Undergraduate Networking Thesis - Suggestions

evilwizard · December 2011

Hi, I am an undergraduate and I am studying for a degree in computer networks. Since this is my last year of the course I also have to do a thesis that relates to computer networks.

My problem is that I am really struggling with finding a topic that is suitable for me. I have read about issues in IT such as the fact that companies nowadays have the problem where they need to do implement a policy (virus scanning, phone lock) on the smartphones of their employees. I have read that this is even of a bigger problem where employees have smartphones with different OSs such as Android and IOS.

Now the part where I always seem to be stuck in my search for a thesis topic is the testing part. My school requires us to do a test as part of our thesis so that we could then comment on the results, methodology and stuff like that. I always end up moving on and trying to find another thesis topic that could possibly be tested. (i.e. we do not need to develop the testing software ourselves so for example if you are testing the throughput on a particular network you only need to find the suitable software that is able to perform this task)

Do you have any suggestions as to what I should do in order to find a proper thesis topic?

I am really confused

and would really appreciate any help and suggestions that you can give me.

Thanks in advance.

cxzar20 · December 2011

Create a protocol with the scalability of BGP and convergence of EIGRP

powerfool · December 2011

I have not encountered many (read: any) undergrad programs that have a thesis component. I would suggest that you work with the department faculty to assist you finding a topic; this is a standard practice in graduate programs, so I would have to think they would offer the same courtesy to undergrad students.

evilwizard · December 2011

cxzar20 wrote: »

Create a protocol with the scalability of BGP and convergence of EIGRP

I have no doubt, that I am fully capable of creating a completely new protocol..

I am afraid that I have to let your idea pass by

evilwizard · December 2011

powerfool wrote: »

I have not encountered many (read: any) undergrad programs that have a thesis component. I would suggest that you work with the department faculty to assist you finding a topic; this is a standard practice in graduate programs, so I would have to think they would offer the same courtesy to undergrad students.

Yeah I had meetings with my lecturer but he still expected me to come up with a topic that could be tested and is suitable (not sure where the 'helping' part comes in to be honest). I am currently on my Christmas break, so any further meetings would have to wait.

I just wish to have a suitable topic to present to my faculty for when I return from the Christmas holidays. But as I have already said, the testing component of my thesis is the biggest headache that I have at the moment.

demonfurbie · December 2011

you could do it on cloud intergration into exsisting networks

evilwizard · December 2011

demonfurbie wrote: »

you could do it on cloud intergration into exsisting networks

I have considered doing my thesis on any existing cloud computing or virtualization issues since they are 'hot' topics in IT at the moment. However I will research more about the idea you gave me and I will also check whether I could perform some kind of testing on integrating the cloud with existing networks.

Thanks for the suggestion

Meanwhile any further suggestions will be much appreciated

drumrolfe · December 2011

I did my capstone on the secure implementation of IPv6 across an enterprise. Learned alot!

evilwizard wrote: »

I have considered doing my thesis on any existing cloud computing or virtualization issues since they are 'hot' topics in IT at the moment. However I will research more about the idea you gave me and I will also check whether I could perform some kind of testing on integrating the cloud with existing networks.

Thanks for the suggestion

Meanwhile any further suggestions will be much appreciated

hackman2007 · December 2011

What about something to do with NIPS? Or something in network security?

You can test that by posting a sandboxed network on to 4chan or something like that. I'm sure many would be willing to "help" out.

Seriously though, network security could be interesting.

evilwizard · December 2011

hackman2007 wrote: »

What about something to do with NIPS? Or something in network security?

You can test that by posting a sandboxed network on to 4chan or something like that. I'm sure many would be willing to "help" out.

Seriously though, network security could be interesting.

Yeah originally I had also considered the area of network security. I was interested in doing something along the line of a DOS or a DDOS attack and focusing on detection/mitigation techniques.

I also found out about a Keep-Dead DOS attack (from what I have read it operates at Layer 7 of the OSI layer - thus targeting the application) (Link for more details can be found here: Keep-Alive DoS Script - Blackhat SEO Esrun). I was seriously considering focusing solely on this type of attack, however when I searched other forums to check more about it, one member said that it was pretty trivial to defend against. That sort of killed the topic completely for me

, because I obviously don't want my thesis to be invalid.

Any thoughts on DOS/DDOS attacks that still need to be studied or are not yet detected will be welcome, since I have always been interested in the subject. Probably focusing on a DOS attack would be better because it would be easier for me to setup in a simulated environment (otherwise I would probably have to set up a sort of simulated botnet for a DDOS attack in a controlled environment).

Thanks for all your suggestions

evilwizard · December 2011

Sorry for double posting on this thread, but I have recently read about man-in-the-middle (MITM) attacks on wireless networks and the danger they present to the user (especially when using public Wi-Fi connections).

Do you think that this area of study would be good and sufficient for a thesis study? I have read recommendations that only logging in to websites using SSL would prevent the hacker from stealing the authentication details.

I would like to know on what aspect should I focus with regards to Wireless MITM attacks? (so that it allows me to phrase it as a research question and suggest some solution if possible).

Thanks in advance, and Happy Holidays

powerfool · December 2011

evilwizard wrote: »

Sorry for double posting on this thread, but I have recently read about man-in-the-middle (MITM) attacks on wireless networks and the danger they present to the user (especially when using public Wi-Fi connections).

Do you think that this area of study would be good and sufficient for a thesis study?

It could be a great topic.

I have read recommendations that only logging in to websites using SSL would prevent the hacker from stealing the authentication details.

That is a best practice any time that you have sensitive information, including authentication data, in the communications stream. However, there have been recent hijacking of Root Certifications from the CAs. With this, folks could create their own certificate for a website. Since many folks don't update their systems, they likely wouldn't be updated to no longer trust these Root CAs. Also, users would have to be vigilant and not blindly accept an untrusted certificate if one were to be used, which could also be an issue for many.

A wireless MITM attack is mostly like any other MITM. There are certain protections that can be implemented at the AP level that would be especially prudent for a public AP.

I would like to know on what aspect should I focus with regards to Wireless MITM attacks? (so that it allows me to phrase it as a research question and suggest some solution if possible).

Thanks in advance, and Happy Holidays

Whenever writing up a paper on something like a vulnerability or attack, you have two options:

1) Proving an attack is feasible: This is most effective for a new type of attack that relatively few are aware. You would outline how to perform the attack and why it is feasible.

2) Mitigating against an attack: This is effective for writing about any known attack. Outline how the attack works and where the big holes lie. Then, offer up mitigations and how they protect against the threat.

Always try to provide balance, as well. So if you offer up a mitigation, state why it can mitigate, but also potential problems with the strategy.

Best wishes.

nel · December 2011

powerfool wrote: »

I have not encountered many (read: any) undergrad programs that have a thesis component. I would suggest that you work with the department faculty to assist you finding a topic; this is a standard practice in graduate programs, so I would have to think they would offer the same courtesy to undergrad students.

Really?!? a thesis style project is common in 4 year undergrad programs in the UK.

Many of the suggestions depend on what kind of time scale you have and how much effort you could put into it. For example creating/programming a new protocol would be intense imo (or at least for me i think) so this would not be to realistic if your on a tight timeframe. You could take a requirements scenario, where a company wants XYZ. You could then cover the theory of the technicologies you are recommending whilst proving why you are doing so. You could then knock up some configs to suggest the implementation and test if poossible. If not, you could integrate into the scenerio that a lack of skill sets exist and you could create a program to automate configurations for future use. You can then test, debug etc against the code too.

Whatever you go with, always run it by your uni, if the uni dont dig it then you will bomb! its all about winning over your supervisors man!

evilwizard · December 2011

powerfool wrote: »

Whenever writing up a paper on something like a vulnerability or attack, you have two options:

1) Proving an attack is feasible: This is most effective for a new type of attack that relatively few are aware. You would outline how to perform the attack and why it is feasible.

2) Mitigating against an attack: This is effective for writing about any known attack. Outline how the attack works and where the big holes lie. Then, offer up mitigations and how they protect against the threat.

Always try to provide balance, as well. So if you offer up a mitigation, state why it can mitigate, but also potential problems with the strategy.

From what I know about the topic, probably I would be better off with the second option (that you suggested). The tools that I have read about such as 'Cain & Abel' and 'Ettercap' have been used for quite some time now and I do not have any knowledge (for now at least) of any new tools that are not yet widely known.

What I am still having doubts about, is with regards to the mitigations that I can possibly suggest. Apart from using HTTPS which I already told you about, I have also seen others recommend using VPN connections in order to avoid/mitigate this type of attack. I assume that as for mitigations I could try to find and test in my own environment the ideal VPN solution in the market right now and discuss in terms of various aspects such as speed offered, reliability, security and so on from the perspective of a common user. The problem that I see with this is that I do not know whether such an analysis would be sufficient for a thesis at an undergraduate level (I understand that I have to confirm this thesis idea with my department, but at this stage I just want to put more focus on the idea and find any possible problems with my idea).

I would greatly appreciate any thoughts that you might have on this (i.e. regarding possible mitigations and the VPN stuff that I mentioned in the previous paragraph). Thanks again for your input

powerfool · December 2011

Another problem is whether or not you can trust DNS. Even if you establish HTTPS, if you are connecting to a host based on invalid DNS data, you will be vulnerable. VPN can assist in that because you can utilize a trusted DNS server. This is also part of the reason for implementing DNSSec.

evilwizard · December 2011

nel wrote: »

Really?!? a thesis style project is common in 4 year undergrad programs in the UK.

Many of the suggestions depend on what kind of time scale you have and how much effort you could put into it. For example creating/programming a new protocol would be intense imo (or at least for me i think) so this would not be to realistic if your on a tight timeframe. You could take a requirements scenario, where a company wants XYZ. You could then cover the theory of the technicologies you are recommending whilst proving why you are doing so. You could then knock up some configs to suggest the implementation and test if poossible. If not, you could integrate into the scenerio that a lack of skill sets exist and you could create a program to automate configurations for future use. You can then test, debug etc against the code too.

Whatever you go with, always run it by your uni, if the uni dont dig it then you will bomb! its all about winning over your supervisors man!

I try not to make this a rant, but there are so many restrictions when you're doing a thesis. What I mean is that the time, budget and the current knowledge that you have, all come into play when you have to select a topic. Apart from the fact that you have to contend with a topic that can be tested (that's one of the reasons why I tried to avoid topics such as cloud computing because I couldn't image how I would be able to do any testing on that topic)

evilwizard · December 2011

powerfool wrote: »

Another problem is whether or not you can trust DNS. Even if you establish HTTPS, if you are connecting to a host based on invalid DNS data, you will be vulnerable. VPN can assist in that because you can utilize a trusted DNS server. This is also part of the reason for implementing DNSSec.

I have to admit that I am not very familiar with DNSSec and the problem that you mentioned with DNS, so today I will try and read more about the topic. I'm not sure about the part where you say "connecting to a host based on invalid DNS data". When you mention the host are you referring to the 'attacker' computer that lies between the router and the client (that then sends invalid DNS data to the client computer)?

As for the title/research question, should I focus on the VPN aspect and test different solutions (and then comment about them) or should I leave it at what is the best way for a user to use a Wi-fi hotspot without being a victim of a MITM attack. (Personally I prefer the second option because it is more open-ended whereas the other one is focused on only one of the 'solutions' available. - I'm not sure however whether the second option is too much open-ended for it to be a valid thesis title/research question).

Thanks

Undergraduate Networking Thesis - Suggestions

Comments