Difference between revisions of "Adaptive Security 2020F: Choosing a Project"
Jump to navigation
Jump to search
(Created page with "Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects...") |
|||
| Line 1: | Line 1: | ||
Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable. | * Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results. | ||
* Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable. | |||
* By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate. | |||
* You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement. | |||
* Here are some potential directions to consider: | |||
** Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks. | |||
** Develop a way of building systems that make them less susceptible to large-scale exploitation. | |||
** Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies. | |||
** Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner? | |||
Revision as of 22:57, 16 September 2020
- Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.
- Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.
- By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.
- You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.
- Here are some potential directions to consider:
- Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.
- Develop a way of building systems that make them less susceptible to large-scale exploitation.
- Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
- Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?