Adaptive Security 2020F: Choosing a Project

From Soma-notes

Types of Projects

Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.

Project Scope

Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.

  • By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.
  • You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.

Potential Research Directions

Here are some potential directions to consider:

  • Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.
  • Develop a way of building systems that make them less susceptible to large-scale exploitation.
  • Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
  • Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?

Identifying Areas of Interest

  • I've found that my best work starts with identifying a clear problem to be addressed. What security problem matters to you? Once you identify this, you can identify what kinds of defenses you want to create and what technologies you'll need to use to build them.
  • Note that the challenge with Adaptive Security is not just to create adaptive defenses. You also need to show they have a clear advantage. Adaptive defenses often perform worse in more static contexts. Following the maxim that you can't improve what you can't measure, proper evaluation frameworks can thus lead to new solutions.
  • It is okay to start with an area outside of Security. Many interesting problems in Security fall at the intersection between Security and another area.