Trails:

Cyberspace of Shujun LI >> Research Opportunities

Shortcuts

Selected Topics for Potential PhD Students Studying at Surrey

Short-Term Projects for UG/Master's Students and Visiting PhD students

Please note that the following projects are not ranked according to their maturity or importance. Most have the target to produce at least one research paper at a top publication venue. Since none of the work has been published, the details are not given -- please contact Shujun if you are interested in any of the following projects. You are welcome to propose your own projects as well as long as they match Shujun's research interests.
  1. Measurement of websites preventing password pasting (so user-unfriendly against use of random passwords and password managers)
    • Good programming skills on one mainstream programming language
    • Familiar with Internet and web technologies
    • Prior experience with web crawlers advantageous
    • Why is this a research problem?
  2. Implementation of add-ons to a new research prototype of the Pass∞ technology
    • One design can be 100% back compatible with current textual passwords but can offer far more functionalities and hopefully a much better balance between security and usability
    • A software library of the framework for more designs and implementations
    • Ideally web-based prototypes
    • Good programming skills in HTML/CSS/JavaScript required
    • Possible collaboration with/assistance from current PhD students
    • Read the University of Surrey's press release for more.
  3. Verification of passive privacy attacks about mobile WiFi access points
    • Related to but different from Wi-Vi: See Through Walls with Wi-Fi Signals
    • Standalone program (maybe command-line only but GUI for visualizing positions preferred)
    • General good programming skills in a relevant programming language
    • Possible collaboration with/assistance from current PhD students at Surrey
  4. Testing tools of password strength meters/proactive password checkers
    • Ideally web-based (pure JavaScript based)
    • Good programming skills in HTML/CSS/JavaScript desired
    • Possible collaboration with/assistance from current PhD students at Surrey
  5. Design and implementation of automated password policy extraction from web sites
    • Standalone program (ideally in MATLAB or Python)
    • Good understanding of HTML/CSS/JavaScript required
    • Previous experience in machine learning advantageous
  6. Design and implementation of password managers with more automated functionalities
    • Web-based applications or web browser extensions
    • Good programming skills in HTML/CSS/JavaScript required
    • Previous experience with web browser extension development advantageous
  7. Development of tools for analysing password input controls on different websites
    • Can be a standalone programme (maybe a command-line tool)
    • Need to have web crawling functionality
    • Should be able to automate fill passwords
  8. Privacy leakage from website log analysis
    • Two related research papers: one on geo-location data and the other on credit card transaction data
    • User studies with real human users required
    • Experience with privacy related user studies expected
    • General programming skills ideally web-based (both server side and client side) programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  9. Implementation of existing algorithms for breaking visual security of PIN entry on POS terminals and ATM machines
    • Good programming skills on MATLAB/Python
    • Data, some source code and initial experimental results are available.
    • Algorithms and ideas for the remain work will be provided.
    • Further user studies may be needed (assistance from current PhD students and funding will be provided).
  10. Timing based attacks on PINs and passwords
    • Good programming skills on a mainstream programming language (MATLAB preferred)
    • Previous experience with machine learning advantageous
    • Solid math background required
    • Potential collaboration with PhD students and research fellows
  11. Modelling and simulation of existing user authentication systems using human cognitive modelling tools (e.g. CogTool)
  12. Further development of interactive visualizers of password databases
    • Currently three different methods (all well developed and one has an initial prototype system)
    • Ideally web-based
    • Good programming skills in HTML/CSS/JavaScript required
    • Possible collaboration with/assistance from current MSc/PhD students at Surrey
  13. Implementation of some new user interfaces for presenting Android permissions and mobile app descriptions
    • Good programming skills in HTML/CSS/JavaScript/Java required
    • Previous experience in Android app development advantageous
    • Possible collaboration with/assistance from current MSc/PhD students at Surrey
  14. Further development of an information hiding (steganography) system based on online activities
    • Related to a past research project M3: Mobile Magic Mirror and a pending UK patent (see also my blog article)
    • Android app/web-based application/web browser extension
    • Relevant programming skills
  15. New designs and implementations of observer-resistant password systems (ORPSs)
    • Related to COMMANDO-HUMANS project
    • See Shujun's IEEETIFS 2015 paper and NDSS 2013 paper for recent progresses on ORPSs.
    • One special subset of ORPSs include shoulder-surfer resistant password/PIN entry methods
    • One (old) example implementation can be found at here.
    • Ideally web-based prototypes
    • Good programming skills in HTML/CSS/JavaScript required
  16. Better user alerting interfaces on mobile phones for security and privacy communications to assist decision making
    • Android app/web-based application/web browser extension
    • Relevant programming skills
    • User studies with real human users required
    • Experience with privacy related user studies expected
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  17. New designs and implementations of graphical passwords
    • A particular class of new graphical passwords have been developed with two prototypes and a number of new designs (a paper draft was written as well)
    • Ideally web-based prototypes
    • Good programming skills in HTML/CSS/JavaScript required
    • Possible collaboration with/assistance from current PhD students at Surrey
  18. Design and implementation of new subjective rating systems for mobile apps
    • Can be developed as a web-based system to prove the idea
    • Not necessarily work with real-world app marketplaces (some simulation solution needed)
    • Experience with mobile app development advantageous
    • Possible collaboration with/assistance from current PhD students at Surrey
  19. Design and implementation of automated detection of confidential files (for privacy protection purposes)
    • Standalone program
    • General good programming skills in a relevant programming language
    • Possible collaboration with/assistance from current PhD students at Surrey
  20. Verification of active privacy attacks related to WiFi access behaviours
    • Standalone program (maybe command-line only)
    • General good programming skills in a relevant programming language
  21. Design and implementation of proactive password checkers for (existing) graphical passwords
    • Ideally web-based (pure JavaScript based)
    • Good programming skills in HTML/CSS/JavaScript required
    • Possible collaboration with/assistance from current PhD students at Surrey
  22. User study on active password storage mechanism disclosure and development of a server side library facilitating websites to disclose password storage mechanism
    • User studies with real human users required
    • Experience with security related user studies expected
    • General programming skills ideally web-based (both server side and client side) programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  23. Personalised password policies
    • User studies with real human users required
    • Experience with security related user studies expected
    • General programming skills ideally web-based (both server side and client side) programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  24. Performance evaluation of a new mobile security tool DESCRIBEME reported in a recent paper at CCS 2015
    • User studies with real human users required
    • Experience with security related user studies expected
    • General programming skills ideally web-based programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  25. Network flow based intrusion detection
    • Good understanding of TCP/IP protocols
    • Good programming skills in MATLAB and C/C++
    • Previous experience in machine learning expected
    • Host-, signature- or content-based methods are not of interest.
  26. Further development of Visual Password Checker (VPC)
    • Web-based
    • Good programming skills in HTML/CSS/JavaScript required
    • Collaboration with/assistance from current PhD students at Surrey
  27. Experimental studies on new crowdsourcing platforms (social networks, mobile app markets, etc.)
    • Interested in emperical user studies (in a crowdsourcing setting)
    • Good knowledge on quantitative and qualitative analysis (including various statistical tests)
    • Sufficient programming skills to work with the API of the target platform
    • Possible collaboration with current PhD students
  28. Design and development of PHP libraries for wrapping APIs of crowdsourcing web services
  29. Applications of eye-tracking in cyber security, user privacy or multimedia computing
    • Interested in emperical user studies (in a lab setting)
    • Good knowledge on quantitative and qualitative analysis (including various statistical tests)
    • Sufficient programming skills to work with eye-trackers' API
    • Possible collaboration with/assistance from current research fellow (Dr Haiyue Yuan) and School of Psychology at Surrey
  30. Gamification in cybersecurity, privacy and digital forensics use cases
    • Examples of how gamification can be applied
    • Will look at both design, implementation (web-based applications and/or mobile apps preferred) and user studies
    • Good programming skills on web and mobile (Android) platforms required
    • Experience in running user studies will be a plus.
    • Possible collaboration with PhD students.
  31. Different (and better?) communication and enforcement methods for security policies
    • Interested in emperical user studies (in a real-world setting/field study/focus groups)
    • Good knowledge on quantitative and qualitative analysis (including various statistical tests)
    • Collaboration with real-world organisations desired (which need identifying)
    • Potential collaboration with psychologists and social scientists at Surrey
  32. Human errors in decision making processes in cybersecurity, privacy and digital forensics applications
    • An example of how this problem was handled for the game chess
    • Will look at both design, implementation (web-based applications and/or mobile apps preferred) and user studies
    • Good programming skills on web and mobile (Android) platforms required
    • Experience in running user studies will be a plus.
    • Possible collaboration with PhD students
  33. Applications of discrete optimization for multimedia security and forensics
    • Existing software such as IBM CPLEX will be used.
    • Good programming skills in MATLAB and C/C++ required
    • Possible collaboration with/assistance from international collaborators
    • See Shujun's previous work at ICIP 2011 for an example
  34. Comparative studies on parental control on mobile devices and websites (such as social networks)
    • Good literature review skills
    • Previous experience on comparative studies desired
    • Possible interviews and surveys with parents
    • Some level of programming skills to automate data analysis
  35. Uber security and privacy issues
    • Good knowledge on general cyber security issues especially attacks
    • Previous experience on comparative studies desired
    • Possible interviews and surveys with Uber users (drivers and passengers)
    • Some level of programming skills to automate data analysis
    • Possible collaboration with PhD students
  36. Development of multi-source data fusion and analytics platform
    • Data from social media is of particular interest.
    • Multimedia data such as digital images (faces, vehicles, buildings, transport, etc.) are of special interest.
    • Data with (location, time) and some level of (pseudo-)identity information is of high interest.
    • Good programming skills in one mainstream programming language such as C/C++/Java/Python/C#/MATLAB required
    • Web-based end user interface is desired.
    • Use of existing data analytics tools such as IBM i2 iBase and QRadar (access will be provided via IBM Academic Initiative) is encouraged.
  37. Comparative study and development of existing visual (image and video) quality assessment algorithms
  38. Further development of an automated CAPTCHA crawler (based on a former Surrey FY UG project work)
    • Good programming skills (original implementation in Java but porting to other languages preferred e.g. Python)
    • Good understanding of Internet and web technologies (including but not limited to HTML and DOM)
    • Previous experience in machine learning advantageous
  39. Implementation of CAPTCHA crackers
    • Good programming skills in MATLAB/Java/Python/C/C++
    • Experience in image processing and pattern recognition required
    • Google CAPTCHA (not reCAPTCHA, but the one appearing after you type your password wrongly for many times) is of great interest.
  40. Balance of usability and security of CAPTCHA and graphical password systems for people with color visual deficiencies
    • Knowledge on color science required (or willingness to learn)
    • Strong interest in accessibility issues in computer systems
    • General programming skills ideally web programming experience
    • User studies involving people with color visual deficiencies required
    • Funding for running user studies will be provided.
  41. New designs and implementations of age verification tools (AVT)
    • AVTs can be considered as an extended form of CAPTCHA: tasks that are hard for all children (and machines) but easy for most (if not all) adults.
    • For exampels of what are available in the market, see AgeVerify products (online demos available).
  42. Prototype development of audio-based e-banking security solution hPIN/hTAN
    • Android app
    • Programming experience in Java (ideally Android app development)
    • Some understanding of cryptography required
  43. Comparative study and development of new tools for scientometrics (world university rankings, quantitative evaluation of researchers/institutes/countries/journals/conferences)
    • Ideally web-based (web applications or web browser extensions)
    • Good understanding of HTML/CSS/JavaScript required
  44. Implementation and/or result verification of any interesting research paper matching Shujun's short-term and long-term research interests
    • Contact Shujun if you want to know more or have a cyber security related paper you are interested.

Only one revision exists, which was created (or modified) by hooklee at Friday, February 17, 2017 12:13:56 PM.
This page was locked and can only be edited by administrators.

HomeIndexRecent ChangesPreference

Google

Google PageRank Checker
Valid XHTML 1.0 Transitional
Locations of visitors to this page
ip-location map zoom
Germany

China

GMT (London)