Please organize yourselves into groups of 2-3 to prepare a presentation on one of the topics below. Each presentation should consume a third to a half of a class meeting.
A two-person group should prepare a 15-minute presentation, including a few minutes for questions and discussion. A three-person group will have 20 minutes. This gives a bit more time for coordination and transitions, and for somewhat more material, which you can develop with the extra manpower.
You and your partner(s) can split this time however you want (even including having one of you do all the talking). However, you should give one cohesive presentation, rather than separately-prepared segments. You should design the presentation (content, structure, etc) as a team. You will receive one grade as a team. One goal of having you work in teams is to get stronger presentations.
Guidelines:
These are technical presentations to a technical audience. Give the key details of algorithms, languages, technologies, or other information as relevant for your topic. High-level overviews suitable for the evening news will not earn you many points.
Use concrete examples. If you are presenting a tool or a language, we should see fragments of actual code or actual interactions with a tool. If you are presenting an attack, show how to construct an actual instance of it. If you are presenting on a proposed technology, provide concrete examples of how the proposal would work (and examples of how it wouldn't).
However, think beyond the purely technical aspects of your topic though, into the surrounding implications. For example, many topics have privacy implications or interact with legal issues. You should talk about these where relevant, at a sufficient level of depth for a serious tutorial rather than a casual overview.
Apply the key concepts of the course to your subject wherever appropriate. These include:
Be critical: Cover both strengths and weaknesses of any approaches relevant to your topic. If you are presenting a tool or language, for example, don't just show what it can do. Try to identify useful tasks in the space of the tool/language that it doesn't support well. Think of this presentation as if you're helping the rest of the security team at your workplace decide whether to adopt a similar approach.
The medium is up to you. You may use Powerpoint or LaTeX slides if you think they're appropriate to your goals, but you certainly don't need to. Live demos, whiteboard talks, creative interpretations (so long as they highlight technical content) are all fair game here.
Good presentations are not thrown together a day or two before. You need time to read up on your topic, distill the information, and assemble the presentation. I'm expecting you to put a good 10 hours into preparing this.
Grades are based your choice of material, the level of detail, the clarity of the presentation, and especially your ability to connect your material to the key concepts mentioned above.
I'm glad to consult with you outside of class as you prepare your presentation. Feel free to show me outlines, summaries, draft slides, etc. Keep in mind that I can't give you much useful feedback the night before you are due to present.
What if your group really wants to do something different from all these topics? That may be OK.
Send me a message that says in 1-2 sentences what you want to talk about; describe in 1-2 sentences why you think it's relevant and important; and give 2-3 references to books, papers, and websites that you will start out from.
If I think it's a good idea, I'll let you, though I may ask you to modify or adapt.
Here are some starting links relevant to each topic (I'll be getting them up for all topics over the next few days). You don't have to present exactly the content of these papers, but I expect these to figure into your presentation to some extent unless you clear different references with me beforehand. (This is mainly to ensure that presentations are aiming for the appropriate technical depth). Some of the papers contain references to other useful information, so check those out in preparing your presentation.
To access links into ACM's Digital Library, you will need to be inside the WPI network (either directly or via VPN).
Stuxnet was a worm using USB devices and Windows vulnerabilities to target industrial control systems, allegedly focused on delaying the Iranian nuclear program.
Presentation should include how to steal someone's data in a public wifi hotspot.
Generally a rich topic with lots to be found. No need to stick to these, but do bring socio-technical dimensions into the discussion.
Richard Clarke and Herbert Lin are two useful names from which to start searches on this topic.
Look into socio-technical issues as well as how mobile banking works technically.
A case study or two on successful attacks and their broader implications would make sense here.
How can the Linux kernel protect you if a program misbehaves (possibly because of injected code)? AppArmor and Security-Enhanced Linux are two approaches.