CS8395 — Project
You are required to work on a research project during the semester.
There will be a Project Proposal in which you present a
proposed project to the class before Spring Break. At the end of the
semester, you will present a Project Presentation
containing the results you have.
You can work in groups of 1, 2, or 3 students. It is up to you to find
project partners; you are welcome to use the Piazza forum to do so.
You have two options for your semester project:
You can work on a novel
research idea, in which you work on a technique or area that solves a
Under this option, the goal is to develop a project that culminates in a
manuscript that can be submitted to a cybersecurity conference or
workshop. This option is suitable for PhD students.
You can work on a
in which you will systematize knowledge of a particular area of
cybersecurity. SoK papers are a good option if you are a new researcher
(e.g., a first year graduate student).
You can pick whichever option you like; there is no difference,
penalty, or benefit from choosing one option over the other.
Picking a research topic
You can meet with me to discuss potential research ideas for a project.
In addition, a list of potential highl-level topics is below:
- Binary/assembly semantic recovery — techniques that
extract useful semantic information from binaries where source code
is unavailable (e.g., symbol names, function boundaries, data
- Scalable malware analysis — techniques that enable
high-efficiency analysis of malware samples that are otherwise
difficult or costly to analyze.
Human studies in security — designing and executing a human
subject experiment targeting a specific security problem (e.g.,
understanding how human developers create vulnerabilities).
Applications of trusted execution environments — designing
techniques for hardening systems against attacks.
Autonomous vehicle and realtime systems security — techniques
that analyze or harden software systems that are part of autonomous
vehicles or realtime systems.
Ideally, your project will culminate in a written project report that is
worth submitting to a conference or workshop venue. If you are
interested in submitting your work for peer-review, I am happy to work
with you, even after the semester ends, provided the work is of
Systematization of Knowledge
As an alternative, you are welcome to work on a
Systematization of Knowledge project.
SoK projects are surveys of existing literature in a specific area
(e.g., "malware analysis," "election cybersecurity," "cloud resource
management," etc.). If you elect to do an SoK project, your project
proposal presentation will incorporate why the area matters and is worth
systematizing as well as a table of citations that you will explore and
You may want to discuss your potential project idea with me before
the Proposal (before spring break) and the Final Presentation (last day
of class). You can email me or catch me after class to discuss a
direction to see whether your potential idea is appropriate for this
class. I welcome and encourage project ideas that overlap with your
thesis, dissertation, or other coursework, but please let me know ahead
of time about such arrangements. If possible, you should discuss
your project with me during early February.
The project proposal is due Wednesday, March 2, the last class before
spring break. The proposal consists of:
- A 2 page written prospectus. For both the "novel research" and
"SoK" project tracks, the prospectus should introduce and motivate a
problem, justified by a review of related work.
- For the "novel research" track:
- I will pay more attention to the motivation and
justifcation, especially in assessing shortcomings of related
- I will also expect to see a discussion of a design or
experiment that you think you will be able to conduct by the end
of the semester, or preliminary results if you have any.
- For the "SoK" track:
- I will put more emphasis on your motivation for why an SoK
in your selected area needs to be written, and I will expect to
see a more thorough investigation of related work. I will
expect to see justification about the papers and associated
venues you select to review.
A 10 minute proposal presentation (including Q/A and setup), with a
maximum of 8 minutes for the presentation itself. You must develop a presentation
that motivates your research problem, identifies key research
questions, explains state-of-the-art and associated shortcomings,
and presents preliminary results and/or a testable hypothesis or
- You must send a PDF of your slides to me before the
- If you are in a group, not all members must present —
in academic conferences, you typically select one co-author to
present the paper on behalf of the whole group.
The presentation is intended to drive discussion about your
project. In some sense, it isn't about showing complex
math or system diagrams; it is supposed to be an opportunity to
get the audience excited about a particular direction. To that
end, the use of compelling figures, bold (but true) claims about
state of the art, and thoughtful discussion of potential impact are recommended.
- The presentation itself should be no longer than 8
At an absolute minimum, you should address the Heilmeier
questions in your presentation.
You must submit two artifacts separately on the submission
- prospectus.pdf, your 2 page prospectus
document. Your bibliography can extend beyond 2
pages. You must include each team member's name,
VUNetID, and Vanderbilt email address at the top of each
- proposal-slides.pdf, your presentation slides.
I will likely want to use my laptop to present all teams'
presentations, so I would like a PDF of your slides for
class. The presentation should take no more than 10
minutes. Assume there will be 2 minutes of questions
and answers in addition to the presentation.
The final project consists of two parts, each due separately.
- An 8 minute project presentation (plus an additional 3 minutes
for Q/A and setup). You must create a presentation that
discusses your motivation, approach, and current results. For SoK
submissions, your presentation must cover your approach to reviewing
and taxonomizing literature.
- You must turn in a PDF of your slide deck by 2PM Central on
Wednesday, April 27, before class.
- I am evaluating your research methods, ability to frame a
research narrative (after a semester's worth of paper readings and
discussions), and the viability of your current results. Pay
careful attention to the Heilmeier Catechism, with a particular
focus now on metrics for success and why you reached them.
- A written project report that describes your research problem,
motivation, analysis of related work, approach, experimental
methods, and results.
- Please use the IEEE
and ACM conference proceedings template
for your submission. While I recommend LaTeX for its
bibliographic prowess, you are welcome to use the Word templates
- Your writeup must be 4 pages or less, excluding
bibliography. Use ACM or IEEE style bibliographies and
You must submit two artifacts separately on the submission
- final-slides.pdf, your presentation slides.
Your presentation should take no longer than 8 minutes, with
an additional 3 minutes for setup and Q/A.
- final-report.pdf, your written report.
You must use either the IEEE and ACM conference proceedings
template. Your written content should be 4 pages or fewer,
with additional pages for bibliography. You must use ACM or
IEEE style citations.