COMP 5900H Project (Sep-Dec 2019): Research Paper - last updated: 18 Sep 2019

Project components (percentage of final course grade):
10%: project plan (2 pages). Must include references, with topic pre-approved by Oct 21.
10%: oral class presentation (25 minutes).
30%: formal written report (12 to 20 pages).
Late penalty: 10% of item total per day. This is an individual project.

Important Dates:
21 Oct 2019: last day for topic pre-approval by instructor
30 Oct 2019: project plan due (11:59pm, PDF by email)
20 Nov to 4 Dec: class presentations by students
9 Dec 2019: written report due (5:00pm, PDF by email). Late penalty: 10% per day.

Topics must be pre-approved, following a preliminary discussion of ideas with the instructor by email or in person. To avoid double-credit, topics should not substantially overlap research projects begun prior to this course, e.g., with a thesis supervisor or another course. Pre-approval of topics is best initiated by sending an email including the proposed topic name, a paragraph defining its scope and goals, and an initial list of reference papers. Please note carefully (to avoid marks being deducted): It is essential that all references include four components: paper title, author names, conference or venue name, date of article.

Topics. The topic must centrally involve IoT security---preferably consumer, personal, or home IoT devices---and should be one of interest in the research community. To ensure the latter, and to help students focus their search on quality venues, the paper(s) forming the basis of the project must include at least one (and ideally, several) from recent (2017, 2018, 2019) "big four" international security conferences: USENIX Security, ACM CCS, NDSS, IEEE Symp. Security and Privacy. It is strongly recommended that you visit the "technical program" page from each of these conferences for paper titles, author names, abstracts and links to full papers. For topic ideas, review the detailed course outline, class discussions, papers cited by those covered in class, and recent papers in high-profile security conferences and workshops.

Written report. At minimum, the written report should provide a research-oriented survey that does not duplicate existing surveys. The report must be written in the style of a research paper (abstract, introduction, numbered sections, etc.), with proper academic citation of all sources relied on. Grades are awarded for technical content, demonstrating a solid technical understanding, insights (e.g., filling in explanatory gaps, smoothly integrating results of several papers), and clarity. Presentation and editorial style are also important; grades will be deducted for poor grammar, spelling, punctuation, weak organization, ambiguity and vagueness. Students obtaining the top mark generally make novel extensions to existing research, or are well on their way to a publishable paper. Report components typically include:

1. a clear self-contained explanation of the selected problem(s);
2. a summary of existing solutions, or the state-of-the-art;
3. identification and explanations of important recent results and trends; and
4. discussion of important open questions and future research directions.

Incremental building blocks may be viewed as: a survey (summary) of existing work; an integration and systematization of it; a comparative analysis and critique of the existing work; and any novel observations and suggested extensions.

Oral presentation. The class presentation should include a subset of the above, and as a minimum a clear description of the main problems being addressed, and solid motivation (e.g., why the problems are important). Slides and data projector are typically used.

Implementations: Software implementations are not expected, but may be suitable for some topics, and in that case included at the student's option. Here grades are awarded for clearly communicating and concisely summarizing the design and technical aspects of the implementation, describing what was learned from it, and explaining its novelty and importance to the project. Prior consultation with the intructor is strongly recommended.