Projects for ECE598NB
Those of you taking the course for 4 credits will be required to
do a project. Here are a few requirements:
- Projects must be done in groups of 1-3 students (2 is recommended).
- Project topic can be anything related to Privacy Enhancing
Technologies, not only what we cover in the course.
- Project must involve original research, something you
could see yourself sending to a conference or a workshop.
- Feb 16
- Hand in a 1- to 2-page project description. You should include:
- What you are planning to do.
- What you expect to have finished by the end of the semester.
- How this relates to other research in the area. Include one
or two references.
- First week of April
- Status report meeting.
- May 2
- Present your results for the class
- May 12
- Hand in a conference-quality report, 10-15 pages in length.
Here are a few suggestions for projects, but this list is
very incomplete — there are open problems in pretty much every topic
that we cover in the course.
- Anonymity analysis
- My own research focus is on design and analysis of peer-to-peer
anonymous networks. If you're having trouble sleeping at night, you can read more about it in my thesis,
but a better idea would be to come talk to me. I find that in the
descriptions of p2p anonymous networks, there are always aspects that
deserve further analysis. If you feel the same, there may be
a class project for you.
- Open problems in Tor
- Roger Dingledine has a presentation regarding Research Problems for Tor. Any of
these would make a good project topic for the class.
The next projects are suggestions by Bill Yurcik, so would want
to talk to him about these.
- Security operations staff use packet traces to help defend
their own organization's networks. Since attackers typically attack
across network boundaries, sharing packet traces between
different organizations would help defeat attackers.
However, at present sharing of packet traces between organizations is very
limited since packet traces contain private and sensitive information.
This project is to work with NCSA to develop a tcpdump-like tool
that can read raw packet trace logs and output anonymized packet trace
logs. NCSA has experience creating two tools just like this for NetFlows
logs and Process Accounting logs so we have most of the hard cryptographic
algorithm algorithms ready and GUI source code to share -- all we need
are talented and dedicated Java programmers to pull the work together.
This work is highly publishable and will result in multiple papers
as well as the tool developed being distributed on the Internet via NCSA.
- "Examples of using anonymized logs to find attacks"
- NCSA has developed anonymizers for NetFlow and Process Accounting logs
and hopes to also soon develop an anonymizer for packet traces.
We have intuition and artificial examples of how anonymized logs
can be shared between organization to both preserve privacy and
defeat attackers. This project would be to find specific examples
of attacks that can traced with anonymized logs. NCSA has an ongoing
effort of multiple years on this specific problem and will lend ideas
and tangible support for this class project. This work is highly
publishable and may involve collaboration with an external
security expert with vast experience in this area who has expressed
interest in collaboration.
- "Building data anonymization"
- Prof. Carl Gunter and
I are involved in a project using the building automation controls
in Siebel Center. One important question is how to anonymize the data
logs that are generated by the system so that they can either be
used for research purposes or displayed to people.
If you are taking Prof. Gunter's 598 course, he suggested that
there are a number of projects related to the topics of that course that
could involve privacy. If you are interested in doing something
along those lines, we would be happy to jointly supervise your project.