Upcoming Project Milestones Professor Adam Bates Fall 2018 - - PowerPoint PPT Presentation

upcoming project milestones
SMART_READER_LITE
LIVE PREVIEW

Upcoming Project Milestones Professor Adam Bates Fall 2018 - - PowerPoint PPT Presentation

Sep 29, 2022 148 likes •319 views

CS 563 - Advanced Computer Security: Upcoming Project Milestones Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI) Project Milestones Throughout the remainder of the semester you will be incrementally

slide-1
SLIDE 1

Security & Privacy Research at Illinois (SPRAI)

Professor Adam Bates Fall 2018

CS 563 - Advanced Computer Security:

Upcoming Project Milestones

slide-2
SLIDE 2

Security & Privacy Research at Illinois (SPRAI)

Project Milestones

2

Throughout the remainder of the semester you will be incrementally building conference-style papers and presentations:

  • Oct. 26: Abstract, Background, Related Work
  • Nov. 2: Experimental Proposal
  • Nov 16: Status Slides
  • Dec 7/12: Project Presentation (In-Class)
  • Dec 18: Term Paper
slide-3
SLIDE 3

Security & Privacy Research at Illinois (SPRAI) 3

Milestone #1 (Oct 26)

Based on your project choice that has been approved by the teaching staff, prepare the following:

  • Abstract
  • Background
  • Related Work

Format: LaTeX Two Column ACM

  • Viable template: https://github.com/acmccs/format

Submission: Submit before class on Compass.

slide-4
SLIDE 4

Security & Privacy Research at Illinois (SPRAI) 4

  • One (maybe two) paragraphs
  • The “Elevator Pitch” of your paper, should cover:
  • 1. Area
  • 2. Problem
  • 3. Solution
  • 4. Methodology
  • 5. Results
  • 6. Takeaway

Milestone #1 (Oct 26)

HOW DO I ABSTRACT?

slide-5
SLIDE 5

Security & Privacy Research at Illinois (SPRAI) 5

Milestone #1 (Oct 26)

  • 1. Be smart and conduct a literature survey so that

you can understand the space before committing to a research direction.

  • 2. Easiest part of the paper to write. Once they’re

‘locked in’ there is no need to change them, so it’s best to get them out of the way.

WHY START WITH BG + RW?

slide-6
SLIDE 6

Security & Privacy Research at Illinois (SPRAI) 6

Milestone #1 (Oct 26)

HOW DO I BACKGROUND?

  • What knowledge does a reviewer need to possess

before they can evaluate your work?

  • Concept-driven, not paper-driven
  • Specifications, RFCs, Schematics, Workflows
  • Citation Density: Low - Medium
  • Examples from our class:
  • A Placement

Vulnerability Study -> Public Clouds, Placement Policies, Launch Strategies Co-Residency Detection

  • Draco -> WebView Implementation, WebView API, Javascript and HTML5
slide-7
SLIDE 7

Security & Privacy Research at Illinois (SPRAI) 7

Milestone #1 (Oct 26)

HOW DO I RELWORK?

  • Goals:
  • Demonstrate understanding of area
  • Distill prior work into easily understood taxonomy
  • Identify gaps in the literature, differentiate your idea
  • Appease your reviewers by citing their work
  • Citation Density: High
  • Requirement for your submission: 25 peer-reviewed

citations

  • Quantity != Quality, but it’s a start
slide-8
SLIDE 8

Security & Privacy Research at Illinois (SPRAI) 8

Milestone #1 (Oct 26)

RELWORK EXAMPLE

  • DRACO -> “Vulnerability of WebViews has been extensively discussed

by previous work [7, 8, 1, 9, 10]. In [7], the authors present several classes of attacks that can be launched against apps that use WebViews. Chin et al. present a static analysis tool that can identify whether an app is vulnerable to WebView attacks [8]. Mutchler et al. present a large-scale analysis on mobile web applications, and present the trend of vulnerabilities in these

  • applications. None of these work implement any defense mechanism

targeting WebViews [1]. In [27], the authors present an access control mechanism for WebViews. Their approach uses static analysis to identify the use of security-sensitive APIs in the exposed Java class, and notifies the user if any such use is found. The user is then prompted to allow or completely block the binding of the Java object. The main drawback of this approach is that after the user allows the binding, they do not provide any originbased access control, so all the origins still have the same access rights. Additionally, their focus is only on the permission-protected resources.”

slide-9
SLIDE 9

Security & Privacy Research at Illinois (SPRAI)

Milestone #2 (Nov 2)

9

  • Last submission we “locked in” the background and

related work sections of our paper. This submission will be a living document as you begin to do the real work.

  • Purpose: Tell me specifically what are you doing to DO

in your project

  • Format: Add a new section called “Experimental

Proposal” to your LaTeX document from Milestone #1.

  • Submission: Submit before class on Compass.
slide-10
SLIDE 10

Security & Privacy Research at Illinois (SPRAI) 10

Be sure to include:

  • Hypothesis: Based on what you’ve learned so far,

“commit” to a prediction that is the basis of your paper.

  • What does a hypothesis in a defensive paper look like?
  • Methodology and/or Design: What techniques are you

going to use? How are you going to use them? Will you leverage existing tools? Convince me that you will succeed in executing your methodology.

  • Evaluation and/or Analysis: How will you determine the

extent to which you have succeeded in your goal?

Milestone #2 (Nov 2)

slide-11
SLIDE 11

Security & Privacy Research at Illinois (SPRAI)

Milestone 3: Status Slides

11

  • Two Objectives:

1. Force you to begin preparing your presentation : ) 2. Report on the progress of your project

  • 4-5 slides will suffice:
  • Slide 1: Draft of Motivation slide (Objective #1)
  • Slide 2: Draft of Introduction slide (Objective #1)
  • Slide 3: Draft of Background slide (Objective #1)
  • Slide 4: Research Tasks Accomplished(Objective #2)
  • Slide 5: Research Tasks Remaining (Objective #2)
  • Look ahead to project presentation requirements for

guidance on slides 1-3.

slide-12
SLIDE 12

Security & Privacy Research at Illinois (SPRAI)

Project Presentation

12

  • Objective: Deliver a conference-quality short talk
  • 10 Minute time slot (7 minutes presenting, 3 Q&A)
  • Only 7 minutes! Easy, right…?
  • Nope. Short talks are much harder than long ones
  • The easiest way to lose points will be for failing to deliver

a *complete* presentation in the allotted time.

  • If you’re less familiar with research presentations, watch

some video recordings from conferences

  • Practice! Partially memorize your talk and clock it to make

sure it comes in at 7 minutes.

slide-13
SLIDE 13

Security & Privacy Research at Illinois (SPRAI)

Project Presentation

13

  • At 7 minutes, you should have ~7 slides (1 minute/slide)
  • A viable slide deck layout:

1. Motivation 2. Introduce your project 3. Cover background concept (if needed) 4. Present your design/methodology 5. Continue presenting design/methodology 6. Share one evaluation result 7. Conclude, or discuss your future plans for project

  • Not everything in your term paper needs to be in your

presentation. You will need to make some tough editorial decisions in order to deliver a compelling presentation.

slide-14
SLIDE 14

Security & Privacy Research at Illinois (SPRAI)

Final Deliverable

14

  • Submit (on compass) a tarball containing:
  • PDF of your final paper
  • PDF of your final presentation slides
  • Project source code and/or materials (e.g., survey)
  • Should read like a conference-quality submission. I will (in part) approach

grading like I would as a program committee member.

  • Structure: Follow a paper layout that we have seen in this course that is

well-suited for your project.

  • You already have your BG and related works, expecting a quality

Introduction Section as well as appropriate combination of the following: Design/Methodology, Implementation, Evaluation and/or Analysis.

  • Strategy — find an assigned paper you liked, and imitate
slide-15
SLIDE 15

Security & Privacy Research at Illinois (SPRAI) 15

  • Discussion Section — required!
  • A good opportunity to recover points for teams that ended

up with negative results or didn’t get as far as they wanted (probably everyone).

  • What were the limitations of your study? How could

they be overcome in future studies?

  • What are the next steps following this project?

Important unanswered questions? Future work?

  • Of course, if you have positive results, discuss their

implications!

Final Deliverable

slide-16
SLIDE 16

Security & Privacy Research at Illinois (SPRAI)

Final Deliverable

16

  • Minimum acceptable standards:
  • At least 6 pages in ACM conference two column format (excluding

references).

  • More OK, but cap at 10.
  • Paper should make good use of these 6 pages.
  • PDF compiled in LaTeX
  • Provides correct and complete citations for referenced work
  • Includes illustrative figures and tables that help to explain the paper
  • “Filler” figures (i.e., too large, not useful, pointless screen

captures) will lose you points.