Project 1: Security Incident Tracking (COMP 5407F - Sept.2005)
Due: Monday Oct.17 in class (at the start of class). No extensions. Read these instructions carefully.

Prepare a selective report, summarizing your 4-week watch (Wed. Sept.14, 12:01am through Tues. Oct.11, 11:59pm) of software security incidents reported in the real world. Here software security incidents include any software-related issues affecting user security or perception thereof, including system availability. Begin by determining which web sites, mailing lists, or other resources to use as your primary information sources. For each of the 4 weeks, select one high-profile security incident which, during that week, occurred, was first publicly announced, received major publicity, or appeared on a relevant security incident list. Clearly identify the incident; explain why you chose it (aim for high profile, more serious, or otherwise distinctive incidents as justified by your report); explain the problem in detail (within space limit - see below), e.g., what was exploited and the mechanism by which attackers succeeded; and how the problem can be fixed or ameliorated (if possible).

Format and length: Maximum overall length 20 pages. Maximum 4 pages per incident. The report must be written in a single-column conference research paper format (e.g., abstract, introduction, etc.), with each incident started in a new numbered section, each of which separately references (as customary in research papers) the specific sources used. Include also a preliminary general section of at most 2 pages comparing information sources and recommending which are most helpful, etc.; finish with a section of at most 2 pages of concluding remarks including trends, concerns, your own reflections, etc.

Information sources: Continuously updated lists of high-profile security incidents and vulnerabilities are widely available, and change over time. In the past, these have included government-funded cites such as CERT (www.cert.org/advisories and www.cert.org/nav/index_red.html); sites from anti-virus vendors such as Symantec and McAfee; sites from major software vendors such as Microsoft (e.g. at http://www.microsoft.com/technet/security/), and the Internet Storm Center (http://isc.sans.org). These are examples only; hopefully you will find others that are superior.

Use your own explanations: Most of this information will be available from online reports. Don't plagiarize. After locating and gaining an understanding of the appropriate information, explain things in your own words with sufficient detail to demonstrate your understanding. Clarify technical jargon, operating system details, etc., sufficiently to allow understanding by a computer science undergraduate. Make explanations as self-contained as possible within the stated limits; include additional background as necessary.

This is an individual project. Read the "Policy re: Unethical Behaviour" on the course web page. Ideas obtained from other students or sources must be cited as such.

Last updated: 7 September 2005 (11:30pm)