Adaptive Security 2020F: Choosing a Project

From Soma-notes
Revision as of 22:57, 16 September 2020 by Soma (talk | contribs)
Jump to navigation Jump to search
  • Your project may be either a full research project or it may me a project proposal. The difference between the two is a proposal has less results and more plans for future work than a research project. Otherwise, both have to discuss related work and show some results.
  • Your term project should be related to adaptive security in some way. It may be related to a specific defense, or it could be theoretical in nature. Attack-focused projects are not acceptable.
  • By being related to adaptive security, it should address the problem of enabling defenders to respond to attacker innovation. Note that this is a very broad mandate.
  • You likely should avoid work on cryptography, as cryptography tends to be very fragile. This is just a guideline however, not a requirement.
  • Here are some potential directions to consider:
    • Choose an aspect of computer or network behavior that you think will be perturbed by a class of attacks. You can then design a defense to observe the system, build a model, and respond to attacks.
    • Develop a way of building systems that make them less susceptible to large-scale exploitation.
    • Create a policy mechanism that allows defenders to easily lock down system behavior with custom policies.
    • Develop testing methodologies that can distinguish between static, brittle defenses and adaptive defenses. How do they behave differently in practice, and how can you check for this difference in a controlled manner?
Retrieved from "https://homeostasis.scs.carleton.ca/wiki/index.php?title=Adaptive_Security_2020F:_Choosing_a_Project&oldid=22706"