Adaptive Security 2020F: Choosing a Project - Revision history

Soma: /* Identifying Areas of Interest */

2020-09-17T03:06:55Z

Identifying Areas of Interest

← Older revision		Revision as of 03:06, 17 September 2020
Line 18:		Line 18:
	==Identifying Areas of Interest==		==Identifying Areas of Interest==

	I've found that my best work starts with identifying a clear problem to be addressed. What security problem matters to you? Once you identify this, you can identify what kinds of defenses you want to create and what technologies you'll need to use to build them.		* I've found that my best work starts with identifying a clear problem to be addressed. What security problem matters to you? Once you identify this, you can identify what kinds of defenses you want to create and what technologies you'll need to use to build them.
			* Note that the challenge with Adaptive Security is not just to create adaptive defenses. You also need to show they have a clear advantage. Adaptive defenses often perform worse in more static contexts. Following the maxim that you can't improve what you can't measure, proper evaluation frameworks can thus lead to new solutions.
	Note that the challenge with Adaptive Security is not just to create adaptive defenses. You also need to show they have a clear advantage. Adaptive defenses often perform worse in more static contexts. Following the maxim that you can't improve what you can't measure, proper evaluation frameworks can thus lead to new solutions.		* It is okay to start with an area outside of Security. Many interesting problems in Security fall at the intersection between Security and another area.

Soma at 03:05, 17 September 2020

2020-09-17T03:05:10Z

← Older revision		Revision as of 03:05, 17 September 2020
Line 1:		Line 1:
	* Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.		==Types of Projects==
	* Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.
			Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.

			==Project Scope==

			Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.
	* By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.		* By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.
	* You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.		* You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.
	* Here are some potential directions to consider:
	** Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.		==Potential Research Directions==
	** Develop a way of building systems that make them less susceptible to large-scale exploitation.		Here are some potential directions to consider:
	** Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.		* Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.
	** Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?		* Develop a way of building systems that make them less susceptible to large-scale exploitation.
	* I've found that my best work starts with identifying a clear problem to be addressed. What security problem matters to you? Once you identify this, you can identify what kinds of defenses you want to create and what technologies you'll need to use to build them.		* Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
	* Note that the challenge with Adaptive Security is not just to create adaptive defenses. You also need to show they have a clear advantage. Adaptive defenses often perform worse in more static contexts. Following the maxim that you can't improve what you can't measure, proper evaluation frameworks can thus lead to new solutions.		* Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?

			==Identifying Areas of Interest==

			I've found that my best work starts with identifying a clear problem to be addressed. What security problem matters to you? Once you identify this, you can identify what kinds of defenses you want to create and what technologies you'll need to use to build them.

			Note that the challenge with Adaptive Security is not just to create adaptive defenses. You also need to show they have a clear advantage. Adaptive defenses often perform worse in more static contexts. Following the maxim that you can't improve what you can't measure, proper evaluation frameworks can thus lead to new solutions.

Soma at 03:02, 17 September 2020

2020-09-17T03:02:09Z

← Older revision		Revision as of 03:02, 17 September 2020
Line 8:		Line 8:
	** Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.		** Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
	** Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?		** Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?
			* I've found that my best work starts with identifying a clear problem to be addressed. What security problem matters to you? Once you identify this, you can identify what kinds of defenses you want to create and what technologies you'll need to use to build them.
			* Note that the challenge with Adaptive Security is not just to create adaptive defenses. You also need to show they have a clear advantage. Adaptive defenses often perform worse in more static contexts. Following the maxim that you can't improve what you can't measure, proper evaluation frameworks can thus lead to new solutions.

Soma at 02:57, 17 September 2020

2020-09-17T02:57:55Z

← Older revision		Revision as of 02:57, 17 September 2020
Line 1:		Line 1:
	Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.		* Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.
			* Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.
	~~Your project may~~ be ~~either~~ a ~~full research project~~ or ~~it may me~~ a ~~project proposal~~. ~~The difference between~~ the ~~two is~~ a ~~proposal has~~ less ~~results~~ and ~~more plans for future work than a research project~~. ~~Otherwise~~, ~~both have to discuss related work~~ and ~~show some results.~~		* By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.
			* You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.
			* Here are some potential directions to consider:
			** Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.
			** Develop a way of building systems that make them less susceptible to large-scale exploitation.
			** Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
			** Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?

Soma: Created page with "Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects..."

2020-09-17T02:45:53Z

Created page with "Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects..."

New page

Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.

Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.