It is a pleasure for me to supervise MSc students interested to work in cybersecurity, privacy and other security related topics.
You can look at some possible thesis below or propose your ideas.
Feel free to contact me for further information.
Privacy Preserving Multi-Biometric Identification
Biometric authentication protocol able to preserve the privacy of the users can be developed by relying on secure multi-party computation protocols.
This project aims to propose advancements on the state of the art. Different possible directions can be exploited:
- Selective biometric protection: The idea is to consider selective encryption as a way to simplify the biometric protection protocols. One part of the biometric template is protected with strong cryptographic tools, while the other part is protected by using weaker security mechanisms , or left unprotected.
- Multi-biometric authentication: this topic aims to evaluate if the use of multi-biometrics can provide not only increased accuracy, but also more efficient protocols.
Privacy Preserving Drone Coordination
Autonomous drone swarm movement is of relevant importance in military scenarios, but its application requires that information are exchanged through secure channels and processed by the drones while encrypted. This prevents that an adversary capturing a drone could discover also information relative to other drones. Some solutions have been presented to deploy a decentralized coordination among drones through a privacy preserving consensus protocol.
Thesis #1:
The proposal of this thesis is to implement a privacy preserving protocol that allows a swarm of military drones to explore an area and take autonomously decisions on their next movements based on their own position, the position of other nodes and some information obtained during the exploration. Autonomous drone swarm movement is of relevant importance in military scenarios, but its application requires that information are exchanged through secure channels and processed by the drones while encrypted. This prevents that an adversary capturing a drone could discover also information relative to other drones.
"ODIN: Obfuscation-based privacy preserving consensus algorithm for Decentralized Information fusion in smart device Networks" represents an innovative solution able to guarantee the security and privacy requirements of the described scenario.
The activities of the thesis will be focused on:
adapt current ODIN implementation to run on drones
define a movement strategy for the swarm of drones
perform some test to evaluate performances on simulators and then with real drones
Thesis #2:
Drones attestation is also relevant for the security of drone activities (as well as other IoT devices). Each device must be able to verify the correct behavior of its neighbors before exchanging sensitive information. Moreover, it is important that a verifier (the owner of the drone swarm) should be able to check the current state of the devices.
In current protocols the verifier connects to a device and through it shares attestation requests to the whole network and collects the reply. This project aims to provide each device (drone) a continuous knowledge of the status of the whole network so that at any moment the verifier can obtain immediate feedback with a quick interaction with any drone.
The activities of the the thesis will be focused on:
improve current swarm attestation protocols
consider different device typologies in swarm attestation
test performances on simulators and then with real drones
APT Malware Signal Processing
The thesis aims at using tools designed for image classification to APT malware analysis. The challenge is representing the malware as an image that exploit both horizontal anc vertical correlation, similarly to real images
Swarm Attestation
We are working on PADS, an efficient, practical, and secure protocol for attesting potentially large and highly dynamic networks of resource-constrained autonomous devices. PADS overcomes the limitations of previous works in the literature on collective attestation; it uses the recently proposed concept of self attestation, and turns the collective attestation problem into a minimum consensus one. We have evaluated the performance of PADS via realistic simulations, in terms of devices capabilities and communication protocol, confirming both the practicality and efficiency of PADS.
Thesis can explore following directions:
Reduce the complexity of the protocol in terms of both communication and required processing for devices
Explore the use of Bloom Filters as a way to reduce the size of the payload
Adopting more intelligent techniques to selectively pick messages to use for consensus
Modify the protocol to manage nodes joining (or leaving) the network after the initial setup
Hybrid dynamic-static attestation
Swarm attestation in Fog computing
Security in Future Internet Technologies
AR/VR security
Extended Reality opens several security and privacy problems.
Several different directions can be exploited:
Virtual meeting leakage (inferring private information about participants)
VR device - user authentication
Virtual meeting participant analysis (sentiment analysis through avatar analysis)
VR attestation
Real ambient reconstruction
Private interaction between participants