Advanced Computer and Network Security

CS 295 - Spring 2020

OverviewSchedule/ReadingsAttack/Tool PresentationsCourse Project

Course Project

You are encouraged to form a group of up to 3 students and work on an important and interesting security-related project, although individual project is allowed with justifications. You are encouraged to work on a project that can tie to your own research area if security is not your main area.

Please form your group by Wednesday, April 8 and sign up in the sign-up sheet in Canvas.

Styles of research projects

Typically, you will be choosing one of the three research styles:

  1. Analyze an existing system (e.g., an operating system componenet/feature, an application, or a network protocol) to identify security risks and weaknesses. Ideally, you will be able to demonstrate real or potential flaws.
  2. Propose a new solution against a class of attacks or vulnerabilities. Typically this requires a deep understanding of the root causes of a problem. Ideally the solution should be based on an insight and a solid theoretical foundation.
  3. Measure the current status/impact of a known security threat or security solution. The purpose is to gain insight from empircal evidence, e.g., to understand the technical and non-technical barriers for adopting a security solution, or to raise awareness of certain security threats.
 

Pre-Proposal Presentation – In Class (April 22)

An in-class 10-min presentation with 5 min Q&A is scheduled for each project. A representative of each group will talk about their proposed project and get feedback from the class. During the presentation, please focus on:
  1. What problems you plan to work on? Why is it important and interesting?
  2. Discuss the most important related work in the field.
  3. Your tentative approach to solve the problem.

Written Proposal – Due Friday, May 1 (Submission via Canvas Assignments)

Please write a 3-page proposal for the course project with details on the following points:
  1. Group: Group member names and netID.
  2. Title: What would you call the eventual paper or product?
  3. Problem: A description of the problem you will address and why it is important.
  4. Context: A survey of related work and past approaches to the problem.
  5. Approach: How you will address the problem and how your approach differs from past work.
  6. Evaluation: How you will test how well your approach works (e.g., experimental measurements).
  7. Results: What results do you plan to include at the end of the quarter?
  8. Timeline: What are subtasks of the project and their expected delivery time?

Project Presentation – In Class, Week 10

Following the conference-style presentation, each presentation is 20-min long, with 5 min Q&A. Content of the talk will include all points mentioned above.

2nd Annual UCI CS Security Symposium

Monday, June 1

    Session 1: Autonomous Driving Security

  • 2:00<Title anonymized for paper submission>.
    Wan.
  • 2:13<Title anonymized for paper submission>.
    Wang.

    Session 2: Software Security

  • 2:26Exploring Data-Space Randomization.
    Deshpande.
  • 2:39DFA: Data-Flow Attestation For Embedded Systems Software.
    Jakkamsetti, and Narasimhan.

    Session 3: Smartphone Malware

  • 2:52Portable Smartphone Malware Detection Tool.
    Ha.
  • 3:05MITM Attack on A Social Media Android Application.
    Mo, Yang, and Tao.

Wednesday, June 3

    Session 4: Privacy

  • 2:00The Good, The Bad, and The Anonymous.
    Searles, Enkoji, and Aliaj.
  • 2:13Bounded Size-Hiding Private Set Intersection.
    Hwang.

    Session 5: Network and Cloud Security

  • 2:26A Novel Approach to Detect the Obfuscation Opaque Predicates.
    Tung.
  • 2:39Encrypted Doman Name System Downgrade Attack.
    Huang, and Tian.
  • 2:52Intrusion Detection and Prevention Systems.
    Nandakumar.
  • 3:05Exploring I/O Isolation Defection in Type 2 Hypervisors.
    Gupta.

Written Project Report – Due June 12 (Submission via Canvas Assignments)

The final report should be written in the style of a conference paper and not exceed 10-page long (including text, figures, references, and appendix if applicable). You can refer to any of the papers we read during the quarter.

A minimum structure that should be followed is: Abstract, Introduction, Related Work, Methodology, Evaluation, Future Work, and References.

The text must be formatted in two columns, using 10 point Times Roman font on 12 point leading, following the USENIX template files.  You are strongly encouraged to use LaTeX for typesetting. Here is short guide of Latext.

Other Checkpoints