Initial Proposal

My senior thesis project is driven by the question of what methodologies and practices are used in information security today, and how can they be improved to better suit today's needs? I have always considered security one of the most vital pillars of computing, and its recent place in the news warrants exploration into how we keep our information safe. We can see how information theft impacts the world through identity theft as well as through "hacktivists" and WikiLeaks. Also, I saw the need for security myself over the summer when my father was the victim of identity theft, with fraudulent charges being made on his credit card.

I want to use the three parts of the Senior Thesis to explore the idea of information security through multiple viewpoints. The paper will take a broader viewpoint, examining the global importance of information security, the ethics of black hat vs. white hat activities, and what can be done to improve information security standards for corporations and governments. The presentation will take the form of an educational video teaching what the average user can do to protect his or her own information on the Web and elsewhere. This will require supplemental research in order to understand personal information security. Finally, the project will be a hands-on exploration of a particular concept in information security. My plan at this point is to research brute-force attacks on password-protected user accounts and learn how to estimate the length of time it would take to guess a given text string using these methods. This would likely be developed as a Web application, written in JavaScript and posted to this very site.

This project will require lots of outside research, as I need to learn about specific methods of both attacking and defending information, and get up-to-date on current trends in information security. I will also need to examine the "hacktivism" debate and look at the efforts of groups like WikiLeaks and Anonymous, considering whether or not their activities are ethical and if they warrant the response they have received. Thus far, the highest-quality and most interesting source I have found is a paper entitled "The Emperor's New Security Indicators", a paper from 2007 which explores the effectiveness of security authenticators. The paper details a study in which a group walked through the steps of providing their information to a popular online banking site while certain security authenticators were removed.. The subjects tended to submit the information just as readily when the site did not have an HTTPS indicator authenticating its security than when it did. This highlights the role of user attentiveness in the protection of personal information on the Web.

The paper will likely take the largest chunk of my time due to the research involved. However, I predict the coding project will be the most challenging portion of my Senior Thesis. I will find myself relying heavily on the help provided by my mentor and my topic expert in order to pull through. My mentor, Dr. Valenza, has already been extremely helpful in the research process, uncovering sources and granting me access to academic resources and interlibrary loans from which to pull more knowledge. I have only recently started communicating with Professor Mongan, my topic expert at Drexel University, but I am already excited for the opportunities afforded by his involvement. Professor Mongan has taught classes about encryption and security, which ties directly into my project.