Final project
Description
An important component of the class is the final project.
The goal of the project is to do original research on a well-motivated problem in computer security. At the end of the semester, you will write a conference-style paper on your work.
You're
expected to form teams of 2-3 people, and perform independent
research.
I expect all projects to consist of a team of at least 2 people who are taking CS 261 (exceptions require special approval from me; I often reject such requests, so make sure to talk to me in advance).
If you have trouble finding a project partner, please use our Piazza site to post and find partners.
If you are already working on a security project as part of your research or plan to do so, feel free to use this for the final project too. This will hopefully enable you to do better work on both. Moreover, you are allowed to use this final project for another class you take at the same time; in this case, indicate this in your proposal and final report. I expect you to achieve more in the project in this case.
There are two common types of research projects:
-
Design: constructing a new system or protocol that solves a security problem.
-
Analysis: performing a measurement about the state of a security protocol or system, or identifying an attack. If you are demonstrating an attack, you are also expected to provide some solutions or mitigations.
Dates and deliverables
Deliverables are a project proposal, an in-class project presentation and a final report.
The due dates for these are on the course schedule. Please check the due dates!
The proposal
You will write a short project proposal (anywhere in 1-3 pages). It should contain:
- teammates (including anyone outside of class)
- proposed problem
- an initial study of related work. You should study previously published papers on the subject, to understand what has been done before and make sure that what you're proposing to do hasn't been done before. Then, briefly summarize the ones that are closest to your work in your project proposal.
- proposed evaluation. Describe what points you will seek to investigate or demonstrate with your evaluation and what is the procedure. The procedure could include performance measurements, security analysis, usability evaluation, simulations, analytic results, and/or something else.
The final report
The final report should contain:
- teammates (including anyone outside of class)
- problem introduction and motivation. This should argue why your work addresses an important problem and why it is novel.
- well-studied, comprehensive, and systemized related work and state-of-the-art
- problem setup including threat model
- design description
- evaluation
The evaluation should be convincing, although it does not have to be as thorough as the evaluation in a research paper. Feel free to evaluate only one or a few parts of your design, the more crucial aspect to your contribution. Feel free to use simulation too, if an evaluation would be too hard to produce.
If this project is part of a research project outside of class, you should describe the work that was done before the class and the work that was done during the class. Similarly, if this work is done with outside
people, you should describe what was your contribution.
The length of the final report can be anywhere in 4-10 pages.
The presentation
In your presentation, you should introduce/motivate the problem, explain your contribution, and evaluation.
Also explain what you still plan to do for the final report before the Dec 10 deadline.
Regarding the duration of the presentation, a one-person group prepares 9-10 min of presentation, and a 2-3 person group prepares a 13 min presentation.
In addition to this, there will be 4-5 minutes of questions per group.
Format for the final report
Both documents should be written in LaTeX. The final report should be in two-column format, akin to conferences in the field. For example, you can use one of the ACM templates.