Project 2: Research Paper (COMP 5407, Sept-Dec 2011)
This individual project consists of an oral presentation in class (30-40 minutes) and a formal written report (maximum 20 pages), on a course-related topic of current interest in the research community. To avoid substantial overlap in class presentations, topics must be approved by the instructor (first-come first-served basis).

Important Dates:
October 26, 2011: last day for area topic approval by instructor (see details below)
November 14-28 (tentatively): class presentations by students
December 5: written reports due. No extensions.

Written report. Based on relevant published research papers, the report must be written in the style of a research paper (abstract, introduction, numbered sections, etc.), with proper academic citation of all sources relied upon. Grades will be awarded for demonstrating a solid understanding of the area, insight (e.g., filling in explanatory gaps or smoothly integrating results of several papers), conciseness and clarity. Besides technical content, editorial style is important; grades will be deducted for poor presentation (grammar, spelling, punctuation), poor organization, ambiguity and vagueness. For top marks in the written portion, students would generally be expected to make novel extensions to existing research, or be well on their way to a publishable paper. The written report should provide, as a minimum, a research survey including:
  1. an outline and summary of the selected problem(s) and existing solutions in the area;
  2. identification and explanations of important recent results and trends; and
  3. discussion of important open problems and future research directions.
Oral presentation. The class presentation should include a subset of the above, and as a minimum a clear description of the main problems being addressed in the area, and solid motivation (e.g. why the problems are important). It may involve use of an overhead projector, laptop plus data projector, handouts, etc. (all arranged by the student).

Implementations: Software implementations are not expected, but may be included at the student's option. If included, marks for the implementation aspect will be dependent on communicating clearly and concisely what was learned from the implementation, and explaining its novelty or importance to the project. Prior consultation with the intructor is strongly recommended.

Topics: The project proposal must be approved by the instructor (see above deadline); this is best done by sending an email including the proposed topic name, a paragraph defining its scope and goals, and and an initial list of reference papers (including paper title, author names, conference name and date). Topics must be related to the course outline. For context, suggestions from a very early version of this course are given here (topics attracting more recent research activity are expected). Topics are perhaps best motivated by ideas from papers covered in class, and by reviewing papers from the past two or three years from high-profile security conferences and workshops (this list is maintained by Carleton's Computer Security Lab). Examples of potential topics include: web authentication and identity management, phishing and pharming (including DNSSEC), human factors and authentication/software security, software security and malware (e.g., kernel rootkits), browser vulnerabilities, web security and social networking systems, certificate infrastructures and trust management, secure software updates and installation, trusted bootstrapping, security and virtualization (VMs). See this file for a list of 2009, 2010 and 2011 papers from the top four international security conferences: USENIX Security, ACM CCS, NDSS, IEEE Oakland (Symp. Security and Privacy).

Last updated: October 25, 2011