The easiest method of file type detection is the extension-based method. Other methods include verifying magic bytes - a predefined signature in the header or trailer of binary files or checking for metadata in the file. These methods are vulnerable to spoofing attacks.
The aim of this thesis is to develop a method of Encrypted-based file type detection to act as a allowlisting filter for precise information exchange in high security network domains.
Is it possible to construct such a file detector in the Advenica ZoneGuard without File extensions and magic bytes to only let Encrypted files pass through the ZoneGuard –instead based on statistical modeling techniques of the binary data using information theoretic approaches such as Entropy and AI-based algorithms?
The thesis shall also include a literature study of previous research of file type detectors with application in network security and an evaluation of the developed detector on test data which include results on false-positive data such as e.g. compressed files.
Preferred areas of knowledge / interest
• Coding Theory and Cryptography
• Mathematical statistics
• Statistical algorithms
• Machine learning / AI
• Programming C/C++, Python
Available fall 2020