4th Annual GradSec Symposium

Tuesday December 3

Session 1: Analyzing attacker capabilities

  • Shady Shaders
    Frankie Pike
  • Spamcall Honeypots
    Mitchell Kager, Nicholas Francino
  • User-side Defenses Against Evil Twin Attacks
    Tamer Mograbi, Yusuf Alnawakhtha, Mackenzie Kong-Sivert

Session 2: Robustness against malicious inputs

  • Characterizing the Parameter Space of Encrypted Database Reconstruction Attacks
    Noemi Glaeser, Benjamin Sela
  • Robustness Certificates for CNNs
    Sahil Singla

Thursday December 5

Session 3: I know what you imported last summer

  • AndroDiff: A diffing library for Android
    Sindhoor Tilak
  • PYed PIPer!
    Josiah Wedgwood, Aadesh Bagmar
  • The Use of Cert Pinnings in Android Apps
    Clifford Bakalian, Alex Brassel, Preston Tong

Session 4: We've sprung a leak

  • Thwarting Website Fingerprinting with Generative Adversarial Techniques
    Kyle Reese
  • Investigating PII Leakage via Registration Forms
    Cuong Nguyen, Gang Liao, Stephanie Zhou
  • Model Inversion Attacks
    AmirMohsen Ahanchi, Amin Ghiasi

Final Projects

The bulk of your work in this class will center around a final project. The goal of this course project is for you to get experience doing security research by working on an open problem. It should also be a problem that's interesting to you: you will pick it, but I am happy to discuss project ideas with you.

Ideally, several (possibly workshop) publications will come out of this class. To this end, there will be several milestones throughout the semester to help make sure that you are making progress.

Any point throughout the semester, you are welcome to come meet with me to discuss ideas, or if you need advice.

09/13   Email Dave with the members of your group

  • No more than 3 people per group.
  • The more people, the more I will expect.

10/11 (in class)   Project pre-proposal presentations

Make a short presentation about your intended project to solicit feedback from your classmates.

  • Keep your presentation to 5 minutes, plus Q&A.
  • Describe the problem you want to solve.
  • Provide some context to the problem in terms of background and related work.
  • Describe how you plan to:
    • Solve the problem
    • Evaluate your solution
    • Address potential ethical concerns
  • Give feedback to your classmates about their projects.

10/25   Project proposal writeup

Email Dave a 2-3 page PDF document describing your proposed project. Be sure to include:

  • The members of your group
  • A description of the problem you seek to solve.
  • A background and survey of related work.
  • The approach you intend to take to solve the problem, and how this differs from prior approaches.
  • An evaluation plan (will you use simulation, implementation, a user study, an existing dataset, etc.)
  • Plans for what you intend to accomplish by the checkpoint and by the end of the semester.

11/15   Project checkpoint

Email Dave a 1-2 page PDF document describing your progress thus far. Include:

  • The members of your group.
  • The progress you have made thus far.
  • The conclusions you can draw thus far from your preliminary results.
  • Whether you are on track to complete what you proposed.
  • What obstacles or unexpected problems you faced.
  • How you plan to address the remaining problems.

12/03 & 12/05 (in class)   Project presentations

The final two days of class will be the 4th Annual UMD GradSec Symposium. Each group will deliver a 10 minute presentation on their work, followed by Q&A. The program will be announced closer to that day.

12/12   Project writeups

Email Dave your final project writeup. This writeup should largely reflect the style and substance of a workshop or conference submission. It should not exceed 8 pages (not including references and appendices). It should include:

  • An abstract summarizing the work.
  • An introduction that motivates the problem and your approach.
  • A related work section that puts the work into context and differentiates your work from others'.
  • One or more sections describing your solution, study, design, etc.
  • One or more sections describing your results, evaluation, findings, etc.
  • A brief conclusion and future work section describing what remains to be done.
  • References and citations.

Note All attacks must be performed in an ethical, safe manner; please see the discussion of legality and ethics in the syllabus.

Web Accessibility