Project 2 - COMP 5407 (last updated: 11 Oct. 2005, 11:30pm, for Fall 2005)
Research Project (paper / optional implementation)

Important Dates: Give a short oral presentation (approx. 30 minutes), and submit a formal written report (maximum 20 pages) on a course-related topic of current interest in the research community. To avoid substantial overlap in class presentations, topics must be approved by the instructor (first-come first-served basis). Note: this is an individual project.

Written report. Based on relevant published research papers, the written report must be written in the style of a research paper (with abstract, introduction, various sections, etc.), with proper academic citation of all sources relied upon. Grades will be awarded for demonstrating a solid understanding of the area, insight (e.g. filling in explanatory gaps or smoothly integrating results of several papers), conciseness and clarity. Aside from technical content, editorial style is important; grades will be deducted for poor presentation (grammar, spelling, punctuation), poor organization, and ambiguity / vagueness. For top marks (certainly A+) in the written portion, students would generally be expected to make novel extensions to existing research, or be well on their way to a publishable paper. The written report should provide, as a minimum, a research survey including:
  1. an outline and summary of the selected problem(s) and existing solutions in the area;
  2. identification and explanations of important recent results and trends; and
  3. discussion of important open problems and future research directions.
Oral presentation. The oral part should include a subset of the above, and as a minimum a clear description of the main problems being addressed in the area, and solid motivation (e.g. why the problems are important). It may involve use of an overhead projector, data projector, handouts, etc. (all arranged by the student).

Projects involving programming: Some projects may benefit from software implementations. In these cases, marks for the implementation aspect will be dependent on communicating clearly and consisely what was learned from the implementation, and explaining its novelty or importance to the project. Prior consultation with the intructor is strongly recommended.

Topics: The selected topic and an initial list of reference papers must be approved by the instructor (see above deadline). You may propose your own topic (related to the course outline), or one from the partial list below. Visit last year's Project 2 web page for some ideas and references, as well as the Digital Security Group's list of security conferences and workshops for pointers to relevant proceedings to find more recent papers and current research topics. Examples of potential topics include: phishing, identity theft, new authentication schemes, password protocols resisting on-line or off-line dictionary attack, generating cryptographics keys from biometrics, memory mismanagement exploits (beyond simple stack-based buffer overflows), security in peer-to-peer software systems, software tamper resistance, digital rights management, malicious software and/or trends in malicious code, botnets, security through virtual machines (VMs), human factors in computer security (HCI-security), browser security and spoofing, browser trust anchors and chains, browser-based certificate problems, non-browser certificate infrastructures, web client authentication, determining safety of externally-supplied binary code, practical challenges for cryptographic infrastructures and digital signatures, trust management.

Schedule of Oral Presentations. The following topics/oral dates are already taken by the listed students (other students wanting the same topic must make a proposal substantially different from the first).
Nov.16: student1 (topic1), student2 (topic2)
Nov.21: tbd
Nov.23: tbd
Nov.28: tbd
Nov.30: tbd
Dec.5: final lecture