Göm menyn

TDDD82 Projekttermin inklusive kandidatprojekt: Säkra, mobila system

Kandidatarbeten

Projekt ID Studenter Handledare
Projekt 1Simin Nadjm-Tehrani
Projekt 2Simin Nadjm-Tehrani
Projekt 3Mikael Asplund
Projekt 4Mikael Asplund
Projekt 5Mikael Asplund
Projekt 6Mikael Asplund
Projekt 7Niklas Carlsson
Projekt 8Niklas Carlsson
Projekt 9Niklas Carlsson
Projekt 10Niklas Carlsson
Projekt 11Niklas Carlsson
Projekt 12Marcus Bendtsen
Projekt 13Marcus Bendtsen
Projekt 14Marcus Bendtsen
Projekt 15Marcus Bendtsen
Projekt 16Marcus Bendtsen

Instruktioner

Varje par skriver i ett mejl en sorterad lista över alla projekt (högst prioriterad först). I mejlet skall också framgå vilka två personer som ingår i gruppen. Bifoga inte några dokument eller liknande, allt ska stå direkt i mejlet. Notera att alla projekt måste ingå i listan. Mejlet skall se ut som följande exempel:

Marcus Bendtsen (marbe800)
Jakob Pogulis (jakpo779)

Projekt 4
Projekt 1
Projekt 8
osv.

Kursledningen kommer sedan att dela ut kandidatarbeten. Vi utgår från era preferenser men kan inte garantera att ni får de projekt ni har satt högst på listan.

Språk

Eftersom dessa kandidatarbeten har en vetenskaplig karaktär så föredrar vi att arbetena genomförs på engelska. Framläggning och opposition är på svenska.

Specifika krav

Vissa projekt har specifika krav, de står skrivna i texten till projektet, se till att ni uppfyller dessa.

Projekt

Projekt 1

En mobil applikation ska idealiskt kunna adaptivt ändra sitt beteende och använda mindre energi när batterinivån når olika trösklar. Problemet är dock att applikationens QoS kan vara beroende av olika funktioner och deras interaktioner (i ert fall olika interaktioner med servern). När beteendet av appen ska anpassas så måste man t.ex. ta ställning till vilka transmissioner kan ske mindre ofta (i en ”bundle”).

I detta miniprojekt är det tänkt att ni tar fram en matematisk modell som karakteriserar er apps anpassningsförmåga. Modellen används som en funktion över tid och batteritillgänglighet och kan betraktas som grund till en ”adaptation policy". Då kan packet sändningsmekanismen anpassas ("forwarding mechanisms") och detta leder till en förlängd batterilivslängd. Ökningen i livslängden är också beroende av transmissionsenergikostnaden (som är olika för 3G och WiFi). Minst två olika schemaläggningsmekanismer ska modelleras så att beslut ska kunna fattas om den ena eller den andra leder till längre batteri tillgänglighet givet *samma* paketflödesprofil. Minst en ny implementering av anpassningsmekanism på klientsidan framtas.

Projekt 2

Att testa en applikations tillförlitlighet är ett teoretiskt svårt problem. I princip ska alla möjliga inputs till applikationen genereras för att kunna säkerställa att appen gör vad den ska. Men mängden testfall blir lätt stor på grund av kombinatorisk explosion. I detta projekt ska ni dels kartlägga vetenskapliga ansatser för att testa mobila applikationer med avseende på funktionella krav, och dels tillämpa någon befintlig ansats (med tillhörande programvara) för att testa er applikation systematiskt. Om applikationen måste färdigställas innan olika funktioner kan testas så ingår detta också i arbetet. Men åtminstone tre olika funktionaliteter från kravlistan måste testas fullständigt och resultaten sammanställas systematiskt.

Projekt 3

För att åstadkomma en replikeringslösning för en dynamisk mängd noder (noder kan tas bort, läggas till, krascha och återstartas) och där nätverkskommunikationen inte är helt tillförlitlig krävs ett protokoll för att hantera medlemskap i gruppen av noder. Detta projekt handlar om att studera en enkel implementation av ett sådant nätverksprotokoll i en simuleringsmiljö och systematiskt undersöka effekten av olika parameterval och hur det påverkar tillgänglighet av systemet samt den prestandafördröjning som kommer av denna lösning.

Projekt 4

Nästa lager (dvs. efter projekt 3) i en replikeringslösning är ett protokoll för att skicka meddelanden och veta att alla noder i gruppen har mottagit detta. Detta projekt handlar om att implementera ett sådan gruppkommunikationsprotokoll och utvärdera i en simuleringsmiljö.

Projekt 5

Många av dagens cloud-system baseras på ett ramverk som kallas Hadoop och är öppen källkod. Detta projekt syftar till att undersöka hur en Hadoop-lösning stödjer feltolerans och replikering och göra mätningar av responstid för ett enkelt Hadoop-system.

Projekt 6

Tillgänglighet är i praktiken svårt att mäta på ett tillförlitligt sätt, speciellt när det handlar om system med relativt hög tillgänglighet. Man kan säga att ett systems tillgänglighet bestäms dels av hur ofta systemet råkar ut för ett haveri som gör att det inte är åtkomligt och hur lång tid det tar att återställa till normal drift. Detta projekt handlar om att studera återställningstid. Dels genom att titta på historiska data för olika typer av system och fel/haverier, dels genom litteraturgenomgång av olika metoder för hur denna tid kan uppskattas och till sist genom att skapa en matematisk modell och studera hur den beter sig för olika parameterval.

Projekt 7

Temporal Analysis and (Non-temporal) Multi-variate Model for Mobile Download Speeds
Good communication is critical in disaster scenarios. Crowd-sourced network measurements can be used to build network performance maps and other models of the network performance. Such models can be valuable in understanding the current network conditions. In this mini projects you will extend some of our prior work on network performance maps to build models for the network performance as captured by a crowd-sourced datasets. In particular, you will use a large but sparse dataset together with complementing data (that you will need to identify and calculate; e.g., distance to a large city, distance to a large road, etc.) to build a statistical model (e.g., based on multi-variate regression) that captures some factors that may or may not impact mobiles users Internet speeds. In addition to a basic model, the work should also include an analysis of temporal aspects (e.g., how quickly download speeds may change in the same location, when multiple measurements are performed back-to-back, for example). The large and sparse dataset may make (especially the later) analysis challenging.

Your analysis scripts will need to handle large volumes of measurement data and should allow you to test and compare different models. All tools/analysis will need to run on Linux, no data is allowed to be copied/moved from the system where the data is stored, and the results/report (that may involve analysis of real data) are not allowed to include any private information or IP addresses. You will also need to learn R or some other statistical languages. A non-disclosure agreement will also need to be signed.

Projekt 8

Understanding Correlated Crowd-sourced Measurements
The Internet plays a critical role in today’s society and is often used to transfer and share important information. Under disaster scenarios, as well as under regular operation, it is therefore important to easily detect network failures and network performance degradation in regions, in the network as a whole, or for individual operators. In the case of attacks against critical network infrastructure or network failures due to natural disasters, crowd sourced measurements may help detecting such failures or performance degradations. In this project, you will evaluate and investigate the potential effectiveness of crowd-based approaches in which a collection of download speed measurements (e.g., by first responders and other users) are used to detect anomalies and network problems. As a first step, this will involve investigating potential correlations/relationships between correlated network measurements (e.g., a sequence of measurements from the same location) and network speeds. Second, more advanced investigation of different anomaly detection algorithms will be evaluated. For this task you will develop tools to analyze potentially large datasets, as well as develop and evaluate online detection algorithms on such datasets. All tools/analysis will need to run on Linux, no data is allowed to be moved from the system where the data is stored, and the results/report (that may involve analysis of real data) are not allowed to include any private information or IP addresses. A non-disclosure agreement will also need to be signed.

Projekt 9

Implementation and Instrumentation for a Geo-based Interface for Command-and-Control Center using Geo-tagged Interactive Video Streaming
We have implemented and designed a novel media player that allows interactive video to be stitched together in way that allow users to interactively select different non-linear media paths through the media. We would like to create a geo-tagged version that includes (i) generation of geo/direction-tagged recordings and (ii) a user interface that allows people in a command and control center (e.g., during a disaster scenario) or other users to seamlessly switch between multiple recorded streams such as to monitor an event from multiple locations/angles/directions.

The interface should be implementation within our current framework that uses Adobe’s Open Source Media Framework (OSMF). As such there will be a lot of code to understand, so good program skills are an expectation for a successful project.

We are planning to sign an agreement that ensure that we keep the intellectual property rights to the design and the software. The goal would be to create a demonstrator of our software, which eventually will be made available with the next academic publication. Your contributions will be properly acknowledged and the publication process should not hinder you from publishing your thesis. (Explanation: The code is expected to be non-public until a research article eventually is published based on the software, at which time we would plan to release the source code (and acknowledge the people that have contributed and helped with the code). Until that point in time, the code and any technical solutions and ideas should remain non-public.

Projekt 10

Simulation of Scalable Streaming Protocols using Wireless Multicast/broadcast
Efficient information dissemination is critical in disaster scenarios. In this project you will evaluate the effectiveness of using periodic broadcast protocols to deliver (information) videos to a large number of wireless devices (in the event of a disaster or popular event, for example). The work will include building a simulation model that captures aspects such as the number of channels a mobile device can listen to in parallel, the channel rates, and its ability to turn interfaces on/off (to save energy, for example). To obtain realistic simulation parameters you will also need to investigate existing literature to identify good/realistic (well-motivated) parameter values and models for when simulating eMBMS and WiFi. The simulations are expected to capture bandwidth and buffer constraints, as well as the energy usage of the clients, such that various tradeoffs between these aspects can be explored.

Projekt 11

Implementation of Interactive Video Streaming with Dash.js
Essentially the same as the above problem. However, rather than focusing on the interface application, you will implement a similar streaming solution as our current OSMF framework using the (open source) DASH.js framework (instead of OSMF). The goal of this project would be to implement a demonstrator using DASH.js and to extend some specific feature of the player. At a high level, the extensions will include careful prefetching and improved buffer management. Again, good program skills may be needed to successfully complete the project.

Again, we are planning to sign an agreement that ensure that we keep the intellectual property rights to the design and the software. The goal would be to create a demonstrator of our software, which eventually will be made available with the next academic publication. Your contributions will be properly acknowledged and the publication process should not hinder you from publishing your thesis.

Projekt 12

Multi-factor authentication using biometrics
Increasingly, mobile devices are given access to business and security critical content. These devices are often small and can easily be carried around, thus giving additional opportunities for attackers to get their hands on a physical device. Access cards, passcodes, fingerprints etc. are being used to add additional factors of authentication to devices, however none of these offer a complete solution.

The aim of this project is to build a prototype system that utilises some trait of a person in order to authenticate them before completing critical operations, e.g. sending/receiving a message or making phone calls. The trait to be used should go beyond the now more common factors of fingerprints or face recognition, and instead rely on walking patterns of the person, typing speed or a drawn shape with the finger.

Students that want to take on this project are expected to have a device that has the necessary features/sensors.

Projekt 13

Tamper protection review
Increasingly, mobile devices are given access to business and security critical content. These devices are often small and can easily be carried around, thus giving additional opportunities for attackers to get their hands on a physical device. Although attackers may not be able to use the mobile device, they may be able to access confidential information, including encryption keys, from the hardware within the device.

The aim of this project is to do a review of existing attacks against physical devices and methods for tamper protection. This includes active protection that attempts to detect intrusions and alter the device itself, and passive protection, such as using certain materials etc.

Projekt 14

Intrusion detection system
Network communication is a vital part of the client-server architecture, however allowing network traffic also increases exposure to attacks. A network intrusion detection system (NIDS) monitors the traffic, and attempts to identify when a server or a client is being attacked. However, it is not always straightforward to discriminate between expected and malicious traffic.

The aim of this project is to set up a NIDS on the client and the server. This requires understanding what NIDS can and should detect, implementing the systems and the attacks, as well as measuring the accuracy of the system.

Students that want to take on this project are expected to have a device that has the necessary features/sensors.

Projekt 15

Secure development
Software development methodologies are rarely developed with software security in mind, but are rather adapted to contain security related activities, e.g. adding risk analysis to a SCRUM development process. Methodologies such as Microsoft’s security development lifecycle are gaining popularity; yet far from all projects include security activities.

The aim of this project is to contact a number of software development companies, and ask to interview their development teams with respect to the security activities that they perform. The outcome should give insight, albeit using a small sample, into how development teams work today.

Students willing to do this project are expected to be highly self-driven and structured, as it will be up to the students to find contacts and set up interviews.

Projekt 16

Anonymous connections
The fact that person A requested something from person B is in and of itself information. While a third party may not be able to discern what has been requested, e.g. due to encryption, the mere fact that something was requested may be security sensitive, and thus needs to be considered confidential.

The aim of this project is to investigate systems that are designed to make requests anonymous, e.g. onion routing, and then to implementing such a system so that it can be used within an organisation.


Sidansvarig: Nahid Shahmehri
Senast uppdaterad: 2016-02-12