CSCI 4830/7000 - Ethical Hacking Seminar - Spring 2011

Graduate Project

Apr 05, 2011

Term Project -- Graduate Students Only

Undergraduates are not required to do this. Grads have three options, listed below.

Regardless of what option you choose, you must make a decision and have it approved by me by Fri, 4/15. By Tuesday, 5/3, you must submit a document which summarizes the contents of the paper. You do not have to do an oral presentation of the paper.

Read all three options. Options 2 and 3 have write-ups along the same lines as option 1. Let me know if you have questions.

Term Projects are solo efforts... no teams.

Option 1: Read a paper, write a report

You can read a paper and write a short report on it. I am open to most any security-related paper provided it has a "hacking" theme to it (ie, I don't want theoretical papers). I strongly prefer that you select one from here.

This isn't meant to be a hard project. It shouldn't take more than a few days to complete. After you have selected a paper, read it, study it, look up references if you have to, or come to me if you cannot understand some central part of it. Then write your report. Here are the requirements:

• It must be typeset in LaTeX.
• It should be about 5 to 7 pages in length, but completeness and clarity will determine my evaluation more than length. Don't babble on endlessly just trying to fill out the page requirement; be terse but complete. And if you come up short, add some more background material (even if it's redundant with the class material).
• You should have the following sections in your report:
  • What paper did you read: Title, Authors, One line abstract.
  • What is the paper about: setting, problem, goal.
  • What are the main results?
  • What is your impression of the impact of this paper (you don't have to go to the library and do a lot of research to answer this; give me your informed opinion, try a web search, etc.)?
  • Suggest related questions you think might be interesting which are related to the topic of this paper. (You are not responsible for ensuring that these questions have not already been answered by other papers.)

Option 2: Study a Security Tool, write a report

Peruse the web or BT and find a tool that captures your interest. Write it up along the same lines as the paper report. This must be a non-trivial effort to study and understand a tool, not a regurgitation of the documentation.

Option 3: Perform a Security Analysis, write it up

I will supply you with a VM with a vulnerable image. You break it in every way that you can and write up your findings. This is the hardest option of the three because of the time investment you will need to dedicate.