Trails:

Cyberspace of Shujun LI >> Research Opportunities

Shortcuts

Selected Topics for Full-Time PhD Students Studying at University of Kent

Short-Term Projects for UG/Master's Students and Visiting PhD students

Please note that the following projects are not ranked according to their maturity or importance. Most have the target to produce at least one research paper at a top publication venue. Since none of the work has been published, the details are not given -- please contact Shujun if you are interested in any of the following projects. You are welcome to propose your own projects as well as long as they match Shujun's research interests.
  1. Implementation of add-ons to a new research prototype of the Pass∞ technology
    • One design can be 100% back compatible with current textual passwords but can offer far more functionalities and hopefully a much better balance between security and usability
    • A software library of the framework for more designs and implementations
    • Ideally web-based prototypes
    • Good programming skills in HTML/CSS/JavaScript required
    • Collaboration with other researchers expected
  2. Further development of an information hiding (steganography) system based on online activities such as online games
    • Related to a past research project M3: Mobile Magic Mirror and a pending UK patent (see also my blog article)
    • Android app/web-based application/web browser extension
    • Relevant programming skills
    • Collaboration with other researchers expected
  3. New designs and implementations of graphical passwords
    • A particular class of new graphical passwords have been developed with two prototypes and a number of new designs (a paper draft was written as well)
    • Ideally web-based prototypes
    • Good programming skills in HTML/CSS/JavaScript required
    • Collaboration with other researchers expected
  4. Implementation of existing algorithms for breaking visual security of PIN entry on POS terminals and ATM machines
    • Good programming skills on MATLAB/Python
    • Data, some source code and initial experimental results are available.
    • Algorithms and ideas for the remain work will be provided.
    • Further user studies may be needed (assistance from current PhD students and funding will be provided).
  5. Network flow based intrusion detection
    • Good understanding of TCP/IP protocols
    • Good programming skills in MATLAB and C/C++
    • Previous experience in machine learning expected
    • Host-, signature- or content-based methods are not of interest.
  6. Further development of interactive visualizers of password databases
    • Currently three different methods (all well developed and one has an initial prototype system)
    • Ideally web-based
    • Good programming skills in HTML/CSS/JavaScript required
    • Collaboration with other researchers expected
  7. Further development of Visual Password Checker (VPC)
    • Web-based
    • Good programming skills in HTML/CSS/JavaScript required
    • Collaboration with other researchers expected
  8. Systematic literature review of known attacks, scams and crime cases on distributed ledgers, blockchains, cryptocurrencies and other applications
    • Good technical understanding of distributed ledger technologies and cryptocurrencies
    • Interests in psychology, law, economics and business models
    • Good literature review skills
    • Good technical writing skills
    • Collaboration with other researchers expected
  9. Development of a distributed ledger based system called "proofs of claims"
    • Good technical understanding of distributed ledger technologies and cryptocurrencies
    • Interests in psychology, law, economics and business models
    • Good programming skills ideally on distributed ledger platforms such as Solidity
    • Collaboration with other researchers expected
  10. Measurement of websites preventing password pasting (so user-unfriendly against use of random passwords and password managers)
    • Good programming skills on one mainstream programming language
    • Familiar with Internet and web technologies
    • Prior experience with web crawlers advantageous
    • Why is this a research problem?
  11. Verification of passive privacy attacks about mobile WiFi access points
    • Related to but different from Wi-Vi: See Through Walls with Wi-Fi Signals
    • Standalone program (maybe command-line only but GUI for visualizing positions preferred)
    • General good programming skills in a relevant programming language
    • Collaboration with other researchers expected
  12. Testing tools of password strength meters/proactive password checkers
    • Ideally web-based (pure JavaScript based)
    • Good programming skills in HTML/CSS/JavaScript desired
    • Collaboration with other researchers expected
  13. Design and implementation of automated password policy extraction from web sites
    • Standalone program (ideally in MATLAB or Python)
    • Good understanding of HTML/CSS/JavaScript required
    • Previous experience in machine learning advantageous
  14. Design and implementation of password managers with more automated functionalities
    • Web-based applications or web browser extensions
    • Good programming skills in HTML/CSS/JavaScript required
    • Previous experience with web browser extension development advantageous
  15. Development of tools for analysing password input controls on different websites
    • Can be a standalone programme (maybe a command-line tool)
    • Need to have web crawling functionality
    • Should be able to automate fill passwords
  16. Privacy leakage from website log analysis
    • Two related research papers: one on geo-location data and the other on credit card transaction data
    • User studies with real human users required
    • Experience with privacy related user studies expected
    • General programming skills ideally web-based (both server side and client side) programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  17. Timing based attacks on PINs and passwords
    • Good programming skills on a mainstream programming language (MATLAB preferred)
    • Previous experience with machine learning advantageous
    • Solid math background required
    • Potential collaboration with PhD students and research fellows
  18. Modelling and simulation of existing user authentication systems using human cognitive modelling tools (e.g. CogTool)
  19. Implementation of some new user interfaces for presenting Android permissions and mobile app descriptions
    • Good programming skills in HTML/CSS/JavaScript/Java required
    • Previous experience in Android app development advantageous
    • Possible collaboration with/assistance from current MSc/PhD students at Surrey
  20. New designs and implementations of observer-resistant password systems (ORPSs)
    • Related to COMMANDO-HUMANS project
    • See Shujun's IEEETIFS 2015 paper and NDSS 2013 paper for recent progresses on ORPSs.
    • One special subset of ORPSs include shoulder-surfer resistant password/PIN entry methods
    • One (old) example implementation can be found at here.
    • Ideally web-based prototypes
    • Good programming skills in HTML/CSS/JavaScript required
  21. Better user alerting interfaces on mobile phones for security and privacy communications to assist decision making
    • Android app/web-based application/web browser extension
    • Relevant programming skills
    • User studies with real human users required
    • Experience with privacy related user studies expected
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with/assistance from current PhD students at Surrey
    • Funding for running user studies will be provided.
  22. Design and implementation of new subjective rating systems for mobile apps
    • Can be developed as a web-based system to prove the idea
    • Not necessarily work with real-world app marketplaces (some simulation solution needed)
    • Experience with mobile app development advantageous
    • Collaboration with other researchers expected
  23. Design and implementation of automated detection of confidential files (for privacy protection purposes)
    • Standalone program
    • General good programming skills in a relevant programming language
    • Collaboration with other researchers expected
  24. Verification of active privacy attacks related to WiFi access behaviours
    • Standalone program (maybe command-line only)
    • General good programming skills in a relevant programming language
  25. Design and implementation of proactive password checkers for (existing) graphical passwords
    • Ideally web-based (pure JavaScript based)
    • Good programming skills in HTML/CSS/JavaScript required
    • Collaboration with other researchers expected
  26. User study on active password storage mechanism disclosure and development of a server side library facilitating websites to disclose password storage mechanism
    • User studies with real human users required
    • Experience with security related user studies expected
    • General programming skills ideally web-based (both server side and client side) programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with other researchers expected
    • Funding for running user studies will be provided.
  27. Personalised password policies
    • User studies with real human users required
    • Experience with security related user studies expected
    • General programming skills ideally web-based (both server side and client side) programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with other researchers expected
    • Funding for running user studies will be provided.
  28. Performance evaluation of a new mobile security tool DESCRIBEME reported in a recent paper at CCS 2015
    • User studies with real human users required
    • Experience with security related user studies expected
    • General programming skills ideally web-based programming experience
    • Experience with crowdsourcing-based user studies advantageous
    • Collaboration with other researchers expected
    • Funding for running user studies will be provided.
  29. Experimental studies on new crowdsourcing platforms (social networks, mobile app markets, etc.)
    • Interested in emperical user studies (in a crowdsourcing setting)
    • Good knowledge on quantitative and qualitative analysis (including various statistical tests)
    • Sufficient programming skills to work with the API of the target platform
    • Collaboration with other researchers expected
  30. Design and development of PHP libraries for wrapping APIs of crowdsourcing web services
  31. Applications of eye-tracking in cyber security, user privacy or multimedia computing
    • Interested in emperical user studies (in a lab setting)
    • Good knowledge on quantitative and qualitative analysis (including various statistical tests)
    • Sufficient programming skills to work with eye-trackers' API
    • Collaboration with other researchers expected
  32. Gamification in cybersecurity, privacy and digital forensics use cases
    • Examples of how gamification can be applied
    • Will look at both design, implementation (web-based applications and/or mobile apps preferred) and user studies
    • Good programming skills on web and mobile (Android) platforms required
    • Experience in running user studies will be a plus.
    • Collaboration with other researchers expected
  33. Different (and better?) communication and enforcement methods for security policies
    • Interested in emperical user studies (in a real-world setting/field study/focus groups)
    • Good knowledge on quantitative and qualitative analysis (including various statistical tests)
    • Collaboration with real-world organisations desired (which need identifying)
    • Collaboration with other researchers expected
  34. Human errors in decision making processes in cybersecurity, privacy and digital forensics applications
    • An example of how this problem was handled for the game chess
    • Will look at both design, implementation (web-based applications and/or mobile apps preferred) and user studies
    • Good programming skills on web and mobile (Android) platforms required
    • Experience in running user studies will be a plus.
    • Collaboration with other researchers expected
  35. Applications of discrete optimization for multimedia security and forensics
  36. Comparative studies on parental control on mobile devices and websites (such as social networks)
    • Good literature review skills
    • Previous experience on comparative studies desired
    • Possible interviews and surveys with parents
    • Some level of programming skills to automate data analysis
  37. Uber security and privacy issues
    • Good knowledge on general cyber security issues especially attacks
    • Previous experience on comparative studies desired
    • Possible interviews and surveys with Uber users (drivers and passengers)
    • Some level of programming skills to automate data analysis
    • Collaboration with other researchers expected
  38. Development of multi-source data fusion and analytics platform
    • Data from social media is of particular interest.
    • Multimedia data such as digital images (faces, vehicles, buildings, transport, etc.) are of special interest.
    • Data with (location, time) and some level of (pseudo-)identity information is of high interest.
    • Good programming skills in one mainstream programming language such as C/C++/Java/Python/C#/MATLAB required
    • Web-based end user interface is desired.
    • Use of existing data analytics tools such as IBM i2 iBase and QRadar (access will be provided via IBM Academic Initiative) is encouraged.
  39. Comparative study and development of existing visual (image and video) quality assessment algorithms
  40. Further development of an automated CAPTCHA crawler (based on a former Surrey FY UG project work)
    • Good programming skills (original implementation in Java but porting to other languages preferred e.g. Python)
    • Good understanding of Internet and web technologies (including but not limited to HTML and DOM)
    • Previous experience in machine learning advantageous
  41. Implementation of CAPTCHA crackers
    • Good programming skills in MATLAB/Java/Python/C/C++
    • Experience in image processing and pattern recognition required
    • Google CAPTCHA (not reCAPTCHA, but the one appearing after you type your password wrongly for many times) is of great interest.
  42. Balance of usability and security of CAPTCHA and graphical password systems for people with color visual deficiencies
    • Knowledge on color science required (or willingness to learn)
    • Strong interest in accessibility issues in computer systems
    • General programming skills ideally web programming experience
    • User studies involving people with color visual deficiencies required
    • Funding for running user studies will be provided.
  43. New designs and implementations of age verification tools (AVT)
    • AVTs can be considered as an extended form of CAPTCHA: tasks that are hard for all children (and machines) but easy for most (if not all) adults.
    • For exampels of what are available in the market, see AgeVerify products (online demos available).
  44. Prototype development of audio-based e-banking security solution hPIN/hTAN
    • Android app
    • Programming experience in Java (ideally Android app development)
    • Some understanding of cryptography required
  45. Comparative study and development of new tools for scientometrics (world university rankings, quantitative evaluation of researchers/institutes/countries/journals/conferences)
    • Ideally web-based (web applications or web browser extensions)
    • Good understanding of HTML/CSS/JavaScript required
  46. Implementation and/or result verification of any interesting research paper matching Shujun's short-term and long-term research interests
    • Contact Shujun if you want to know more or have a cyber security related paper you are interested.

Only one revision exists, which was created (or modified) by hooklee at Sunday, April 8, 2018 1:51:46 PM.
This page was locked and can only be edited by administrators.

HomeIndexRecent ChangesPreference

Google

PRchecker.info
Valid XHTML 1.0 Transitional

China

Germany (CET)