Aleksandr Lenin MSc Thesis topics
Introduction
Dear cybersecurity students,
all the final thesis topics, offered by me, are directly or indirectly related to the EU FP7 project [1]. This project and the related research area in general, are the main focus of my research activities.
What does this mean for you? The topics I offer are practically oriented, these topics are not something invented from scratch, but areas of research and development that need to be done, which is a merit, of course. The downside of writing your final thesis on the topic which is part of an EU project is that these activities have, as a rule, their corresponding deadlines, which are, in general, not flexible. The deadlines indicated below are not the deadlines when your final thesis document has to get ready -- these are related to some internal deadlines within the project and set the time when the result has to be delivered. This means that the result has to be provided by the deadline and no extensions are allowed. These deadlines, as you can see below, are, as a rule, earlier, than the planning time of the defense. If you take such a topic, you have to provide an idea or solution before the deadline, and once the result is delivered, you may spend the rest of the time writing your final thesis document.
In the list of topics below you will see:
- current priority of the topic: High, Medium, or Low. This describes the degree of urgency within the project on the specified topic.
- current status of the topic: Pending which means that the topic is free to choose, or In Progress which means that some student is already working on the topic.
- The due date - the approximate date when the results have to be delivered and end up in the project documentation.
Thesis topics to offer
Algorithms for Security Analysis:
- [TREsPASS] A genetic (evolutionary) algorithm for the Failure-Free risk assessment model.
[Priority: High Status: In progress Due: April 2015]
- [TREsPASS] Attack scenario transformation component. Design and implementation.
[Priority: High Status: In progress Due: April 2015]
- [TREsPASS] Comparison of the genetic algorihm for the Failure-Free model with the Failure-Free model upper bounds estimation. Assessment of performance. Benchmarking and analysis.
[Priority: Medium Status: Pending Due: June 2015]
Security Modelling:
- [TREsPASS] A structure for representing attack scenarios in the form of attack graphs in xml file.
[Priority: Low Status: Pending Due: June 2015]
- Attack Process Graphs -- a new look into security modelling and analysis.
[Priority: Low Status: Pending Due: TBA]
Fuzzy Metrics for Security:
- [TREsPASS] Fuzziness as a measure of uncertainty in quantitative security metrics.
[Priority: High Status: In progress Due: April 2015]
Fuzzy decision making and control:
- [TREsPASS] Fuzzy attacker profiling
[Priority: Medium Status: Pending Due: June 2015]
- [TREsPASS] Fuzzy reasoning and computations for the Failure-Free risk assessment model.
[Priority: Medium Status: Pending Due: June 2015]
Security modelling patterns:
- [TREsPASS] APL (Attack Pattern Library) and MPL (Model Pattern Library) design and implementation.
[Priority: High Status: Pending Due: April 2015]
- [TREsPASS] Social APL (Attack Pattern Library) design and implementation.
[Priority: Low Status: Pending Due: TBA]
- A library of attacker behavioral patterns.
[Priority: Low Status: Pending Due: TBA]
Quantitative Security Risk Analysis:
- [TREsPASS] Approximation of fully-adaptive strategies by the most optimal non-adaptive strategy. Assessment of precision and viability of the approach.
[Priority: Medium Status: In Progress Due: June 2015]
ISKE:
- [TREsPASS] ISKE-TREsPASS integration. Case study.
[Priority: High Status: In progress Due: April 2015]
Security Games:
- Defender game for the quantitative security analysis models.
[Priority: Low Status: Pending Due: TBA]
- Attacker-defender strategic interaction. Stackleberg equilibrium and security analysis.
[Priority: Low Status: Pending Due: TBA]
Defended thesis topics
- Attacker Profiling in Quantitative Security Assessment [Defended: January 2014]
- Performance Analysis of Attacker Profiling in Quantitative Security Risk Assessment [Defended: June 2014]
- Assessment of Integration Possibilities of the TREsPASS Toolset into the ISKE tool [Defended: January 2015]