Adaptive Security 2020F: Choosing a Project: Difference between revisions

From Soma-notes
Newer edit →
Created page with "Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects..."
 
No edit summary
Line 1: Line 1:
Your term project should be related to adaptive security in some way.  It may be related to a specific defense, or it could be theoretical in nature.  Attack-focused projects are not acceptable.
* Your project may be either a full research project or it may me a project proposal.  The difference between the two is a proposal has less results and more plans for future work than a research project.  Otherwise, both have to discuss related work and show some results.
 
* Your term project should be related to adaptive security in some way.  It may be related to a specific defense, or it could be theoretical in nature.  Attack-focused projects are not acceptable.
Your project may be either a full research project or it may me a project proposalThe difference between the two is a proposal has less results and more plans for future work than a research projectOtherwise, both have to discuss related work and show some results.
* By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation.  Note that this is a very broad mandate.
* You likely should avoid work on cryptography, as cryptography tends to be very fragile.  This is just a guideline however, not a requirement.
* Here are some potential directions to consider:
** Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacksYou can then design a defense to observe the system, build a model, and respond to attacks.
** Develop a way of building systems that make them less susceptible to large-scale exploitation.
** Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
** Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defensesHow do they behave differently in practice, and how can you check for this difference in a controlled manner?

Revision as of 02:57, 17 September 2020

  • Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.
  • Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.
  • By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.
  • You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.
  • Here are some potential directions to consider:
    • Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.
    • Develop a way of building systems that make them less susceptible to large-scale exploitation.
    • Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
    • Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?
Retrieved from "https://homeostasis.scs.carleton.ca/wiki/index.php?title=Adaptive_Security_2020F:_Choosing_a_Project&oldid=22706"