Royal Holloway University of London MSc thesis Series

This is a series of 12 thesis articles from MSc students at the Royal Holloway University of London, discussing security issues of the future.

The following articles are really special. They are not written by marketing people, or even journalists, but by some of the brightest people in information security today.

Each of the pieces, which cover a broad range of subjects, has been produced especially for by recent MSc graduates of Royal Holloway College University of London (RHUL), and is based on their Masters thesis. This collection of features therefore represents some of the best-informed and rigorous new thinking currently available.

As many of you will know, RHUL has been a pioneer in the teaching of information security, and its MSc course has gained a well-deserved international reputation for excellence.

So please enjoy the SearchSecurity/Royal Holloway series. There will be something for everyone among the features below, from the highly technical engineer to the senior manager. And if you do enjoy them, you will be pleased to know that we hope to repeat the exercise next year, by publishing a fresh new batch of articles from those completing their MSc in 2008.

Intrusion detection: it's a machine's work
Can technology be taught to recognize the telltale signs of suspicious behaviour and improve its performance over time; to learn and improve with experience? Potentially. Read on to discover how machine learning can be harnessed to improve many aspects of information security.

Could You Immune Systems Against Future Threats?
The idea of applying the mechanics of the human immune system to a self-defending computer system intrigued Devid Pipa so much that he made it the subject of his recent MSc thesis at RHUL. Read on to review a fresh stance on intrusion defence.

Network telescopes: a vital tool in beating threats
Discover a new technology, the network telescope, and review how it operates by searching the 'dark' areas of the internet where no legitimate traffic need go.

OpenBSD: an untapped resource for tight security
Nick Humphrey, head of the information security and compliance practice at CIO Consulting, argues that although OpenBSD may not be the easiest free operating system for new users of UNIX, those who have taken the time to learn the basics are rewarded with a logical, high quality baseline upon which they can build.

How the UK identity card scheme stacks up against others in Europe
Electronic identity cards in the UK has been one of the most contentious proposals from the Government with critics arguing against poor planning, wrong technologies and a lack of security. However, have other European Governments made a better job of handling e-identities? This article explores the question.

Covert channels could be funneling data out of your company
Could information be flowing into or out of your organisation without you knowing? If you are one of the many who thinks your organisation is safe because you use digital certificates, think again – those very certificates could be carrying secret data without your knowledge.

Making a success of PKI through outsourcing
Due to complexity and price point, Public Key Infrastructure (PKI) has not become the accepted mechanism for managing users on a network. This thesis suggests PKI will make a comeback as an outsourced service, where the management is taken care of and the costs are spread across many users.

The re-birth of the metamorphic virus
If we all keep our anti-virus software up to date, we'll be fine, won't we? Well yes, probably – for the time being at least. This thesis takes a look into the future and offers a virus that has the potential to prove your anti-virus software insufficient.

Selling Security to the Organization
Security professionals are tasked with the challenge of engaging their organizations employees in security awareness programmes. This thesis introduces a new tool, the Information Security Force Field Model that provides a guide on how to engage users with information security.

How to Keep Tabs on BitTorrent
Since its creation back in 2001, BitTorrent has become the peer-to-peer protocol of choice for anyone wanting to download large files, although ingenious, it brings about many piracy concerns. This thesis reviews how BitTorrent works, various BitTorrent applications, and reveals many of the difficulties involved.

Protecting games from piracy: a lesson in data leakage prevention
A popular computer game such as Microsoft's Halo 3 can earn as much as a top box office release in a weekend, but it is estimated that the industry loses more than $1.9 billion to global piracy each year, and piracy is on the increase. This thesis statement reviews the problem and provides possible solutions.

Online gaming world signals future security challenges
The dividing line between the real and virtual worlds is blurring fast raising some complex security challenges. Unsurprisingly, the virtual world has become a honey pot for real criminals who see the potential to earn big money fast. This thesis provides an overview of the online gaming world and how it affects your role as a security professional.


Please Note

The above links will direct you to a version of the thesis as summarized by the respective author. If you would like to read any of these theses in their entirety please CLICK HERE.

Read more on Application security and coding requirements