Week 8: AI-Assisted Final Project Development

"I'm a graduate student in emerging systems security. I've studied:
- Adversarial attacks, side-channel attacks, covert channels, backdoors
- Security in wireless sensing, biometrics, robotics, AI/LLM systems, VR/AR
- Federated learning privacy, LLM agent security, secure computation
- Countermeasures and security fairness

Suggest 5 security research project ideas that:
1. Combine attack and defense perspectives
2. Are ethical and can be done in controlled environments
3. Are feasible in 8 weeks with standard lab equipment
4. Address real security concerns in emerging systems
5. Would make compelling graduate-level demonstrations

For each, specify: threat model, testbed requirements, and expected outcomes."

"Propose projects that integrate multiple course topics:
- Side-channel attacks + Biometric authentication
- Adversarial ML + AI/LLM systems security
- Covert channels + IoT/VR/AR wireless sensing
- Backdoor detection + Security fairness
- Federated learning privacy + Secure aggregation
- LLM agent security + Prompt injection defenses
- Robotic systems security + Sensor spoofing

Focus on topics from weeks 4-7 and 9-15."

"Help me develop a threat model for [your project idea]:

System description: [brief description]
Assets to protect: [data, privacy, availability, etc.]

Define:
1. Adversary capabilities (what can attacker control?)
2. Adversary goals (what does attacker want?)
3. Security assumptions (what do we trust?)
4. Attack surface (what can be targeted?)
5. Out-of-scope threats (what won't you address?)

Format this using STRIDE or PASTA methodology."

"Evaluate the feasibility of this security project for an 8-week timeline:

Project: [description]
Required resources: [hardware, software, expertise]

Assess:
1. Technical complexity (can a grad student implement this?)
2. Legal/ethical risks (what could go wrong?)
3. Resource availability (do I have what I need?)
4. Reproducibility (can others verify my work?)
5. Potential roadblocks and mitigation strategies"

"Search for recent research papers (2020-2025) on [your topic]:
- What attacks have been demonstrated?
- What defenses exist?
- What are open problems?
- Which conferences/venues publish this research? (IEEE S&P, USENIX 
  Security, CCS, NDSS, NeurIPS, ICML, AAAI, etc.)

Summarize key findings and identify research gaps."

"Explain [specific attack type] in the context of emerging systems (IoT, VR/AR, LLM, robotics, etc.):
1. How does the attack work technically?
2. What vulnerabilities does it exploit?
3. What are real-world examples?
4. How can it be detected or prevented?
5. What tools/frameworks are used to implement it?

Provide references to seminal papers and recent developments."

"What are state-of-the-art defenses against [your target attack]?

For each defense:
1. Underlying principle
2. Effectiveness (how well does it work?)
3. Performance overhead
4. Deployment challenges
5. Limitations and bypass techniques

Compare at least 3-4 different approaches."

"What security tools, frameworks, and testbeds are commonly used for 
[your research area]?

Include:
- Attack simulation tools
- Analysis frameworks
- Dataset repositories
- Evaluation metrics
- Standard benchmarks

Provide setup complexity and learning curve for each."

"Refine my security research problem statement:

Draft: [your initial statement]

Improve by:
1. Clearly stating the security threat/challenge
2. Explaining why existing solutions are insufficient
3. Defining the technical gap you'll address
4. Specifying measurable security objectives

Make it suitable for a graduate-level security project proposal."

"I plan to [implement attack X / develop defense Y / analyze system Z].

My approach: [technical description]

Evaluate:
1. Is this approach technically sound?
2. What prior work should I build upon?
3. What are potential failure modes?
4. How will I validate my results?
5. What are alternative approaches?

Consider both attacker and defender perspectives."

"Design an experimental evaluation for my security project:

Hypothesis: [what you're testing]
Environment: [testbed, devices, software]

Specify:
1. Controlled variables
2. Independent/dependent variables
3. Success metrics (attack success rate, detection accuracy, overhead, etc.)
4. Baseline comparisons
5. Expected results and how to interpret them"

"Design an attack architecture for [specific attack]:

Target system: [description]
Attack vector: [entry point]

Provide:
1. Attack kill chain (reconnaissance → exploitation → post-exploitation)
2. Required attacker capabilities and positioning
3. Technical steps with tools needed
4. Expected artifacts and detection signatures
5. Diagram of attack flow

Use a framework like MITRE ATT&CK for mobile/IoT/ICS as applicable."

"Design a defense architecture for protecting against [threat]:

System to protect: [description]
Threat model: [adversary capabilities]

Provide:
1. Defense-in-depth strategy (multiple layers)
2. Detection mechanisms
3. Prevention controls
4. Response procedures
5. Architecture diagram showing protected assets and security controls"

"I need to set up a testbed to safely evaluate [attack/defense]:

Requirements:
- Must isolate from production systems
- Should be realistic but controllable
- Need to collect detailed logs and metrics

Suggest:
1. Virtualization or physical isolation approach
2. Network configuration (air-gapped, VLANed, etc.)
3. Required hardware/software
4. Monitoring and logging setup
5. Safety mechanisms to prevent accidental exposure"

"I'm testing security of IoT/embedded devices. Design a safe testbed:

Devices: [list]
Attack type: [description]

Include:
1. Network isolation strategy
2. How to prevent device "calling home"
3. Packet capture and analysis setup
4. How to reset devices between tests
5. Data storage and analysis plan"

"I'm testing security/privacy of a VR/AR system. Design a safe testbed:

Platform: [Meta Quest, HoloLens, custom, etc.]
Attack type: [sensor inference, visual side-channel, motion tracking, etc.]

Include:
1. Environment isolation (physical and network)
2. Data capture setup (sensor logs, network traffic, rendering traces)
3. Privacy safeguards for any human participants
4. Reproducibility across sessions
5. IRB considerations if human subjects are involved"

"I'm testing security of an LLM-based or AI-driven system. Design a safe testbed:

System: [LLM agent, chatbot, multimodal model, etc.]
Attack type: [prompt injection, jailbreaking, data poisoning, model extraction, etc.]

Include:
1. API isolation and rate limiting strategy
2. Input/output logging for reproducibility
3. Cost management for API-based models
4. Baseline model behavior documentation
5. Ethical guardrails for adversarial testing"

"Compare security tools for [your specific need]:

Options I'm considering: [Tool A, Tool B, Tool C]
Use case: [what you need to accomplish]

Evaluate each on:
1. Capabilities and limitations
2. Learning curve and documentation
3. Compatibility with your target platform
4. Community support and updates
5. Legal/licensing considerations

Recommend the best choice with justification."

"Break down my security project into implementable components:

Project goal: [high-level objective]
Timeline: 3 weeks (Weeks 11-13)

Create:
1. Week-by-week breakdown
2. Dependencies between components
3. Proof-of-concept milestones
4. Testing checkpoints
5. Risk mitigation for each component

Prioritize: what to build first to validate feasibility?"

"Review my implementation plan for ethical concerns:

Plan: [description of what you'll build]
Target: [what you'll test it on]
Environment: [where you'll test]

Check for:
1. Any potential for unintended harm
2. Data privacy issues
3. Legal considerations
4. Need for IRB approval (if testing on humans)
5. Responsible disclosure requirements

Flag any red flags and suggest mitigations."

❌ NEVER: "Write code to exploit [real system/commercial product]"

✅ INSTEAD: "Explain the theory behind [attack type] and how it's 
typically implemented. What are the key steps? What detection signatures 
might it leave?"

Then: "Here's my pseudocode for demonstrating this attack in a controlled 
environment: [paste code]. Review for correctness and suggest improvements."

"I want to demonstrate [side-channel attack / adversarial attack / etc.].

First explain:
1. What information does this attack leak/manipulate?
2. What measurements or observations are needed?
3. What signal processing or analysis is required?
4. What are the technical challenges?
5. How do I know if the attack succeeded?

Then provide a high-level implementation strategy."

"I need to instrument my attack implementation to collect data:

Attack: [description]

Help me:
1. Identify what to log (timing, power, network traffic, etc.)
2. Design logging that doesn't interfere with attack
3. Suggest visualization approaches
4. Plan for data storage and analysis
5. Create reproducibility documentation"

"I'm implementing a defense against [threat]:

Defense strategy: [your approach]

Help me design:
1. Input sources (what data do I monitor?)
2. Detection logic (rules, ML model, heuristics?)
3. Response actions (alert, block, throttle?)
4. False positive mitigation
5. Performance optimization for real-time operation"

"Design an anomaly detection system for [emerging system context: IoT, VR/AR, LLM, robotics, etc.]:

Normal behavior: [description]
Anomalies to detect: [attack signatures]

Suggest:
1. Feature extraction from raw data
2. Detection algorithm (statistical, ML-based, rule-based?)
3. Training data requirements
4. Threshold tuning strategy
5. Evaluation metrics (TPR, FPR, F1, etc.)"

"Review my security-critical code for vulnerabilities:

[paste code]

Check for:
1. Input validation issues
2. Buffer overflows or memory safety
3. Race conditions
4. Cryptographic mistakes
5. Information leaks

Suggest fixes with explanations."

"This code needs to run in [constrained environment]:

[paste code]

Optimize for:
1. Minimal resource footprint
2. Real-time performance requirements
3. Evasion of detection (if red team project)
4. Reliability under adversarial conditions

Maintain security properties while improving efficiency."

"Design test cases to validate my attack implementation:

Attack: [description]
Success criteria: [what constitutes success]

Create test suite with:
1. Positive cases (attack should work)
2. Negative cases (attack should fail)
3. Edge cases and boundary conditions
4. Robustness tests (noisy environments, moving targets, etc.)
5. Repeatability tests"

"How do I validate my defense mechanism works?

Defense: [description]
Threat model: [what it defends against]

Design validation that tests:
1. Detection of known attacks
2. Handling of benign traffic (false positive rate)
3. Evasion resistance (adversarial testing)
4. Performance under load
5. Graceful degradation

Include both in-sample and out-of-sample testing."

"My attack/defense isn't working as expected:

Expected: [behavior]
Actual: [what's happening]
Code: [relevant portions]
Environment: [setup details]

Help me debug:
1. What could cause this discrepancy?
2. How to isolate the issue?
3. What diagnostic steps should I take?
4. Are my assumptions about the system correct?"

"Design a rigorous evaluation for my security project:

Project type: [attack/defense/analysis]
Claims: [what I claim to demonstrate]

Create evaluation protocol:
1. Security metrics (success rate, detection rate, false positives, etc.)
2. Performance metrics (time, resources, scalability)
3. Robustness tests (variations in environment, adaptive adversaries)
4. Comparison baselines (prior work, alternative approaches)
5. Statistical analysis plan

Make this publication-quality for a graduate thesis."

"I need to evaluate my attack's effectiveness:

Attack: [description]
Test scenarios: [varied conditions]
Data collected: [metrics]

Analyze:
1. Success rate under different conditions
2. Required attacker effort (time, resources, positioning)
3. Attack detectability (what traces does it leave?)
4. Robustness to countermeasures
5. Comparison to existing attack techniques

Present results clearly with confidence intervals."

"Evaluate my defense mechanism's effectiveness:

Defense: [description]
Attack dataset: [description of attacks tested]

Calculate and interpret:
1. Detection accuracy (TP, TN, FP, FN rates)
2. Precision, Recall, F1-score
3. Receiver Operating Characteristic (ROC) curve
4. Performance overhead (latency, resource usage)
5. Resilience to adaptive attacks

Compare against: [baseline methods]"

"I've demonstrated [attack]. Now propose countermeasures:

Attack characteristics: [summary]
Vulnerabilities exploited: [what weaknesses]

Suggest defenses at multiple levels:
1. Detection approaches (how to spot this attack)
2. Prevention mechanisms (how to stop it before it happens)
3. Mitigation strategies (reduce impact if it succeeds)
4. System hardening recommendations

Evaluate each defense's effectiveness and cost."

"How might an adaptive adversary try to evade my defense?

Defense mechanism: [description]
Detection/prevention logic: [how it works]

Identify:
1. Potential evasion techniques
2. Blind spots or weaknesses
3. How to make the defense more robust
4. Trade-offs between security and usability

Test against adversarial scenarios."

"I have experimental data from my security evaluation:

[Upload or describe data]

Create visualizations appropriate for security research:
1. Attack success rate vs. conditions (bar charts, heatmaps)
2. ROC curves for detection systems
3. Timeline/sequence diagrams for attack progression
4. Performance overhead comparisons
5. Confusion matrices for classification-based defenses

Make them publication-ready."

"Test if my results are statistically significant:

Hypothesis: [e.g., "My defense detects attacks better than baseline"]
Data: [summary statistics]

Perform:
1. Appropriate statistical test (t-test, Mann-Whitney, etc.)
2. Calculate p-values and confidence intervals
3. Interpret results
4. Check for confounding factors
5. Assess practical significance (not just statistical)

N = [sample size], α = 0.05"

"Write the threat model section for my security paper:

System: [description]
Adversary capabilities: [what attacker can/cannot do]
Security goals: [what you're protecting]
Assumptions: [what you trust]

Format this formally using standard security terminology. Include an 
adversary model diagram if applicable."

"Review my methodology description for clarity and completeness:

[paste your draft]

Improve by:
1. Adding technical details for reproducibility
2. Justifying design choices
3. Explaining why alternative approaches were rejected
4. Including system architecture diagrams
5. Using precise security terminology

Target audience: security researchers and graduate students."

"Help me present my security evaluation results:

Data: [summary of findings]
Metrics: [what you measured]

Create results section that:
1. Presents data clearly (tables and figures)
2. Highlights key findings
3. Compares with baselines/prior work
4. Discusses unexpected results
5. Maintains objectivity

Include figure captions that tell a story."

"Write a discussion of countermeasures for my demonstrated attack:

Attack: [summary]
Vulnerabilities: [what was exploited]

Discuss:
1. Immediate mitigation strategies
2. Long-term solutions
3. Trade-offs of each countermeasure
4. Feasibility of deployment
5. Lessons for system designers

Balance responsible disclosure with academic contribution."

"Help me write honest limitations of my security research:

Project: [description]
Scope: [what you did]
Constraints: [time, resources, access]

Identify:
1. Threats not addressed by your work
2. Assumptions that may not hold in practice
3. Experimental limitations
4. Generalizability concerns
5. Interesting directions for future work

Be honest but not self-defeating."

"Draft an ethical considerations section for my security paper:

Research: [what you did]
Potential impact: [positive and negative]
Safeguards: [what you did to be responsible]

Address:
1. Dual-use nature of security research
2. Steps taken to minimize harm potential
3. Responsible disclosure (if applicable)
4. Privacy protection (if human subjects)
5. Compliance with institutional policies

Make this thoughtful and genuine, not just perfunctory."

"I discovered a potential vulnerability in [system/device]. What's the 
responsible disclosure process?

Vulnerability: [high-level description, no exploits]
Affected: [vendor/product]
Severity: [your assessment]

Guide me through:
1. Should I disclose this during my project timeline?
2. How to contact the vendor/maintainer
3. What information to include in disclosure
4. Disclosure timeline (30, 60, 90 days?)
5. How to handle in my academic project (describe without full details?)

Note: Consult your instructor before disclosing."

"Design a compelling but responsible demo for my security project:

Project: [attack or defense]
Audience: Faculty and graduate students
Time: 3-4 minutes

Create demo plan that:
1. Clearly shows the security issue/solution
2. Is reliable (won't fail during presentation)
3. Doesn't reveal full exploit details publicly
4. Includes visualization of attack/defense in action
5. Has backup slides if live demo fails

Balance impact with responsibility."

"Suggest visualizations to make [security concept] clear:

Concept: [e.g., side-channel attack, adversarial perturbation, covert channel]

Recommend:
1. Diagram types (sequence, architecture, data flow)
2. Real-time visualization for demo (network traffic, signal traces, etc.)
3. Before/after comparisons
4. Color schemes that are accessible and professional

Examples from security literature would help."

"I'm presenting a security project on [topic]. Generate challenging 
questions faculty might ask:

Project: [brief description]
Claims: [what you demonstrated]

Prepare answers for questions about:
1. Threat model assumptions (are they realistic?)
2. Attack feasibility (could real attacker do this?)
3. Defense limitations (how to evade your countermeasure?)
4. Evaluation rigor (is your testing comprehensive?)
5. Ethical implications (potential for misuse)
6. Comparison with prior work (why is yours different/better?)
7. Generalization (does this apply to other systems?)

Include both friendly and skeptical questions."

"Create a safety checklist for my security demo:

Demo: [description]
Equipment: [what you'll use]
Environment: [classroom, lab, etc.]

Check:
□ Demo is completely isolated from production systems
□ No sensitive data will be exposed
□ Attack can be stopped immediately if needed
□ Audience cannot accidentally interfere
□ No dangerous physical effects (electrical, RF emissions, etc.)
□ Backup plan if demo fails
□ All software/configs documented for reproducibility

Add specific checks for [your demo type]."

"Someone asks: 'Isn't your research helping attackers?'

Help me formulate a thoughtful response that:
1. Acknowledges the dual-use nature of security research
2. Explains benefits of public disclosure (defense improvement)
3. Describes safeguards in your work (e.g., not releasing full exploit)
4. References security research ethics norms
5. Shows you've thought deeply about this

Make it confident but not defensive."

"Act as a security faculty committee member reviewing my project:

[Provide project summary and slides]

Ask me:
- Critical questions about my methodology
- Challenges to my threat model
- Requests for clarification on technical details
- Ethical questions about potential misuse
- Suggestions for future work

Be rigorous but fair, like a PhD defense committee."

"Explain [timing/power/EM] side-channel attacks:
1. Physical principles (why does information leak?)
2. Measurement setup (what equipment is needed?)
3. Signal processing (filtering, feature extraction)
4. Statistical analysis (correlation, template attacks)
5. Countermeasures (how to defend?)

Focus on [your target: biometric authentication / crypto implementation / etc.]"

"I collected side-channel traces [description]. Help me:
1. Process raw signals (filtering, alignment)
2. Extract features correlated with secret
3. Apply machine learning or statistical tests
4. Visualize information leakage
5. Quantify attack success (information theoretic metrics)

Provide Python code using scipy/numpy."

"I want to generate adversarial examples for [target ML model]:

Task: [classification/detection/generation/etc.]
Model architecture: [CNN/RNN/Transformer/LLM/etc.]
Constraints: [perturbation budget, physical realizability]

Explain:
1. Attack algorithms (FGSM, PGD, C&W, AutoAttack, etc.)
2. Which is best for my emerging systems context?
3. How to ensure adversarial examples transfer to physical/deployed settings?
4. Implementation using Foolbox, CleverHans, or ART
5. Evaluation metrics (success rate, perturbation size, detectability)

Consider deployment-specific constraints: quantized models, limited API access, 
real-time requirements."

"Design an adversarial defense for [emerging system ML model]:

Defense type: [adversarial training, detection, preprocessing, certified defense]

Help with:
1. Implementation strategy
2. Robustness evaluation methodology (AutoAttack, adaptive attacks)
3. Performance trade-offs (accuracy vs. robustness)
4. Deployment considerations (latency, model size, resource constraints)

Provide code structure and key algorithms."

"Design a covert channel using [sensor/network/storage]:

Medium: [what carries hidden information]
Capacity needed: [bits per second]
Detectability: [should evade what detection methods?]

Help me:
1. Design encoding scheme (how to embed data)
2. Calculate theoretical channel capacity
3. Implement encoder/decoder
4. Evaluate against detection methods
5. Propose countermeasures

Balance covertness with capacity."

"I'm analyzing [ML model / firmware] for backdoors:

System: [description]
Backdoor types suspected: [trigger-based, data poisoning, etc.]

Guide me through:
1. Backdoor detection techniques (neural cleanse, activation clustering, etc.)
2. Implementation of detection algorithm
3. Evaluation: how to generate backdoored models for testing?
4. False positive/negative analysis
5. Remediation approaches if backdoor found"

"Analyze security/privacy risks in VR/AR systems:

AR/VR application: [description]
Sensors used: [camera, IMU, GPS, eye tracker, hand tracker, etc.]

Identify:
1. Privacy-sensitive information leakage (gaze, body motion, environment)
2. Possible attack vectors (sensor spoofing, visual side-channels, motion inference)
3. Defense mechanisms (differential privacy, secure computation, rendering obfuscation)
4. Evaluation methodology
5. User study design (if involving human subjects)

Consider unique challenges of AR/VR: real-time requirements, continuous sensing, 
immersive environments, multimodal data streams."

"I want to study security of LLM-based systems:

Target system: [chatbot, autonomous agent, tool-using LLM, multimodal model]
Attack type: [prompt injection, jailbreaking, data extraction, tool misuse]

Help me:
1. Design attack taxonomy for this system type
2. Implement attack scenarios in a controlled sandbox
3. Evaluate defense mechanisms (input filtering, output monitoring, guardrails)
4. Measure attack success rates and defense effectiveness
5. Analyze trade-offs between security and utility

Consider: indirect prompt injection, multi-turn attacks, tool-call exploitation."

"Design a defense for LLM-based [agent/chatbot/system]:

Threat: [prompt injection, data exfiltration, harmful output generation]

Help with:
1. Input sanitization and validation strategies
2. Output monitoring and filtering approaches
3. Architectural defenses (sandboxing, privilege separation)
4. Evaluation using established red-teaming benchmarks
5. Measuring false-positive impact on legitimate use

Provide implementation approach and evaluation framework."

"I want to study privacy in federated learning systems:

FL setup: [number of clients, model type, data distribution]
Attack type: [gradient inversion, membership inference, model poisoning, free-riding]

Help me:
1. Implement the federated learning baseline using Flower or PySyft
2. Design and implement the privacy attack
3. Evaluate information leakage quantitatively
4. Implement defenses (differential privacy, secure aggregation, clipping)
5. Measure utility vs. privacy trade-offs

Consider: non-IID data, communication efficiency, heterogeneous clients."

"I want to study security of robotic systems:

Robot system: [manipulator, mobile robot, drone, teleoperation system]
Attack surface: [sensor inputs, control signals, perception pipeline, communication]

Help me:
1. Identify vulnerabilities in the robot perception-action pipeline
2. Design attack scenarios (sensor spoofing, adversarial objects, command injection)
3. Implement safety-preserving defenses
4. Evaluate in simulation (Isaac Sim, Gazebo, PyBullet)
5. Discuss real-world deployment implications

Consider: real-time safety constraints, human-robot interaction, physical consequences."

"Evaluate if my threat model is realistic:

Threat model: [your assumptions]
Adversary: [capabilities you assume]

Is this realistic for:
1. Typical attackers (script kiddies, criminals, etc.)?
2. Motivated attackers (APT, nation-states)?
3. Practical attack scenarios?

Suggest adjustments to make it more grounded without oversimplifying."

"What assumptions am I making that might not generalize?

My setup: [testbed description]
Real-world deployment: [how systems actually used]

Identify brittleness in my approach."

"What defenses already exist against [my attack]?

Are they:
1. Deployed in practice?
2. Effective?
3. Bypassable?

Position my work relative to existing defenses."

"Review my security project proposal:
[paste proposal]

Evaluate:
1. Is the threat model well-defined and realistic?
2. Is the technical approach feasible in 8 weeks?
3. Are there ethical concerns I haven't addressed?
4. What's the main risk to project success?
5. How does this compare to prior work?

Be critical but constructive."

"I've designed my [attack/defense] architecture:
[paste architecture]

Before I start coding:
1. Are there fatal flaws in the approach?
2. What should I prototype first to validate feasibility?
3. What dependencies or external factors could block me?
4. Is my testbed adequate?
5. What monitoring/logging do I need?"

"Implementation status: [X]% complete. Current issues:
[describe problems]

Help me:
1. Prioritize remaining work
2. Debug current blockers
3. Identify what I can defer to future work
4. Ensure I have a working demo by Week 13 end

Be realistic about the timeline."

"My [attack/defense] is working. What evaluation should I prioritize in Week 14?

Current capabilities: [what works]
Time available: 7 days

Design evaluation that:
1. Validates core claims
2. Tests robustness
3. Compares with baselines
4. Produces results for paper and demo

Focus on quality over quantity."

"Evaluation results: [summarize findings]

For presentation and paper:
1. What are the key takeaways?
2. How do I position this relative to prior work?
3. What limitations must I acknowledge?
4. What future work naturally follows?
5. How do I make this compelling in 10 minutes?

Help me tell the story effectively."