Final submission

The final submission of your case study / project report will be due towards the end of the semester.

I will expect your final report to be submitted on the evening of Sunday, July 16th / the morning of Monday, July 17th. Please upload a single PDF through Gradescope.

Evaluation

I will be looking for the following characteristics when I evaluate your final report.

Background

The report should describe all background information that the target audience would need in order to understand the report’s subject.

Target audience: Undergraduate students taking ECE 7420 who understand the fundamentals of computer security but who are not familiar with the specifics of your report’s subject
Summarization: Summarizes key background concepts concisely
Grounding: References appropriate literature as evidence rather than relying on bare assertions of truth and validity
Objectivity: Describes background material objectively and without personal opinion, e.g., "Alice et al. showed P" rather than "I think P"

Description

The report should describe the attack/event/technique in sufficient detail for the target audience to understand what happens/happened without necessarily being about to reproduce it.

Completeness: The attack/event/technique is described from "end to end" (the big picture), though not necessarily from "top to bottom" (with detail beyond what’s required to understand the significance of the subject)
Context: The report explains when the subject was created or occurred in a way that enhances the reader’s understanding of relevant actors' motivations (e.g., why the system was designed the way it was)
Detail: The description contains sufficient detail to understand the subject but not so much extraneous detail as to overwhelm or distract from the main point
Grounding: References appropriate literature as evidence rather than relying on bare assertions of truth and validity
Objectivity: Describes background material objectively and without personal opinion, e.g., "Alice et al. showed P" rather than "I think P"

Methdology (9807 only)

Graduate students describing their project should provide a clear and explicit description of the methdology they followed.

Conclusions

The report should draw conclusions about the subject. What is the significance of the attack/event/technique? What are the ongoing implications, if any?

Claims: The report makes claims about the significance of its subject
Measure: Claims are measured and not exaggerated (e.g., "the most significant attack ever to affect a computer")
Grounding: All claims are grounded in evidence and reasoning
Non-originality: All evidence that supports the conclusions is introduced before the Conclusions section (e.g., the Conclusions do not cite new references)

References

The report should build on the references that were included in the proposal. Some proposals contained sufficient references; others require more or higher-quality references than their original proposals cite.

Quality: The report includes at least one (or, depending on the subject, more) high-quality reference from academic peer-reviewed literature
Diversity: The report includes references from multiple sources and/or perspectives
Durability: Malleable sources (e.g., user-editable content or personal websites) are not used as primary sources

Formatting

Structure: The report is well-structured in sections and subsections (as appropriate), including (at minimum) a title page, abstract, table of contents, introduction, conclusion and list of references
Identity: The report’s author, context (e.g., course) and purpose are clear
References: References are formatted according to a clear and recognizable style (ACM, IEEE, etc.)
Legibility: The report uses appropriate fonts and styles (e.g., headers) to help the reader follow its structure