We will offer research projects in the following areas.
Mobile cloud security
Mobile device security
Mobile social network security
Here are a few samples on the types of research projects available. Participants will work in small groups of 2-3 students to complete a project. Please note that actual projects will be tailored to the skill level and interest of the participants.
Moving-target Defense in Mobile Cloud by Learning from Botnets.In this project, we approach the challenging problem of securing mobile clouds from a unique angle: we design and implement a moving-target defense (MTD) framework for mobile clouds by learning from the evolution of malicious botnets. In this project, the students will acquire conceptual understanding of mobile cloud architectures as well as technical knowledge of implementing heterogeneous VM migration and secure dynamic group communication protocols.
Mobile Cloud Security Events Visualization. Visualization, which appeals to human cognitive abilities for absorbing and processing complex information,is a promising approach for comprehending the tremendous amount of data generated from security events on the scale of mobile clouds. Visualizing cloud security events is an emerging topic in both visualization and security research communities. In this project, students are expected to design and implement effective and scalable visualization tools that will help security analysts discover and understand mobile cloud security events.
Active User Authentication for Smartphones.People use smartphones to pay bills, balance accounts, and store all sorts of documents they used to keep in locked safe. The sensitive information stored on smartphones has made them valuable assets for their owners. To prevent such assets from theft, use of smartphones need to be restricted to authenticated users. In this project, students will design and implement biometric-based active authentication on smartphones.
Exploiting Temporal Dynamics for Mitigating Smartphone Malware.In this project, we focus on a specific but challenging smartphone security problem: mitigating epidemic smartphone malware. Without proper protection, smartphones can be abused for surveiling their owners and, like in the case of Stuxnet worm, penetrating otherwise secured perimeters of critical infrastructures. In this project, students will start by modeling malware propagation, and then design and implement two malware mitigation applications.
Improving Mobile Social Network Security and Privacy using a Novel Framework for Subgraph Sampling.A common practice in protecting social network privacy is anonymization, i.e., removing plainly identifying labels such as names, social security numbers, postal or e-mail addresses, but retaining the network structure. However, it has been demonstrated that such naive anonymization is insufficient for protecting anonymized social networks from being re-identified. The research objective of this project is to investigate the protection of social network data privacy through a heuristic indistinguishable group anonymization algorithm, which makes nodes in the social networks probabilistically indistinguishable, based on subgraph mining. In this project, students will design and implement a real-time interactive graph mining system based on the proposed methodology. The students will use the system they developed to interactively analyze large social network data.
Mobile Forensics.The goal of this research project is to help IT professionals detect, catch, and prosecute cyber-stalkers and predators by methodically gathering necessary evidence, and to further improve the security of information.Students will utilize mobile and network forensics procedures and tools to enhance the investigaton and security of devices in fields such as healthcare, government, and private sector businesses.
Purdue School of Engineering & Technology social media channels