MSc CSE/MC dissertation proposals in the areas of Cryptography and Network Security Dr David Xiao 2010/11 B/C, 2011A 1. WLAN intrusion detection Objectives: Compare WLAN intrusion detection tools of Snort, OSSEC HIDS, Fragrouter, BASE, and Sguil. Choose one of them to carry out WLAN intrusion detection in case studies. Knowledge required: WLAN communications. Fully understood WEP, WPA and WPA2. Software engineering. 2. WLAN Vulnerability Exploitation, attack, and countermeasures Objectives: Compare WLAN Vulnerability Exploitation tools of Metasploit, Core Impact and Canvas. Choose one of them to carry out WLAN Vulnerability Exploitation in case studies. Knowledge required: WLAN communications. Fully understood WEP, WPA and WPA2. Software engineering. 3. Web vulnerability scanning, attacking, and countermeasures Objectives: Compare Web vulnerability scanning tools of Nikto, Paros proxy, WebScarab, WebInspect, Whisker/libwhisker, Burpsuite, and Wikto. Choose one of them to carry out Web vulnerability scanning in case studies. Knowledge required: Web design and web server. Fully understood Web protocols. Software engineering. 4. WLAN password cracking and data modification using BackTrack4 operating system, and countermeasures Objectives: Investigation into WLAN password cracking, packet sniffing and message modification using BackTrack4 operating system. Knowledge required: WLAN communications. Fully understood WEP, WPA and WPA2. Software engineering. 5. RC4 implementation, WEP key cracking and countermeasures Objectives: download or write program for RC4, WEP key generation, crack WEP key, compare WEP, WPA and WPA2. Knowledge required: WLAN communications. Fully understood RC4 algorithm and WEP algorithm, WEP, WPA and WPA2. Software engineering. 1 6. Software implementation of symmetric-key cryptography using DES, 3-DES, AES and asymmetric-key cryptography using RSA, Diffie-Hellman in .NET programming for mobile devices. Objectives: Download or write the codes in .NET for DES, 3-DES, AES, RSA and DH with flowchart and comments. Create interface to be allowed to choose each of the above. Complete a piece of software for above encryption and decryption with registration. Test the software by verifying the cipher texts from references, and test it in a pair of mobile devices. Knowledge required: Fully understood DES, 3-DES, AES, RSA and DH algorithms. Use of .NET programming before. Software engineering. 7. Simulation and analysis of the UEL network system using OPNET Objectives: Investigate the current UEL network system. Simulate the network system using OPNET to exam the existing UEL network system, raise issues on it, and improve the network system Knowledge required: Networking. Use OPNET before. 2