Beschreibung:

The bachelor project in the summer term 25 is on hot topics in computer security based on the USENIX Security Symposium 2024 and CCS 2024 . Both conferences are top-tier security conferences that provide a dedicated evaluation process on artifacts that are submitted in addition to the scientific paper. Our course allows students to do a bachelor project within the scope of computer security research published on top conferences, i.e., taking a deep dive in recent research implementation projects and evaluation data.

Please note that this course will be in English: students are required to write their project report in English and give an oral presentation in English.

We will only be accepting 10 students for the Bachelor project.

There will be 4 mandatory meetings throughout the semester. Every meeting is mandatory; students cannot pass the bachelor project if they miss any of these meetings. The first meeting is the kick-off meeting on Monday, April 14th at 10:00 in S-GW 009. The dates of the remaining meetings will be fixed in April.

The procedure is as follows:

1. Students join the kick-off meeting on Monday, 14th April at 10:00 in S-GW 009 (no pre-registration is required).
2. Our chair will publish a selected list of artifacts (in Moodle) from above conferences.
3. Until Friday, 18th April EOD students select and submit three artifacts from that list. Students also provide a ranking preference of the selected artifacts.
4. Next, the course organizers assign one artifact to each student.
5. Before the next meeting, students read the paper and get familiar with the artifact. Students should also test the artifacts, trying to partially reproduce the result of the paper. Reach out to your supervisor if you need help in getting the artifact running. After running the artifact, the students think of ideas to advance the artifacts or concepts of the paper in useful directions.
6. Meeting 2 (mid-May): During the meeting, students provide a summary of the paper and also provide a very general overview of what the artifact includes: which components have been implemented? If applicable, what kind of evaluation data includes the artifact? What hasn't been provided in the artifact? Further, the students propose the ideas that they aim to implement throughout the project.
7. Between Meeting 2 and 3, the students flesh out their vision for this project and start implementing. If they are stuck, they reach out to their supervisor.
8. Meeting 3 (end of June): The students present their detailed plan and ongoing implementation efforts. Additionally, the students lay out how they plan to evaluate their artifact additions.
9. Meeting 4: (end of July): Oral presentation of the project work and submission of the project paper.

Please note that the topics mentioned above often deal with system-level software and hardware aspects (operating system code, low-level code such as C code, Ethereum bytecode, and x86 or ARM assembly instructions). We recommend choosing the Bachelor project "Secure Software Systems" only if you are willing to deal with system-level programming techniques, meaning that you are ready to learn and apply these techniques within the scope of the project.

Literatur:

Unsere Themen richten sich an aktuellen Forschungsthemen der IT-Sicherheit (insbesondere Systemsicherheit). Die besten IT-Sicherheitstagungen (A*-Konferenzen) sind nachfolgend aufgeführt. Über das Uni-Netzwerk können Sie für alle der genannten Konferenzen die wissenschaftliche Artikel (die sogenannten Papers) kostenlos herunterladen und sich die Vortragsvideos anschauen. Beachten Sie, dass für dieses Bachelorprojekt die Konferenz USENIX Security insbesondere von Relevanz ist. Die anderen Konferenzen können aber für Hintergrundinformationen zum Thema Computer Security gerne herangezogen werden.

• IEEE Security and Privacy Symposium (IEEE S&P)
• ACM Conference on Computer and Communications Security (CCS)
• USENIX Security Symposium
• ISOC Network and Distributed System Security Symposium (NDSS)