CS8395 — Project

You are required to work on a research project during the semester. There will be a Project Proposal in which you present a proposed project to the class before Spring Break. At the end of the semester, you will present a Project Presentation containing the results you have.

You can work in groups of 1, 2, or 3 students. It is up to you to find project partners; you are welcome to use the Piazza forum to do so.

You have two options for your semester project:

1. You can work on a novel research idea, in which you work on a technique or area that solves a security project. Under this option, the goal is to develop a project that culminates in a manuscript that can be submitted to a cybersecurity conference or workshop. This option is suitable for PhD students.
2. You can work on a Systematization of Knowledge project, in which you will systematize knowledge of a particular area of cybersecurity. SoK papers are a good option if you are a new researcher (e.g., a first year graduate student).

You can pick whichever option you like; there is no difference, penalty, or benefit from choosing one option over the other.

Picking a research topic

You can meet with me to discuss potential research ideas for a project. In addition, a list of potential highl-level topics is below:

• Binary/assembly semantic recovery — techniques that extract useful semantic information from binaries where source code is unavailable (e.g., symbol names, function boundaries, data types).
• Scalable malware analysis — techniques that enable high-efficiency analysis of malware samples that are otherwise difficult or costly to analyze.
• Human studies in security — designing and executing a human subject experiment targeting a specific security problem (e.g., understanding how human developers create vulnerabilities).
• Applications of trusted execution environments — designing techniques for hardening systems against attacks.
• Autonomous vehicle and realtime systems security — techniques that analyze or harden software systems that are part of autonomous vehicles or realtime systems.

Novel research

Ideally, your project will culminate in a written project report that is worth submitting to a conference or workshop venue. If you are interested in submitting your work for peer-review, I am happy to work with you, even after the semester ends, provided the work is of acceptable quality.

Systematization of Knowledge

As an alternative, you are welcome to work on a Systematization of Knowledge project. SoK projects are surveys of existing literature in a specific area (e.g., "malware analysis," "election cybersecurity," "cloud resource management," etc.). If you elect to do an SoK project, your project proposal presentation will incorporate why the area matters and is worth systematizing as well as a table of citations that you will explore and taxonomize.

Project Approval

You may want to discuss your potential project idea with me before the Proposal (before spring break) and the Final Presentation (last day of class). You can email me or catch me after class to discuss a direction to see whether your potential idea is appropriate for this class. I welcome and encourage project ideas that overlap with your thesis, dissertation, or other coursework, but please let me know ahead of time about such arrangements. If possible, you should discuss your project with me during early February.

Project Pitch

The project pitch is due early in the semester, on Wednesday, February 1, by noon Central. is meant to be a quick ideation step to see if you are able to identify and scope an appropriate project, identify potential teammates, and get early feedback about your idea. The pitch consists of:

• A brief 500 word writeup of one (or more if you choose) project idea(s). You are expected to briefly answer the Heilmeier Questions in your writeup.
• An in-class discussion of your idea. While I won't expect a full presentation, I will want you to be able to discuss on the whiteboard what the idea is. This is intended to help share what you want to work on and to identify potential overlap with others.

Project Proposal

The project proposal is due the week before spring break, on Monday, March 6, by noon Central. The proposal consists of:

• A 2 page written prospectus. For both the "novel research" and "SoK" project tracks, the prospectus should introduce and motivate a problem, justified by a review of related work.
  • For the "novel research" track:
    • I will pay more attention to the motivation and justifcation, especially in assessing shortcomings of related work.
    • I will also expect to see a discussion of a design or experiment that you think you will be able to conduct by the end of the semester, or preliminary results if you have any.
  • For the "SoK" track:
    • I will put more emphasis on your motivation for why an SoK in your selected area needs to be written, and I will expect to see a more thorough investigation of related work. I will expect to see justification about the papers and associated venues you select to review.
• A 10 minute proposal presentation (including Q/A and setup), with a maximum of 8 minutes for the presentation itself. You must develop a presentation that motivates your research problem, identifies key research questions, explains state-of-the-art and associated shortcomings, and presents preliminary results and/or a testable hypothesis or thesis statement.
• You must send a PDF of your slides to me before the presentation.
• If you are in a group, not all members must present — in academic conferences, you typically select one co-author to present the paper on behalf of the whole group.
• The presentation is intended to drive discussion about your project. In some sense, it isn't about showing complex math or system diagrams; it is supposed to be an opportunity to get the audience excited about a particular direction. To that end, the use of compelling figures, bold (but true) claims about state of the art, and thoughtful discussion of potential impact are recommended.
• The presentation itself should be no longer than 8 minutes.
• At an absolute minimum, you should address the Heilmeier questions in your presentation.

Final Project

The final project consists of two parts, each due separately.

• An 8 minute project presentation (plus an additional 3 minutes for Q/A and setup). You must create a presentation that discusses your motivation, approach, and current results. For SoK submissions, your presentation must cover your approach to reviewing and taxonomizing literature.
• You must turn in a PDF of your slide deck by 2PM Central on Monday, April 17, before class.
• I am evaluating your research methods, ability to frame a research narrative (after a semester's worth of paper readings and discussions), and the viability of your current results. Pay careful attention to the Heilmeier Catechism, with a particular focus now on metrics for success and why you reached them.
• A written project report that describes your research problem, motivation, analysis of related work, approach, experimental methods, and results.
• Please use the IEEE and ACM conference proceedings template for your submission. While I recommend LaTeX for its bibliographic prowess, you are welcome to use the Word templates as well.
• Your writeup must be 4 pages or less, excluding bibliography. Use ACM or IEEE style bibliographies and citations.