Propostas de Estágio 2014/2015 - Plurianual

DEI - FCTUC
Gerado a 2024-03-29 08:25:21 (Europe/Lisbon).
Voltar

Titulo Estágio

Sequence-based Intrusion Detection

Área Tecnológica

Sistemas de Informação

Local do Estágio

R. Alfredo Cunha nr. 37 sala 35, 4450-023 Matosinhos, Portugal

Enquadramento

Visionspace Technologies is a company in space industry. We provide services to European Space Agency (ESA) Ground Segment Infrastructure regarding verification and validation of critical software. Nowaday we are strongly betting in security field, with the development of a security visualization tool regarding virtualized environments. We are building the next-generation security analysis technology making the internet a safer place to work, communicate and play.
Visionspace Technologies is currently working in a product of a security visualization tool regarding virtualized environments, we already have a prototype of the product and we are very enthusiastic about the way this product will redefine the threat analysis field.
Every day hundred of new virtual machines are born in the internet world. The previous paradigm for the IT infrastructure of a company was a centralized server where all the customers/workers have access according to some access policy. Because of the low price and increasing of speed of hardware nowadays we are spreading the processing to different machines, so a distributed pattern is emerging. Our question, is how can we increase security in a virtualized farm, and doing it in a distributed way too.
This master's thesis appears in the scope of this virtualization security product. The aim of this work is the identification of the different security solutions regarding virtualized environments.
A deep study regarding management solutions to increase the security of a virtualized farm must be done and a possible improvement of such solutions must be provided. Also a proof of concept of this improvement must be done in a form of a tool, or a plugin for VMWare Tools for example.
Security is a risk management discipline and many people think security is a switch (that could be “on” or “off”). Many companies nowadays sell security as a switch button without telling the client about the threats they be facing.
Visionspace has worked for the last 6 months working on a security visualization tool that we think will revolutionize the way companies see security threats.
This product is divided in several “sensors” that collect accurate information about the IT infrastructure of a company. We are still working on this product to improve even more capabilities and provide an even more “intelligent” analysis of the “what is going on” in an IT infrastructure. Since this project is targeted to virtualized environments, we like to have a feature in our system capable of improve the security inside the virtualized infrastructure.

Objetivo

This master work is divided into two main components, a strong theoretical component and a more practical component.
The goals for this master thesis are the following:
- Analyse and study the current methods used to ensure security regarding virtualized infrastructures at network and operating system level;
- Analyse a possible improvement in the existing solution regarding Visionspace specifications;
- Develop a tool that improves security in a virtualized environment, this tools must take the form of a VMWare Tool plugin or any other, with the constraint in mind, that must be done automatically and systematically without many configurations steps;
The methodology that must be followed in this master work is composed of the following steps:
- Understanding the field in deep;
- Do a study regarding the existing virtualization security tools and methods (Bibliographic search);
- Reading and synthesis of the selected bibliography;
- Development of a “virtualization environment security tool”;
- Evaluation of the tool, validation and discussion of the results, regarding the state of the art.

Plano de Trabalhos - Semestre 1

Milestone1 (Month 1 to Month 2)
The first milestone period will be mainly used to do theoretical research about security regarding virtualized environments and their importance. Also during this period, a revision of the basic bibliography must be made and at the end of this process an article must be written based on the knowledge acquired.
Milestone2 (Month 3 to Month 6)
In this second period deep study and experimentation of the state of the art tools must be performed and therefore an analysis of its functioning, architecture, pros and cons and the inside structure of security regarding virtualized environments tools and methods. Also during this period, an already existent similar solutions must be analysed for comparison purpose, with the main goal of helping on the implementation process of a simple detection prototype.
In this milestone the student must start to think the best techniques to improve security regarding virtualized environments.
At the end of this period it’s expected the full understanding of the identification techniques and the architecture model of the prototype to be implemented.
Bibliographic revision will be continued (exploring now new directions and new references derived from the basic previous readings and developments) and an article must be written for publishing intermediate conclusions.

Plano de Trabalhos - Semestre 2

Milestone3 (Month 7 to Month 8)
This period will be exclusively devoted to the development of the proposed prototype tool. In this phase Visionspace will provide full access to a test virtualization environment containing multiple virtual machine with different operating systems and architectures. Will be expected the tool to be finished at the end of this period.
Milestone4 (Month 9 to Month 11)
This last milestone will be the shortest one, this will be mainly devoted to evaluate and validate the tool results, guaranteeing that everything proposed has been done correctly and efficiently. Bugs will be fixed and the results of the tests will be revised, and intermediate conclusions will be drawn from the outcome results.
At the end, all conclusions about the work done will be written and the thesis document will be reviewed. Will be desirable that at this stage the student has a scientific paper in an international conference of the security area.

Condições

People are the foundation of Visionspace success. As an employee-owned company, we care about not only the technologies we develop but also the path we take to create them. Visionspace operates under a highly collaborative organizational model that recognizes and encourages leadership throughout the company and takes care of the individual.
Visionspace' technical staff members play a pivotal role in developing advanced software technology. Engineers work in small team settings and must successfully interact with clients, partners, and other employees in a highly cooperative and intellectually challenging environment.
We’re looking for people who can invent, learn, think, and inspire. We reward creativity and thrive on collaboration.
We offer you a great internship experience with a fast growing company and the opportunity to join our staff.
Our philosophy, simply stated, is recruit once, hire twice.
This is a unpaid internship, Visionspace will pay:
- Food allowance;
- Travel allowance.

Observações

- Qualifications
-- Academic background in Software Engineering or any other related computer field;
-- Network academic background is a plus;
-- Interest for computer security field;
-- Knowledge of operating systems security;
-- Knowledge of network security tools;
-- User of version control (svn, git, mercurial);
-- Knowledge of UML;
-- Fluent in English, both in speech and writing.
- Recommended Bibliography
-- “Security Engineering: A Guide to Building Dependable Distributed Systems” by Ross J. Anderson and Ross Anderson
-- “Network Intrusion Detection: An Analyst's Handbook” by Stephen Northcutt, Donald McLachlan and Judy Novak

Orientador

Mário Ulisses Costa
ucosta@visionspace.com 📩