The course project requires that students execute research in IoT security. By
completing the project, students will learn to think critically about security
problems and solutions. All solutions have limitations, and understanding the
ramification of these limitations is critical to understanding the security of
an environment.
The course project milestones mimic the steps required to create a conference-quality paper submission. Be realistic about what can be accomplished in a single semester. However, the work should reflect real thought and effort - projects executed in the closing days of the semester are unlikely to be well received. The grade will be based on the following factors: novelty, depth, correctness, clarity of presentation, and effort.
Project teams may include groups of up to three students; however, groups of greater size will be expected to make greater progress. I will advise each team/individual independently as needed. The project grade will be a combination of grades received for a number of milestone artifacts and the final project paper and demo.
The research project is out of 100 points distributed as follows:
The purpose of this milestone is to settle on 1) a project idea/area, and 2) a project team. While the specific project may change slightly during the course of the semester in response to the related work survey and implementation/experiment findings, it is important to have a strong direction. Projects can be in any area of IoT security, but must be approved by the instructor.
For ideas, students are encouraged to browse the last several years proceedings of USENIX Security (2022 program), ACM CCS (2022 program), IEEE Security and Privacy (Oakland) (2022 program), ISOC NDSS (2022 program), and ACSAC (2022 Program). Each team (of at most 3 students) will upload the project proposal (i.e., 5+ unique project ideas) before the specified deadline, and then meet with the instructor in the following week. Your grade on this milestone will depend on the team’s ability to decide on at least one good project idea during this meeting with the instructor. I highly recommend having 5+ unique project ideas (not slight variations) for this meeting.
One of the most critical and often overlooked portions of a research project is a sufficient investigation of related work. For this milestone, you will write a related work section. (refer to the course slides for what makes a good related work section). When formatting your related work, use the provided template. Include your title and an abstract on the first page. Do not change the font size, margins, or any other formatting.
To receive 8/10 points, the related work must be at least two full columns of text (using the provided template) and contain at least 30 citations. Websites (i.e., not academic work) count as one-half a citation. The remaining 5 points will be based on the quality of the document, including the writing, quality of citations, number of missing well known citations, etc. Going well beyond the minimum 30 citations will help achieve the full 20 points for this milestone.
What to turn in: compressed archive (lastname-relwork.tar.gz or lastname-relwork.zip) of the related work containing the .pdf, .tex, and .bib files for the document.
Note about files: Only .tar.gz, and .zip files will be accepted. Filenames must follow the lastname- convention. If more than one student is on a project, the file name should have the prefix lastname1-lastname2-, where the lastnames are in alphabetical order. The paper must be written using LaTeX and citations must be managed in one or more .bib files using BibTeX. Failure to comply with any of these file format and naming requirements will result in an automatic five point deduction from the milestone grade.
At this point, you have identified a problem and have at least a vague idea of your solution. A solution idea is of little value if it is not evaluated. For this milestone, you will report on how you plan to evaluate your solution idea. You must describe the following:
Modify the research plan template for this milestone.
What to turn in: PDF of the research plan (lastname-plan.pdf).
Note about files: Only .pdf. Filenames must follow the lastname- convention. If more than one student is on a project, the file name should have the prefix lastname1-lastname2-, where the lastnames are in alphabetical order. The paper must be written using LaTeX and citations must be managed in one or more .bib files using BibTeX. Failure to comply with any of these file format and naming requirements will result in an automatic five point deduction from the milestone grade.
Security research is often backed by experimental artifacts, such as (1) code for the proposed system/analysis, (2) data collected for/generated from the analysis, and (3) applications/tools analyzed or instrumented. The availability of these artifacts is critical for the reproducability of the research findings, as well as for helping other build upon them. Top security venues have begun optional artifact evaluations, which may become mandatory in the future. We will conduct a similar artifact evaluation at the conclusion of this class, which will be graded on completeness and correctness; i.e., your artifacts should work exactly as claimed in the paper (i.e., if code), or satisfy the claims made in the paper (if data). Of course, no security system is perfect, and we will consider the limitations that are clearly stated in the paper when evaluating artifacts (e.g., the evaluation will perform the experiments exactly detailed in the paper, without attempting corner cases).
What to turn in: Any code/data, with an optional PDF for documentation.
The written version of the final project is a conference-quality paper, consisting of 10–12 pages (not including references), 1-inch margins, two column, 10-pt font. Modify the final paper template for this assignment.
Suggested outline:
What to turn in: PDF of the final paper (lastname-paper.pdf).
Note about files: Only .pdf. Filenames must follow the lastname- convention. If more than one student is on a project, the file name should have the prefix lastname1-lastname2-, where the lastnames are in alphabetical order. The paper must be written using LaTeX and citations must be managed in one or more .bib files using BibTeX. Failure to comply with any of these file format and naming requirements will result in an automatic five point deduction from the milestone grade.