Proposed Projects

Below is a list of 4080/4480 projects proposed by faculty members for Summer 2022. More project descriptions may be added once they come in. Please contact the supervisor directly you are in interested in a project. You can also contact faculty members individually to discuss possible projects. Click here to see a list of faculty members, their research areas and their contact information.

Strengthening the Security of an Autograder Process

Course: EECS4480

Supervisor: Jonatan Schroeder

Contact: jonatan@yorku.ca

Unit testing platforms like JUnit and Unity provide a simple interface to evaluating the correctness of individual functions in a large project. These platforms can also be used in an academic environment to automatically test student-submitted code in programming assignments and generate a grade based on if these tests pass or fail. However, given that these platforms were originally developed for running code that is expected to be trusted, this practice can lead to a potential risk if students are able to provide code that causes the test to pass without resulting in the expected value (see https://www.seas.upenn.edu/~hanbangw/blog/hack-gs/). While most modern autograding platforms introduce security practices to avoid this kind of code from receiving a valid grade, some vulnerabilities still exist.

For this project you will strengthen the security of an autograder process for C code for the PrairieLearn platform. You will start by creating possible attack vectors in the form of code that is expected to cause the autograder to pass a test without actually returning the expected results. Examples of attack vectors include code that saves or outputs well-formatted values that are interpreted by the autograder as a success, and/or crashing the original autograder process. Then you implement safeguards that ensure student-submitted code is unable to bypass container sandbox limitations, and that ensure that malicious student code does not result in a successful grade.

Required skills: Must have completed EECS 2031 with an A/A+. Must have solid programming skills in C. Ability to work independently.

Recommended skills: EECS 3221 is highly recommended. Experience with Docker containers is helpful but can be obtained during the project. Git experience is helpful.

Privacy assessment of online services and platforms

Course: EECS4480/4080

Supervisor: Yan Shvartzshnaider

Contact: Please complete this form: https://forms.gle/oVVg6hEConSNf9p28 For any question email: yansh@yorku.ca

This project involves performing privacy assessment of online services and platforms. The student will help design usable-privacy tools that analyze information handling practices of online services.

For prior project, see work https://wiki.eecs.yorku.ca/course_archive/2021-22/F/4080_4088_4090_4480_4070/4088_presentation_schedule

Required skills: Ability to work indepently. Experience in full-stack development and using Jupyter and R notebooks for data analysis.

Recommended skills: Experience with Machine Learning, Natural Language Processing techniques, HCI design. Interest in usable privacy, critical analysis of privacy policies and privacy related regulation.

Web Application Full-Stack Development

Course: 4080/4088/4090

Supervisor: Uyen T. Nguyen

Contact: utn@eecs.yorku.ca

The student will be responsible for developing a responsive web application. The primary focus will be the development of the user interface, web services, API, and database interactions while ensuring robust integration, system stability, and responsiveness among all application modules.

Responsibilities:

Required Skills and Qualifications:

Framework:

• Understanding of code versioning tools such as Git • Understanding of Job Queuing solutions such as RQ • Understanding of Docker

Good to Have:

Notes:

Software System Engineering

Course: 4080/4088/4090

Supervisor: Uyen T. Nguyen

Contact: utn@eecs.yorku.ca

The student will assume the role of a System Engineer responsible for supporting the development team by designing and maintaining agreed-upon infrastructure, CI/CD pipelines, and code repositories.

Responsibilities:

Required Skills and Qualifications:

Good to Have:

Notes: