Erinevus lehekülje "Aleksandr Lenin MSc Thesis topics" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
9. rida: 9. rida:
 
In the list of topics below you will see:
 
In the list of topics below you will see:
 
* current ''priority'' of the topic: ''<span style="color: #f00;">High</span>'', ''<span style="color: #ff0;">Medium</span>'', or ''<span style="color: #0f0;">Low</span>''. This describes the degree of "urgency" within the project on the specified topic.
 
* current ''priority'' of the topic: ''<span style="color: #f00;">High</span>'', ''<span style="color: #ff0;">Medium</span>'', or ''<span style="color: #0f0;">Low</span>''. This describes the degree of "urgency" within the project on the specified topic.
* current ''status'' of the topic: ''<span style="color: #f00;">Pending</span>'' which means that the topic is free to choose, or ''<span style="color: #f00;">In Progress</span>'' which means that some student is already working on the topic.
+
* current ''status'' of the topic: ''<span style="color: #0f0;">Pending</span>'' which means that the topic is free to choose, or ''<span style="color: #f00;">In Progress</span>'' which means that some student is already working on the topic.
 
* The ''due date'' - the approximate date when the results have to be delivered and end up in the project documentation.
 
* The ''due date'' - the approximate date when the results have to be delivered and end up in the project documentation.
  

Redaktsioon: 15. veebruar 2015, kell 15:14

Introduction

Dear cybersecurity students,

all the final thesis topics, offered by me, are directly or indirectly related to the EU FP7 project TREsPASS. This project and the related research area in general, are the main focus of my research activities.

What does this mean for you? The topics I offer are practically oriented, these topics are not something invented from scratch, but areas of research and development that need to be done, which is a merit, of course. The downside of writing your final thesis on the topic which is part of an EU project is that these activities have, as a rule, their corresponding deadlines, which are, in general, not flexible. The deadlines indicated below are not the deadlines when your final thesis document has to get ready -- these are related to some internal deadlines within the project and set the time when the result has to be delivered. This means that the result has to be provided by the deadline and no extensions are allowed. These deadlines, as you can see below, are, as a rule, earlier, than the planning time of the defense. If you take such a topic, you have to provide an idea or solution before the deadline, and once the result is delivered, you may spend the rest of the time writing your final thesis document.

In the list of topics below you will see:

  • current priority of the topic: High, Medium, or Low. This describes the degree of "urgency" within the project on the specified topic.
  • current status of the topic: Pending which means that the topic is free to choose, or In Progress which means that some student is already working on the topic.
  • The due date - the approximate date when the results have to be delivered and end up in the project documentation.

Some topics are more complicated, some are less, and they require various background and knowledge from the students. This means that not every topic will suit everyone equally.

The minimal requirements for the student are the following:

  • Being active and willing to defend your final thesis.
  • Good communication skills in English (spoken and written).
  • Skills to work independently, as well as in a team.
  • Being self-sufficing. Given a task and the description what do we need to obtain, being able to find the way how to do it independently.

Additional requirements for the students willing to write this or that topic under my supervision is described in the detailed description of the topic. To get approval for the topic you need to meet me in person, and I assess if you are suitable to write the chosen topic, then will either approve the suprtvision or not.

A general requirement for the final thesis of the student is that it must be a good piece of work, which is worth grade not less, than 4. If for some reason I feel that your work is not sufficiently well written, I reserve the right not to allow this work for the defense and postpone it for the next semester's defence dates.

Thesis topics to offer

Algorithms for Security Analysis:

  • [TREsPASS] A genetic (evolutionary) algorithm for the Failure-Free risk assessment model.

      [Priority: High Status: In progress Due: April 2015]

  • [TREsPASS] Attack scenario transformation component. Design and implementation.

      [Priority: High Status: In progress Due: April 2015]

  • [TREsPASS] Comparison of the genetic algorihm for the Failure-Free model with the Failure-Free model upper bounds estimation. Assessment of performance. Benchmarking and analysis.

      [Priority: Medium Status: Pending Due: June 2015]


Security Modelling:

  • [TREsPASS] A structure for representing attack scenarios in the form of attack graphs in xml file.

      [Priority: Low Status: Pending Due: June 2015]

  • Attack Process Graphs -- a new look into security modelling and analysis.

      [Priority: Low Status: Pending Due: TBA]


Fuzzy Metrics for Security:

  • [TREsPASS] Fuzziness as a measure of uncertainty in quantitative security metrics.

      [Priority: High Status: In progress Due: April 2015]


Fuzzy decision making and control:

  • [TREsPASS] Fuzzy attacker profiling

      [Priority: Medium Status: Pending Due: June 2015]

  • [TREsPASS] Fuzzy reasoning and computations for the Failure-Free risk assessment model.

      [Priority: Medium Status: Pending Due: June 2015]


Security modelling patterns:

  • [TREsPASS] APL (Attack Pattern Library) and MPL (Model Pattern Library) design and implementation.

      [Priority: High Status: Pending Due: April 2015]

  • [TREsPASS] Social APL (Attack Pattern Library) design and implementation.

      [Priority: Low Status: Pending Due: TBA]

  • A library of attacker behavioral patterns.

      [Priority: Low Status: Pending Due: TBA]


Quantitative Security Risk Analysis:

  • [TREsPASS] Approximation of fully-adaptive strategies by the most optimal non-adaptive strategy. Assessment of precision and viability of the approach.

      [Priority: Medium Status: In Progress Due: June 2015]

ISKE:

  • [TREsPASS] ISKE-TREsPASS integration. Case study.

      [Priority: High Status: In progress Due: April 2015]


Security Games:

  • Defender game for the quantitative security analysis models.

      [Priority: Low Status: Pending Due: TBA]

  • Attacker-defender strategic interaction. Stackleberg equilibrium and security analysis.

      [Priority: Low Status: Pending Due: TBA]

Defended thesis topics

  • Attacker Profiling in Quantitative Security Assessment [Defended: January 2014]
  • Performance Analysis of Attacker Profiling in Quantitative Security Risk Assessment [Defended: June 2014]
  • Assessment of Integration Possibilities of the TREsPASS Toolset into the ISKE tool [Defended: January 2015]