suggestion for paper

rampage

Hi my friends
I have to publish one or two papers in the 5-6 following months.Papers should be in the field of network and Infosec mostly.I have some subjects to work on them like security and cryptography in moving vehicle systems (suggested by one of my friends).I would appreciate it if you suggest some challenging and good subjects as you have more experience and knowledge.

jamesleecoleman

How about research a paper on attacks from foreign hackers and their motivations?

paul78

I would be interested in the psychology of phishing and why it works. On a related topic, I have recently become interested in organizational culture of infosec - i.e how to foster a culture of security awareness within a business.

Vik210

Are you planning to publish it by yourself or working with a professor?
Go to some of the top universities website and see what they are working on. If possible, get in touch with someone involved in those researches (a prof or even a research assistant) and ask for help/ advice. Those people have access tons of resources and they are always willing to help.

rampage

Vik210 wrote: »

Are you planning to publish it by yourself or working with a professor?
Go to some of the top universities website and see what they are working on. If possible, get in touch with someone involved in those researches (a prof or even a research assistant) and ask for help/ advice. Those people have access tons of resources and they are always willing to help.

One of my friends and I working on it.There are professors that can help but we are mostly on our own.That is a very good idea about universities .I'll check it.thanks

tpatt100

paul78 wrote: »

I would be interested in the psychology of phishing and why it works. On a related topic, I have recently become interested in organizational culture of infosec - i.e how to foster a culture of security awareness within a business.

My Capstone project I am working on deals with spear-phishing, carried in or brought in online malware and the problems of social online networks like Facebook, Twitter, LinkedIn, etc.

It is based on how much "we are out there online" and either by ourselves or collectively employees for a company spill data across the internet that if gathered together allows hackers to create more focused and personalized targeted attacks.

I got the idea a while back when I read up on Stuxnet and how government sponsored malware can get introduced to isolated networks. Plus I was thinking of that Wired writer who got social engineered via Amazon, Apple and how that chain reacted to other things and brought it back to his employer due to his "online brand" he created.

I thought of the "Facebook and LinkedIn Ego" factor where people want to brag so much without realizing it and reveal too much info to boost their epeen.

So hackers basically can just let employees with access do most of the work for them to ruin a company's reputation rather than worry about finding exploits externally.

rampage

Very nice suggestions thank you all.ِDear tpatt100 your project seems really cool . Interesting thing is that i was thinking only about technical subjects and now i see there are others that are not completely technical .

paul78

@tpatt100 - Sounds like an interesting project. Social engineering is certainly one of the threats where designing effective security controls is more challenging. When it comes to variables like human ego, it becomes more difficult.

JayTheCracker

gpu brute force and the future of bruteforce ? that's a topic i'm very interested now

rampage

Thanks you all my friends.Your suggestions are so great . I am making a list of topics . I will post my final choice .

JDMurray

Take a trip through the SANS Reading Room and you'll find more than a few InfoSec research topics there.