Honeypots mailing list archives

Re: Need help with research topics

From: "Colin Copley" <colin.75 () btinternet com>
Date: Wed, 4 Oct 2006 14:00:15 +0100

Hi,

graceandglory13 () sbcglobal net Wrote:
"This is my first posting.  I am a PhD student at Nova and I needed some
help finding new research topics to write about in the areas of Computer
Forensics, Network Security, Information Security etc.  I am new to this
school and I haven't done much research before.  My problem is that to me it
seems that everything has been done before.  I am also afraid of  choosing a
topic that I will not be able to write code for or build later (in two
months)...."

So you'll need to decide which "area".  There are 2 distinct ones you
mention, Computer Forensics & Network/Information security.

Obviously all the stuff in the books _has_ been covered before, think REAL
LIFE Scenario's.  Some Suggestions -

Computer Forensics:
Traditionally this field covered taking an image from a PC/Server hard drive
and analyzing the image for information etc ... Now there are many more
devices which store digital information (phones, printers, fridge/freezers)
and there's also a need to try and take images from dynamic memory as well.
Apparently you can install Gentoo Linux on a PS2 ( or X-box, can't remember
exactly), so games consoles cannot be overlooked by investigators.
If you really want to get your hands dirty, see if you can take an image
from such a device, then code an app to check if it's what would be
expected, or search the image for strings / possible encryption etc. - The
cyberspeak podcast would be a useful source of ideas for this topic
http://cyberspeak.libsyn.com .

Network Security:
Well I think a lot of this has been covered.  How about covert channels,
smuggling data out of a network inside legitimate looking packets, ICMP etc.
You could code an app that either does this (sends out ICMP packets with
encrypted data in the echo text field - OK not that covert but you've only
got 2 months) or checks for it.  See Invisiblethings.org for more
information on this.

Information Security:
Encryption has been done to death, there's not much more to add, perhaps you
 could take a look at the new wireless encryption strategies, and how long
it took to bypass them.  Personally I'd like to see some research on how
much it would save a commercial enterprise to mind their own business and
keep no customer data whatsoever.  Anyway, good luck.

Regards
Colin

Current thread:

Need help with research topics graceandglory13 (Oct 03)
- <Possible follow-ups>
- RE: Need help with research topics rick (Oct 03)
  - Re: Need help with research topics Colin Copley (Oct 04)
  - RE: Need help with research topics yahooguy subroto (Oct 04)