you have adopted.
>
> ---------------------------------------------------------------------------
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic Excellence 
> in Information Security. Our program offers unparalleled Infosec management 
> education and the case study affords you unmatched consulting experience. 
> Using interactive e-Learning technology, you can earn this esteemed degree, 
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------
-- 
Joe McCray
Toll Free:  1-866-892-2132
Email:      joe () learnsecurityonline com
Web:        https://www.learnsecurityonline.com


Learn Security Online, Inc.

* Security Games        * Simulators
* Challenge Servers     * Courses
* Hacking Competitions  * Hacklab Access

Attachment: signature.asc
Description: This is a digitally signed message part