Analytical Research Project :
Intrusion Detection and Intrusion Prevention
Paper Topic Selection
The purpose of this preliminary milestone is to provide your instructor the opportunity to confirm the appropriateness of your proposed topic, sufficiently early in the course to allow for topic revision if necessary. It will be helpful if you include, with your proposed paper topic, the sort of research you intend to do and any specific sources you may have already found or plan to use in researching your topic. Your instructor will provide feedback on the suitability of the proposed topic by the start of Session 5. Students who do not provide a proposed topic will be preparing their research papers “at risk;” i.e., they will run the risk of delivering a paper reflecting research that is not suitable for this course.
Analytical Research Project
The purpose of the Research Project is to develop an in-depth understanding of the intrusion detection and/or prevention technology and the way in which such technology is used to protect specific computing environments against specific threats. To arrive at this understanding, your project may choose to follow either one of two analytical approaches:
you should also do the following;
1. Analysis of a tool or technique including functional applicability and limitations
2. Analysis of environmental security requirements and technologies
Tool-centric Research:
Projects of the first type will focus on a specific tool, technique, or method used in intrusion detection or intrusion prevention. Choosing a topic for this type of project will mean selecting the tool you want to research and analyze and developing a research question or thesis statement that your research is intended to answer. The analysis for a tool-centric research project should emphasize the use and application of the tool, technique, or method rather than a simple explanation of its features. If you choose a product or tool with a broad set of capabilities, you may choose to provide an analysis of one or more aspects of the tool. The paper distills fundamental issues, focuses on one available solution, and provides a detailed analysis of both the functional applicability and the limitations of the available solution. In other words, you should explain in your paper the functional purposes and/or security goals the chosen tool is well-suited to address, and also things for which it is not a good choice. You are welcome to choose any type of IDS tool, including network-based, host-based, or wireless products.
Environment-centric Research:
The second type of project also looks at intrusion detection and prevention technologies, but adopts an organizational perspective by first defining and analyzing an operating environment, and then identifying and recommending appropriate IDS/IPS technologies. Choosing a topic for this type of project will mean describing a specific computing environment and any operational needs for safeguarding that environment. The analysis for an environment-centric research project should emphasize the threats faced by the organization and assess IDS/IPS technologies in the context of providing protection from those threats. This type of research project mimics the process many real-world organizations go through when selecting IDS/IPS tools (or other types of technologies), in which organizations first specify requirements and then evaluate alternatives to see what technologies best meet their requirements. You may choose to focus on a specific organization (like a company or agency) or on a class of organization (e.g., based on relative size, industry, business model, etc.). It is important that you be able to specify security requirements for the organization or operating environment that you choose for your project.