Found the research paper construction overview to be particularly helpful
Need to further understand the distinction between the abstract and the introduction
I've learned about some of the concepts discussed in the RCR training before, but nevertheless they remain crucial ideas to discuss and understand
Certain videos and concepts I hadn't actively reflected on as much (e.g. international collaborations and the many influences on the integrity of one's work)
Some overlap with Dr. Ming and Dr. Uthurusamy's presentations which I felt further highlighted the importance of those ideas
Overall, the biggest benefit to me this past week was the chance to interact with everyone involved with the REU. Getting a feel for the expectations and work environment present especially given the online format I feel is necessary.
Presented on what we learned/connected with from the first week of the REU and the various trainings. Going forward, we may need to slightly cut down on our presentations and how long we talk for, aiming for around 20 minutes or so.
Met with our supervisor and PhD students who will help mentor us. Our mentor's name is Feyi. My understanding is that ideally, the goal is for Dr. Sen to be who we directly contact regarding any technical issues or questions, while our mentor is meant for any other questions or issues regarding general research practices, obstacles, understanding research papers, etc.
After asking some questions and discussing with Dr. Sen during our meeting today, we had a better sense of the pace and level of detail for reading/understanding these papers. Our goal isn't strictly to get through all 15 papers by the end of next week, but rather to get a more general/macro understanding of risk assessment in CAV and the different implications/responses. Initially, our goal should be to just briefly introduce the larger concepts, going through the abstract and introduction and related works and results, and then we pick out the more compelling papers and make an effort to more thoroughly digest the methods and results and discussions.
More concretely, Dr. Sen highlighted a particularly important paper that we should read this week titled "Risk Assessment for Cooperative Automated Driving." We each also chose three papers (six distinct papers total) to go through and discuss later this week. I chose the following:
Current US Federal Policy Framework for Self-Driving Vehicles: Opportunities and Challenges
Security and Privacy in the Automotive Domain: A Technical and Social Analysis
Human Factors in the Cybersecurity of Autonomous Vehicles: Trends in Current Research
If we need to mix things up and keep ourselves interested in the material (i.e. during times when strictly reading research papers may feel a little dry), we can also begin to build the web-application aspect of our project by doing things such as working on the front-end, putting placeholders, starting a server, etc.
We learned from a previous REU participant about his experience and his key takeaways/recommendations to make the best use of our time in the program.
Based on a previous discussion with Dr. Sen, I created a draft of what I understand to be the key components of an abstract. Dr. Sen provided us with a revised abstract, and I looked over it and picked out what I believed to be the important ideas to convey and their order.
I conducted the "Broader Understanding" style of review that we previously discussed on three research papers today (listed below), looking over the introductory/background materials and the results and discussions provided in each one. I took some basic notes and highlighted important points to me within the papers as well.
Risk Assessment for Cooperative Automated Driving
Current US Federal Policy Framework for Self-Driving Vehicles: Opportunities and Challenges
Human Factors in the Cybersecurity of Autonomous Vehicles: Trends in Current Research
Made preparations to purchase recommended book titled Quantum Computing for Computer Scientists.
Finished the fourth paper's "Broader Understanding" style of review.
Fourth paper was titled "Security and Privacy in the Automotive Domain: A Technical and Social Analysis
Wrote paragraph summaries of the four papers as an assessment of my understanding/observations made within each paper.
Reread and went more in-depth with "Risk Assessment for Cooperative Automated Driving" by continuing with the methods and other sections I previously skipped over.
Purchased Quantum Computing for Computer Scientists. Communicating with Dr. Sen regarding any recommended chapters/concepts to emphasize and any possible notes or tips that he may have.
Began work on the weekly presentation for next week.
Compiled the different instructions on how to structure the presentation and provided whatever information I had on hand. I still need to discuss it further and work on it more tomorrow after our meeting to talk about the papers.
Did another read-through of the "Risk Assessment for Cooperative Automated Driving" paper. I didn't feel like I understood it well enough previously, so I tried to go back through it again.
I tried my best to further detail it within my paragraph summary and to make some more highlights.
I also took a look at Ben's provided bibliography and attack index and tried to compare it with those.
Performed the more in-depth read and review of the "Current US Federal Policy Framework For Self-Driving Vehicles: Opportunities and Challenges" paper. Went back through and tried to reread important points and nearly read it front to back, checking my highlights and paragraph summary.
Met with Ben to discuss the papers we read and I asked some questions regarding the expectations and foundational knowledge for this project.
My expectations were misguided, and Ben helped clear up some things regarding what the goal of our model is and how these models overall establish constituents and their classifications (e.g. the 0-3 numbering scale for how to categorize a risk factor in "Risk Assessment for Cooperative Automated Driving").
Continued work on next week's presentation.
Answered some of the questions regarding our mutual paper and the different key points that Dr. Sen suggested we highlight.
Organized the slides and planned out how we wanted to best present the information while still remaining around our time limit of approximately 20 minutes.
Added some citations for my papers and filled out more of the slides regarding what I did this week.
Read over some of Dr. Sen's notes for Quantum Computing for Computer Scientists.
Presented our weekly presentation on what we did last week and the mutual paper that we read/discussed. We also shared our website and our upcoming plans for this week.
Met with Dr. Sen and Feyi to discuss feedback for our presentations, further details on what we should be doing this week, and some other foundational aspects of what we're doing with this project.
The feedback was pretty similar between Dr. Sen and Feyi, both discussing that we need to spend more time explaining the technical concepts in a manner that not only keeps pace (around 20 minutes), but also conveys the information in a simple enough manner that someone who isn't as knowledgeable on the field (e.g. higher-ups in corporations that we would present our framework/other products to) could easily understand.
Our slides were a bit crowded at times and there were various organizational/pacing issues that we could improve on such as emphasizing throughout our discussion of the mutual paper (or papers in general) how it relates back to our project and what we're trying to do here, what we took away from the paper, how it is applicable/helpful, etc.
This week, our three primary goals are to continue reading papers from our "Risk Assessment in CAV" folder, develop a draft of the network scenario(s) that we want to focus on for our framework, and make a draft of a threat model based on our network scenario. Ben and I have scheduled to meet later this week to develop those drafts and try and discuss the different papers we picked up this week.
I got my copy of Quantum Computing for Computer Scientists.
Chose my three papers from the "Risk Assessment in CAV" folder for this week.
Detecting cyber-physical threats in an autonomous robotic vehicle using Bayesian Networks
Integrating Autonomous Vehicle Safety and Security Analysis Using STPA Method and the Six-Step Model
IoT Security Development Framework for Building Trustworthy Smart Car Services
Performed the "Broader Understanding" style of review of the three papers, reading and highlighting the abstracts, introductions, related works, and results discussions/conclusions.
Looked over Ben's draft of the network scenario, noting some things that we can further develop and discuss during our meeting on Friday.
Started on Quantum Computing for Computer Scientists, making my way through Sections 1.1 and 1.2.
Read more through the methods of the paper titled "Detecting cyber-physical threats in an autonomous robotic vehicle using Bayesian Networks."
Created paragraph summaries of the papers I chose to try and see how much I understood and remembered.
Added a couple of symbols to the network scenario draft so that, depending on how our discussion goes tomorrow, they could possibly be incorporated into the visual.
Reread sections 1.1 and 1.2 in Quantum Computing for Computer Scientists. I wanted to make sure I got some more of the math down.
Met with Ben today. Our discussion touched upon virtually everything that we have been doing these past few weeks and what we're currently working on. Some notable points are:
We drafted our weekly presentation and we agreed that we would be better off starting a draft earlier in the week and filling it out as we go. While working on the presentation, we tried to better understand and implement the feedback we received on last week's presentation.
We further developed the network scenario and discussed it. Ben ended up incorporating the visuals I suggested and he also added a couple of his own. We also restructured the scenario slightly to better emphasize that we're working with a system of vehicles rather than an individual vehicle.
We briefly touched on the papers that we read, Ben learning a lot more about different CAV attacks and adding that to the attack index while my papers ended up being more about CAV security frameworks.
Updated our LaTeX bibliography with more of the papers that I read this week.
Ben had recommended some of his papers to get better acquainted with the CAV attacks and the attack index, so I looked through those a bit.
Implemented the weekly timeline that Dr. Sen provided on our website, outlining the tasks that we should be focusing on each week for the rest of the REU. I believe this was technically done over the weekend, but I still felt it important enough to include in the log.
Ben and I presented on last week's progress and our plan for this upcoming week today. Feedback from Dr. Sen and Feyi revolved around a better sense of pacing and direction within our presentation.
In terms of time, we went over the suggested 15-20 minutes from the faculty present. Therefore, we need to improve both the pace of our speech and the details that we focus on in regards to the actual content of our presentation.
Feyi gave us feedback on the necessity to approach our presentations as almost a sort of conversation between us as the speakers and our audience. This includes previous advice on providing the concepts in such a way that the most advanced and the least experienced individuals in our audience can still learn and take away something after we're done. It also emphasizes how good presentations can build up information to lead to the key points and takeaways. The particular example for this presentation that she used was our network scenario visualization. Feyi felt it was a bit sudden and unexpected given the dialogue taking place before that slide, and so she suggested we better prepare our audience for that kind of information with our previous slides
We had two other meetings, one with Dr. Sen and one with Feyi. These meetings were not only to receive feedback on our presentations today, but to also go over more details regarding our work for this week. We aim to wrap up our literature review within our "Risk Assessment in CAV" folder and start reading documents related to those in our "Traditional Risk Assessment" folder. We also want to focus on refining our attack repository and network scenario draft. If we are feeling confident, we can also start creating the threat model draft.
Dr. Sen also suggested two further readings:
Finishing up to Chapter 4 in Quantum Computing for Computer Scientists
The first chapter in The Car Hackers Handbook - A Guide for the Penetration Tester, a book recommended to us by Dr. Fu.
I began reading the NIST document within the "Traditional Risk Assessment" folder.
Finished Chapter 1 of Quantum Computing for Computer Scientists. I still felt that it was a bit dense and a lot of the examples were going over my head, so I'll need to come back to that soon.
Continued to read through the NIST document, making my way further through Chapter 1 which briefly explains foundational information on the need for/purpose of risk assessment and risk management.
Registered for the MID-SURE 2021 presentation. The system automatically assigned me as the presenter, and I ended up putting Ben as a "co-presenter" after figuring that out. I'm thinking that I will need to go back and take a look at the abstract to make sure that it's more polished and better prepared for the presentation. I will also want to discuss the abstract again with Ben later to make sure that we're both in agreement and on the same page with regards to any changes that we might want to make.
I created a MongoDB account at the beginning of this project, but now I'm trying to create a cluster and begin working on getting our attack repository implemented into it. I'm still a bit unsure of what I'm doing and I'm reading through the different FAQs and manuals, but I created a project and a cluster. I'm also downloading their community server package with a command line interface (CLI) that will hopefully allow me to begin inputting the data from our Google Sheets attack repository.
I read the first section of the CVSS 3.0 Specification Document which went over the different metrics used within the calculator and how the score is calculated from those metrics.
I began drafting up our weekly presentation for next week.
I finished Chapter 1 of the NIST document.
Ben and I met to discuss our weekly presentation and a couple of updates regarding MongoDB, the attack repository, what we've been reading, and the network scenario. We also ended up sending some messages in Slack regarding our work and asking for follow-ups.
Ben and I discussed a lot regarding the attack repository and the different columns and categorizations. We were having some issues with deciding on the metrics for some attacks.
I inputted our attack repository into a MongoDB cluster and I invited Ben to the cluster project. Ideally this will make for a version of our data that is both readable and prepared for the next steps in our work.
I read some more of the NIST document and got into the second chapter. It discusses the foundational concepts for risk assessment and risk management.
Ben and I met today to discuss our weekly presentation. On top of finishing more of our slides, the discussion eventually led us to talking about some changes to our attack repository, the attack tree that Ben created, and my work with the MongoDB cluster.
I ended up uploading our old version of the attack repository to the MongoDB cluster last time and, in the process of incorporating the newer version, I ran into some issues with the way that the given .csv file from Google Sheets handled our formatting. I was able to create the document for one of our attacks for the sake of an example in our weekly presentation, but I'll need to go back through and format the Google Sheet better and then export it to MongoDB.
I read the Attack Vector section from the CVSS 3.0 Specification Document. Afterwards, I looked over the Attack Vector column that we have in our attack repository. I either agreed with the categorization of the different attacks, or I left a comment with my thoughts so that I could discuss them with Ben.
Ben and I presented our weekly presentation today. We still went over time, but I felt that overall the content of the presentation was good and the flow was better. We were unfortunately unable to meet with Feyi or Dr. Sen today however, so we're rescheduling those for later in the week.
I read more of the CVSS document, finishing the section 2.1 which includes other metrics such as Attack Complexity and User Interaction.
I continued to fiddle with the Google Sheets version of our attack repository, trying to better format it so that it can be fit into our MongoDB database. I made a copy of our original Google Sheets so that it doesn't mess up anything that we have on our current version.
I continued through more of chapter 2 in the NIST document.
Ben and I met with Feyi today to discuss our presentation. She said she was very happy with the results and our implementation of her feedback from last week. We still have a long ways to go and there were points that she made that we'll try to incorporate into our midterm presentation, but it was a nice reminder to think about how far we've come from our first presentation.
The main point for improvement was to manage our time better and try to meet the 15-20 minute guideline better. We've had a hard time and have gone a decent bit over the 20-minute mark for every presentation so far I think and, especially for the midterm presentation, we'll definitely need to reel things in a little while still making sure the information is presented in an easy-to-understand and accurate manner and it flows well.
Otherwise, there were also slides that simply didn't make sense (e.g. the slide regarding our transfer of data to MongoDB) and that could have used a bit of reformatting (e.g. the bullet points being "a." only and the title in our "Network Layers" slide). Also, I need to superscript the reference number for citations if they're individual/smaller lists of papers (e.g. the [1] on the CVSS 3.0 slide).
In terms of positive feedback, we did a better job at building up to our visuals w/ spreading hints and background information throughout previous slides. Our slides also had better management of space, seeming filled and containing the necessary information without becoming a wall of text or overwhelming in many manners.
I successfully transferred our current version of the attack repository to the MongoDB database that we have. I'll have to check back later to make sure that the descriptions and categories are spelled properly and that there aren't any other errors that I missed, but from my first look through the documents they seemed fine for now.
I briefly went through the Quantum Computing for Computer Scientists textbook all the way up to and through Chapter 3. However, I was a bit tired and it was more of a cursory read-through. I'm going to be more strict about going back through and interacting with the material in a more in-depth manner soon. I'm also going to discuss the material with Ben tomorrow when we meet to talk about other steps in our research.
I created a copy of a previous weekly presentation to begin working on our midterm presentation and I very, very briefly began formatting it. I'll need to discuss it and any possible further edits/practice presenting with Ben tomorrow.
Ben and I met today to discuss some of our thoughts on how we want to proceed with the attack graph, threat model, etc. I think we agreed that, for now, our plan is to use the attack graph nodes to represent different attacks. We also began to structure our midterm presentation more, outlining the slides in the order that we wanted to present with and tentatively scheduling some meetings over the weekend to flesh out the presentation and practice presenting to see where we stand on time.
I removed the "Type" field from our MongoDB database which originally contained the STRIDE classification for the different attacks we've compiled so far. We agreed that the STRIDE classification didn't seem to be as necessary for now and, just in case, my modified draft of the Google Sheets attack repository still has the STRIDE classifications properly organized there.
I tried my best to understand and read Dr. Sen's paper titled "Risk Assessment in a Sensor Cloud Framework Using Attack Graphs." Particularly, after my meeting with Ben, I was focused on interpreting the different attack graphs on pages 7 and 8. I'm still not 100% sure I have the best grasp, but our main goal was to at least be able to discuss and begin to understand the graphs so that we can use them as inspiration for our own.
Ben and I met again today to try and understand the threat model and then prepare a set of questions to help guide our discussion with Dr. Sen tomorrow.
For the threat model, we wanted to ask Dr. Sen a bit more about how it's particularly relevant/important to our work and the current stage that we're at in our research. Ben created a draft that we also looked at and talked about.
We also ended up discussing the attack graphs more. We weren't the most confident in the underlying math for the attack graphs, so another goal of ours is to compile some of the formulas and functions from papers such as Dr. Sen's and then ask about them tomorrow or try and see if we can figure them out/better understand them ourselves later.
One of the last main points that we wanted to touch upon with Dr. Sen was about the scope, pacing, flow, etc. of our midterm presentation, and if he has any particular tips or ideas on how to best approach and create our presentation.
As per our discussion today, I ended up reading the suggested first chapter of the Car Hacker's Handbook. After reading the chapter, I attempted to create my own draft of a threat model, using our network scenario and Ben's previous draft as guidelines/inspiration. I was only able to mimic a Level 0 diagram so far. A Level 0 diagram primarily focuses on the different processes and inputs so far, and I wanted to discuss what we currently have with Dr. Sen and Ben before proceeding further into the higher level diagrams.
Ben and I met with Dr. Sen to ask some questions regarding the quantization backing our research, our midterm presentation, and our threat model. We also reviewed our work from this past week and discussed some next steps in the project.
For the threat model, Dr. Sen briefly discussed how it's meant to provide a layout of our different parameters and act as a sort of foundation for keeping the different inputs and attack surfaces in check along with our network scenario. I'm still a bit fuzzy on the primary distinction between those two components (network scenario vs. threat model) now, but hopefully that will come as I continue to draft them and ask about them
Dr. Sen also helped restructure our presentation slides and give general guidelines for how long each slide or group of slides should take in order for us to say what we need to say while still coming close to the recommended time range.
Dr. Sen finally gave us some resources to check our regarding the foundational math for our research and the attack graphs we've been reading about/developing. We need to begin deciding on how we want to approach the complex numbers in our research and what we want i (square root of -1) to represent in regards to our metrics.
I read a little of the "Bayesian Attack Graphs for Security Risk Assessment" paper in our Google Drive today (I believe this is the one recommended to us by Dr. Sen during today's discussion). He suggested it because hopefully it'll allow us to get a better overall sense of the model we're creating and some of the related math/concepts. In general, I feel like I'll need some more time to digest the math, but from what I've seen so far, the paper seems to be useful and provides a good amount of information in introducing its Bayesian Attack Graph.
Today, Ben and I gave our midterm presentation. Overall, I'd say that we did a much better job of managing the length of our presentation. I felt that we were also more confident after having practiced presenting over the weekend, and that the pacing and content were of higher quality.
Ben made a document listing some of his notes on Percolation Centrality and his thoughts on the phase of complex numbers. I took a look at that document and added some websites and links from my own searching online that I thought might be helpful. These links were over some more math behind Bayesian Attack Graphs and complex numbers and some Python code related to attack graphs that we may want to look at. I also spent some time today considering what Ben had written up in the document and the topics that his ideas dealt with.
I began taking a look at creating a GitHub Pages site for the web application of our project. For now, I'm aiming to run the website as a repository from my GitHub account and try to make it collaborative with Ben so that he can take a look/work on it as well. Eventually, we can discuss finding other ways to host the site if that's what we want to do.
Ben and I met with Feyi today to discuss our midterm presentation. The meeting was overall fairly short, but Feyi gave us some good feedback regarding changing our Big Picture slide's visual to a word cloud and discussing some of our concerns with the flow of the presentation. In general, Feyi commended us for our performance and said that it showed a good bit of improvement on our part.
Ben and I were still having some trouble establishing what we want the phase of our complex numbers to represent, so we scheduled a meeting for tomorrow and Ben sent out a question to Dr. Sen in our Slack channel, asking for some direction or guidance.
I continued to mull over what we had typed up regarding possible interpretations of our complex numbers and I scrolled through some of the articles that I linked yesterday, briefly reading a basic explanation of what the phase of a complex number is again and the description of Percolation Centrality on GeeksforGeeks.
I created a repository with a pre-set theme for our project's website on GitHub. It's still a bit confusing, so I'm going to try and show it to Ben tomorrow. I'll also try and give him permission to commit to the repository.
Ben and I decided to reschedule our meeting for once we got a refresher on complex number probabilities from Dr. Sen. I'll get around to the previously mentioned discussion topics and questions once we meet.
I still spent today trying to consider our compiled documents and notes and ideas on complex numbers. I continued to skim through the documents, looking at some of the basic math and code for implementing Bayesian Networks from an article on edureka.
I also played around with some of the files for our GitHub Pages website. I made a couple of commits, messing around with adding links, text, and pages to the site.
Ben and I met to discuss some of our thoughts on Dr. Sen's response regarding understanding the components of our imaginary numbers. Ben helped run me through some of the formulas he was considering for our complex number probabilities from the various resources he's looked at. We also very briefly talked about the GitHub Pages site, a few more details regarding the implementation of our model, etc.
I started to help standardize the preconditions and postconditions from our attack repository. I wrote up a basic draft and an explanation of what I was going for. The idea was to replace our long strings and phrases for each precondition/postcondition with a set of tags/keywords. This would allow for a standardized collection of terms that we could look at, it would help account for any similarities or overlap in characteristics between conditions, and hopefully it would allow for less work further on if we have to add new attacks and their conditions.
I tried to do some very basic coding in JavaScript for our GitHub Pages site. I tried to make a button. I quickly ended up realizing how much of a beginner I am at JavaScript and working with this website/web programming overall.
I continued to go through some of the beginner W3Schools tutorials on JavaScript and such. I created a document of some of these links and shared them with Ben just in case he wanted to take a look through them as well.
I began drafting up our presentation for this week. I created a copy of a presentation from a previous week just for the theme and I tried to create a basic layout for what our slides are going to be, the content in each slide, and the order they'll appear in. I'm going to meet with Ben over the weekend to discuss the draft and finish the presentation.
I'm not sure if this idea will be as effective, but I tried to come up with another way to standardize the preconditions and postconditions. This one would involve more of a direct numbering system for the different kinds of preconditions and postconditions. My concern is that it seems to be more difficult to make a numbering system like this more flexible and convey the right amount of detail for each condition. I'm also not sure if it aligns with what we're exactly trying to do with the conditions within our model.
Today, Ben and I presented our weekly presentation. According to Dr Fu, Ben, and I, we did a good job with both the amount of work completed last week and our explanation of what we did. There were some times that I got a bit tongue-tied I feel, but overall I'd say that we did a better job with the look and feel of our presentation. There was a clear moment in creating the "Precondition and Postcondition Standardization" slide where I felt that I had improved my decision-making with the visuals and layout of the slide's contents.
I figured out what I was doing wrong. I didn't realize that I could directly insert HTML/JavaScript code into markdown files. I fixed that and updated our website to include some of our project information (abstract, team members, etc.) instead of the introductory GitHub text that was previously there. I also did a little bit of reorganizing so that there is a clear starting (index) page with our project information which either links to our Google Sites page or another file meant for playing around with HTML/JavaScript code.
I took a look over Ben's implementation of our formulas for calculating the different components of our complex numbers. I'm aiming to discuss the results and next steps further with Ben sometime tomorrow or throughout the week.
Continuing with the standardization of our conditions, I tried my best to use our previously established category system and label each attack with what I thought were the most appropriate precondition and postcondition categories.
Ben and I met with Feyi today, and she said that we did a very good job on our presentation. The main feedback she provided revolved around the fact that we didn't explain the bigger picture very well and it was hard to understand both the flow of our presentation and the place that our content had within the bigger scheme of our research. For example, our PC and complex probability functions weren't explained very well in terms of what function they provided within our model. Unfortunately I don't remember exactly where, but Feyi also mentioned that there was a particularly "sharp turn" within our presentation, pulling content seemingly out of nowhere. We may have been able to recognize its connection to the rest of our project, but the audience couldn't understand it as easily.
Ben messaged me today saying that GitHub Pages is a static service, meaning that we won't be able to properly host our model generation (written as a Python application) solely through it. I was looking into this today, and I came across an article explaining how we can potentially incorporate our Python scripts into an API and host them elsewhere, eventually connecting back to our website hosted on GitHub still.
As a little exercise with JS, I made a button in the test code page of our website that simply redirects back to the index page. It took me a surprisingly long time, and I mostly was just having some issues with the relative path and the formatting for the button's link.
Ben and I met with Dr. Sen today to discuss our progress over the previous week, our weekly presentation, and some of our plans for this upcoming week. After talking with Dr. Sen, our previous idea for how to get our Python application properly integrated into our website is no longer viable. Instead we're just simply going to need to research hosting services (preferably cheap) that we'll use for our website instead. Also, in terms of styling our website, it's meant to take less of our energy. Instead of actually styling the website ourselves, we're just going to download some CSS stylings from Bootstrap. Ben programmed our functions in Python and uploaded the scripts to our repository. From there, we're aiming to finalize our complex number assignments and get them incorporated into a BAG.
After today's discussion, I spent some time searching the internet and comparing hosting services for our website. I came across a couple of lists of recommended hosting services, and I'm going to pick out a couple that we can talk to Dr. Sen about and discuss amongst ourselves.
I also looked into the Bootstrap files for styling our website and read through some of their "Getting Started" information. I didn't recognize this at first but it's actually some source code with CSS, JS, etc. that we can include in our repository and call later.
For the standardization of our conditions, I began trying to create the hierarchy of tags that we discussed today. I started by making the most general four categories consisting of our network layers, and then I tried to list out the different devices/connections based on our network scenario and attack repository. These then establish the different potential exploitation impacts/requirements based on our existing conditions. Using these, we can label each attack with the appropriate tags and then reflect that data in MongoDB.
Ben and I had an extended meeting today to set up a tentative structure for how we're going to approach the rest of our work in these final upcoming weeks. We split up the tasks that need to be completed and aim to meet a couple of times over the weekend to not only finalize our weekly presentation, but to also discuss our progress.
Ben and I created the draft for our weekly presentation, developing the general layout of our slides and including some bullet points on what we're going to detail in each slide.
We also picked out a couple of hosting services that we thought might be good to look into. Our main priority was finding a cheaper hosting service (bonus points for a free domain as well). Our other work regarding the complex number probabilities and the web application itself takes priority, so for now we're leaving it at this list and we'll come back to it soon.
My work for these next few days revolves around creating and filling the different complex number probability categories for each attack in our MongoDB database (real component, imaginary component, and imaginary component's sign).
Created a separate database in our MongoDB cluster containing the same attacks from our attack repository, but updated to also have the three new categories related to our complex number probabilities. I also filled in the imaginary component's sign category (ImagCompSign) with what I thought was the appropriate value for each attack. My understanding was that negative would mean that the attack would impede other attacks while positive would contribute to/assist with other attacks.
I asked Ben to give me some comments on the imaginary component signs I had established in our attack repository. These were just my ideas and were purely based on my own understanding of the attacks, so I wanted to hear his thoughts and if he disagreed with any of them. After he had left comments on which signs he thought should be flipped, I responded to those comments and changed some of the signs accordingly.
I believe I created the Python script to update the MongoDB collection with the imaginary and real components for each attack's document. I had to look into the pymongo module's documentation for a bit and figure out how to pull each attack's fields and run them through the formulas from our quantization file. After creating the file, I ran it and it properly updated the documents and their appropriate fields with the results. We're going to need to go back and change this file eventually to deal with the security parameters being user input, rather than the test values that we gave each security parameter for this first run.
Ben and I met to discuss work goals for this week and some of the upcoming final days of the REU program. After establishing some concrete objectives, we distributed the work amongst ourselves. For now, my focus is going to be on development of our written deliverables and presentation materials for the Mid-SURE workshop (poster, writeup, and pitch video mainly). Once Ben finishes our BAG generation script or gets stuck in the process, I'm also going to try and provide any insight or assistance that I can.
Since our weekly meeting got pushed back to Thursday, I ended up doing some updating on the slideshow for my portion of the content, making some small edits to the bullet points in an effort to try and make things more clear and concise. During our meeting, we also discussed adding a "So Far..." slide to our presentation, discussing some of the work that we've done within the past few days since our presentation is so far into the week.
I created a general layout for our poster, organizing the different key sections and providing some general bullet points on what each section should generally include and any tips on what details to include or omit.
I jotted down some points to highlight in our writeup's introduction and related works sections. Although it isn't quite a full outline yet, I felt that these were important details to remember to state/emphasize.
Ben and I quickly met today to finish our "So Far..." slide (we ended up doing a little bit of restructuring around that part) for our presentation. We also discussed our progress from yesterday and our goals for the rest of the week. Ben completed one of our probability calculation scripts and I had created some outlines and prototypes for our deliverables. We aim to figure out the equation necessary to complete the rest of our scripts and to continue development of our deliverables, our writeup and poster in particular.
I wrote more outlines and drafted some sentences for multiple sections of our writeup. This time, I outlined our methods from throughout this program and created some basic sentences for the Acknowledgements section. I also began compiling some of the equations we've been using for our complex numbers and model.
I cleaned up some of the formatting on our LaTeX document, updating the author block to include Dr. Sen's, Feyi's, and our information.
I installed Django on my computer and began running through some of the tutorial that they have on their website. I successfully generated a project, ran their server and viewed the base website locally, and completed the first step in creating their example application.
Ben and I presented our weekly presentation today. This was one of our last chances to practice presenting during this program. The weekly presentation was pushed back a bit this week, but we still felt that we did okay. There wasn't anything that particularly stood out to us as a great aspect of the presentation on our parts, but overall the content was still there and we were able to say what we wanted to say. Our time was also fairly controlled, still having 11 slides while staying at around 20 minutes.
Ben and I met with Feyi in the evening to have one of our last meetings with her and discuss the weekly presentation today. The feedback she provided primarily was about my explanation of the "metrics" on the "Calculating Probabilities" slide to be a bit confusing. Although the content itself made decent sense, my poor word choice made it hard to connect the explanations (particularly the "metrics") back to Ben's previous slides. Otherwise, the meeting was very pleasant and fairly short. Feyi gave us more helpful advice on things such as what to focus on in our pitch video and even more general professional advice.
I looked into the Google Drive folder that Dr. Fu sent us previously. I used some of the documents included in there from previous projects to see what their posters and writeups looked like and if there were any crucial writing sections or documents that we were missing. This led me to modify some formatting on our poster and include another bullet point or two in our writeup outline.
After today's weekly meeting and looking through Dr. Fu's Google Drive folder, from what I understood, we also need to have a document that includes some written responses and general information regarding the significance of our research, our products, what our project was, who was working on it, etc. I created this document and began filling out some of the more general information fields and fields that we already have the information for (e.g. abstract and title). I haven't fully completed all of the responses yet, but hopefully after sharing it with Ben we can discuss them soon and fill out more of them.
Ben and I met with Dr. Sen to discuss more of the contents of our weekly presentation and the rest of our research. He helped further structure the rest of the work that we have left to do and gave us some resources on web programming. He also helped us decide on what to do for some of our final deliverables.
I made our group's version of the Information Collection document for the NSF. I essentially filled out the entire thing beyond needing Ben's approval/revisions to the written responses for the document.
I looked through some of the 2019 UNCORE participants' websites and presentations, trying to get some inspiration for what to include on our deliverables and websites.
Ben and I met very briefly to discuss some of our work progress over the weekend and what our plans were for the next few days as we aim to finish up our website implementation and prepare for our deliverables.
I followed the Derek Banas Django tutorials on YouTube up through some of the basic framework setup and the urls examples, but I came across some syntax issues with the regular expressions that he was utilizing that I couldn't fully resolve. I ended up digressing a bit and began working more on the direct implementation of our project website instead.
In working on our project website:
I successfully embedded our Google Slides weekly presentations into the Presentations page. I'm missing the permissions for the first weekly presentation to properly generate the code, but otherwise I've included all of our weekly presentations.
I uploaded our team member photos and formatted them on our Team page. I included the three photos present (I'm still missing mine) and the basic information about each individual (name, university, and position).
I also made some very slight formatting changes to the various pages of our website, adding a bit of extra space between the different headers and the actual content of each page.
Ben and I met again to not only discuss work progress but also answer some questions regarding potential updates to our website and the work that we need to do to finish our website.
I got some ideas from Ben on how to better format the Data/Demo, Presentations, and Results pages. I believe that I successfully implemented most of them.
I incorporated our weekly timeline/descriptions into our Presentations page to include more information from our Google Site and better reflect our thoughts from each week.
Ben and I developed some questions to ask the user so that they can better input the security parameter metrics into our Data/Demo page. These questions are now included on our Demo page and I changed up some of the backend and formatting to hopefully make it a bit clearer or easier to work with in the future.
I modified the formatting of our Results page to make the tables clearer and our images more readable. However, I believe due to the way that our complex probabilities are passed in, I had a hard time rounding the different components to a smaller, less overwhelming number. I'll need to discuss this with Ben and possibly Dr. Sen in order to figure out how to change this.
Today I tried to display our probability magnitudes in our demo results and add some number rounding there (to 3 decimal places) as well. This was the primary and should-be-last issue for our website and model's implementation that I worked on. It ended up taking virtually my entire day up because I tried to make it look a bit better/clearer and tried a bunch of different ways to restructure the backend. I also asked Ben for a lot of assistance and ideas on what to do with the code. Unfortunately, due to the way that our current HTML file iterates through the results dictionaries, I wasn't able to find success with a lot of the solutions I attempted, and I ended up displaying the magnitudes in a separate table alongside the original complex probability table. However, I did still meet the baseline goal of calculating the probability magnitudes, rounding them to 3 decimal places, and then displaying them in our Results pages.
Ben and I met with Dr. Sen and Feyi to showcase our website so far, discuss any feedback, and then outline what the rest of the REU program looks like in terms of working on our deliverables and preparing for our presentations.
Dr. Sen liked our website so far, although he suggested we add a lot more description to our pages. For example, we can define the different choices for our security parameter questions (e.g. what is High V2V security and what is Medium V2V security?).
The focus of our next few days is on our final writeup. Afterwards, we can continue onto our other deliverables: our presentation, poster, and pitch video.
I worked on adding the NSF grant information to our writeup and fixing a table of the different attacks from our attack repository.
Ben and I met to discuss concrete goals for our work on the final writeup. I feel like we've been much more productive when we established expectations and laid out what work there was to do.
A majority of the work is providing general information collaboratively and revising each other's work. There aren't as many parts here where we're doing them in a more isolated manner.
The larger section of the paper that I'm going to be focusing on is the Use Case Scenario. Since a lot of my work was programming related to the web application and the attack repository, we felt that I had a bit more to talk about in that section.
From our meeting today, our goal was to split up and complete at least a full draft of the introduction of our writeup. We ended up using our first paragraph as the text for the motivation subsection. I ended up taking the "Current Literature and Novelty" subsection and completing that today while Ben finished the "Research Objectives" subsection.
I created a bulleted list of a lot of important details to include in our Use Case Scenario section. I ended up highlighting a lot of the structure of our attack repository and web application and I also provided the names of some of our Python files and libraries used.
I made various small changes and revisions that caught my eye while working on other sections of the paper today (e.g. updating the grant number statements and fixing a couple of formatting/grammar errors that I happened to glance at).
We met with Feyi today to discuss our writeup. She provided a lot of comments and feedback on the first portions of our report, and she ran through a couple of examples to assist in teaching us how to make our sentences more concise.
I wrote the conclusion for the writeup, summarizing our project's goal and findings along with some further elaboration on the potential future steps for our work.
I restructured our presentation a little bit, adding in a couple of slides that we needed to address from the agenda.
I added our conclusion to our poster and did some extra formatting with adding acknowledgements, editing the styling, etc.
We had a working call today where we received feedback from Dr. Sen and completed our posters and a lot of our presentations. He provided us with some tips on how to format the visuals and further condense our writing into bullet points.
Ben and I met after the working call today to fully flesh out our final presentation, assigning speakers to slides and adding content to our last few slides.
Today was our final presentation for the REU program. Ben and I went a decent bit over the 12-15 minute recommended time for our presentation, but we still remained within the overall 20 minute block. Dr. Fu really appreciated our presentation this time and mentioned that it would be worth highlighting as a sort of "previous student's work" example for future REU cohorts. I don't mean to sound boastful, but that at least made me pretty happy and proud of our work.
After the final presentations, we attended the hour-long presentation hosted by Mid-SURE on applying for graduate school. They discussed various topics such as what to focus on in your application, certain concerns that potential applicants may have (e.g. what if I take a gap year?), and specifics on different kinds of programs after undergraduate. They also took the time to answer some questions from the participants. Overall, I found it to be fairly helpful, although I'm hoping there is some sort of recording or resource that we can access later so that I can remind myself of the details when the time comes to apply.
Ben and I continued to work on our deliverables, updating the REU Information Collection document for our group and revising our writeup based on Feyi's comments. From today's meetings, we also learned a bit more about organizing and submitting our deliverables which we worked on (making copies and moving them into the correct Google Drive folders).
Finished up the deliverables and uploaded them to the appropriate Google Drive folders for the end of the REU program.
Beyond the four documents previously mentioned, there were also some extra items I had to add for the REU program's website and to provide evidence of our project (e.g. the .zip file of our web application).
I completed some surveys asking about our experience from the REU program and any comments/suggestions we had.
Dr. Sen provided some more suggestions for our final report to help transition us to focusing on working for a publication. I looked through some of these.
Dr. Fu sent us an email about signing up for another presentation this week for various REU sites. I looked into their FAQ document and read more about what the presentation's logistics looked like. We weren't able to sign up yet but the coordinators are planning on putting out the registration form soon.