An activity meant to understand the way a mechanism or system works. The study or examination of a security problem or class of security problems.
Questions tagged [research]
111 questions
28
votes
21 answers
What are the biggest unsolved problems in IT Security?
Just recently I thought about all the solved problems in IT security, like XSS (which one can mitigate with input validation), SQL Injection (mitigated with prepared statements), etc.
Now I'm wondering, what are the biggest unsolved security…
Andreas Arnold
- 2,423
- 20
- 19
8
votes
2 answers
Video Conference Systems - Security Testing
Any one have any experience in testing ISDN based VC systems?
What approach did you take, tools used? How did you approach fuzzing the protocol?
What resources did you read up on prior to testing?
David Stubley
- 2,896
- 1
- 19
- 29
4
votes
3 answers
How do I discern the authenticity of the website?
I'm sure you've heard of gatt.org being the fake website for the WTO. What I'd like to know is, when I'm on the Net, how do I discern the authenticity of the website? I was thinking something like Alexa, but where I don't have to pay to get extra…
Trancot
- 49
- 4
2
votes
2 answers
Latest Vulnerability Information for IT Security Research
Are there any web sites where one can visit to see the latest disclosed vulnerabilities in order to further develop IT security research skills and keep up-to-date?
HadidAli
- 570
- 3
- 10
1
vote
3 answers
Where to publish security research?
I'm considering doing some research in to an attack vector which I think doesn't get enough attention. It's not an earth-shaking vector but I think I can demonstrate an attack where none have been in the past.
But once I've done this, and I have…
randomdude
- 827
- 1
- 7
- 12
1
vote
0 answers
DUKPT - more specific materials
I'm working on a simple project that implements DUKPT. I've tried searching the web for more specific information than on wikipedia and it seems that the algorithms are only covered in ANSI X9.24 part 1. Are there any more sources (prefered free…
Wojciech
- 11
- 1
1
vote
2 answers
Opinons: To report or not to report? CFAA vs the White Hat
As I'm sure most people here are aware, there has been quite a lot of attention brought to the USA's Computer Fraud and Abuse Act (CFAA) recently. Brief back story: A security researcher discovered that a cell phone carrier made email addresses of…
grauwulf
- 955
- 5
- 10
1
vote
2 answers
Security Controls Categorization
I'm doing research about Information Security Controls. Considering that the topic is very wide, I would like to organize in macro categories the security controls that can be adopted by an enterprise to reduce the risk of attack.
For…
Doraemon
- 21
- 3
1
vote
1 answer
Continuous learning: Identifying/ Leveraging papers on new research, best practices, etc
As we all know there are so many resources with awesome information security related content. Does any one have best practices for managing the large influx of these papers and blog posts across their organization?
At the smaller level, RSS feeds,…
userJoe
- 93
- 2
- 9
0
votes
1 answer
What is an IT Artefact
I am going to be starting my dissertation soon in MSc Cyber Security. The supervisor keeps asking me 'What will be your IT artefact?' and to be honest I have no idea what he is actually asking me. I understand the words, and I have Googled it (to…
Liqua
- 1
- 1
- 2
-1
votes
1 answer
Security-themed Masters Thesis Topics
I am currently in progress in a MS in Computer Engineering program. I am looking around for thesis topics related to security (my specialization is in distributed computing). I've been given some ideas by my adviser such as the impact of security…
MGZero
- 225
- 3
- 6
-3
votes
1 answer
Need to learn information security
I want to learn about information security so I need some good sources to help me and learn that. I'm still a beginner.
ASIL
- 5
- 2