Information Systems Security Thesis Topic

godwindotnet
godwindotnet used Ask the Experts™
on
Hello,
I would like to know some good specialization topic under Management Information Systems Security for thesis?

My Background : I'm already in to security and have architected and implemented security of my networks in my business.But now,I need to choose a specialization for my ph.d.

Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Dave HoweSoftware and Hardware Engineer

Commented:
well, hot fields in InfoSec these days are IDS/IDP, DLP, and SQL Injection prevention/detection. Problem is, there are a *lot* of commercial interests researching in the field, so its hard to find something you can hit the ground running on, do original research on, and not duplicate commercial work and/or run foul of defensive patenting.

Honeypotting and honeynetworks seem to be on a bit of a back-burner at the moment, although there is already a lot of work done - however, most are web-, os- or email- centric, very little has been done for tarpitting CMS systems at the database or API layers, so perhaps there is a niche there you can play in?

how are your programming skills?
IDS/IPS and log analysis are pretty hot topics that I myself am very interested in doing some research on.

I guess in a perfect world the ideal security solution might include packet and log analysis with automatic defense against those attacks and intrusions.
Software and Hardware Engineer
Commented:
sure, but as I say, IDS/IDP are commercially "hot" topics too, so you will be up against some pretty big names. IBM and Cisco are both heavily researching those fields, although the market leader is these guys:

http://www.imperva.com/

plus of course open source offerings such as snort-inline.

automated log analysis is less heavily targeted; the major players seem to be more interested in looking at live traffic (decrypting if required) than logs after-the-fact. Most log analysis is retrospective, heavily forensic (i.e. researching a successful attack rather than continuous or speculative) and quite manual. There are guides on this, but most are rules of thumb and trend summary tools rather than automation - its hard to know what to look for in a log, even against specific attack types.

Author

Commented:
Can it be some topic like researching with existing security products and tools instead of getting inside the code?

something like planning,architecting and implementing security for large enterprises effectively?
similar to how the security standards are targeting?
Dave HoweSoftware and Hardware Engineer

Commented:
I would assume so - its hard to do original research with commodity tools though, and security bodies tend to pick arbitrary breakpoints and then build their rules around that, as in the main it doesn't matter what breakpoint you chose for a target, provided you can internally justify it and get to set the rules :)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial