PROJECT PROPOSAL DUE 3/27/2007
FINAL PROJECT REPORT DUE (EXTENDED) 4/13/2007 (Will arrange demos separately)
More project ideas can be found here.
General information:
This project is meant to be a lot of fun, as you are free to explored anything related to networking!
Your project should address a research issue in computer networks and consist of the design, analysis or improvement of some network system, application, or protocol. The main goal of the project is to do original research on a problem of interest in computer networks, so that you can deepen your understanding of a particular networking topic.
This project should be done in groups of two to three people (larger groups are possible for projects of sufficient scope). If you would like to do this project on your own, please let me know (Except for special circumstances, you need to have done at least one project in groups, and this is the last project of the course). Projects will be evaluated on the quality of their research in computer networks. You are expected to write a simple project report (roughly 4 pages) explaining your work. As part of the grading, you are expected to give a demo of your working system with us. I expect that most projects will fall roughly into one of the three categories:
- Design. Design projects will usually attempt to solve some network problem of general interest by proposing a design; implementing a prototype; and using the implementation as a basis for evaluating the proposed system architecture. The implementation of the proposed design can be either done as a real prototype (highly encouraged) or evaluated using simulations based on an existing simulator (e.g., NS, SSFnet).
- Analysis. Analysis projects might, for example, study some previously-proposed implementation technique, existing system, or class of systems; evaluate its network properties such as performance; find flaws, or strengths, in it; and provide new insight into how to build network systems. To analyze an existing system, one may want to collect measurement data. To collect desired data may involve implementation or use of some network measurement tools.
The proposed work should be relevant to computer networks, but this will be interpreted broadly. The topics range from anything we covered in lecture, and topics such as network system management tools (such as SNMP), network games, wireless networks, sensor networks, etc. You are encouraged to find topics of interest to you; feel free to be creative in selecting a project topic. You're welcome to pick a topic that is connected to your current research or project for another class. (To use one project for more than one class, please come talk to me and also get the permission from the instructor of the other class/classes.)
If you're at a loss for a project topic, I've prepared a list of possible project topics that you can peruse as examples of how to a pick a suitable project. See below. But don't feel limited to these suggestions! They are intended only as examples.
You're welcome to come discuss possible project ideas with me, if you like. I'm happy to make myself available to discuss projects, so is Kevin.
The process
You will write a concise (approximately 1 page, can be longer if needed) project proposal that should clearly state the problem you will be solving, the key challenges for new research, your plan of attack (including milestones). If there are any special resources you might need from me, mention them as well. You might mention any relevant work that you are aware of.It is important to describe clearly what your deliverables are, as this determines how the project should be graded. We plan to do face-to-face grading for all projects. Here's how to submit your proposal. Like previous assignments, you should use the turnin server to submit the proposal for pa3. Please state clearly who is in your group. Text, postscript, or PDF format are highly preferred over Word format. The proposal is due 3/27/2007.
What to hand in:
PA3 is due 4/9/2007. You should again use the turnin server to submit a project report of roughly 4 pages explaining your work, describing related work and your contribution. You should also submit any code relevant to your project to provide evidence of your work. Please provide a README file explaining how your code relates to your work. Finally, your grade is also determined by on a "demo" explaining what you have accomplished. Please check the door of CSE 4629 to sign up for the demo time, as the time gets closer to the project deadline. If you really cannot make any of those times, please email zmao@umich.edu.Example Project Topics
Note: Some examples are very specific. Others are quite generic; for the generic suggestions, be sure to narrow down the topic substantially and propose something concrete and focused.
If you are interested in any of the project topics below, please talk to me about it; I can make some more concrete suggestions.
Here are a few examples of previous projects: gdnet, file distribution protocol, Web crawler.
More project ideas can be found here.
- Characterizing phishing emails
- Phishing is becoming a serious problem today, as users are duped to access phishing URLs pretending to be legimate sites hosted by banks and credit card companies. In this study, you will have chance to analyze the behavior of network entities hosting these phishing sites, corresponding DNS servers, as well as running the SMTP protocol to send these phishing emails to mail servers. You may be amazed to see how prevalent these servers are. Example data sources include our own local data as well as antiphishing.org and millersmiles.
- Understanding the impact of network performance on application.
- The network performance we can look at include loss, delay, jitter, throughput; the applications are real-time applications such as VoIP, and multimedia streaming. The experiment can include both lab control experiments (artificially impose the loss, delay, jitter) to measure the impact on application level impact. Also perform Internet experiments with 1) our campus machines; 2) Planetlab machines. For each VoIP, Skype can be used and standard industry evaluation metrics to measure the quality of the VoIP performance are also be used. For multimedia streaming, there is a paper related to the specs and measurement, from sigcomm workshop 03: Multimedia streaming services: specification, implementation, and retrieval.
- Peer to peer networks
- Measurement and analysis of an existing peer-to-peer system e.g., Limewire, Bittorrent, Kazaa Architectural improvement suggestions: How to make it censor resilient, How to increase incentive to contribute resources, Cooperative P2P across multiple protocols, Share files across Limewire with Bittorent, Generic interface to allow interoperable P2P networks.
- Mapquest for the Internet
- Mapquest gives shortest path from point A to point B. Enhancements: shortest in distance, shortest in estimated traveling time, reverse path, high way avoidance Do the same/similar thing for the Internet (make use of overlay routing)
- 802.11 peer to peer network
- Mesh networks: Wireless peer to peer networks Efficient routing schemes Use DHT-like structure to maintain neighbors, routes
- Security of peer-to-peer systems
- Peer-to-peer systems (e.g., Gnutella, Kazaa) have been a hot topic recently. You might study the security challenges inherent in peer-to-peer systems, either by proposing techniques for building secure peer-to-peer systems, or by analyzing an existing peer-to-peer system.
- Distributed firewalls
- Imagine taking the enforcement mechanism found on a firewall and replicating it on all inside machines. (This would require installation of new software on all internal machines, but suppose we can handle that administrative burden.) How do we maintain centralized control over security policy? How do we specify policies? How do we maximize assurance in such an environment? How do we handle multi-organization scenarios, where a machine is a member of multiple organizations and thus multiple parties would like to add security restrictions?
- New network attacks
- Find new security weaknesses in any widely-deployed network system or an existing network security protocol. This can be any public system, such as DNS protocol, TCP protocol, BGP protocol, etc.
- Spams
- Spams has been a serious problem. Propose a way to detect spam automatically and block spam emails. Study the effectiveness of existing spam blocking schemes such as SpamAssassin.
Web Crawler crawl through websites to search for particular types of content or perform special indexing above and beyond a typical search engine (i.e. google) for a special application. Gnutella or other P2P Client Write your own gnutella client using freely available resources and protocol specifications. P2P Content Distribution Network Create a peer to peer content distribution network (more like BitTorrent) potentially for streaming media (ordering constraints). So instead of the server sending to everyone, it only sends to a few people who forward the data they have to others so the content can reach more clients than the server would otherwise be able to handle. Application-level firewall Use available libraries to read raw traffic and do processing on it according to a set of firewall rules Intrusion Detection System Implement an intrusion detection system that checks for suspicious network activity and raises alerts. There are many different types of intrusion detection systems that look at different characteristics of traffic. Feel free to try a creative anomaly-based system that looks for suspicious data such as NOP sleds. (Come talk to one of us if you are interested and want a more detailed explanation). OS Fingerprinting System (just like NMAP) Make a program to probe operating systems with various types of malformed and special packets to fingerprint the TCP/IP implementations and the operating system. Extra credit: figure out how to fingerprint different service packs and kernel builds that NMAP cannot tell apart (hint: it can be done, but doing this for an OS that source code is available for (linux) is easier). Protocol-Level Fuzzer A fuzzer is a program that rapidly generates strings from a context free grammar and builds messages from them. You can add random variations that step outside of the protocol specification to test the robustness of applications (and find security vulnerabilities!) such as Apache, SSH, Internet Explorer, Mozilla, dcom RPC, Windows file sharing the list goes on and on... Extra credit: write a grammar and fuzzer that is good enough to find bugs (extra extra credit: exploitable security vulnerabilites, and yes they do exist, this is how many security researchers find them!) in an application that speaks the protocol you choose. Web Server Load Balancer A computer that goes in front of a bunch of web servers for a large website and balances the load between them by forwarding connections. You should implement at least one special feature such as remembering the previous server that the client connected to in case it caches per-client state on the server side. VoIP Client Create a client that uses the H.323, SIP or other protocol for voice-over-IP communication. You may need to download open-source encoders for the H.264 voice protocol. SSH Client You will need to use the OpenSSL libraries to do encryption and refer to relevant protocols specifications and RFCs. VPN Client Again you will have to refer to protocol specifications and use encryption libraries (This may be a difficult project and require low-level OS kernel programming) TCP over UDP If you really enjoy congestion control and window size management. Other encrypted network communication program Take anything like streaming video, chat, voice, and encrypt it. This will probably entail making an encrypted tunnel program like stunnel. HTTP Backdoor Tunneling Program A program that will tunnel a command shell or other application through HTTP requests so that it will get through proxy servers and firewalls. The end that is behind the firewall or proxy should make outbound callbacks to establish connectivity with the other end of the tunnel. Client program for Internet applications. A client program for most any another internet application such as instant messaging, IRC may be a little too easy (encrypted IRC would be an option), shared whiteboard, Extended Web Server (Adding features and modules above and beyond PA1).