Student Projects

In this page you can find our offering for semester projects. Students who are interested to do a project are are encouraged to have a look at the Thesis & Project Guidelines from the MLO lab, where you fill gain understanding about what can be expected us and what we expect from students.

Available MSc, BSc and PhD Semester Projects

Last Update 4th May 2018

Adversarial machine learning for privacy

Machine learning techniques have become widely used in privacy-invasive applications, like website traffic fingerprinting, facilitation of video and audio surveillance, inference of private attributes from seemingly non-sensitive information (e.g., Cambridge Analytica case). We investigate the potential of exploiting inherent deficiencies in machine learning models to protect private information.

At SPRING Lab, we have designed an algorithm for constructing adversarial samples in discrete domains (e.g. network traffic traces, text) to apply as a privacy-preserving information release mechanism that ensures provable security guarantees.

In this project we apply the technique in various privacy-sensitive contexts: de-anonymization of Tor network traffic (website fingerprinting), author re-identification based on writing style (stylometry), and inference of private attributes from natural language text.

Required skills:

Basic understanding of supervised machine learning

Knowledge of graph search algorithms (A*) or other discrete optimization techniques

Knowledge of network traffic analysis (Tor traffic fingerprinting) or natural language analysis (deep learning-based NLP) is welcome.

Good programming skills (Python)

Applying to this project:

This semester project is aimed at two BSc/MSc students. For applying please send your grades and CV to Bogdan Kulynych.

Zero-knowledge proofs for machine learning

Abuse is a big concern for privacy-preserving systems that support communication between people. For example, end-to-end encrypted email can not be scanned for spam content by intermediate email servers, leaving the burden of dealing with spam email to user-side applications.

In this project we investigate the practicality of zero-knowledge arguments of knowledge for proving that the plaintext corresponding to a given ciphertext has not been classified as malicious by a given classifier known to both sender and receiver of the encrypted data.

Required skills:

Good programming skills (Python)

Knowledge of cryptography, particularly elliptic-curve cryptography is welcome

Basic knowledge of supervised machine learning (linear regression, SVM, artificial neural networks) is welcome

Applying to this project:

This semester project is aimed at one MSc/PhD student. For applying please send your grades and CV to Bogdan Kulynych and Wouter Lueks.

Lighter and stronger anonymous communications

Tor is a well-known and widely deployed anonymous communication network. However, Tor is not perfect. Its design choices of being low-latency and low-overhead to allow users to surf the web, an adversary observing both entry and exit nodes of the network can deanonymize users.

Researchers have been proposing alternative designs making different trade-offs to guarantee anonymity even against powerful adversaries. However, these designs require the creation and deployment of a completely new anonymous communication infrastructure. So, while these designs offer undeniably better anonymity, they cannot be used in the near future, simply because the required infrastructure is not available.

In this project we take a different approach. We focus on scenarios with different threat model and requirements than the original Tor network and we aim at improving the privacy properties of the system with a minimal amount of changes on the infrastructure.

Required skills:

Good programming skills (C for hacking the Tor client if necessary, Python or Go for the experiments)
Some cryptography background (experience with cryptographic libraries and cryptographic implementations are a plus)

Applying to this project:

This semester project is aimed at one BSc/MSc student. For applying please send your grades and CV to Wouter Lueks.

Privacy-friendly gamification of class-room tools

Teachers and researchers like to use in-class tools such as quizzes to illustrate concepts, to highlight problem areas, to help students learn vocabulary, and to study student performance. While the functionality of the tools is often relatively simple, these tools collect large amounts of data about students. This data collection is not only privacy-invasive, but has recently become a reason for not using these tools in the first place.

The SPRING lab has been working on constructing privacy-friendly class-room tools, and in-class quizzes in particular, that collect data from students anonymously. To protect students’ privacy, we collect statistics anonymously — without being able to link results to students. Moreover, to get even better privacy guarantees, we make it impossible to link a student’s result between sessions.

However, these strong privacy guarantees reduce the utility of the system. Teachers and researchers have long since recognized the benefit of applying gamification to keep students engaged and challenged. A common gamification technique is to compare the students’ current performance to either their own past performance, or to that of the other students. Yet, our privacy-friendly mechanisms make comparisons impossible, thus precluding the use of gamification.

In this project we explore if we can offer privacy-friendly gamification techniques. This is not always possible. For example, a straightforward leader board that shows the performance of each student will allow anonymous test results to be linked to real students. The challenge of this project is therefore two-fold: (1) design gamification techniques that do not inherently weaken student’s privacy, and (2) instantiating these designs in practice using cryptographic techniques.

Required skills:

Knowledge of basic statistics and probability theory.
Good programming skills
Some cryptography background (experience with cryptographic libraries and cryptographic implementations are a plus)

Applying to this project:

This semester project is aimed at one MSc/PhD (possibly BSc) student. For applying please send your grades and CV to Wouter Lueks.

Blockchain-based transparency in privacy-critical contexts

Auditable transparency logs are used to ensure that a server or a party that stores some data and responds to queries about the data, does not answer queries in a non-truthful way. Certificate Transparency is a real-world example where such logs are used to verify that HTTPS Certificate Authorities provide correct certificates for websites.

The SPRING Lab has been working on a blockchain-based data structure called ClaimChain. It allows to build transparency logs that ensure that parties cannot lie when answering queries about some data, while at the same time allowing to keep the data private.

In this project we use this construction for two applications: first, a transparent directory authority for Tor, a centralized service that lists nodes participating in the Tor network; and second, privacy-preserving transparency logs for participants in a credit payment network, like Ripple.

Required skills:

Good programming skills (Python)

Familiarity with Tor or credit networks is welcome

Applying to this project:

This semester project is aimed at one BSc/MSc/PhD student. For applying please send your grades and CV to Bogdan Kulynych.