The final submission of your case study / project report will be due towards the end of the semester.
I will expect your final report to be submitted on the evening of Sunday, July 16th / the morning of Monday, July 17th. Please upload a single PDF through Gradescope.
Evaluation
I will be looking for the following characteristics when I evaluate your final report.
Background
The report should describe all background information that the target audience would need in order to understand the report’s subject.
- Target audience
-
Undergraduate students taking ECE 7420 who understand the fundamentals of computer security but who are not familiar with the specifics of your report’s subject
- Summarization
-
Summarizes key background concepts concisely
- Grounding
-
References appropriate literature as evidence rather than relying on bare assertions of truth and validity
- Objectivity
-
Describes background material objectively and without personal opinion, e.g., "Alice et al. showed P" rather than "I think P"
Description
The report should describe the attack/event/technique in sufficient detail for the target audience to understand what happens/happened without necessarily being about to reproduce it.
- Completeness
-
The attack/event/technique is described from "end to end" (the big picture), though not necessarily from "top to bottom" (with detail beyond what’s required to understand the significance of the subject)
- Context
-
The report explains when the subject was created or occurred in a way that enhances the reader’s understanding of relevant actors' motivations (e.g., why the system was designed the way it was)
- Detail
-
The description contains sufficient detail to understand the subject but not so much extraneous detail as to overwhelm or distract from the main point
- Grounding
-
References appropriate literature as evidence rather than relying on bare assertions of truth and validity
- Objectivity
-
Describes background material objectively and without personal opinion, e.g., "Alice et al. showed P" rather than "I think P"
Methdology (9807 only)
Graduate students describing their project should provide a clear and explicit description of the methdology they followed.
Conclusions
The report should draw conclusions about the subject. What is the significance of the attack/event/technique? What are the ongoing implications, if any?
- Claims
-
The report makes claims about the significance of its subject
- Measure
-
Claims are measured and not exaggerated (e.g., "the most significant attack ever to affect a computer")
- Grounding
-
All claims are grounded in evidence and reasoning
- Non-originality
-
All evidence that supports the conclusions is introduced before the Conclusions section (e.g., the Conclusions do not cite new references)
References
The report should build on the references that were included in the proposal. Some proposals contained sufficient references; others require more or higher-quality references than their original proposals cite.
- Quality
-
The report includes at least one (or, depending on the subject, more) high-quality reference from academic peer-reviewed literature
- Diversity
-
The report includes references from multiple sources and/or perspectives
- Durability
-
Malleable sources (e.g., user-editable content or personal websites) are not used as primary sources
Formatting
- Structure
-
The report is well-structured in sections and subsections (as appropriate), including (at minimum) a title page, abstract, table of contents, introduction, conclusion and list of references
- Identity
-
The report’s author, context (e.g., course) and purpose are clear
- References
-
References are formatted according to a clear and recognizable style (ACM, IEEE, etc.)
- Legibility
-
The report uses appropriate fonts and styles (e.g., headers) to help the reader follow its structure