(target audience: students)
Depends on context, but roughly sortable into 3 categories:
- Independent (you, by yourself)
- Industry (you, with a company)
- Academic (you, with a professor)
These different sectors have different incentives. It is worth considering whether these incentives align with your goals. Once affiliated with an institution, it generally becomes easier to switch to similar classes/tiers of institutions.
I previously did undergraduate research with an academic lab that focused on systems security. Nowadays I do personal research into whatever topics I find interesting / think are most relevant for my career.
Incentives: whatever you want! Probably get a job doing work you find interesting.
- Looking for bugs (0days) in things.
- Developing new tools.
- Reading/studying/practicing/doing whatever is interesting to you.
Industry AKA Private Sector
Incentives: make money, reduce business risk.
- Large firms:
- Intel, Apple, Microsoft Research
- Small firms:
- Sell security products to Fortune 500/bigtech
- ASLR protection for statically linked executables – Leviathan Security (Consulting)
Incentives: publishing papers in conferences. Getting grant money so you can pay for students.
- Targeting “big issues” – demonstrating novel attacks that highlight a
flaw in some kind of infrastructure/protocol, not before demonstrated.
- e.g. stack cookies to mitigate stack buffer overflows
- Doing science. Measuring things & applying the scientific method.
How to get into academic research:
- Get sufficiently good grades (3.5 out of 4.0)
- Find a relevant professor who publishes papers in the domain you’re interested in.
- Read a few of their papers.
- Try to get published in a relevant smaller conference.
- Send them an email:
Hi Professor $NAME, I'm a 3rd/4th year undergraduate student at $INSTUTION interested in possibly doing work with you. I read your paper $TITLE and thought it was interesting because $REASON_DEMONSTRATING_YOU_UNDERSTOOD_THE_PAPER. I'm interested in this research domain because $REASON. I recently published a paper to $VENUE titled $TITLE. Here's a link: <link> Do you expect to be taking new students in Fall 20XX? Do you have any suggestions for undergraduate-level projects I might be able to complete in advance of applying to your program? Thanks, $YOUR_NAME
Note that professors often receive a high volume of these emails and so must choose to ignore most of them – try contacting one of their listed graduate students (usually on their personal websites) if you don’t get a response.
- Systems security: 4 big ones: NDSS, Usenix Security, ACM CCS, IEEE Security & Privacy (Oakland)
- Privacy: PETS
- Users Really Do Plug in USB Drives They Find – Oakland (IEEE Security & Privacy)
- Understanting the Mirai Botnet – USENIX Security
Fields that exist today, off the top of my head
- Taint analysis
- Data provenance