RESEARCH PROJECT CSEC397/SE526
PAGE 1 OF 5
Research Project
Objective
The research project and report you will write (and possibly a presentation) has a dual
purpose. First, the intention is to get you researching something new or exciting in the
topics we covered during this course. Second, is for the possibility of you sharing what
you have learned back with your peers; this part is optional. You also have several
options on the topic and purpose of your research project as well, however there are
some ground rules outlined below. I will also provide some “canned” examples for you
to choose from as well if you’re not feeling ambitious or don’t think you know the topics
well enough to formulate your own topic idea.
Materials
For the purposes of this assignment, you should:
• Understand what a research paper is, and what it is not…see this link for an
example description:
https:
owl.purdue.edu/owl/general_writing/common_writing_assignments
esearch_
papers/genre_and_the_research_paper.html
I will hold you to the above…if you submit a paper that is NOT a research
eport it will earn you a steep deduction
• Choose a topic that is relevant and will impress the instructor of this
course…yes, I want you to teach me something with the results and output of
this assignment
• A friend, relative, someone to review your paper for grammar, spelling, flow, content,
etc. A typo here and there (i.e. forgetting an ‘s’ at the end of a word) is OK, but more
than a few or sentences that make no sense will earn you a steep deduction
If your paper makes no sense, rambles for the sake of length, or has no
eal point it will make the reader (me) angry which results in points being taken
off your score
• Spend enough time to do your research. Get to know the topic well enough so that
you have a grasp on the topic. In order to be able to write a real research report (see
the first bullet)
https:
owl.purdue.edu/owl/general_writing/common_writing_assignments
esearch_papers/genre_and_the_research_paper.html
https:
owl.purdue.edu/owl/general_writing/common_writing_assignments
esearch_papers/genre_and_the_research_paper.html
RESEARCH PROJECT CSEC397/SE526
PAGE 2 OF 5
FAQs
I assume I will get many questions, just based on my experiences with requiring that
students prepare and submit research projects and presentations, so here are the
FAQs:
1) What topic should I pick?
a) Well, that’s up to you. I have some examples below. Choose a topic that is
interesting to you, it is quite clear in the results when a student was not interested
in the topic due to a lack of depth, content, and message in the final product.
2) How long does my paper need to be?
a) I don’t care. Quality of the content is way more important than the length…not to
mention if I say 10 pages you will likely just write 8 pages and then mess with
margins, font sizes/types and line spacing until you get to 10 pages (just kidding).
Seriously though, it should be long enough to get your point across, but I will
warn you that pages of text that have little value and are only there for the sake
of making the paper longer will earn you a deduction. This is a challenge to
convey important information in a concise format.
3) Can I just use a paper I wrote for this other class? Can’t I just copy someone else’s
work and position it as my own?
a) No! I will submit these papers to our online plagiarism-checking site. If I find that
this paper has been used in the past at DePaul, or that you have copied
sentences or paragraphs of someone else’s paper it will result in a discussion
with the Dean about your continued existence at this school. This also applies to
copying online sources in part as well…copying from 10 sources is the same as
1 source. Now, I understand that there are times where you need to copy a
sentence due to the need to portray another author’s point/or counterpoint, but in
that case you better cite the source and included it in your bibliography. You
have been warned.
4) What if I want to choose my own topic?
a) I will require the following, sent it to me in an email: The topic area you have
chosen, why you decided on the topic, and what you plan to research. Two-
Three sentences explaining your topic.
) If I approve your topic I will respond to your email saying approved. I may
include some additional questions or thoughts on the topic that may help you
efine your focus. If I do not approve your topic I will request that you resubmit
(rare, but it does happen)
5) What’s the deal with the presentation (said in a Je
y Seinfeld voice) ref(just in case -
https:
www.youtube.com/watch?v=v1cVl7KHsGA) ?
a) I’m offering to let a few of you present during the last lecture (finals week) for
extra credit towards you course score. The format is a 5-10 minutes presentation
including any slides or demos you need to get your point across. It should be a
high level presentation of the topic, your research, and your results (see the first
https:
www.youtube.com/watch?v=v1cVl7KHsGA
RESEARCH PROJECT CSEC397/SE526
PAGE 3 OF 5
ullet again). For DL students you’re free to use any recording software and
upload the presentation. Zoom is probably the easiest. Share the video on your
favorite streaming service/platform or talk to me to get the zoom video uploaded
to d2l.
) You are not required to do the presentation, and if your paper meets my
equirements you will receive full credit for the assignment without the
presentation. Please, DO NOT take a really bad paper and offer to present in an
effort to earn points to make up for the written report. This will actually work
against you.
6) No, seriously, how long does the paper need to be?
a) Again, I don’t care. You’ll know when it is long enough…the better question may
e, is it good?
Topic Ideas
You actually have quite a lot of access to resources:
• Perform some research on tools in the cyber security space. I’d rely on public
eports as well to see how they review
eport on products to get some ideas of the
criteria they use (and you may need to create your own). Weigh the pros/cons
ased on the features and functionality.
Threat intel (collection management) Some examples in this space include:
Mandiant Threat Intelligence Suite, MISP, PANW Autofocus
Response tools such as GRR, RSA ECAT, Tanium, FireAmp (Cisco AMP),
Guidance CyberSecurity, FTK, CyberSponse, etc.
Malware sandbox options such as Joe Sandbox, Cuckoo Sandbox, Hy
id-
Analysis, AnyRun, tria.ge, etc.
• Do the same as the first bullet for any other topic area (get my approval for the topic
and area first). The focus should not be in setting up any one of these as a service
for our organization, but rather focus only on the product/technology. In addition we
can dive into the landscape and point out where a product may fall short of
delivering.
• Research the space of disassembler & decompilers: BinaryNinja, IDA, Hopper and
JEB, cutter… Most of these offer a demo version. I would focus on functionality,
accuracy and their features. The way I would do this is write a small functional
C/C++ program that you can use. Having a controlled sample, so you compare
each of the tools.
• Examine the cu
ent state of threat indicators and formatting. Think through how we
would use these indicators and what cu
ently works and what doesn’t? Look at
what standards exist (OpenIOC, IODef, Cybox/TAXII, etc.)? What are their
RESEARCH PROJECT CSEC397/SE526
PAGE 4 OF 5
pros/cons as we consider how we would use these or how we would track atomic
indicators (i.e. IP addresses, DNS, metadata, etc.) back to a threat actor or group?
• Create an automated malware response system by scripting/programming together
open source tools to perform analysis on a system in an automated fashion (similar
to what sandboxes do, or better yet what you did in Lab 1 but automate it. Think as if
you had to do Lab1 with 100’s samples. You would want to automate it, right?
• This one may be a bit out of scope for some of us but very interesting in my opinion.
Malware authors love to pack and/or obfuscate their code. Most of the time you will
find a sample that is packed with XY packer and a beautiful human being has written
an unpacker for it. It is a cat and mouse game. But the idea here is:
Research paper on packers and/or obfuscators.
Another idea is finding a packer the may not have an unpacker or its latest
version is not working and attempt to write one. No need for a paper here.
Writing code is different.
Less difficult idea could doing a technical walkthrough of manually unpacking a
sample
• You can look into writing your own your own disassembler.
• Research the malware landscape on the following areas. I’d prefe
ed you stick to
the technical details, rather than just a risk assessment or giving me headlines. You
can use Verizon’s DBIR papers from past years and build your research. This is more
than just telling me what’s in the report.
Android & IOS
OSX Malware
IoT
• Data Science is not new but it has been hot in the cybersecurity space the last few
years. Do a research project on any of the following, these are just ideas.
How Data Science is being used in cybersecurity.
Implement your own Machine Learning model. (I can provide malware samples)
• RE Challenge: If you choose to do the reverse-engineering challenge, please let me
know asap! So, I can select the sample we will be looking at.
RESEARCH PROJECT CSEC397/SE526
PAGE 5 OF 5
What You Need to Submit
For this assignment you need to submit the following:
• Your final report (it is helpful if it is PDF, that way it renders the same across many
different systems)
• If you choose to do the presentation you should submit the PowerPoint slides, again
as PDF, and if you’re in the DL section a link to the recorded version of your
presentation.