Hello,
`m a M.Sc student. My fields is information security. Security in software, computer, network, etc scope.
I`m thinking and looking for two main questions for my dissertation:
1. Network security(such as protocol vulnerabilities and so on) or Software security(such as Buffer over flow and so on)? Which one is better? At present and in the future, Which one is more needed?
2. What is the most needed and fresh problem in network security and software security?
Thanks a lot.
Ya Ali.
This is your research and your own baby. You yourself grow your own baby, not anyone else. A good research question is an outcome of a good literature review. You need to identify the existing problems and shortcomings of the current knowledge, and therefore develop your own views (research questions) based on that. You are going to sell your idea to senior and experienced researchers. They are not looking for obvious results. Developing sound research questions is a fundamental part of any good research.
Your current questions are not good, because the answer to them is just one word or a sentence. One might say ask what you are adding to the current state of the art.
Consider where your strengths are, and what you want to spend 3-5 years of very intense work doing.
Are you good at programming?
Have you got previous experience in a managed security service company?
Have you written any previous papers in any of these areas? etc.
I ended up focusing on privacy in relation to network security, since there appeared to be less research done on this, which means it seemed easier to get to the research front. While this was true, then there was significant work that needed to be done on the theory side, which required more work than I anticipated. Both software and network security are areas where a large amount of research has been done, so finding your research nische may take time. There are synergies between network and software security.
Network security still has the problem of poor test data sets - many still rely on the venerable KDD-cup 99 data set, which has been shown to be outdated, biased and unrealistic.
Software security may promise more fundamental security mechanisms than network security, for example by designing provably secure systems. However the field seems driven to a large extent by the adversary side - identifying new ways of attacking, for example return-oriented or jump-oriented attacks evading existing security mechanisms.
It boils down to who you want to be and what you want to do. Do you want to protect systems? Or have your got a darker side that has interest in detecting new vulnerability types or attack methods? It is in the end up to you.
- Badges
- Science topic