Contact

TimeLine

• Wednesday Nov 10, 10h00-10h30: Introduction to the Research Projects.
• Wednesday Dec 8, 10h00-12h00; 14:00-16:00: Detailed discussion on selections for RP1.
• Friday Jan 14, 24h00: research plan due.
• Tuesday Feb 8, 10h00-17h00: (updated) Presentations RP1 and out of order RP2.
• Wednesday Feb 9, 10h00 - 17h00: (updated) Presentations RP1 and out of order RP2.
• Sunday Feb 13, 23h59: RP - reports due

• Wednesday May 25 10h15-13h00, Detailed discussion on selections for RP2 + delivery of the preliminary analysis of the ethical implications of the project (one or two paragraph max).
  
• Friday Jun 10 24h00: research plan due.
• All Wednesday of June 9:00 - 10:00 virtual BBB room open for spontaneous questions (voluntarily)
  
• Tuesday Jul 5, 10h00-17h00 - SP C0.110: (updated) Presentations RP1 and  RP2.
• Wednesday Jul 6, 10h00-17h00 - SP C0.110: (updated) Presentations RP1 and  RP2.
• Friday Jul 8, 17h00 (updated): RP - reports due.

Projects

Blockchain's Relationship with Sovrin for Digital Self-Sovereign Identities.

Sensor data streaming framework for Unity.

• What are the requirements and limitations of a seamless integration of smart factory sensor data for a digital twin scenario?

• Build a generic infrastructure which can either play live data or snapshot data.
• The sensor data will include position data, but also other properties which are displayed in graphs and should be visualized by 2D plots within Unity.

To optimize or not: on the impact of architectural optimizations on network performance.

The other faces of RDMA virtualization.

Verification of Objection Location Data through Picture Data Mining Techniques.

Artificial Intelligence Assisted carving.

Problem Description:

Goal:

• Create a simple framework to detect documents of a certain set (or company) within carved data by utilizing machine learning. Closely related to document identification.

Usage Control in the inter data spaces data exchange.

Security of embedded technology.

1. https://www.os3.nl/_media/2013-2014/courses/rp1/p67_report.pdf
2. https://www.os3.nl/_media/2011-2012/courses/rp2/p61_report.pdf
3. http://rp.os3.nl/2014-2015/p48/report.pdf
4. https://www.os3.nl/_media/2011-2012/courses/rp2/p19_report.pdf

Cross-blockchain oracle.

Network aware performance optimization for Big Data applications using coflows.

1. Review the existing CoFlow scheduling strategies and related work
2. Prototyping test applications using; big data platforms (including Apache Hadoop, Spark, Hive, Tez).
3. Set up coflow test bed (Aalo, Varys etc.) using existing CoFlow installations.
4. Benchmark the behavior of CoFlow in different application patterns, and characterise the behavior.

1. CoFlow introduction: http://www2.eecs.berkeley.edu/Pubs/TechRpts/2015/EECS-2015-211.pdf
2. Junchao Wang, Huan Zhouy, Yang Huz, Cees de Laatx and Zhiming Zhao, Deadline-Aware Coflow Scheduling in a DAG, in NetCloud 2017, Hongkong, to appear [upon request]

Elastic data services for time critical distributed workflows.

1. Model the time constraints for the data services and the characteristics of data access patterns found in given use cases.
2. Review the state of the art technologies for optimising virtual infrastructures.
3. Propose and prototype an elastic data service solution based on a number of selected workflow patterns.
4. Evaluate the results using a use case provided by an environmental research infrastructure.

1. https://staff.fnwi.uva.nl/z.zhao/software/drip/
2. http://www.envriplus.eu
3. http://www.switchproject.eu

Contextual information capture and analysis in data provenance.

1. Reviewing the state of the art for provenance systems.
2. Prototyping sample workflows that demonstrate selected provenance models.
3. Benchmarking the results of sample workflows, and defining guidelines for choosing between different provenance solutions (considering metadata, logging, analytics, etc.).

1. About project: http://www.envriplus.eu
2. Provenance background in ENVRIPLUS: https://surfdrive.surf.nl/files/index.php/s/uRa1AdyURMtYxbb
3. Michael Gerhards, Volker Sander, Torsten Matzerath, Adam Belloum, Dmitry Vasunin, and Ammar Benabdelkader. 2011. Provenance opportunities for WS-VLAM: an exploration of an e-science and an e-business approach. In Proceedings of the 6th workshop on Workflows in support of large-scale science (WORKS '11). http://dx.doi.org/10.1145/2110497.2110505

Profiling Partitioning Mechanisms for Graphs with Different Characteristics.

1. Review the state of the art of the graph partitioning algorithms and related tools, such as Chaco, METIS and KaHIP, etc.
2. Investigate how to define the characteristics of a graph, such as sparse graph, skewed graph, etc. This can also be discussed with different graph models, like planar graph, DAG, hypergraph, etc.
3. Build a benchmark for different types of graphs with various partitioning mechanisms and find the relationship behind.;
4. Discuss about how to choose a partitioning mechanism based on the graph characteristics.

1. Zhou, H., Hu Y., Wang, J., Martin, P., de Laat, C. and Zhao, Z., (2016) Fast and Dynamic Resource Provisioning for Quality Critical Cloud Applications, IEEE International Symposium On Real-time Computing (ISORC) 2016, York UK http://dx.doi.org/10.1109/ISORC.2016.22
2. SWITCH: www.switchproject.eu

More info: Huan Zhou, Arie Taal, Zhiming Zhao

Auto-Tuning for GPU Pipelines and Fused Kernels.

1. tuning each component in isolation,
2. tuning the pipeline as a whole, and
3. tuning the fused kernel. Measuring the performance of one or more pipelines in these scenarios we hope to, on one level, being able to determine which is the best strategy for the specific pipelines on different hardware platform, and on another level we hope to better understand which are the characteristics that influence this behavior.

Auto-tuning for Power Efficiency.

Applying and Generalizing Data Locality Abstractions for Parallel Programs.

Ethereum Smart Contract Fuzz Testing.

Smart contracts specified as contracts.

Zero Trust Validation

• What is missing in the current approach of ZTA to make it resonate with the board?
  • What are Critical Success Factors for drafting and implementing ZTA?
  • What is an easy to consume capability maturity or readiness model for the adoption of ZTA that guides boards and management teams in making the right decisions?
  • What does a management portal with associated KPIs need to offer in order to enable board and management to manage and monitor the ZTA implementation process and take appropriate ownership?
  • How do we add the necessary controls and leverage control and monitoring facilitities thusly provided efficiently?

1. Zero Trust Validation
2. "On Exploring Research Methods for Business Information Security Alignment and Artefact Engineering" by Yuri Bobbert, University of Antwerp

OSINT Washing Street.

Building an open-source, flexible, large-scale static code analyzer.

Background information

Problem description

Research proposal

Developing a Distributed State of Mind.

Development of a control framework to guaranty the security of a collaborative open-source project.

• https://searchsecurity.techtarget.com/news/252453398/Compromised-NPM-package-highlights-open-source-trouble
• https://nakedsecurity.sophos.com/2018/06/29/linux-distro-hacked-on-github-all-code-considered-compromised/
• https://portswigger.net/daily-swig/homebrew-bug-allowed-researcher-full-access-to-github-repos

Security of IoT communication protocols on the AWS platform.

1. https://homepages.staff.os3.nl/~delaat/rp/2019-2020/p65/report.pdf
2. https://docs.aws.amazon.com/greengrass/latest/developerguide/what-is-gg.html
3. https://github.com/aws/aws-iot-device-sdk-python

Version management of project files in ICS.

Future tooling and cyber defense strategy for ICS.

End-to-end encryption for browser-based meeting technologies.

• What are possible approaches?
• How would they compare to each other?

Evaluation of the Jitsi Meet approach for end-to-end encrypted browser-based video conferencing.

• https://jitsi.org/blog/e2ee/
• https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/e2ee.md

Approximate computing and side channels.

• Selection of the most appropriated techniques for energy saving among the ones used in approximate computing paradigm
• Realization of a number of simple cryptographic benchmarks using HDL (VHDL of Verilog) language
• Simulation of the power consumption in the different scenarios
• Evaluation of the side channel resistance of each

Decentralize a legacy application using blockchain: a crowd journalism case study.

1. investigate the integration possibilities between social network application and permissioned blockchain technologies,
2. make a rapid prototype to demonstrate the feasibility, and
3. assess the operational cost of blockchain services.

Location aware data processing in the cloud environment.

Trust bootstrapping for secure data exchange infrastructure provisioned on demand.

Supporting infrastructure for distributed data exchange scenarios when using IDS (Industrial Data Spaces) Trusted Connector.

Security projects at KPN.

• Literature review of the state of the art of a give malware category ( Trojans, Info stealers, ransomware, etc) some examples:
• https://www.f5.com/labs/articles/education/banking-trojans-a-reference-guide-to-the-malware-family-tree
• https://www.veronicavaleros.com/blog/2018/3/12/a-study-of-rats-third-timeline-iteration
• What cloud services are been the most abused to for distributing malware? (Pastebin, GitHub, drive, Dropbox, etc) . URLHaus, Public sandboxes, and other sources could be starting points. (Curious about cdns and social applications like discord, telegram , and others)
• Looking at raccine https://github.com/Neo23x0/Raccine, what steps do ransomware malware take and what possibilities are there to create other vaccines or how to improve Raccine.
• Building a non detectable web scraper
• A lot of time data from darknet is available on website and no option for an API/feed is available. These website tend to have scraping detection is several ways, this could be rate limiting to “humanâ€� behavior checks. What is the best way to scrape these type of website in such a way that is is hard to impossible to detect a bot is retrieving data. Can this be done while still maintaining a good pace of retrieving data.
• Malware Aquarium
• Inspired by XKCD: https://xkcd.com/350/. Can you create an open source malware aquarium. There are several challenges in how to setup up, how to get infection going, keeping it contained and how to keep track of everything (alerts on changes)?

Assessing data remnants in modern smartphones after factory reset.

• https://calhoun.nps.edu/handle/10945/41441
• https://www.cl.cam.ac.uk/~rja14/Papers/fr_most15.pdf
• https://ld7un47f5ww196i744fd5pi1-wpengine.netdna-ssl.com/wp-content/uploads/2019/04/201811-SSpaper-DataRemanence.pdf

Vocal Fakes.

Web of Deepfakes.

Zero Trust architectures applications in the University ICT environment.

• https://www.nist.gov/publications/zero-trust-architecture
• https://www.microsoft.com/security/blog/2020/10/15/announcing-the-zero-trust-deployment-center/
• https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture
  

High-speed implementation of lightweight ciphers.

Federated Authentication platform.

Researching efficiency of Trendmicro's HAC-T algorithm.

Towards unified software package dependency resolution strategy.

In search of popularity and prominence metric for software packages.

Towards an estimation of the volume of open source code.

Energy consumption of secure neural network inference using multi-party computation.

Key Management as a Service for Blockchain Access Control Applications.

Modeling of medical data access logs for understanding and detecting potential privacy breach.

Automated Incident Response in the Cloud: An Environment Agnostic Solution in AWS.

Organizations are moving to the cloud, some organizations go for a hybrid setup and some go full cloud. From an incident response perspective the cloud offers some great possibilities (and challenges). For this research we are looking for one or more students that want to dive into one of the big 3 clouds Microsoft Azure, Amazon AWS or Google Cloud Platform to research how the cloud can be leveraged for incident response automation. Often during an investigation you need to acquire data from a cloud environment. What we are interested in is if we can leverage serverless functions like AWS Lambda or Azure Functions to efficiently acquire and process data. The end goal is a PoC with several serverless functions that can be used for incident response cases. Together we can scope this into something managaeble for the project time period.

Cloud forensics of Docker containers on Amazon AWS.

One of the challenges of the cloud from an incident response or forensics perspective is the volatility of data. This is especially challenging for cloud environments that make use of containers such as Kubernetes/Docker. In this research we are looking for someone to investigate what options an investigator has when it comes to investigating container-based systems. Ideally at the end of the research you can answer questions related to the availability, content, and acquisition methods of containers in the cloud.

Forensic analysis of Google Workspace evidence.

Google Workspace is the suite used by many organizations around the world for email and productivity tooling. As such investigating a Google Workspace for possible misuse, insider threat or a Business Email Compromise (BEC) attack is becoming more common. The main evidence for Google Workspace is stored in Google Workspace Audit Logs. We are looking for a student that wants to create a method for forensic analysis of those logs. During the research you will have a test environment where you can simulate attacks. We want you to come up with a forensic analysis method for identifying attacks based on the available audit logs. We want to publish this research to the world, and this is your chance to participate in that effort.

Poisoning Attacks against LDP-based Federated Learning.

Federated learning is a collaborative learning infrastructure in which the data owners do not need to share raw data with one another or rely on a single trusted entity. Instead, the data owners jointly train a Machine Learning model through executing the model locally on their own data and only share the model parameters with the aggregator.
While the participants only share the updated parameters, still some private information about underlying data can be revealed from the shared parameters. To address this issue, Local Differential Privacy has been used as effective tool to protect information leakage over shared parameters in Federated Learning, say LDP-FED. However, it has not yet been investigated whether (and to what extent) the LDP-FED is resistant against data and model poisoning attacks. Also, if LDP-FED is not resistant against these attacks, how can we design a robust LDP-FL where its performance is negligibly affected by poisoning attacks.

This project aims to evaluate the resistance of the LDP-FED against poisoning attacks and to explore the possibilities of reducing the success rate of these attacks. The following papers are suggested to be studied for this work:

1. Stacey Truex, Ling Liu, Ka-Ho Chow, Mehmet Emre Gursoy, Wenqi Wei; LDP-Fed: Federated Learning with Local Differential Privacy, CoRR, 2020.

2. Mohammad Naseri, Jamie Hayes, and Emiliano De Cristofaro; Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy, CoRR, 2020.

3. Lingjuan Lyu, Han Yu, Xingjun Ma, Lichao Sun, Jun Zhao, Qiang Yan, Philip S. Yu, Privacy and Robustness in Federated Learning: Attacks and Defenses, arXiv, 2020.

4. Malhar Jere, Tyler Farnan, and Farinaz Koushanfar; A Taxonomy of Attacks on Federated Learning, IEEE Security & Privacy, 2021.

5. Xiaoyu Cao, Jinyuan Jia, Neil Zhenqiang Gong, Data Poisoning Attacks to Local Differential Privacy Protocols, CoRR, 2019.

6. Minghong Fang, Xiaoyu Cao, Jinyuan Jia, Neil Zhenqiang Gong; Local Model Poisoning Attacks to Byzantine-Robust Federated Learning, the 29th Usenix Security Symposium, 2020.

Privacy by Design in Smart Cities.

Smart city has been emerged as a new paradigm aiming to provide the citizens better facilities and quality of life in terms of transportation, healthcare, environment, entertainment, education, and energy. To this end, smart city monitors the physical world in real time and collects data from sensing devices, heterogeneous networks, and RFID devices. As the cities become smarter, the security and privacy of citizens is more and more threatened that require to be carefully addressed. Accordingly, it is in crucial importance to understand the privacy threats in smart cities such that the researchers, stakeholders, and engineers can design a privacy-friendly smart city.

This project aims to explore the existing and future privacy threats in a smart city and how they can be addressed by design.
The following papers are suggested to be studied for this work:

1. Mehdi Sookhak, Helen Tang, Ying He, F. Richard Yu; Security and Privacy of Smart Cities: A Survey, Research Issues and Challenges, IEEE Communications Surveys & Tutorials, 2019.

2. David Eckhoff, Isabel Wagner; Privacy in the Smart City-Applications, Technologies, Challenges, and Solutions, IEEE Communications Surveys & Tutorials, 2018.

3. Kuan Zhang, Jianbing Ni, Kan Yang, Xiaohui Liang, Ju Ren, and Xuemin (Sherman) Shen; Security and Privacy in Smart City Applications: Challenges and Solutions, IEEE Communications Magazine, 2017.

Privacy Preserving k-means/k-median Distributed Learning using Local Differential Privacy.

The classical clustering algorithms were designed to be implemented in central server. However, in recent years data is generally located in distributed sites in different locations. Due to privacy concerns the data owners are unwilling to share their original data to public or even to each other. Several approaches have been proposed in the literature which protects the data owners’ privacy while at the same time a clustering algorithm is shaped over protected data.
Given that the proposed solutions mainly need the presence of a trusted party, Local Differential Privacy (LDP) can be used as an effective solution that protects the data owner’s data in her local device.

This study aims to investigate the application of LDP in the distributed learning of two well-known clustering algorithms, namely k-means and k-medians, in terms of utility loss and privacy leakage. Specifically, it explores the resistance of LDP-based k-means/k-medians clustering against poisoning attacks.

The following papers are suggested to be studied for this work:

1. Maria Florina Balcan, Steven Ehrlich, Yingyu Liang; Distributed k-Means and k-Median Clustering on General Topologies, NIPS, 2013.

2. Geetha Jagannathan, Rebecca N. Wright; Privacy-Preserving Distributed k-Means Clustering over Arbitrarily Partitioned Data, ACM SIGKDD, 2005.

3. Chang Xia, Jingyu Hua, Wei Tong, Sheng Zhong; Distributed K-Means clustering guaranteeing local differential privacy, Computer & Security journal, 2020.

4. Pathum Chamikara, Mahawaga Arachchige, Peter Bertok, Ibrahim Khalil, Dongxi Liu, Seyit Camtepe, Mohammed Atiquzzaman; Local Differential Privacy for Deep Learning, IEEE Internet of Things Journal, 2020.

5. Malhar Jere, Tyler Farnan, and Farinaz Koushanfar; A Taxonomy of Attacks on Federated Learning, IEEE Security & Privacy, 2021.

Scalable Blockchain-based framework in Internet of Things (IoT).

Internet of Things (IoT) is an ever-increasing technology in which many of our daily objects are connected via Internet (or other networks) and transfer data for analysis or performing certain tasks. This property makes the IoT vulnerable to security threats needing to be addressed for building trust among clients.
Blockchain, a technology born with cryptocurrency, has shown its effectiveness and robustness against some security threats when integrated with IoT. Against its capability, the main issue of integrating blockchain with IoT is its scalability and efficiency with a large-scale network like IoT.
In this project we aim to explore the existing solutions addressing the scalability of blockchain in IoT and to investigate the possibilities of improving the existing ones by proposing new solutions.

The following papers are suggested to be studied for this work:

1. Hong-Ning Dai, Zibin Zheng, Yan Zhang; Blockchain for Internet of Things: A Survey, IEEE Internet of Things Journal, VOL. 6, NO. 5, 2019.

2. Hany F. Atlam, Muhammad Ajmal Azad, Ahmed G. Alzahrani, Gary Wills; A Review of Blockchain in Internet of Things and AI, Big Data and Cognitive Compuing MDPI, 2020.

3. Tiago M. Fernandez-Carames, Paula Fraga-Lamas; A Review on the Use of Blockchain for the Internet of Things, IEEE Access, 2020.

Deep Learning for Partial Image Encryption.

Face recognition has increasingly gained importance for a variety of applications, e.g., surveillance in public places, access control in organizations, in tagging photos in social network, and border control at airports. The widespread application of face recognition, however, raises privacy risks as the individuals’ biometric information can be used to profile and track people against their desire.
A typical solution to this problem is the application of Homomorphic Encryption, where an encrypted image is searched to be check in a list of images for a possible match. However, this solution is heavy in terms of both computation and communication costs as it requires all image’s pixels to be encrypted. This is while all the pixels of an image do not contain privacy-sensitive information.

In this project, we plan to investigate the application of Deep Learning in detecting the users’ identifiable pixels
(instead of all pixels) for partial encryption of an image.
1. Zekeriya Erkin, Martin Franz, Jorge Guajardo, Stefan Katzenbeisser, Inald Lagendijk, Tomas Toft; Privacy-Preserving Face Recognition, International Symposium on Privacy Enhancing Technologies Symposium, 2009.

2. Peiyang He, Charlie Griffin, Krzysztof Kacprzyk, Artjom Joosen, Michael Collyer, Aleksandar Shtedritski, Yuki M. Asano; Privacy-preserving Object Detection, arXive, 2021.

Deep Learning for Detecting Network Traffic Attack.

The expansion of new communication technologies and services, along with an increasing number of interconnected network devices, web users, services, and applications, contributes to making  computer networks ever larger and more complex as systems. However, network anomalies pose significant challenges to many on-line services, which their performance is highly dependent to network performance. For instance, a faulty airport network caused nine
hours delay in all of its fights in 2007. To address the issues related to network anomalies, the security solutions need to analyze, detect, and stop such attacks in real time. Although there is a significant amount of technical and scientific literature on anomaly detection methods for network traffic, still 1) a new generated (simulated) dataset that contains a wide range of network attacks (detectable through network traffic monitoring) is missing; 2) the valuable step of feature selection is often underrepresented and treated inattentively in the literature; and 3) the detection techniques suffer from considerable false error rate.

The aim of this project is to address these issues by analyzing network traffic using Deep Learning.

The following papers are suggested to be studied for this project:

1. A. Kind, M. P. Stoecklin, and X. Dimitropoulos; Histogram-based traffic anomaly detection, IEEE Transactions on Network and Service Management, vol. 6, no. 2, 2009.

2. R. Chapaneri and S. Shah; A comprehensive survey of machine learning based network intrusion detection, in Smart Intelligent Computing and Applications, S. C. Satapathy, V. Bhateja, and S. Das, Eds. Springer, 2019.

Local Differential Privacy (LDP) in Protecting the Privacy of Inter-
net of Things (IoT).

The Internet of things (IoT) include physical objects with sensors, software, some processing technologies, which connect and exchange data with other devices and systems over the Internet or other communication network. One of the main challenges in Internet of Things is the users’ privacy. While several approaches in the literature have been proposed to protect the information privacy in IoT, still a thorough analysis of the application of Local Differential Privacy (LDP) in this setting is missing. LDP offers a strong level of privacy in which the individuals perturb their data locally before sending them to the third party (named aggregator). This manes that the LDP eliminates the need of a trusted party in the middle. In this project, we aim to investigate the application of LDP in protecting the privacy of IoT data, while still the results of some statistical analyses over protected data is practically useful.

The following papers are suggested to be studied for this project:
1. Chao Li, Balaji Palanisamy; Privacy in Internet of Things: From Principles to Technologies, IEEE Internet Of Things Journal, VOL. 6, NO. 1, 2019.

2. Diego Mendez, Ioannis Papapanagiotou, Baijian Yang; Internet of Things: Survey on Security and Privacy, https://arxiv.org/pdf/1707.01879.pdf, 2017.

3. Mengmeng Yang, Lingjuan Lyu, Jun Zhao, Tianqing Zhu, Kwok-Yan Lam; Local Differential Privacy and Its Applications: A Comprehensive Survey, https://arxiv.org/pdf/2008.03686.pdf, 2015.

Game Theory Meets Privacy-preserving Distributed Learning.

Companies, organization, and even individuals find mutual benefits in sharing their own information to make better decisions or to increase their revenues. However, generally for privacy concerns the data holders are unwilling to share their own table of data but are interested in getting information from other parties’ data. Thence, it is an essential task to define a platform in which several aspects of data-sharing come under consideration and through a game theoretic approach all parties relax their privacy requirements as much as possible to have a more effective output.

In this project, we plan to define data sharing as a game in which several aspects are considered as: 1) the value of shared data (freshness, size,. . . ), 2) privacy gain (in terms of anonymization, differential privacy, etc.), 3) trust o reputation, and 4) the utility of result. The output of the game is setting the Nash Equilibrium in a way that the best balance in terms of utility and privacy is obtained.

The following papers are suggested to be studied for this project:
1. Ningning Ding, Zhixuan Fang, Jianwei Huang; Incentive Mechanism Design for Federated Learning with Multi-Dimensional Private Information, 18th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOPT), 2020.

2. Yufeng Zhan, Jie Zhang, Zicong Hong, Leijie Wu, Peng Li, Song Guo; A Survey of Incentive Mechanism Design for Federated Learning, IEEE Transactions on Emerging Topics in Computing, 2021.

3. Ningning Ding; Zhixuan Fang; Lingjie Duan; Jianwei Huang; Incentive Mechanism Design for Distributed Coded Machine Learning, IEEE Conference on Computer Communications (InfoComm), 2021.

The Output Privacy of Collaborative Classifiers’ Learning.

Privacy preserving data mining has focused on obtaining valid result when the input data is private. For example, secure multi-party computation techniques are utilized to construct a data-mining algorithm on whole distributed data, without revealing the original data. However, these approaches still might leave potential privacy breaches, e.g., by looking at the structure of a decision tree constructed on the protected shared data.

The aim of this project is to investigate how the output of a classifier constructed collaboratively over private data violates the input data privacy. We then plan to propose solutions to reduce the privacy leakage in this setting.

The following papers are suggested to be studied for this project:

1. Qi Jia, Linke Guo, Zhanpeng Jin, Yuguang Fang; Preserving Model Privacy for Machine Learning in Distributed Systems, IEEE Transactions on Parallel and Distributed Systems, 2018.

2. Reza Shokri, Marco Stronati, Congzheng Song, Vitaly Shmatikov; Membership Inference Attacks Against Machine Learning Models, IEEE Symposium on Security and Privacy, 2017.

3. Ting Wang, Ling Liu, Output Privacy in Data Mining, ACM Transactions on Database Systems, 2011.

4. Radhika Kotecha, Sanjay Garg; Preserving output-privacy in data stream classification, Progress in Artificial Intelligence, June 2017, Volume 6, Issue 2, pp 87–10.

On the Trade-off between Utility Loss and Privacy Gain in LDP-
based Distributed Learning.

Local Differential Privacy (LDP) is a notion of privacy that provides a very strong privacy guarantee by protecting confidential information on users’ sides. In this setting generally the users employ a randomization mechanism to perturb their data on their devices following the rules of a mechanism properly. The collected data when aggregated preserves some statistical properties, e.g., mean value can be computed out of perturbed data. This interesting property of LDP has lead to its wide application in many real-world scenarios. In particular, it has been used as an effective tool in privacy preserving distributed machine learning. However, a thorough analysis on finding the trade-off of between the utility loss and privacy gain on LDP-based distributed learning is missing.

In this project we plan to investigate the utility-privacy trade-offs in learning some well-known classifiers when they are trained on distributed data respecting LDP.
The following papers are suggested to be studied for this project:

1. Emre Yilmaz, Mohammad Al-Rubaie, Morris Chang; Locally Differentially Private Naive Bayes Classification, https://arxiv.org/pdf/1905.01039.pdf, 2019.

2. Mengmeng Yang, Lingjuan Lyu, Jun Zhao, Tianqing Zhu, Kwok-Yan Lam; Local Differential Privacy and Its Applications: A  Comprehensive Survey, https://arxiv.org/pdf/2008.03686.pdf, 2015.

3. Mario S. Alvim, Miguel E. Andres, Konstantinos Chatzikokolakis, Pierpaolo Degano, Catuscia Palamidessi; Differential Privacy: on the trade-off between Utility and Information Leakage, 2011.

Deep Learning for Private Text Generation.

The recent development of Deep Learning has led to its success in tasks related to text processing. In particular, Recurrent Neural Network (specifically LSTM) has served as effective tool in next-word prediction. However, the application of Deep Learning in 1) generating a text which respects some privacy constrains and 2) predicting the next word in a sentence in such a way protects confidential information is currently missing.

In this project, we plan to employ Deep Learning as a useful tool to detect the words and sentences that cause privacy violation through uniquely identifying a person (or other confidential information linked to a person) in a text and replace them with meaningful substitute words. Also, we plan to design LSTM that suggests the next-words
by considering the text privacy protection.

1. Shervin Minaee, Nal Kalchbrenner, Erik Cambria, Narjes Nikzad, Meysam Chenaghlu, Jianfeng Gao; Deep Learning–based Text Classification: A Comprehensive Review, ACM Computing Surveys, 2021.

2. Ankush Chatterjee, Umang Gupta, Manoj Kumar Chinnakotla, Radhakrishnan Srikanth, Michel Galley, Puneet Agrawal; Understanding Emotions in Text Using Deep Learning and Big Data; Computers in Human Behavior, 2019.

3. Hong Liang, Xiao Sun, Yunlei Sun & Yuan Gao; Text feature extraction based on deep learning: a review, EURASIP Journal on Wireless Communications and Networking volume, 2017.

4. Andrew Hard, Kanishka Rao, Rajiv Mathews, Swaroop Ramaswamy, Francoise Beaufays, Sean Augenstein, Hubert Eichner; Federated Learning for Mobile Keyboard Prediction, 2019.

Automatically calculate the financial footprint of an application (container) inside the (public) cloud.

Background information
Using (public) cloud resources is becoming a more popular option today1. However moving (part of) the  infrastructure/applications to a cloud environment introduces several
challenges, one of these is determining the financial footprint of said applications. Many cloud providers provide tools to determine a (rough) estimate for moving to the cloud (e.g. AWS Pricing Calculator). However much of the information to determine the cost needs to be done/entered manually into such tools. Having a tool/framework that allows automatic calculation/estimation of a (web) application would provide valuable and more accurate insight for companies that want to move to the cloud.

Problem Description
Currently it's hard to determine up front what the effective costs of an application will be inside the public cloud based static cost analysis. Effective application behaviour cannot be taken into account up front easily and could be a blocking factor for a client to migrate to the cloud or even adopt a cloud (native) strategy.

Research
Determine feasibility of developing a method/framework to automatically determine the effective financial footprint in the public cloud of an application and proof that with a Proof of Concept.

Scope suggestions and requirements on Proof of Concept implementation:
- an application is already containerized
- an application is not (yet) containerized
- input out specification is part of the framework to generate input for the application to start generating CPU cycles (inside the public cloud) and to fetch the bill from e.g. AWS after X amount of time.

https://www.gartner.com/en/newsroom/press-releases/2021-04-21-gartner-forecasts-worldw
ide-public-cloud-end-user-spending-to-grow-23-percent-in-2021

Future proofing networks: On core routing and SRv6

Post-Exploitation Defence of Git Repositories using Honey Tokens

Audio as an entropy source for true random number generation.

Bring your own Living of the Land binaries

Development of an open source malicious network traffic generator based on MITRE ATT&CK

An analysis of the security of LiFi and WiFi systems.

Misusage of vulnerable Wordpress websites by malicious actors.

Detecting NTLM relay attacks using a honeypot.

Industrial programmable logic controller automation with configuration management tools.

Implementing side channel resistance in QARMA.

Enriching IDS detection on network protocols using anomaly-based detection.

Comparison of state-of-the-art endpoint defence solutions to (partially) open-source endpoint defence

Baruwa mail security solution - is it good enough?

Investigate hidden VNC methodologies for malware

Implement lateral movement techniques in Beacon Object File (BOF) format

Does the oscillation protection mechanism of a hard disk drive provide enough vibration data to recover low-quality, audible voice data from their physical environment?

Project with SURF

Researching missing/incorrect (Linux) system calls in Qiling Framework

Performance of RSA in OpenSSL vs. libgcrypt

Research usefulness of running semgrep on pseudo C code obtained from decompilation with angr

Efficient secure neural network inference using multi-party computation

 The role of IXPs in a SCION ecosystem

Command and Control over Microsoft Teams

Secure Multiparty Computation

Measuring Route Origin Validation of authoritative name servers

Analysing a real-world malicious Network Implant

Decentralized proactive data protection in edge computing

TCP-Prague evaluation

TCP-Prague enhancement

Research user initiated tracing with low overhead

Malware Aquarium: A virtualized Infrastructure where malware resides and is being monitored

Path tracing to Increase internet transparency

Hieararchical Classiification for side-channel analysis

Persistent Fault Analysis -- attacks and countermeasures

Benefits of applying machine learning to Cilium

Efficient identification of passwords in large quantities of plaintext data