Research Topic: What would you choose?

[and9]

As a physics/comp sci double major, for my honors degree I have to partake in a year of directed independent research. I'm currently doing physics research in the field of cosmology, specifically the CMBR and optimizing scan strategies for asymmetric beam patterns.

For my computer science research I want to take a different direction. I'm curious to see what you guys think of the following branches / topics:

1) Computer security:
- development of malware detecting algorithms/code
- exploit discovery (finding new vulnerabilities such as buffer overflow, etc)
- cryptography

2) Networks/communication
- protocol optimization of wireless networks

3) Software Engineering
- developing Android application (anything... a game or useful software)
- ?

4) Hardware/Architecture
- rather not do anything here as I've had class with the only professor at my university who does research in this field and the person is not very pleasant.

5) ??

Anything you guys can think of that would be interesting and fun?

 

[gsal]

I think cryptography would be a cool field; on the other hand...I think Android application/game development would be a more practical thing to learn that can potentially make you a lot of money...let's get practical, here.

 

[chiro]

As a physics/comp sci double major, for my honors degree I have to partake in a year of directed independent research. I'm currently doing physics research in the field of cosmology, specifically the CMBR and optimizing scan strategies for asymmetric beam patterns.

For my computer science research I want to take a different direction. I'm curious to see what you guys think of the following branches / topics:

1) Computer security:
- development of malware detecting algorithms/code
- exploit discovery (finding new vulnerabilities such as buffer overflow, etc)
- cryptography

2) Networks/communication
- protocol optimization of wireless networks

3) Software Engineering
- developing Android application (anything... a game or useful software)
- ?

4) Hardware/Architecture
- rather not do anything here as I've had class with the only professor at my university who does research in this field and the person is not very pleasant.

5) ??

Anything you guys can think of that would be interesting and fun?

Hey and9 and welcome to the forums.

For cryptography, I have a few thoughts.

In terms of cryptography you will need to narrow this down a bit further. For example if you want to do something like cryptanalysis, you might be looking at things like whether a particular algorithm has what are called 'weak' keys as an example. This can be a combination of both theoretical and experimental work and I would not suggest this if you do not have a sufficient background in cryptography just because of the context needed to really understand it.

For exploits, the question will be "How well can you read assembler code, or create assembler code that does what you say it will do?"

You should also note that modern hardware has options for not executing code in invalid regions as well as not allowing code to be written in certain regions for various platforms which means the kinds of techniques that were used in things like buffer overflows have been taken care of in some respects.

Malware detection would be interesting, but you would again need to understand assembler very well as well also understanding appropriate libraries and the OS interface in general. Also remember that OS's are getting a lot better and the security frameworks are getting better with them.

You kind of need to know the execution pipeline for the OS in a deep way along with what malware exploits so that you can develop sufficient protections and this requires knowing about operating systems in a much deeper way than your typical Operating Systems course teaches (a lot deeper in fact).

Protocol optimization sounds interesting and it's a lot easier I think to do in terms of your options both theoretically and practically (through actual simulation using a computer by generating the data randomly in accordance with what you wish to test). Once you can code up the protocol, make the required changes and then simulate the results, you can get enough real data to include a report that will show you what actually happened and this is good whether it turned out to be better, or if it turned out not to be better.

With regards to option 3, I would strongly recommend the KISS simple: especially for a 1 year project that won't have your full attention. If you choose a project, make it really really simple because things go wrong, stuff takes longer than you expected and all of this ends up dragging things out especially for a 1st time project if you haven't done this kind of thing a few times in the past.

If you finish earlier, then you can add extras like fancier user interface behaviour or extended features. It is however better to finish something that is a lot simpler than start with a big idea and not finish it (given you have only 1 year) and I would think about this during the whole project if you choose option 3.

I would not recommend you make a game due to the complexity of such a task (I have done this, so I know from experience). If you really want to make a game, make it something really simple and avoid 3D and anything whiz-bangy. Again keep it simple. Also if you choose to do this, pick an existing engine of some sort and modify it. If you haven't had any experience with these kinds of things, I would strongly recommend you don't go down this path.

Other ideas for software development is basically anything that is really simple. Think of something you think takes 4-6 months part-time and do that, because in many cases you might be lucky to finish it in a 1 year period.

This is not a personal attack on you either but just the reality of software development is really like.

 

[and9]

Thanks for the responses.

I will have even less than a year to complete the project (2 semesters ~ 8 months) so I will definitely take into account a project that should only take 3-4 months in my estimation and expand on chosen project if needed.

I have taken the basic assembler class and computer architecture class so I can read/write basic MIPS assembly codes. I'm thinking I will go with either the protocol optimization route or cryptoanalysis of algorithms as they will have a more mathematical basis for me to expound upon.

I haven't taken a cryptography class but I know the basic principles behind symmetric/asymmetric key cryptography and I would be able to research the topic before starting a project.

 

[rcgldr]

I haven't taken a cryptography class.

This can get pretty complicated depending on how far you want to follow some particular aspect of cryptography. One encryption scheme is AES, where the key expansion involves inversion (1/z) of a value in a binary finite field
(Rijndael's finite field, in binary = x⁸ + x⁴ + x³ + x + 1, in hex = 11B).
This in turn has led to efforts to optimize the inversion process in hardware by using "sub-fields". Link to a PDF file that further optimizes the "Greedy" algorithm to reduce the number of gates in a hardware implementation:

A_Very_CompactS-box_for_AES.pdf

All of this research effort was done to reduce hardware gate count since there can be 10 or more encoder circuits in a "s-box" for AES. In software, you would just use a 256 byte lookup table.

I only mention this as an example of following a particular aspect of cryptography to some extreme point.

I'm not involved in cryptography, but finite field inverstion is used with Reed Solomon error correction code, which I have worked with for computer peripherals, and how I ended up finding about this particular aspect of AES encryption, since both methods use the same "sub-field" method to reduce hardware gate counts.