Skip to end of metadata
Go to start of metadata

Summary

AG1: Security challenges in the industrial Internet

Tutor: Andrei Gurtov

The next industrial revolution is foreseen to happen with the Industrial Internet that combines massive data collected by industrial sensors with data analysis for improving the efficiency of operations. Collecting, pre-processing, storing and analyzing such real-time data is a complex task with stringent demands on communication quality of service and security. The student involved in this topic is expected to study the communication requirements and propose a secure communication architecture for Industrial Internet based on Virtual Private LAN Services, 5G wireless networking, Software Defined Machines and watermarking of digital sensor data.

References

AG2: Advanced Persistent Threats: Attack Escalation Paths

Tutor: Andrei Gurtov

APT is a class of attacks that are often performed by government-backed hacker groups against high-value targets such as nuclear production sites or government services. The best known example of such attacks is Stuxnet. Lately, there has been a growing number of APT attacks with wider availability of toolkits such as Blackenergy. The goal of this task is to study the state-of-the-art in the APT detection ways and the ways which attackers could stealthy use to elevate their capabilities in the victim system after establishing an initial bridgehead.

References

AL1: Rapid web development for research with Meteor

Tutor: Andrey Lukyanenko

Meteor is a new tool for rapid web development that allows to write server/client sides of the web application (in JavaScript) and use local database for writing/fetching data. The database updates and changes to the webpage view come automatically. The tools starts to be a popular method for fast development of demos and proof-of-concepts in academia. The student involved in this topic needs to study the Meteor tool and analyze its properties. The study should not be any implementation of webpage, demonstration of sample applications or tutorial; it should rather cover topics related to performance, caveats, and learning curve.

References

AM1: Privacy in social networking services

Tutor: Aqdas Malik

Increasing number of internet users are using social networking services (SNS). The rise in SNS usage and acceptance has led to an overwhelming increase in the information and content revealed and shared by SNS users with known as well as unknown contacts. Various aspects of users' privacy and security (e.g., privacy concerns, privacy attitudes, privacy policies, privacy awareness, and privacy-seeking measures) on these platforms is one of the highly active research themes. The student involved in this seminar topic is expected to conduct a systemic review of the scholarly literature and summarize the findings of empirical investigations on privacy-related research specifically focusing on various SNS. Moreover, based on the review potential research gaps should be identified, and directions for future research should also be proposed.

References

HI1: Information-centric delay-tolerant networks

Tutor: Hasan Islam

Information-Centric Networking (ICN) introduces a paradigm shift from a host-centric to a information-centric communication model for future Internet architectures. It supports the retrieval of a particular content without any reference to its physical location. Intermittently connected mobile environments or disruptive networks present a significant challenge to ICN deployment. Several research efforts have explored exploiting ICN principle in such environments. The student involved in this topic is expected to survey different approaches for an information-centric architecture in DTN environments. Ambitious students should aim to identify potential gaps in the current state of the art and propose an appropriate routing on top of Information centric DTN architecture. There is also the possibility of conducting some 

References

HI2: Information-centric mobile ad hoc networks

Tutor: Hasan Islam

Rapid developments and technological advances have enriched the mobile technology with a variety of embedded sensors, such as GPS, camera, and digital compass. Now, users can create their own content and share those contents with other people through social networks. Therefore, the vast majority of Internet usage is dominated by the content distribution and retrieval with a large amount of digital content. However, mobile devices require a fixed infrastructure and do not work as  mobile ad-hoc networks (MANETs) characterized by large delays or disruptions. Furthermore, these devices do not support the emerging communications needed when the location of information publishers and consumers is unknown (e.g., information-centric communication models). Several research efforts have explored exploiting the ICN principle in such environments. The student involved in this seminar topic is expected to survey different approaches for information-centric architectures in MANETs and to provide a comparative analysis among those approaches.

References

JD1: Image-based localization on smartphones

Tutor: Jiang Dong

Image-based localization allows users to locate themselves by taking photos from where they are. Even though this technique has been widely used in robotics, it is still not employed on smartphones. The student involved in this topic is expected to survey the state-of-art image based localization techniques. For instance, what is the cornerstone of image-based localization? How to improve the localization performance from the perspective of accuracy and response delay? The student also needs to analyze the barriers that block the mobile users to employ this technique on their smartphone. Finally, the student is encouraged to propose some solutions accordingly.

References

JD2: A study of crowdsourced photos

Tutor: Jiang Dong

Millions of photos are being uploaded to Internet photo sharing sites such as Flickr and Instagram every day. This brings new opportunities of utilizing these crowdsourced photos to provide different services. The student involved in this topic should first survey the usefulness of crowdsourced photos. For instance, what kind of services can be provided with the help of crowdsourced photos? Are these photos enough to provide a good service? The student can further download a real photo set from the Internet and analyze it for the purpose of providing a specific service.

References

JL1: Membership test in deduplication storage

Tutor: Jian Liu

Deduplication is a key technique to save space in both cloud storage and enterprise backup systems. It removes redundant data segments and consequently stores a single copy of each segment. As high throughput (typically over 100 MB/s) is a requirement for cloud/enterprise storage, identifying duplicate data segments at this rate becomes a significant challenge, because the index of the stored segments can be too large fit the RAM. The goal of this seminar paper is to survey the current technologies for membership test in deduplication storage. The student involved in this topic should start from the two seminal papers below and survey all the related papers until now. The seminar paper should include two parts: data structures for membership test (e.g., bloom filter and cuckoo hashing) and systems for storage deduplication.

References

JL2: Differentially private systems

Tutor: Jian Liu

Differential privacy is a notion based on the principle that the output of a computation should not allow inference about the presence or absence of any record from the computations's input. It is a key standard for designing a privacy-preserving systems. The goal of this seminal paper is to understand the concept of differential privacy and learn how to design systems that provides such privacy guarantees. The final seminar paper should include two parts: a comprehensive description of differential privacy and case studies for several differentially private systems.

References

KH1: New non-volatile memory technologies and in-memory processing

Tutor: Keijo Heljanko

New non-volatile memory technologies such as the recently announced Micron/Intel 3D XPoint promise 1000x speed and endurance improvement over traditional Flash memory, while being 10x more dense than traditional DRAM. The aim of this seminar topic is to survey the implications of such a new memory technology entering the market. What are the potential implications of increased speed of non-volatile memory: Does is change the way how databases are designed? Does it make embedded devices more power efficient? What are the expected main uses for this new class of memory and how does it change the way how computers and embedded devices are built and programmed?

References

KH2: Cloud datastores and distributed transaction support

Tutor: Keijo Heljanko

Cloud computing has risen as a new framework for doing highly scalable web based applications. One of the central building blocks are new database technologies developed to implement massively parallel database systems, called cloud datastores aka NoSQL databases. One of the main challenges in modern NoSQL databases is the lack of support for distributed ACID like transactions that are needed for things such as financial transactions. The task of this topic is to survey new approaches for implementing ACID transactions in cloud datastores.

References

KH3: Eventual consistency in NoSQL databases

Tutor: Keijo Heljanko

Eventual consistency is a technique to improve performance and availability of distributed NoSQL database systems. When network partitioning occurs in the distributed database systems then to ensure the availability the subset of database servers needs to accept the data updates. This implies that when network becomes available then the data can be inconsistent on different database servers. The eventual consistency solutions provide the way for merging the data and ensuring a consistent updated view on all the database servers. Conflict-free Replicated Data Types (CRDTs) are emerging as the popular solution for reaching eventual consistency. The student involved in this topic is expected to study CRDTs in detail, evaluate some of their use cases, and discuss their limitations.

References

KK1: Software engineering techniques towards energy efficient computing

Tutor: Kashif Nizam Khan

Energy efficiency in computing is extensively studied both in academia and in industry. Hardware vendors have introduced several new techniques to provide energy efficiency in workstations and server grade systems such as  Dynamic voltage and frequency scaling (DVFS), Big-little core architectures as well as tools like RAPL to monitor the power draw of the processors and the DRAM. We want to investigate the energy efficiency from software engineering or application development point of view. We intend to survey the techniques that programming languages/compilers offer us to utilize the hardware more energy efficiently and produce energy efficient algorithms or applications.

References

  

ML1: The past of various TCP implementations and their future

Tutor: Ming Li

The Internet has revolutionized the ways of our communications as nothing before. The student involved in this topic needs to investigate the evolution of the Internet from the perspective of TCP implementations, such as Reno, newReno, Cubic, HSTCP and so on. Specifically, the student should find out which TCP algorithms are implemented in Linux (hints: about 12 in Ubuntu 14.04) and what are their main features (e.g., design purposes, usage scenarios, advantages/disadvantages compared to others, popularity on the Internet on recent years). An open question remains: what is the potential TCP evolution in the future?

References

MM1: Frameworks for modeling Extraction Transform Load (ETL) processes

Tutor: Manik Madhikermi

Data warehouses are collection of data coming from different sources and mostly used for data analysis for the decision support or decision making process of organizations. To populate a data warehouse with up-to-date records that are extracted from sources, special tools called Extraction Transform Load (ETL) are used to organize complex data workflows. During the building phase, the most important and complex task is to achieve the conceptual modeling of the ETL processes. The student involved in this topic is expected to identify tools (or frameworks) that support modeling ETL Process and discuss their pros and cons.

References

MS1: Analysis of techniques and tools for automated mobile app testing

Tutor: Matti Siekkinen

There are many mobile app testing tools and services currently available for app developers. The objective of this work is to analyze the techniques used and features offered by these tools and to perform a comparative analysis highlighting their pros and cons. The outcome should describe the state of the art of automated mobile app testing and point out the limitations and open problems with current tools.

References

ON1: Heterogeneity in the Internet of Things

Tutor: Oscar Novo (Ericsson)

The Internet of Things (IoT) has been recently become a trend among multiple industries. Many new operating systems for constrained devices, wireless personal area networks (PANs) and new hardware have been developed during the last few years. As a consequence, the IoT has created a heterogeneous market of devices interoperating in different contexts. The student involved in this topic is expected to compare the different IoT devices in a comprehensive way and analyze them according to their features: supported PANs, operating systems, energy consumption, CPU, device size, number and type of actuators supported, prototyping and supported protocols (CoAP, LWM2M, IPv6, and so on). The student should also overview the features of IoT sensors and suggest the best candidates for some IoT vertical markets such as home automation, smart lighting, logistics or smart meters.

References

PK1: Toward database-assisted spectrum access

Tutor: Pranvera Kortoçi

Multimedia content represents more than 50% of the mobile traffic. Such a high demand from end users to access the scarce availability of radiofrequency (RF) spectrum is increasing rapidly. To date, the RF spectrum is accessed either under a license or not. The term dynamic shared access denotes the scenario of sharing the RF spectrum between licensed and unlicensed users, while preserving the priority rights of the licensees. Unlicensed users opportunistically access the RF spectrum whenever a free frequency range is detected in terms of time, frequency, or geo-location. Database-assisted spectrum access is a possible way of achieving such an opportunistic access. The student involved in this topic is expected to gain an in-depth knowledge about the approaches to derive the RF spectrum availability, along with a qualitative and/or quantitative comparison of such approaches.

References

RB1: Proximity services using device-to-device communication

Tutor: Ravishankar Borgaonkar

As LTE Advanced is evolving, it is opening new frontiers for Device-to-Device (D2D) communication and proximity services (Prose). LTE D2D allows devices to communicate and provide services within a proximity radius of 500 m, unlike in existing Bluetooth, NFC, and WiFi technologies. Qualcomm has recently introduced LTE Direct to enable mobile subscribers to employ proximity services using D2D communication. The new features of this technologies are privacy sensitive and allow battery-efficient discovery of thousands of devices and services. The platform also enables new services for mobile network operators such as national security and public safely. The student involved in this topic is expected to: provide a detailed overview of proximity services using D2D communication; compare them with existing D2D communication technologies from the privacy perspective; analyze potential privacy issues from the point of view of the end users.

References

SL1: Evaluation of fog computing

Tutor: Sakari Lukkainen

Mobile-Edge Computing (MEC) enables to incorporate cloud-computing based IT service environment at the edge of the mobile network. This solution provides low latency and high bandwidth as well as access to radio network information that can be used in various novel applications. MEC platform forms a new ecosystem and value chain, while operators can open their network to apps developers by allowing them to create value to vertical business segments. IoT is one of the most promising application area for MEC platform. Additionally fog computing refers to distributed computing of IoT data at the network edge. The goal of this study is to evaluate technical performance and business prospects of IoT applications using the MEC platform.

References

SM1: Security solutions for the Internet of Things

Tutor: Samuel Marchal

While being used for several years, the Internet of Things (IoT) suddenly became highly popular and increasingly employed. This technology allows to connect, communicate with and remotely manage automated devices through the Internet. With this increasing use of IoT for applications such as cars, pacemakers or in nuclear plants, the security of IoT is associated with safety and becomes paramount. However, IoT security is subjected to some constraints since devices implementing such have limited performance, computational power, memory, energy budget, and so on. Hence, designing security solutions in an IoT context becomes even more challenging. The student involved in this seminar topic is expected to review and compare the currently implemented security solutions proposed for IoT context and to identify their strength and weaknesses.

References

SS1: Can Johnny encrypt today?

Tutor: Sanna Suoranta

Alma Whitten and J.D. Tygar published an article "Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0" in 1999; Anne Adams and Angela Sasse published an article "Users are not the enemy" in the same year. These "classics" woke up security researchers for thinking about users in addition to the technology and mathematics. Users are often considered to be the weakest link, but how security solutions could help them? The student involved in this topic is expected to check what security topics have been lated covered in HCI (human-computer interaction) research area by mainly focusing on areas of security other than privacy.

References

SS2: Role-based access control

Tutor: Sanna Suoranta

Traditionally, access control has been based on the resources and who can access them. Role-based access control (RBAC) manages access control differently: it works well for companies where staff has roles, and permissions to make actions are given based on these roles. It has many implementations and several variations, and many researchers have suggested all kinds of improvements for it. What is the basic functionality of it and what are the main improvements? The student involved in this topic is expected to review the basics of RBACs, its extensions, and the scenarios in which it is employed.

References

ST1: Real-time kernel protection

Tutor: Sandeep Tamrakar

Hardening the operating system (OS) kernel has been a challenging tasks in OS security. Exploits that target OS kernel, allowing to access sensitive data and escalate privileges,  continue to thrive. At the same time, many techniques have been proposed to harden the OS kernel including using virtualization, split kernels, AddressSanitizer and so on. The student involved in this topic is expected to review the OS hardening techniques that are more suitable for ARM-based processors.

References

TB1: Password managers and security

Tutor: Thanh Bui

The increasing demand for strong passwords is encouraging the use of password management applications. These applications allow users to conveniently and securely create, store and access their passwords. There are a number of password management applications available at the moment, such as F-secure Key, LastPass, and KeePassX. The student involved in this seminar topic is expected to understand and analyze such applications from a security perspective as well as to compare them with encrypted cloud-based storage services, such as BoxCryptor, CloudFogger, and Wuala.

References

VL1: Interference detection by analyzing traffic traces

Tutor: Vilen Looga

Detecting and mitigating interference is an important area of research in Wireless Sensor Networks (WSN). The radio interface is the largest consumer of energy in a WSN mote and any interference that causes the packets to be re-sent, drastically increases the energy spent. Interference detection has been done by using neural networks to analyze MAC-layer frames. However, we are interested in finding out whether it is possible to detect and categorize interference by analyzing network packet traces. This paper includes a practical part, where the student will collect and analyze traffic traces from WSN nodes.

References

YM1: Digital contracts in the Telco context with Ethereum

Tutor: Yoan Miche

Ethereum is a project which attempts to build a generic technology for a decentralized platform that runs smart contracts through cryptographically secure, transaction-based state machines. More specifically, Ethereum is the first implementation of blockchain-based virtual machines that allow to create any digital contract between parties. The applications of this technology are diverse; a possible use involves the classical operations that happen in a Telco infrastructure in terms of user authentication and authorization. The student involved in this topic is expected to review the theory behind Ethereum (and digital contracts in general) so as to evaluate the possible benefits of running such operations over a blockchain.

References

YX1: Incentive mechanisms for mobile crowdsensing

Tutor: Yu Xiao

The term "crowdsensing" refers to individuals with sensing and computing devices collectively sharing information to measure and map phenomena of common interest. The sensing and computing devices may include, for example, smartphones, smartwatches, sensor-embedded gaming systems, and in-vehicle sensor devices. Crowdsensing has been used for measuring the natural environment (e.g.  air pollution, wildfire habitats), the public infrastructure (e.g. traffic congestion), and the social life of individuals. Mobile data collection consumes resources such as battery and bandwidth, and exposes the device owners to potential privacy and security threats. For example, most crowdsensing applications collect data from individuals which can be used for the identification of those individuals. Therefore, device owners would be reluctant to report their data unless they gain rewards for participating in data collection. On the other hand, the quality of crowdsensing-based services very much depends on the quality of the collected data. The student involved in this seminar topic is expected to review the incentive approaches proposed in the literature, focusing on how these approaches solve the aforementioned challenges. The challenges that remain unsolved should also be discussed. 

References

YX2: Crowd behavior analysis technology

Tutor: Yu Xiao

With crowd behavior analysis, people are analyzed as groups. Crowd behavior understands the coordinated movement of a group of people to which a semantically relevant meaning can be attributed, depending on the respective application. Crowd behavior analysis can provide guidelines for the design of public spaces and services, help avoid crowd-related disasters, and so on. The crowd and its behavior can be recognized from distributed sensors, such as the smartphones carried by people and the surveillance cameras in public spaces. For example, NEC published world's first video analysis technology to avert risks that rise in crowded environments. The student involved in this seminar topic is expected to review the state-of-the-art of crowd behavior analysis techniques, focusing on how the crowd is detected and how the crowd behavior is recognized from the input data. The unsolved issues and potential solutions should also been discussed. 

References

ZO2: Simulation tools for wireless sensor networks

Tutor: Zhonghong Ou

Nowadays Wireless Sensor Networks (WSNs) play a pivotal role in the Internet of Things. However, building a WSN testbed is often costly, and running real experiments is always time-consuming. Therefore, simulation tools are very important for WSN development. With its help, protocols, algorithms, or even new applications can be validated or evaluated in a large scale, which is more economic and efficient than running them in a testbed. Several simulation tools are currently available for WSNs. The task of the student is to choose one of them as an example to make a deeper understanding of what are its internal mechanisms and how it works in practice. As part of the task, the student is also expected to run some experiments and investigate the resource utilization, including CPU and memory, simulation time, or any other indicators for performance evaluation purposes.

References

 

  • No labels