Dr David Xiao - Personal Home Pages (at UEL)

advertisement
MSc CSE/MC dissertation proposals
in the areas of Cryptography and Network Security
Dr David Xiao
2010/11 B/C, 2011A
1. WLAN intrusion detection
Objectives: Compare WLAN intrusion detection tools of Snort, OSSEC HIDS,
Fragrouter, BASE, and Sguil. Choose one of them to carry out WLAN intrusion
detection in case studies.
Knowledge required: WLAN communications. Fully understood WEP, WPA and
WPA2. Software engineering.
2. WLAN Vulnerability Exploitation, attack, and countermeasures
Objectives: Compare WLAN Vulnerability Exploitation tools of Metasploit, Core
Impact and Canvas. Choose one of them to carry out WLAN Vulnerability
Exploitation in case studies.
Knowledge required: WLAN communications. Fully understood WEP, WPA and
WPA2. Software engineering.
3. Web vulnerability scanning, attacking, and countermeasures
Objectives: Compare Web vulnerability scanning tools of Nikto, Paros proxy,
WebScarab, WebInspect, Whisker/libwhisker, Burpsuite, and Wikto.
Choose one of them to carry out Web vulnerability scanning in case studies.
Knowledge required: Web design and web server. Fully understood Web protocols.
Software engineering.
4. WLAN password cracking and data modification using BackTrack4 operating
system, and countermeasures
Objectives: Investigation into WLAN password cracking, packet sniffing and
message modification using BackTrack4 operating system.
Knowledge required: WLAN communications. Fully understood WEP, WPA and
WPA2. Software engineering.
5. RC4 implementation, WEP key cracking and countermeasures
Objectives: download or write program for RC4, WEP key generation, crack WEP
key, compare WEP, WPA and WPA2.
Knowledge required: WLAN communications. Fully understood RC4 algorithm and
WEP algorithm, WEP, WPA and WPA2. Software engineering.
1
6. Software implementation of symmetric-key cryptography using DES, 3-DES, AES
and asymmetric-key cryptography using RSA, Diffie-Hellman in .NET programming
for mobile devices.
Objectives:
Download or write the codes in .NET for DES, 3-DES, AES, RSA and DH with
flowchart and comments.
Create interface to be allowed to choose each of the above.
Complete a piece of software for above encryption and decryption with registration.
Test the software by verifying the cipher texts from references, and test it in a pair of
mobile devices.
Knowledge required:
Fully understood DES, 3-DES, AES, RSA and DH algorithms.
Use of .NET programming before.
Software engineering.
7. Simulation and analysis of the UEL network system using OPNET
Objectives:
Investigate the current UEL network system. Simulate the network system using
OPNET to exam the existing UEL network system, raise issues on it, and improve
the network system
Knowledge required:
Networking.
Use OPNET before.
2
Download