EECS Project Courses

User Tools

Site Tools

You are here: Main Page: EECS 4080, 4088, 4090, 4480, 4070 » 2024-25 » Proposed Projects for Summer 2024
Trace:
2024-25:summer

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
2024-25:summer [2024/04/15 23:26] baljko2024-25:summer [2024/04/15 23:31] – [Proposed Projects for Summer 2024] baljko
Line 10: Line 10:
  
  
 +==== Designing Privacy-preserving Systems ====
 +**[added 2024-04-15]**
 +
 +**Course:**  EECS4080 or EECS4480
 +
 +**Supervisor:**  Yan Shvartzshnaider 
 +
 +**Supervisor's email address:**  rhythm.lab@yorku.ca
 +
 +**Project Description:** 
 +Modern sociotechnical systems share and collect vast amounts of information. These systems violate users’ privacy by ignoring the context in which the information is shared and failing to incorporate contextual information norms.
 +
 +Using techniques in natural language processing, machine learning, network, and data analysis, this project is set to explore the privacy implications of mobile apps, online platforms, and other systems in different social contexts/settings.
 +
 +To tackle this challenge, the project will operationalize a cutting-edge privacy theory and methodologies to conduct an analysis of existing technologies and design privacy-enhancing tools.
 +
 +Students will help analyze information handling practices of online services and design privacy-enhancing tools. 
 +
 +Specific tasks include: comprehensive literature review of existing methodologies and tools, analysis of privacy policies and regulations, visualization of information collection practices, and design of a web-based interface for analyzing extracted privacy statements to identify vague, misleading, or incomplete privacy statements.
 +
 +For prior project, see [[https://wiki.eecs.yorku.ca/course_archive/2021-22/F/4080_4088_4090_4480_4070/4088_presentation_schedule|this link]]
 +
 +**Required skills or prerequisites:**
 +Good programming and data analysis skills overall, and experience in using Jupyter and/or R for data analysis.  Ability to work independently. 
 +Interest in usable privacy, critical analysis of privacy policies and privacy related regulation.
 +
 +**Recommended skills or prerequisites:**
 +Experience with Machine Learning, Natural Language Processing techniques, HCI design. 
 +Students with diverse backgrounds, including in technical fields, social sciences and humanities are encouraged to apply.
 +
 +**Instructions:**
 +Please fill in [[https://forms.gle/oVVg6hEConSNf9p28|this form]]
 +
 +==== Designing Privacy-preserving  Virtual Reality Systems ====
 +
 +**[added 2024-04-15]**
 +
 +**Course:**  EECS4080 or EECS4480
 +
 +**Supervisor:**  Yan Shvartzshnaider 
 +
 +**Supervisor's email address:** rhythm.lab@yorku.ca
 +
 +**Project Description:** 
 +Designing a privacy-preserving VR experience requires adhering to contextual integrity of users’ data . This involves accounting for different modes of interaction and ensuring robustness to accommodate the evolving privacy norms associated with future VR adaptations.
 +
 +To tackle this challenge, the project will operationalize a cutting-edge privacy theory and methodologies to develop mechanisms  that ensure that information flows in accordance with users’ expectations and established societal norms in VR settings.
 +
 +Students will help analyze information handling practices of VR applications and design tools to enhance privacy of VR users.
 +
 +Specific tasks include conducting a comprehensive literature review of existing methodologies and tools, performing a dynamic analysis of data practices in VR applications, and checking for compliance with existing regulations and privacy policies.
 +
 +For reference, see these papers:
 +  * https://arxiv.org/pdf/2303.13684.pdf
 +  *https://www.usenix.org/conference/usenixsecurity22/presentation/trimananda
 +
 +**Required skills or prerequisites:**  
 +  *  Good programming skills (experience with coding in Unity is a plus)
 +  *   Interest in usable privacy, critical analysis of privacy policies, and knowledge of privacy-related regulations
 +  *   Ability to work independently
 +
 +**Recommended skills or prerequisites:**
 +  *   Experience with data analysis using Jupyter and/or R
 +  *   Familiarity with HCI design
 +
 +
 +
 +----
 ==== Mnemonic-Based Serious Games ==== ==== Mnemonic-Based Serious Games ====
  
-**[added 2024-04-11]**+**[added 2024-04-15]**
  
 **Course:**  EECS4080 **Course:**  EECS4080
Line 34: Line 102:
 Contact professor at email above. Contact professor at email above.
  
 +----
 ==== Strengthening the Security of Autograders ==== ==== Strengthening the Security of Autograders ====
  
-**[added 2024-04-11]**+**[revised 2024-03-15, added 2024-04-11]**
  
 **Course:**  EECS4480/EECS4080 **Course:**  EECS4480/EECS4080
Line 48: Line 116:
 Unit testing platforms like Java's JUnit and Python's unittest provide a simple interface for evaluating the correctness of individual functions in a large project. These platforms can also be used in an academic environment to automatically test student-submitted code in programming assignments and generate a grade based on if these tests pass or fail. However, given that these platforms were originally developed for running code that is expected to be trusted, this practice can lead to a potential risk if students are able to provide code that causes the test to pass without resulting in the expected value (see https://www.seas.upenn.edu/~hanbangw/blog/hack-gs/). While most modern autograding platforms introduce security practices to avoid this kind of code from receiving a valid grade, some vulnerabilities still exist. Unit testing platforms like Java's JUnit and Python's unittest provide a simple interface for evaluating the correctness of individual functions in a large project. These platforms can also be used in an academic environment to automatically test student-submitted code in programming assignments and generate a grade based on if these tests pass or fail. However, given that these platforms were originally developed for running code that is expected to be trusted, this practice can lead to a potential risk if students are able to provide code that causes the test to pass without resulting in the expected value (see https://www.seas.upenn.edu/~hanbangw/blog/hack-gs/). While most modern autograding platforms introduce security practices to avoid this kind of code from receiving a valid grade, some vulnerabilities still exist.
  
-For this project you will strengthen the security of an autograder process for either Python or Java code for the PrairieLearn platform. You will start by creating possible attack vectors in the form of code that is expected to cause the autograder to pass a test without actually returning the expected results. Examples of attack vectors include code that saves or outputs well-formatted values that are interpreted by the autograder as a success, code that is able to identify secret information from the autograder code, and/or code that crashes the original autograder process. Then you will implement safeguards that ensure student-submitted code is unable to bypass container sandbox limitations, and that ensure that malicious student code does not result in a successful grade.+For this project you will strengthen the security of an autograder process for either **C,** Python or Java code for the PrairieLearn platform. You will start by creating possible attack vectors in the form of code that is expected to cause the autograder to pass a test without actually returning the expected results. Examples of attack vectors include code that saves or outputs well-formatted values that are interpreted by the autograder as a success, code that is able to identify secret information from the autograder code, and/or code that crashes the original autograder process. Then you will implement safeguards that ensure student-submitted code is unable to bypass container sandbox limitations, and that ensure that malicious student code does not result in a successful grade.
  
 You will work in coordination with the supervisor and the PrairieLearn developer community to brainstorm possible strategies and guidelines. Your final deliverable will be a pull request to the PrairieLearn codebase with the proposed fix. You will work in coordination with the supervisor and the PrairieLearn developer community to brainstorm possible strategies and guidelines. Your final deliverable will be a pull request to the PrairieLearn codebase with the proposed fix.
Line 55: Line 123:
   * To work on autograder for Python code, you must have completed EECS 1015 (or a similar course) with an A/A+. Must have solid programming skills in Python, including the use of unit testing.   * To work on autograder for Python code, you must have completed EECS 1015 (or a similar course) with an A/A+. Must have solid programming skills in Python, including the use of unit testing.
   * To work on autograder for Java code, you must have completed EECS2030 (or a similar course) with an A/A+.  Must have solid programming skills in Java, including the use of unit testing    * To work on autograder for Java code, you must have completed EECS2030 (or a similar course) with an A/A+.  Must have solid programming skills in Java, including the use of unit testing 
 +  * **To work on autograder for C code, you must have completed EECS 2031 (or a similar course) with an A/A+. Must have solid programming skills in C, preferably including the use of unit testing (though experience with unit testing in other languages is acceptable).**
   * Must be able to work independently and have good communication skills.   * Must be able to work independently and have good communication skills.
  
Line 62: Line 131:
 **Instructions:** **Instructions:**
 Additional information about PrairieLearn can be found here: https://prairielearn.readthedocs.io/en/latest/. A sample PrairieLearn assessment that includes Python autograded questions can be found here: https://us.prairielearn.com/pl/course_instance/136606/assessment/2351069. Please submit a brief description of your experience with the skills listed above. Additional information about PrairieLearn can be found here: https://prairielearn.readthedocs.io/en/latest/. A sample PrairieLearn assessment that includes Python autograded questions can be found here: https://us.prairielearn.com/pl/course_instance/136606/assessment/2351069. Please submit a brief description of your experience with the skills listed above.
 +----
 ==== Chat Bots in LMS for Easy Course Navigation ==== ==== Chat Bots in LMS for Easy Course Navigation ====
  
Line 100: Line 169:
 Please send your c.v., transcript, and Statement of Interest in the project to the project supervisor. Please send your c.v., transcript, and Statement of Interest in the project to the project supervisor.
  
 +----
 ==== Autograders for C and Linux Programs in Undergraduate Courses ==== ==== Autograders for C and Linux Programs in Undergraduate Courses ====
  
2024-25/summer.txt · Last modified: 2024/04/16 00:31 by baljko