Proposal: due Thursday, March 21th by 11:59 PM
Code, slides and report: due Thursday, May 02th by 11:59 PM
Presentations:
- Tuesday, May 07th
- Thursday, May 09th
Topics already picked
| Bluetooth Hacking | Ransomware |
| Linux kernel vulnerability like Dirty Pipe or Dirty Cow | The hidden cyber security risks posed by QR codes |
| RFID Spoofing | RFID Spoofing (Flipper Zero) |
| Bluetooth (Zero Day) | Computer Worm |
| Smart Contract Reentrancy | Cookies |
| PKI, RSA and Secret Key Encryption | BGP Exploration and Attack |
| Malware Attachments | Camera Vulnerabilities |
| Identity/2FA Spoofing |
Introduction
In this lab, you will work on a final project of your own choice. The Instructor must approve your project. The primary requirement is that your project be something interesting and related to computer security.
Your Task
The intent of the final project is to provide an opportunity to investigate a particular issue of interest in greater depth. The topic will be accompanied by a student led class discussion about the various aspects of the issue. You will be required to provide the instructor with several relevant articles and/or websites prior to your discussion period for distribution to the class.
General Topic Ideas
- Any of the SEED Labs we did not cover
- Encrypted File System
- Hacking Bluetooth
- Compile Time Randomization
- Remote desktop application vulnerabilities
- Bitcoin Transactions
- Searchable encryption
- SDN Security
- QR Codes Security
- Identity spoofing
- RFID spoofing
- Zero Trust
- Ransomware
- TOR/I2P
- Blockchain
- Reproducing previously published topic to find interesting new directions developing a new security mechanism/system *
* Talk to the instructor if multiple people/groups would like to work on the same problem.
Expectations for Report and Presentation
The paper is based off of the topic you selected for your class discussion. The purpose is to discuss in depth the impact of the issue on both the industry and society as a whole.
The paper should be 2-4 pages single spaced (12pt. font) in length and have at least 4 primary sources. IEEE format should be used for citations.
The report should contain the following sections:
- Introduction: Present a precise description of the threat model\security issues.
- Background: Provide any relevant historical context/precedents related to the topic.
- Discussion: Discuss directions developing the new security mechanism or analyze the security of a system.
- Conclusion: Provide your analysis. Any future work, results and/or evaluation section.
- References: Citations of source material.
Presentation do not have to be comprehensive, and they should not be section-by-section overview of the paper. The goal of the presentations is to focus in on the most important content of the issue and to deepen other students understanding of the topic.
- Motivating or explanatory examples
- Relevant Background
- Technical content - a very brief discussion of how it works.
- Countermeasures
- Discussion
Your presentation should be no more than 5-7 minutes, leaving 2 minutes for Q&A. You should limit your presentation to at most 8 or 9 slides.
Grading
The project will be graded as a total package based in part on the overall difficulty as well as the quality of the report and (to a lesser extent) the presentation. This means that selecting a simple project will require a more extensive discussion of results and improvements and vice versa for more challenging project.
Submitting
Upload a zip file containing your code, slides and report to the Marmoset server.
