3rd Annual GradSec Symposium

Tuesday December 4: CSIC 2107

Session 1: Hiding your tracks

  • Tor Middleboxes
    Michael Reininger
  • Covert Communication over Radio
    Geoffrey Moores

Session 2: Malicious mirages

  • A New Approach to Sandbox based Malware Analysis
    Vinay Sudharsan, and Jai Shah
  • Mirror, Mirror, Who’s the most Malicious Package of them all?
    Josephine Chow, Daniel Kapit, Aravind Ramakrishnan

Session 3: You're not supposed to do that...

  • Detecting Malicious Bitcoin Mining
    Erica Blum, Daniel McVicker
  • Analyzing Root Causes of Failure in Tree-based ORAM
    Makana Castillo-Martin

Thursday December 6: CSIC 2107

Session 4: Distributing Security Information

  • Zero-knowledge CRLs
    Elijah Grubb, Corbin McNeill, Lambros Mertzanis
  • Redesigning Bridge Distribution in Tor
    George Hughey, Louis-Henri Merino, Michael Pearson

Session 5: Reality Bites

  • Tale of The Broken Shield: Analyzing malware behavior on real users machines
    Erin Avllazagaj, Omer Yampel
  • A Rigorous Approach to Identifying Vulnerability-Contributing Commits
    Kevin Hogan, Noel Warford

Session 6: Gone phishing

  • Detecting Data Leakage in Emails
    Chen Bai, Keshaw Burnwal, Bibhusa Rawal
  • Visually Detecting Phishing Websites
    Marguerite McDaniel

Final Projects

The bulk of your work in this class will center around a final project. The goal of this course project is for you to get experience doing security research by working on an open problem. It should also be a problem that's interesting to you: you will pick it, but I am happy to discuss project ideas with you.

Ideally, several (possibly workshop) publications will come out of this class. To this end, there will be several milestones throughout the semester to help make sure that you are making progress.

Any point throughout the semester, you are welcome to come meet with me to discuss ideas, or if you need advice.

09/13   Email Dave with the members of your group

  • No more than 3 people per group.
  • The more people, the more I will expect.

10/11 (in class)   Project pre-proposal presentations

Make a short presentation about your intended project to solicit feedback from your classmates.

  • Keep your presentation to 5 minutes, plus Q&A.
  • Describe the problem you want to solve.
  • Provide some context to the problem in terms of background and related work.
  • Describe how you plan to:
    • Solve the problem
    • Evaluate your solution
    • Address potential ethical concerns
  • Give feedback to your classmates about their projects.

11/02   Project proposal writeup

Email Dave a 2-3 page PDF document describing your proposed project. Be sure to include:

  • The members of your group
  • A description of the problem you seek to solve.
  • A background and survey of related work.
  • The approach you intend to take to solve the problem, and how this differs from prior approaches.
  • An evaluation plan (will you use simulation, implementation, a user study, an existing dataset, etc.)
  • Plans for what you intend to accomplish by the checkpoint and by the end of the semester.

11/15   Project checkpoint

Email Dave a 1-2 page PDF document describing your progress thus far. Include:

  • The members of your group.
  • The progress you have made thus far.
  • The conclusions you can draw thus far from your preliminary results.
  • Whether you are on track to complete what you proposed.
  • What obstacles or unexpected problems you faced.
  • How you plan to address the remaining problems.

12/04 & 12/06 (in class)   Project presentations

The final two days of class will be the 3rd Annual UMD GradSec Symposium. Each group will deliver a 10 minute presentation on their work, followed by Q&A. The program will be announced closer to that day.

12/12   Project writeups

Email Dave your final project writeup. This writeup should largely reflect the style and substance of a workshop or conference submission. It should not exceed 8 pages (not including references and appendices). It should include:

  • An abstract summarizing the work.
  • An introduction that motivates the problem and your approach.
  • A related work section that puts the work into context and differentiates your work from others'.
  • One or more sections describing your solution, study, design, etc.
  • One or more sections describing your results, evaluation, findings, etc.
  • A brief conclusion and future work section describing what remains to be done.
  • References and citations.

Note All attacks must be performed in an ethical, safe manner; please see the discussion of legality and ethics in the syllabus.


Web Accessibility