6th Annual GradSec Symposium

Tuesday Dec 6

Session 1: ML - the S stands for Secure

  • Attacking Malware Classifiers
    Chris, Maurice, and Shouvik
  • Public Data Dataset Inference
    Kyle and Davit

Session 2: Networking - the S stands for Secure

  • Fuzz-testing DNS Servers
    Jason and Alperen
  • Detecting IPv6 Service Surveillance
    Erik and Taylor

Session 3: Users - the S stands for ... oh shoot

  • Can Github Copilot Help Write Secure Cloud Deployment Code?
    Swanand and Ivan
  • Measuring Platforms' Susceptibility to MFA Brute-forcing Attacks
    Alan, Wentao, and Joe

Thursday Dec 8

Session 4: System-wide Security

  • Unified Behavioral Monitoring Across Runtime Systems
    Samuel, Nicholas, and Benjamin
  • You Are What You Import
    Farida, Sadia, and Kent

Session 5: Discovering Malware

  • (Not) Finding Compiler Trojans
    Justin and Segev
  • Identifying Extension Anomalies in the VSCode Marketplace
    Jasmine, Kaitlyn, and Jason

Session 6: Anonymity

  • Linking Website Fingerprints
    Rod and Aaron
  • Practical Security in Trusted-Repeater Quantum Networks
    Charlie, Connor, Ben, and Derek

Session 7: ML Resilience

  • Verifiable Robustness & Privacy for ML
    Le, Yanjun, and Yancheng
  • Gradient Inversion Attacks on Vision Transformers
    Syed and Yiting

Session 8: Expoliting Users

  • Characterizing and "Smisher" (SMS Phishing)
    Julio and Sridevi
  • Poisoning Video Game Plugins to Phish via Microtransactions
    Arman and Yichi

Final Projects

The bulk of your work in this class will center around a final project. The goal of this course project is for you to get experience doing security research by working on an open problem. It should also be a problem that's interesting to you: you will pick it, but I am happy to discuss project ideas with you.

Ideally, several (possibly workshop) publications will come out of this class. To this end, there will be several milestones throughout the semester to help make sure that you are making progress.

Any point throughout the semester, you are welcome to come meet with me to discuss ideas, or if you need advice.

09/08   Email Dave with the members of your group

  • No more than 3 people per group.
  • The more people, the more I will expect.

10/13 (in class)   Project pre-proposal presentations

Make a short presentation about your intended project to solicit feedback from your classmates.

  • Keep your presentation to 5 minutes, plus Q&A.
  • Describe the problem you want to solve.
  • Provide some context to the problem in terms of background and related work.
  • Describe how you plan to:
    • Solve the problem
    • Evaluate your solution
    • Address potential ethical concerns
  • Give feedback to your classmates about their projects.

10/20   Project proposal writeup

Email Dave a 2-3 page PDF document describing your proposed project. Be sure to include:

  • The members of your group
  • A description of the problem you seek to solve.
  • A background and survey of related work.
  • The approach you intend to take to solve the problem, and how this differs from prior approaches.
  • An evaluation plan (will you use simulation, implementation, a user study, an existing dataset, etc.)
  • Plans for what you intend to accomplish by the checkpoint and by the end of the semester.

11/10   Project checkpoint

Email Dave a 1-2 page PDF document describing your progress thus far. Include:

  • The members of your group.
  • The progress you have made thus far.
  • The conclusions you can draw thus far from your preliminary results.
  • Whether you are on track to complete what you proposed.
  • What obstacles or unexpected problems you faced.
  • How you plan to address the remaining problems.

12/06 & 12/08 (in class)   Project presentations

The final two days of class will be the 5th Annual UMD GradSec Symposium. Each group will deliver a 10 minute presentation on their work, followed by Q&A. The program will be announced closer to that day.

12/15   Project writeups

Email Dave your final project writeup. This writeup should largely reflect the style and substance of a workshop or conference submission. It should not exceed 8 pages (not including references and appendices). It should include:

  • An abstract summarizing the work.
  • An introduction that motivates the problem and your approach.
  • A related work section that puts the work into context and differentiates your work from others'.
  • One or more sections describing your solution, study, design, etc.
  • One or more sections describing your results, evaluation, findings, etc.
  • A brief conclusion and future work section describing what remains to be done.
  • References and citations.

Note All attacks must be performed in an ethical, safe manner; please see the discussion of legality and ethics in the syllabus.

Web Accessibility