(Help) Final Year Project: Computer and Network Security

[stupid_one]

Hi everyone,

I am doing Software Engineering (Computer and Network Security); currently about to start my 6th semester. We have been told to research topics for our FYPs (Final Year Projects), else the university will provide a topic for us. I want to do my FYP in Computer/Network security as is evident; I know its a very broad field and that is why i came here.

I request that those of you that are knowledgable in this field kindly help me out. What i want is to be given a number of topics/sub-fields/implementations/applications in Computer/Network security that i can do research on and hopefully choose one for my FYP as appropriate. Afterwards i'll have around a year to complete my FYP, that will include researching the project, documentation, implementation etc (not to mention the regular semester studies).

Currently, my skills are very limited, and i plan on expanding those correspondingly to my FYP during this 1 year+ period. Anyways here is a list:

-very good at c/c++(my favourites)
-working knowledge of java/.NET
-oracle/databases (though i am not interested in databases at all)
-have done work on NS2 (network simulator) modifying the AODV protocol for VANETS (kind of boring)

--plan on learning the core windows API during my sixth semester including sockets programming(C/C++ offcourse) (the core API not MFC, and not the GUI functions but more of the under the hood stuff)

In my last semester, we had courses like Intro to Computer Networks and Number Theory. Now we'll be studying courses like Network Security, Distributed Systems, Cryptography, Computer Forensics etc. This was just to give you an overview of where i stand, which as i see is "nowhere" yet. I'll be extremely thankful for whatever help you can provide in the regards that i mentioned.

[limdis]

Cool! Based off what classes you said you are will be taking this semester I assume this project will be a written paper?

Yes we can definitely help you out with this! But you are correct this is broad (like all forms of security and crime). Start by researching current events. Lots of current events. Find out what peaks your interest to spend time researching. I suggest for just getting started to focus on the WHAT is being done and when you find something you like, then jumping into the HOW. Once you have a bit a direction you want to go we can slam you with all kinds of stuff.

Just somethings I know will get a lot of hits in searches for what has been going on:
Anonymous (group)
Lulzsec (group)
Doxing (attack method)
Botnetting (attack method)
Mobile Security (topic)
Backtrack (Security Suite)
SOPA/PIPA/ACTA (Bills)

Also look at this:
IC3 2010 Report (PDF)

[ghost107]

Here's some things from my domain, the topics are a little advanced:
-Web Services Security(SOAP, REST)
-Security for Grid Services (Rocks Clusters + Globus Toolkit, or a linux Distro + Globus Toolkit)
-Security in a Cluster Computing System(CORBA, or JBOSS)
-Fault-Tolerant Network Cluster(Similar as previous, making system to continue operation at reduced level)

[stupid_one]

@limdis


Thanks for the help man! but let me explain a bit more...

Firstly, no the project won't be a paper; it will be a software more or less, it could be a firewall, an ids, a modified version of a protocol implementation, a network security related tool like a traceroute or something, implementation of a new concept, in short it could be virtually any running piece of code/application/program/software/tool whatever you might want to call it. Along with it we will obviously have to provide documentation too, like regular progress reports, and with the finished project an SRS maybe, or class diagrams, presentations etc or something of the sort. But thats not of concern right now.

When i said we have been told to research our FYP topics, i meant that we have been told to do research ourselves and decide what exactly do we want to build and do "enough" research just yet to make a FYP proposal and get it approved. If it does get approved then obviously i'll have to do more research into the topic and learn appropriate coding/APIs/techniques etc and alongside start implementing the code and stuff. For example when i posted this topic i read somewhere about "firewalking" (a technique to penetrate firewalls) and found it kind of interesting but i don't have enough knowledge to know about more such topics, as like you said security is a very broad field, lots of ways to go about and thus the reason i am here.

Now the courses that i mentioned i will be taking, i won't be taking all of those in my next semester, I just wrote down the ones that i will be taking in the remaining of my semesters from the top of my head, that i felt were relevant. Anyhow 3 of the courses that i mentioned are actually going to be in my next semester, those are i think Network Security, Cryptography and Distributed Systems. Anyways the point in mentioning them was for you or anyone whose willing to help, to get to know the "scope of my field/degree/course" so to speak.

So what i basically want is guidance towards topics/techniques/information/sub-fields that could potentially account for a competitive and unique FYP. The problem actually is that we are told to select our FYPs in 6th semester when we are just getting into the ACTUAL field; meaning that we have yet to study the core topics in network security like i mentioned, but this is the time that we HAVE to choose and propose our FYP regarding that very same field. So i have very limited knowledge regarding the field i am supposed to do an FYP on, as i have yet to actually study it.

I hope i have been more clear this time and that you or someone here could help out!

-- Tue Jan 31, 2012 10:53 pm --

Here's some things from my domain, the topics are a little advanced:
-Web Services Security(SOAP, REST)
-Security for Grid Services (Rocks Clusters + Globus Toolkit, or a linux Distro + Globus Toolkit)
-Security in a Cluster Computing System(CORBA, or JBOSS)
-Fault-Tolerant Network Cluster(Similar as previous, making system to continue operation at reduced level)

Which of these fields have actual potential implementable code/tool/program, so that i'll focus my research on those topics. I don't know if i am explaining correctly but i hope you understand what i am saying, as at the end of the day i have to come up with an actual program/tool/software etc. Preferably it could be something not done before,a new approach, or a variation/enhancement of something already done or even if its something already done like an IDS, it should be good; so it should be something that could be researched as well as implemented in a one year's time for an undergrad student. And thanks for the help!

[ghost107]

Those topics are From distributed Systems, same as this(This is much optimized to your preference, But since I'm not from your domain, Finished Computers and Information Technology, Specialized in Information Technology, Now i'm At master in Distributed Systems and Web Technologies):
-Distributed Intrusion Detection System(lots of documentation, any programming language to implement
-Intrusion Detection System Using Corba (Corba a framework for distributed applications)
-Multiagent aproach to intrusion detection system(Don't know if you made Multi agent systems, i made them in the forth year)