CS-E4000_aalto-CUR-166558-3087265: Available topics

AZ1: A survey on participant selection for mobile crowdsensing

Tutor: Aziza Zhanabatyrova (zhanabatyrova.aziza@aalto.fi)

One of the challenges is to select a minimal set of participants from a large crowd of users that perform data collection to provide sufficient coverage while avoiding unnecessary resource consumption.

References:

https://ieeexplore.ieee.org/abstract/document/8528425?casa_token=7xKdXreGtt0AAAAA:aoMxwAptfyODQ0YlbKCoXkTn8wYykQJDPuasdfQrngIBSxb7fY0MKh_jCRCdMAAIR3u_WcOkOpE
https://ieeexplore.ieee.org/abstract/document/8565929?casa_token=eWeZC_pMnskAAAAA:T2EMNaCPWfnxvSWX0ikb--dHnl9JmIvTnBLibMD-tH46Pp1XUE3MdJmA9ujdQWt18r3FJppTTe4

AZ2: A survey on context aware participant selection for mobile crowdsensing

Tutor: Aziza Zhanabatyrova (zhanabatyrova.aziza@aalto.fi)

One of the challenges is to select a minimal set of participants from a large crowd of users that perform data collection to provide a sufficient coverage while avoiding unnecessary resource consumption. The context of participants may describe the participant’s status(running, walking, etc) and the surrounding environment (park, home, etc) and can help to match participants more precisely. In this survey, we are interested in various sensor data describing the context, especially visual sensors.

References:

https://link.springer.com/content/pdf/10.1007/s11390-018-1855-y.pdf?pdf=button
https://ieeexplore.ieee.org/abstract/document/7384304?casa_token=p9gFdmiDDnoAAAAA:SDeyBZrkt-Eze73n9RiilL6vmnDkk2E2DRLpzDXHrPQFMTbyG0jl9EF4n1TKF0sJT02oKDyUxE4

AZ3: Challenges behind large scale Structure from Motion Mapping

Tutor: Aziza Zhanabatyrova (zhanabatyrova.aziza@aalto.fi)

Structure from Motion achieves a great success in 3D reconstruction. However, this method still faces challenges on a larger (city) scale. In this task a student should make a survey on papers that discuss or address such challenges. We are especially interested in urban (street-view) mapping.

References:

https://www.sciencedirect.com/science/article/pii/S003132032030340X?casa_token=ZULgqu0zrVkAAAAA:Z7ceOo6qoFTOtcuF3VygR5Vd90amhxrbymVCipeMqAVn1qqAzNLZ6x0Pd87o779hcePRS4beDzs
https://www.sciencedirect.com/science/article/pii/S0924271619301893?casa_token=pFTb_zv69FgAAAAA:6au7IacS68oFtXC6G-eWbiirS6vYYtO409NxtHMFj6DO7rX47yMieLsh1ByCG5WLDBnfwyASu6A

AB: Likelihood-free model selection

Tutor: Ayush Bharti (ayush.bharti@aalto.fi)

Model selection or comparison entails picking the best fitting model from a set of candidate models. This process involves inferring parameters of the given models based on data via the likelihood function. However, for many models in engineering and physical sciences domains, the likelihood function is unavailable. Many methods have been proposed in the literature to address this issue. In this project, you will review the existing literature on likelihood-free model selection methods.

References:

https://arxiv.org/pdf/1503.07689.pd

AM: Machine learning the dynamics of noisy qubits

Tutor: Arshpreet Maan (arshpreet.maan@aalto.fi)

Classical neural networks have been shown to be capable of learning the dynamics of quantum systems[1]. One such quantum system is a quantum computer. However, errors are easily induced in quantum computations due to the computer’s interaction with the environment. The purpose of this project is to perform the literature review on machine learning the dynamics of qubits (quantum bits)[2] under the influence of the environment using open quantum system simulation software [3].

References:

https://physics.aps.org/articles/v12/74?
https://arxiv.org/abs/2011.14046
https://arxiv.org/abs/2112.10526

AG: Endurable and compliant artificial intelligent systems through MLOps

Tutor: Ana Paula Gonzalez Torres (ana.gonzaleztorres@aalto.fi)

Towards RegOps, study MLOps - especially in the area of medical devices and drug trials - to understand how to employ MLOps with the goal of developing more endurable and compliant artificial intelligent systems.

References:

https://ml-ops.org
https://github.com/oegedijk/explainerdashboard
https://github.com/slundberg/shap
Ruf, P., Madan, M., Reich, C. & Ould-Abdeslam, D. (2021). Demystifying MLOps and Pre- senting a Recipe for the Selection of Open-Source Tools. Applied Sciences, 11(8861).
Ranawana, R. & Karunananda, A. S. (2021). An Agile Software Development Life Cycle Model for Machine Learning Application Development, 5th International Conference on Ar- tificial Intelligence, doi:10.1109/SLAAI-ICAI54477.2021.9664736.
Granlund, T. & Vedenpää, J. (2020). RegOps-diving into the dilemma of agile software devel- opment in regulated industry. [Online] https://www.solita.fi/en/blogs/regops-diving-into-the- dilemma-of-agile-software-development-in-regulated-industry/

AP: Quantum Natural Language Processing (Customized topic, do not select)

Tutor: Alexandru Paler (alexandru.paler@aalto.fi)

Student: Ioana Moflic

The goal of the project is to look into the training of a quantum neural network to generate (country) songs. Initial quantum natural language processing results were generated with the ZX calculus (see references). The literature is quite sparse and it would be very helpful to review classical natural language processing and check which concepts are practically translatable into the quantum real, where practicality is related to the architecture of the models, the performance of the quantum circuit simulators (e.g. in PennyLane) and the size of the data to be learned.

References:

https://arxiv.org/abs/2012.03755
https://pennylane.ai/blog/2022/12/pennylane-v028-released/
Preliminary results are available at https://github.com/oumjunior/Qountry-songs

AY1: Microservices - when and how to use them

Tutor: Antti Ylä-Jääski (antti.yla-jaaski@aalto.fi)

Microservice architecture is a modern approach to software system design in which the functionality of the system is divided into small independent units. Microservice systems differ from a more traditional monolithic system in many ways some of which are unexpected. A cost of a migration from a monolithic system to a system based on microservices is often substantial so this decision needs to be carefully evaluated. Microservices have become very popular in recent years. An increasing number of companies (e.g., Amazon, Netflix, LinkedIn) are moving towards dismantling their existing monolithic applications in favor of distributed microservice systems. As with any big software project, migrating to a microservice architecture often requires considerable investment. In this project work, you will discuss the benefits and drawbacks of adopting microservice architecture in comparison to monolithic architecture. Depending on your interests, possible viewpoints to this generic topic are also for example security challenges, scalability, serverless computing, service mesh, big data platforms, etc.

References:

Pooyan Jamshidi, Claus Pahl, Nabor C. Mendon.a, James Lewis, and KStefan Tilkov. Microservices: The journey so far and challenges ahead. IEEE SOFTWARE, 35(3):24 – 35, 2018.
Nicola Dragoni, Saverio Giallorenzo, Alberto Lluch Lafuente, Manuel Mazzara, Fabrizio Montesi, Ruslan Mustafin, and Larisa Safina. Microservices: Yesterday, Today, and Tomorrow, pages 195–216. Springer International Publishing, Cham, 2017.

AY2: Energy saving capabilities of Kubernetes

Tutor: Antti Ylä-Jääski (antti.yla-jaaski@aalto.fi)

Cloud computing provides unparalleled benefits of efficiency, flexibility, and cost savings. It has enabled new business models like Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) that leverage ubiquitous access to data center facilities. According to a 2019 report of the International Energy Agency, data centers consume approximately 200 TWh of electricity, or nearly 1% of global electricity demand [1]. It is expected that the energy consumption of data centers will rise to 2967 TWh in 2030 which further increases CO2 emissions [2]. The energy use of mobile operators is distributed between radio, core, and back-office data centers so that more than 73% of energy is consumed in the radio network. However, due to the transition of radio network into the cloud (through virtualization and cloudification of the RAN elements), the energy efficiency of the cloud computing becomes stressed.

Kubernetes container management system has become the de-facto means to manage virtualized workloads. Kubernetes provides significant improvements in server utilization through scheduling workloads to servers matching the computational need staking into account performance and energy efficiency tradeoffs and power usage effectiveness. The purpose of the study is to survey the recent extensions for Kubernetes to address energy efficiency through workload scheduling and server consolidation [3,4,5,6,7]. The survey tries to answer what are the methods for creating energy efficient Kubernetes deployments, what is assumed from the underlying server infrastructure and CPUs, what are the promising workload scheduling and load balancing approaches and metrics they use.

References:

The case for committing to greener telecom networks, https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/the-case-for-committing-to-greener-telecom-networks
Katal, A., Dahiya, S. & Choudhury, T. Energy efficiency in cloud computing data centers: a survey on software technologies. Cluster Computing (2022). https://doi.org/10.1007/s10586-022-03713-0
Kubernetes as a Sustainability Tool, https://www.stormforge.io/blog/kubernetes-sustainability-tool/
Optimizing Kubernetes performance, efficiency, and energy footprint in heterogenous HPC environments, https://www.daaam.info/Downloads/Pdfs/proceedings/proceedings_2021/011.pdf
https://github.com/intel/kubernetes-power-manager
16 More Ways to Cut Energy Waste in the Data Center, https://www.energystar.gov/products/16_more_ways_cut_energy_waste_data_center
Gholipour, N., Arianyan E., Buyya, R., Recent Advances in Energy Efficient Resource Management Techniques in Cloud Computing Environments, https://arxiv.org/ftp/arxiv/papers/2107/2107.06005.pdf

AR: Algorithmic power

Tutor: Antti Rannisto (Antti.rannisto@aalto.fi)

Algorithms are increasingly placed in positions holding social agency. This redistribution of agency is related to important questions of societal power. Who decides who decides - and based on which ideologies and interests. Technology is not neutral, and thus it is important to inspect questions of power especially related to so-called autonomous technologies like algorithmic systems.

References:

https://www.aalto.fi/fi/tapahtumat/machine-habitus-toward-a-sociology-of-algorithms
https://en.wikipedia.org/wiki/The_Age_of_Surveillance_Capitalism

AL: Authentication, authorization, and session management for web applications

Tutor: aleksi.peltonen@aalto.fi

The goal of this topic is to investigate the security of modern technologies for authentication, authorization, and session management. Relevant topics include, but are not limited to, client authorization (e.g., OAuth 2.0 [1]), access tokens (e.g., OAuth Bearer Tokens [2], JSON Web Tokens (JWT) [3]), and user authentication (e.g., OpenId Connect [4]). Each student will choose one of the above-mentioned technologies or suggest a topic of their own. Prior knowledge of relevant technologies is required for selecting this topic. Students chosen for the topic are expected to conduct independent experiments and a comprehensive literature review of relevant security papers. In particular, students should familiarize themselves with research literature concerning formal verification (e.g., [5, 6]) of the chosen technologies.

References:

Dick Hardt. 2012. The OAuth 2.0 Authorization Framework. RFC 6749. https://doi.org/10.17487/RFC6749
Michael Jones and Dick Hardt. 2012. The OAuth 2.0 Authorization Framework: Bearer Token Usage. RFC 6750. https://doi.org/10.17487/RFC6750
Michael Jones, John Bradley, and Nat Sakimura. 2015. JSON Web Token (JWT). RFC 7519. https://doi.org/10.17487/RFC7519
OpenId Connect: https://openid.net/connect/ [5] Hammann et al., Privacy-Preserving OpenID Connect, ACM ASIACCS 2020, https://doi.org/10.1145/3320269.3384724 [6] Fett et al., A Comprehensive Formal Security Analysis of OAuth 2.0, ACM CCS 2016, https://doi.org/10.1145/2976749.2978385

AS1: Speaker recognition

Tutor: Abduljalil Saif (abduljalil.saif@aalto.fi)

Active speaker detection/recognition has become one of the promising methods for speech and video scene understanding. Deep learning-based techniques are widely used for active speaker detection and recogntion. The student needs to write a survey paper under one of these two topics, and run few codes pertaining to the reviewed papers. These two projects should be done separately where the "speaker recognition" topic can be hands on with a technical paper, while "active speaker detection" topic can be a survey and hands on.

References:

https://paperswithcode.com/paper/ava-activespeaker-an-audio-visual-dataset-for
https://github.com/TaoRuijie/ECAPA-TDNN
https://paperswithcode.com/paper/active-speakers-in-context 4. https://github.com/TaoRuijie/TalkNet-ASD

AS2: Active speaker detection review

Tutor: Abduljalil Saif (abduljalil.saif@aalto.fi)

References:

https://paperswithcode.com/paper/ava-activespeaker-an-audio-visual-dataset-for
https://github.com/TaoRuijie/ECAPA-TDNN
https://paperswithcode.com/paper/active-speakers-in-context 4. https://github.com/TaoRuijie/TalkNet-ASD

SS1: Security indicators and warnings

Tutor: Sanna Suoranta (sanna.suoranta@aalto.fi)

Many software warns the user with a dialogue when something unexpected happens. However, people often ignore all the warnings and just click the OK button to get rid of those dialogues. The reason is not necessarily indifference or negligence but the way how human brain habituates stumuli that are often seen. Furhtermore, researchers can investigate areas of web services where users look with eye tracking. Users do not often look security indicators but just the content of a service page. The aim of this work is to investigate what researchers have suggested as solutions for the problem of noticing security issues that they encounter while using web services.

References:

Anderson, B. B., Jenkins, J. L., Vance, A., Kirwan, B., and Eargle, D. (2016). Your memory is working against you: How eye tracking and memory explain habituation to security warnings. Decision Support Systems, 92:3-13.
Darwish, A. and Bataineh, E. (2012). Eye tracking analysis of browser security indicators. In 2012 International Conference on Computer Systems and Industrial Informatics.

SS2: Usability of passwords

Tutor: Sanna Suoranta (sanna.suoranta@aalto.fi)

Passwords are known to all who use any digital services. Many other means have been suggested for authentication but we still use passwords. For example, if automatically generated strong passwords are such that they can be pronounced, they are easier to remember. Furthermore, mobile devices have created new problems for typing in passwords. The aim of this work is to investigate how usability of passwords can be improved.

References:

Bergstrom, J. R., Frisch, S. A., Hawkings, D. C., Hackenbracht, J., Greene, K. K., Thefanos, M., and Griepentrog, B. (2014a). Development of a scale to assess the linguistic and phonological di culty of passwords. In Cross-Cultural Design, 6th International conference, CCD 2014, Held as a part of HCI International 2014.
Greene, K. K., Gallagher, M. A., Staton, B. C., and Lee, P. Y. (2014). I can't type that! p@$$w0rd entry on mobile devices. In Human Aspects of Information Security, Privacy, and Trust, Second International Conference, HAS 2014.
Greene, K. K., Kelsey, J., and Franklin, J. M. (2016). Measuring the Usability and Security of Peruted Passwords on Mobile Platforms. NISTIR 8040. NIST. URL: http://dx.doi.org/10.6028/NIST.IR.8040.

SS3: Psychometry for researching usable security

Tutor: Sanna Suoranta (sanna.suoranta@aalto.fi)

Instead of just asking from users, the development of psychometric tools have given ways to really see how users react to software. For example, a decrease in the amplitude of the peripheral vascular pulse indicates mental stress, and it can be detected with photoplethysmogram. There is increasing amount of research where these tools are used in improving usability of software, but how about usability of security? The aim of this work is to investigate how psychometry is used in research of usable security.

References:

Cowley, B., Filetti, M., Lukander, K., Torniainen, J., Henelius, A., Ahonen, L., Barral, O., Kosunen, I., Valtonen, T., Huotilainen, M., Ravaja, N., and Jacucci, G. (2015).
The psychophysiology primer: A guide to methods and a board review with a focus on human-computer interation. Foundations and Trends in Human-Computer Interaction, 9(3-4):151-308

BL1: Adversarial attacks

Tutor: Blerta Lindqvist (blerta.lindqvist@aalto.fi)

The topic is flexible depending on student interest. It can be about evasion, extraction, inference, or poisoning attacks. It can be theoretical or with code experiments, for example, to reproduce a paper's results. Or perhaps to try a new attack. Pairs of students can also work together, provided they show that it is a team effort with collaboration.

References:

A list with a focus on evasion attacks and defenses https://nicholas.carlini.com/writing/2018/adversarial-machine-learning-reading-list.html

BL2: Adversarial defenses

Tutor: Blerta Lindqvist (blerta.lindqvist@aalto.fi)

The topic is flexible depending on student interest. It can be about defenses from evasion, or poisoning attacks. It can be theoretical or with code experiments, for example, to reproduce a paper's results. Or perhaps to try a new defense. Pairs of students can also work together, provided they show that it is a team effort with collaboration.

References:

A list with a focus on evasion attacks and defenses https://nicholas.carlini.com/writing/2018/adversarial-machine-learning-reading-list.html

LT1: Debugging, Logging and Monitoring ML Systems: Techniques and Tools

Tutor: Linh Truong (linh.truong@aalto.fi)

The topic will research how current techniques and tools support the developer and/or the provider to debug, log and monitor components/services/tasks in ML systems in distributed computing infrastructures. The research should highlight differences (and challenges) of debugging, logging and monitoring for ML systems. The topic is for a single student. We recommend it for students with some experiences in cloud software and systems. We expect the student to present a viewpoint in the topic, thus scoping the research to target a specific type of audience, and presents the result providing useful information to the audience.

References:

Debugging Machine Learning Pipelines: https://dl.acm.org/doi/10.1145/3329486.3329489
Automatically Debugging AutoML Pipelines using Maro: ML Automated Remediation Oracle: https://dl.acm.org/doi/abs/10.1145/3520312.3534868
Ariadne: Analysis for Machine Learning Programs: https://dl.acm.org/doi/10.1145/3211346.3211349
Towards Automated ML Model Monitoring: Measure, Improve and Quantify Data Quality: https://www.amazon.science/publications/towards-automated-data-quality-management-for-machine-learning
Towards Observability for Machine Learning Pipelines: https://www.cidrdb.org/cidr2022/papers/p20-shankar.pdf

LT2: Programming Orchestration of Data Analysis Workflows in Edge Cloud Continuum

Tutor: Linh Truong (linh.truong@aalto.fi)

There are many workflow frameworks for orchestrating data analytics workflows in clouds and HPC. We are moving to analytics in edge cloud continuum. Which orchestration techniques and tools are useful for edge cloud continuum? This topic studies existing works to provide insightful discussions about possible frameworks and features for orchestrating edge-cloud data analytics tasks.

References:

https://dl.acm.org/doi/10.1145/3468737.3494103 https://dl.acm.org/doi/10.1145/3332301
https://dl.acm.org/doi/fullHtml/10.1145/3486221
https://dl.acm.org/doi/pdf/10.1145/3452369.3463820
https://dl.acm.org/doi/abs/10.14778/3529337.3529344
Open sources like Airflow, etc.

YV: Molecular Representation learning

Tutor: Yogesh Verma (yogesh.verma@aalto.fi)

Molecular representation learning aims to learn the representation of molecules that captures their inherent chemical properties and relationships. This representation is then used to predict various molecular properties, such as biological activity or solubility, or to perform tasks such as virtual screening or drug design. The goal of molecular representation learning is to enable the use of machine learning for tasks in chemistry and drug discovery and to improve our understanding of the relationships between molecular structure and function. In this project, you will review the existing literature on representation learning applied to molecules and explore their shortcomings and experiment with new representation learning methodologies. A chemistry and biology background is not a mandatory requirement for the project.

References:

Guo, Zhichun, et al. "Graph-based molecular representation learning." arXiv preprint arXiv:2207.04869 (2022).
Fang, X., Liu, L., Lei, J. et al. Geometry-enhanced molecular representation learning for property prediction. Nat Mach Intell 4, 127–134 (2022)
Ross, J., Belgodere, B., Chenthamarakshan, V. et al. Large-scale chemical language representations capture molecular structure and properties. Nat Mach Intell 4, 1256–1264 (2022)

TA: Network virtualization today

Tutor: Tuomas Aura (tuomas.aura@aalto.fi)

Computer networks are no longer just physical devices connected with cables. Instead, they can be multilayered virtual networks that are implemented in software or software-controlled networks built on top of the underlying physical infrastructure. The goal of this topic is to investigate the state of the art in virtual computer networks from many different points of view such as: • Kubernetes cluster network model and its limitations • Docker container networking model and its limitations • Container network interface (CNI) implementations • Virtual network models in commercial cloud platforms (Amazon, Google, Azure) • IPv6 in Kubernetes cluster networks • Kubernetes network policies and deploying them with Helm • Service mesh technical details • Zero trust network security model in cloud networks (focus on technical implementation) • Linux Containers network stack • Connecting on-site and virtual cloud networks Students can also suggest other angles to virtual networking. For example, it is possible to take a fresh look at software-defined networks (SDN), network function virtualization (NFV), and even older technologies VLANs and VXLAN. The paper can focus on the logical networking model and its applications, or it can include a longer discussion of security and isolation. Each student will choose one virtual network technology or model. They must have some prior knowledge of the relevant technologies (e.g., TCP/IP, Docker, Kubernetes, Linux containers) so that they can dive deep into the literature and technical documentation of the specific networking topic. The student must be able to conduct independent experiments to create examples for the paper. This topic can be chosen by multiple students, and it is possible for two students to co-author the seminar paper. The first tutoring rounds will be conducted as group meetings. When co-authoring, it is important that the students conduct the research and writing together to produce slightly more ambitious results.

References:

Minna et al., Understanding the Security Implications of Kubernetes Networking, IEEE Security & Privacy, 2021. https://doi.ieeecomputersociety.org/10.1109/MSEC.2021.3094726
Qi et al., Assessing Container Network Interface Plugins: Functionality, Performance, and Scalability. IEEE Transactions on Network and Service Management 18.1 (2020. https://par.nsf.gov/servlets/purl/10299326
Claassens et atl., Linux containers networking: Performance and scalability of kernel modules. NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium. https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7502883

TN: SLA management for Machine Learning Inference across Cloud-Edge environment: Challenges and Opportunities

Tutor: Tri Nguyen (tri.m.nguyen@aalto.fi)

The widespread across many domains of ML presents many opportunities for ML providers offering inference services such as object recognition, personal assistant, virus detection, etc. Like other cloud services, ML inference services must also be managed under Service Level Agreements (SLAs) which involve multiple stakeholders including ML users, ML providers, Infrastructure providers, etc. Assume that the ML provider deploys many different trained models across heterogeneous cloud-edge infrastructures. They offer ML inference services following the ensemble learning model and serve various ML users (multi-tenancy). Does the current support for SLAs in ML serving fulfill all stakeholder expectations? What aspects/metrics are still missing in SLAs, and what are the challenges and opportunities in SLAs management for ML inference services? This topic can be done by single/multiple students, and individual/group work.

References:

https://en.wikipedia.org/wiki/Ensemble_learning
https://ieeexplore.ieee.org/abstract/document/9804606
https://arxiv.org/abs/2111.14247
https://arxiv.org/abs/2202.11243
https://dl.acm.org/doi/abs/10.1145/3135974.3135993
https://www.usenix.org/conference/atc19/presentation/zhang-chengliang
https://proceedings.mlsys.org/paper/2022/hash/0777d5c17d4066b82ab86dff8a46af6f-Abstract.html
https://www.usenix.org/conference/opml19/presentation/soifer

SC: Modern applications of software reliability growth models

Tutor: Stanislav Chren (stanislav.chren@aalto.fi)

Developing reliable software is a challenging task. Software reliability growth models (SRGMs) are one of the oldest and most widely applied black-box reliability prediction approaches that can aid with the reliability evaluation and release planning of software products. Many traditional SRGMs have been proposed with legacy software development practices in mind, such as the Waterfall development process. This results in model assumptions that are likely to be violated in open-source software products and agile environments. The goal of this seminar topic is to investigate more recent SRGM approaches to understand their applicability in modern contexts. The work will focus on a literature review and comparison of SRGM parameters, their assumptions and limitations.

References:

Radoslav Micko, Stanislav Chren and Bruno Rossi. Applicability of Software Reliability Growth Models to Open Source Software. In 48th Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA2022). IEEE, 2022. 10 s. [Preprint at: https://arxiv.org/pdf/2205.02599.pdf]
Wood, Alan. "Software reliability growth models." Tandem technical report 96.130056 (1996): 900.
Saraf, Iqra, et al. "Modelling reliability growth for multi‐version open source software considering varied testing and debugging factors." Quality and Reliability Engineering International 38.4 (2022): 1814-1825.

SL: Blockchains and Proof-of-X protocols: security vulnerabilities and tradeoffs

Tutor: Shushu Liu (shushu.liu@nokia-bell-labs.com)

Blockchains and the distributed ledger technology (DLT) underlying them are the foundation for Web 3.0, cryptocurrencies and cryptonetworks, and – more generally – for ensuring trusted tamperproof transactions among untrusted and semi-trusted entities. Such transactions are ensured by DLTs via distributed consensus protocols, such as Proof-of-Work and Proof-of-Stake. However, such distributed consensus protocols present tradeoffs between costs (e.g. high energy usage for Proof-of-Work) and potential security vulnerabilities. More generally, a variety of such Proof-of-X protocols are emerging in Web 3.0. We propose a survey that addresses the following questions: • What are key Proof-of-X protocols for established and emerging blockchains/DLTs? • What are the kinds of security vulnerabilities intrinsic to each of these Proof-of-X protocols? • What are the “costs” associated with each of these Proof-of-X protocols and the tradeoffs with security? • For which kinds of applications are each of these Proof-of-X protocols best suited, given the security vulnerabilities and cost tradeoffs?

References:

Gervais, Arthur, et al. "On the security and performance of proof of work blockchains." Proceedings of the 2016 ACM SIGSAC conference on computer and communications security. 2016.
Zheng, Zibin, et al. "An overview of blockchain technology: Architecture, consensus, and future trends." 2017 IEEE international congress on big data (BigData congress). Ieee, 2017.
Mingxiao, Du, et al. "A review on consensus algorithm of blockchain." 2017 IEEE international conference on systems, man, and cybernetics (SMC). IEEE, 2017.

SZ: Uncertainty estimation in Model-based RL with ensemble model

Tutor: Shibei Zhu (shibei.zhu@aalto.fi)

Model-based RL differs from its model-free counterpart by estimating the dynamic of the system from the observations, in addition to a desired policy. In this project, you will be reviewing different methods for the uncertainty estimation of the resulting dynamic model built from a model-based RL algorithm. You will be focusing, in specific, the use of the ensemble model.

References:

https://arxiv.org/abs/1903.00374
https://proceedings.neurips.cc/paper/2017/hash/766ebcd59621e305170616ba3d3dac32-Abstract.html

SD: Deep reinforcement learning for Human-AI cooperation

Tutor: Sebastiaan De Peuter (sebastiaan.depeuter@aalto.fi)

A fundamental challenge of AI is to create agents that can cooperate with humans. Advances in reinforcement learning (RL) allow us to train agents to be cooperative, but we need a model of a human to train them against. Due to a lack of training data, historically we have had to either hand-craft such models, or use another (optimal!) RL agent as human model. Computational rationality, a recent development in cognitive science, allows us to use deep RL to produce human-like behavior without any human data. These ‘synthetic humans’ can learn to act within an environment and to interact with other (AI) agents, while reproducing hallmark biases of real human behavior. In this project you will implement and train such a SOTA ‘synthetic human’ for a specific decision making task. You will then combine this ‘synthetic human’ with an AI agent into a multi-agent setting and train both to cooperate. Experience with python and knowledge of RL is mandatory. Experience with PyTorch or stable-baselines is recommended.

References:

https://ojs.aaai.org/index.php/AAAI/article/view/16161
https://dl.acm.org/doi/pdf/10.1145/3491102.3517739
https://www.microsoft.com/en-us/research/wp-content/uploads/2016/11/273.full_.pdf
https://arxiv.org/pdf/2109.00127.pdf

RL: Succinct Non-Interactive Arguments

Tutor: Russell W. F. Lai (russell.lai@aalto.fi)

A prover P wants to convince a verifier V that a certain mathematical statement is true. Additionally, the task should be completed in the following fashion: Complete: If the statement is true, V should be convinced. Knowledge-sound: If V is convinced, P must know that the statement is true. Non-interactive: It suffices for P to send a single message, called the proof, to V. Succinct: The proof is short, much shorter than the statement. An argument system that accomplishes the above is called a succinct non-interactive argument of knowledge (SNARK). An on-going research direction is to construct SNARKs with different efficiency and security trade-offs and from different computational assumptions. One major direction is to first construct a probabilistically checkable proof (PCP) or its generalisation, then then turn it into a SNARK using a cryptographic compiler. Students are tasked to survey this area of research, summarise known results, and identify open problems. Mathematical maturity is required for this topic.

References:

https://eprint.iacr.org/2018/828
https://eprint.iacr.org/2019/1230
https://eprint.iacr.org/2022/994

RW: Dynamics of social interactions in social Mixed Reality

Tutor: Robin Welsch (robin.welsch@aalto.fi)

To initiate social interaction with a stranger, we put a smile on our face, move closer and seek eye contact. Only after being recognized, e.g., by mimicking the smile, a verbal conversation is initiated, accompanied by a reduction of interpersonal distance. Using Mixed reality as an innovative method, researchers can simulate social interactions in a highly controlled, highly economical, but also ecologically valid way. Here, novel methodological developments of Mixed Reality technology now enable us to granularly study social interaction and its dynamics in high fidelity virtualized environments. The goal of this project is to grasp state-of-the simulations of dynamic nonverbal-behavior within Mixed reality.

References:

Bailenson, J. N., Blascovich, J., Beall, A. C., & Loomis, J. M. (2001, Dec). Equilibrium theory revisited: Mutual gaze and personal space in virtual environments. Presence-Teleoperators and Virtual Environments, 10(6), 583-598. https://doi.org/10.1162/105474601753272844
Gamer, M., & Hecht, H. (2007). Are you looking at me? Measuring the cone of gaze. Journal of Experimental Psychology: Human Perception and Performance, 33(3), 705–715. https://doi.org/https://doi.org/10.1037/0096-1523.33.3.705
Huang, A., Knierim, P., Chiossi, F., Chuang, L. L., & Welsch, R. (2022). Proxemics for Human-Agent Interaction in Augmented Reality CHI Conference on Human Factors in Computing Systems, New Orleans, LA, USA. https://doi.org/10.1145/3491102.3517593

NS: Virtual reality toward the internet of senses

Tutor: Nassim Sehad (nassim.sehad@aalto.fi)

The emergence of 5th-generation networks and the introduction of the ultra-low latency Internet, namely, tactile internet, by the International Telecommunication Union (ITU) has opened up a wide range of applications. Extended Reality (XR), holoportation, and remote control of machines are among the ones that would revolutionize the future of factories, smart cities, and digital healthcare. To enable a high sense of immersion and embodiment in virtual environments, Virtual Reality (VR) technology provides users highly realistic visual and auditory experiences. In the real world, however, we use more senses than only vision and hearing to perceive our surroundings. Particularly, tactile sensation is the only bidirectional modality and enables us to perceive and interact with the objects and surfaces around us. The Internet of Senses (IoS) aims at transforming the digital world into a fully immersive one by delivering over the network multisensory experiences including visual, audio, haptic, smell and taste. This consists of two requirements. One is the user interfaces such as haptic devices which would allow users to receive tactile information through sensations. The other is networking technologies that would enable ultra-low latency delivery and synchronization of multisensory experiences. We refer to it as multiple sensorial media (Mulsemedia) in the rest of this proposal. So far, the development of haptic interfaces is still in its infancy, while advancement in networking technologies is needed to enable multiple sensorial media.

References:

https://www.aalto.fi/en/news/towards-the-internet-of-senses
TALEB, Tarik, SEHAD, Nassim, NADIR, Zinelaabidine, et al. VR-based Immersive Service Management in B5G Mobile Systems: A UAV Command and Control Use Case. IEEE Internet of Things Journal, 2022.
https://www.ericsson.com/4ae13b/assets/local/reports%20papers/consumerlab/reports/2019/10hctreport2030.pdf
COVACI, Alexandra, ZOU, Longhao, TAL, Irina, et al. Is multimedia multisensorial?-a review of mulsemedia systems. ACM Computing Surveys (CSUR), 2018, vol. 51, no 5, p. 1-35.
PANAGIOTAKOPOULOS, Dimitrios, MARENTAKIS, Georgios, METZITAKOS, Rossetos, et al. Digital Scent Technology: Toward the Internet of Senses and the Metaverse. IT Professional, 2022, vol. 24, no 3, p. 52-59. 6- https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9967586&casa_token=sv5mWcXGwokAAAAA:OuTV6OQvkkz0RpCgdf7esi5162fw4oGpx_a6OOjBacArSxbiEdmS7Jg1bmFYUOhqEqU9i8mfTn8

MS1: Learning-based video coding

Tutor: Matti Siekkinen (matti.siekkinen@aalto.fi)

Learning-based video compression has gained much interest over the last 5+ years. The approaches explored include enhancing traditional video coding methods with learning based components and proposing a complete end-to-end video codec based on learning. The student will study the state of the art and recent advances in learning based video coding from a chosen perspective. Practical experimentation is also possible.

References:

Dong Liu, Yue Li, Jianping Lin, Houqiang Li, and Feng Wu. 2020. Deep Learning-Based Video Coding: A Review and a Case Study. ACM Comput. Surv. 53, 1, Article 11 (January 2021), 35 pages. https://doi.org/10.1145/3368405

MS2: Neural radiance fields

Tutor: Matti Siekkinen (matti.siekkinen@aalto.fi)

Neural radiance fields (NeRF) is a recently proposed method for view synthesis based on deep learning with many different applications. Since the concept was first introduced a few years back, a plethora of follow-up work has been published. The student's task is to review and report on the recent advances with NeRF and its applications.

References:

Ben Mildenhall, Pratul P. Srinivasan, Matthew Tancik, Jonathan T. Barron, Ravi Ramamoorthi, and Ren Ng. 2021. NeRF: representing scenes as neural radiance fields for view synthesis. Commun. ACM 65, 1 (January 2022), 99–106. https://doi.org/10.1145/3503250

MD1: Multi-factor authentication with mobile devices: open challenges

Tutor: Mario Di Francesco (mario.di.francesco@aalto.fi)

Multi-factor authentication (MFA) involves using at least two different means for user verification. It is widely used by online services, especially those which are cloud-based. A common option for MFA leverages a password and a second factor provided through a mobile device, for instance, a time-based token. Despite being widely used, MFA does not solve the issue of secure authentication and has several challenges, also related to usability. The focus of this seminar topic is to explore different options for MFA involving mobile devices then to evaluate their security and usability.

References:

Russel Brandom, "Two-factor authentication is a mess", the Verge (https://www.theverge.com/2017/7/10/15946642/two-factor-authentication-online-security-mess)
MFA fatigue attack (https://www.beyondtrust.com/resources/glossary/mfa-fatigue-attack)

MD2: Security and privacy in the metaverse

Tutor: Mario Di Francesco (mario.di.francesco@aalto.fi)

The metaverse represents the social aspects of virtual and augmented reality. Security and privacy have been thoroughly investigated for conventional scenarios; in contrast, they have received limited consideration in the context of the metaverse. The focus of this seminar topic is to address this gap by overviewing the issues related to security and privacy in the metaverse.

References:

Chen et al., "Metaverse Security and Privacy: An Overview", IEEE BigData 2022 (https://arxiv.org/pdf/2211.14948)
Wang et al., "A Survey on Metaverse: Fundamentals, Security, and Privacy", IEEE Communications Surveys & Tutorials, to appear (https://ieeexplore.ieee.org/abstract/document/9880528)

MD3: Deep neural network compression for resource-constrained devices

Tutor: Mario Di Francesco (mario.di.francesco@aalto.fi)

Large Deep Neural Networks (DNNs) with billions of parameters are becoming increasingly popular to solve many important problems, though their deployment in resource-constrained devices still remains a challenge. Several DNN model compression approaches have been proposed to tackle this problem including pruning, quantization, and knowledge distillation. The focus of this seminar topic is to review approaches for DNN compression and select one option to consider in more detail.

References:

Sze et al. “Efficient Processing of Deep Neural Networks: A Tutorial and Survey”. Proceedings of the IEEE 105.12 (2017), pp. 2295–2329 (https://arxiv.org/pdf/1703.09039.pdf)
Cai et al., "Once for All: Train One Network and Specialize it for Efficient Deployment", ICLR 2020 (https://openreview.net/pdf?id=HylxE1HKwS)

MK: Using and optimizing stencil applications for GPUs using a CUDA-MPI library Astaroth

Tutor: Maarit Korpi-Lagg (maarit.korpi-lagg@aalto.fi)

In the TOP500 list of supercomputers, roughly 30 percent are currently based on accelerator platforms, such as graphics processing units. As the clocking frequency of the CPUs can no longer be increased to perform computations faster due to the power wall phenomenon, the emphasis has changed to maximising throughput using devices capable of massive parallelism. In this project, you will learn to use, optimise (communication versus computation), compare performance on hardware from different vendors, and measure the energy-efficiency of a standard stencil-based application implemented with a CUDA-library Astaroth.

References:

http://dx.doi.org/10.1016/j.cpc.2017.03.011, http://dx.doi.org/10.1016/j.cpc.2017.03.011,
https://doi.org/10.1016/j.parco.2022.102904, http://urn.fi/URN:NBN:fi:aalto-201906233993 Code is available from
https://bitbucket.org/jpekkila/astaroth/src/master/

JM: Learning Biological ODE models from time series data

Tutor: Julien Martinelli (julien.martinelli@aalto.fi)

You will consider the problem of identifying the dynamics of a biological network from time series measurements. This is a complex reverse engineering problem. Usually, when facing a biological question, modellers perform a time consuming literature review and design a model. The algorithms tackled here attempt to learn a dynamical model directly from data. The best competitors currently involve sparse regression methods and learn an ODE system using an arbitrary large library of predefined functions. The Bachelor's Thesis will include a literature review of the state of the art. Experiments in Python can also be carried out on some synthetic biological networks to further understand the algorithms and how they perform w.r.t. to standard features for biological data: initial conditions, noise, sparse sampling, irregular observation grid... Prerequisite: Ordinary differential equations ; Sparse regression methods (e.g. LASSO). Some Bayesian theory might be helpful. Experience with Python would help a lot for the coding part.

References:

https://www.pnas.org/doi/10.1073/pnas.1517384113 (Seminal paper, sparse identification of nonlinear dynamics)
https://royalsocietypublishing.org/doi/epdf/10.1098/rspa.2021.0904 (Improved version of the above problem using ensembling)
https://journals.plos.org/ploscompbiol/article?id=10.1371/journal.pcbi.1009830 (Bayesian take on the problem)
https://arxiv.org/abs/2209.03185 (sequential chemical reaction inference algorithm)

JL1: Comparative of security tools for the cloud

Tutor: Jose Luis Martin Navarro (jose.martinnavarro@aalto.fi)

Kubernetes is an open-source software for automating management of computerized services, such as docker images. Despite its benefits, there are concerns on the security of Kubernetes deployments. According to the latest survey from the Cloud Native Computing foundation, security is the second biggest challenge in using/deploying containers for respondents located in Europe. There are open source tools that address some of the security concerns of the community, but there is not a clear consensus on what does it take to secure a deployment. The focus of this seminar topic is to review the existing security tools for Kubernetes/docker.

References:

M. Shazibul Islam Shamim, F. Ahamed Bhuiyan, and A. Rahman, “XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices,” 2020.
J. Salamero, “Kubernetes runtime security with falco and sysdig”, 2019.
C. Cao, A. Blaise, S. Verwer, F. Rebecchi, "Learning State Machines to Monitor and Detect Anomalies on a Kubernetes Cluster." Proceedings of the 17th International Conference on Availability, Reliability and Security. 2022.
Y. Weizman, Secure containerized environments with updated threat matrix for kubernetes, March 2021. URL: https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/

JL2: Managing secrets in cloud applications

Tutor: Jose Luis Martin Navarro (jose.martinnavarro@aalto.fi)

With the adoption of distributed cloud infrastructure new solutions are needed to handle the security of these new environments. Since applications are described in declarative documents, it is a challenge to handle secrets such as passwords, keys or certificates without storing them in plain text. The purpose of this topic is to review the different approaches to secret management in docker and Kubernetes.

References:

Rahman, Akond, Farhat Lamia Barsha, and Patrick Morrison. "Shhh!: 12 practices for secret management in infrastructure as code." 2021 IEEE Secure Development Conference (SecDev). IEEE, 2021.
AJ Banhken, Adrian Utrilla, Julien Vehent. “SOPS: Secrets OPerationS”. https://github.com/mozilla/sops
A Garcia, A Neira, A Moreno, J Vazquez. “Sealed Secrets for Kubernetes”. https://github.com/bitnami-labs/sealed-secrets
Riti, Pierluigi, and David Flynn. "Vault HCL." Beginning HCL Programming. Apress, Berkeley, CA, 2021. 129-155.

JB: Software supply chain security

Tutor: Jacopo Bufalino (jacopo.bufalino@aalto.fi)

Vulnerable code can leak into a production system in every step of the software supply chain. The SLSA standard has been created to address the key supply chain threats by verifying the source, build and dependency integrity. The goal of this topic is to investigate the various threats affecting the software supply chain, related (but not limited) to: - Source code integrity - Dependency integrity - Language specific dependency managers (pip, npm, RubyGems) -Container images used as dependencies - Artifact management - How to secure single-page apps, containers, Helm charts - CI/CD pipeline security Students are welcome to propose other topics in the same area. For example, it is possible to analyse the SLSA standard and propose changes to it. Alternatively, the student can suggest extensions to the SLSA standard to include, e.g., integrity checks during the deployment to a production environment. The paper can focus on an individual supply-chain threat or on the standard for a specific threat. Students must have prior knowledge of the relevant technologies (e.g., Linux containers, package managers, CI/CD platforms) The student must be able to conduct independent experiments to create examples for the paper. This topic can be chosen by multiple students, and it is possible for two students to co-author the seminar paper. The first tutoring rounds will be conducted as group meetings. When co-authoring, it is important that the students conduct the research and writing together to produce slightly more ambitious results.

References:

The SLSA standard https://slsa.dev
SLSA compliance generator for Github https://github.com/slsa-framework/slsa-github-generator
Ohm, Marc, et al. "Backstabber’s knife collection: A review of open source software supply chain attacks." International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, Cham, 2020. https://link.springer.com/chapter/10.1007/978-3-030-52683-2_2
A Socio-technical Framework for Threat Modeling a Software Supply Chain B Al Sabbagh, S Kowalski - IEEE Security & Privacy, 2015 - ieeexplore.ieee.org https://ieeexplore.ieee.org/abstract/document/7180277

JH: Machine learning for fog and edge service placement

Tutor: Jaakko Harjuhahto (jaakko.harjuhahto@aalto.fi)

The fog and edge computing paradigms propose placing services near users and devices, instead of centralizing them in warehouse scale data centers, i.e., the cloud. One of the key challenges is defining where and when services are placed. Instead of explicitly developing a placement algorithm, machine learning offers another alternative for solving this challenging multi-objective optimization problem. For this topic, perform a literature review on the use of machine learning methods for fog/edge service placement.

Reference:

Ashkan Yousefpour, Caleb Fung, Tam Nguyen, Krishna Kadiyala, Fatemeh Jalali, Amirreza Niakanlahiji, Jian Kong, Jason P. Jue. "All one needs to know about fog computing and related edge computing paradigms: A complete survey". https://doi.org/10.1016/j.sysarc.2019.02.009
X. Xiong, K. Zheng, L. Lei and L. Hou. "Resource Allocation Based on Deep Reinforcement Learning in IoT Edge Computing". https://doi.org/10.1109/MNET.2019.1800386

HM1: Animation of interactions with dynamic objects using neural networks

Tutor: Henry Mauranen (henry.mauranen@aalto.fi)

In recent years, there has been progress in animating movements such as walking and running using deep neural networks. Additionally, there have been some convincing approaches to animate static object interactions. This research topic will study approaches for animating locomotion interactions with dynamic objects using deep learning. The objective of this topic is to give you an overview of the current state of the art. For eager students, you will also have the opportunity to explore and implement some of the researched techniques and potentially create or continue your work into a publication in the domain.

References:

https://github.com/vchoutas/smplx
https://github.com/sebastianstarke/AI4Animation
Starke et al., Neural State Machine for Character-Scene Interactions, 2021, https://github.com/sebastianstarke/AI4Animation/blob/master/Media/SIGGRAPH_Asia_2019/Paper.pdf
Zhang et al. ManipNet: neural manipulation synthesis with a hand-object spatial representation, 2021, https://dl.acm.org/doi/abs/10.1145/3450626.3459830

HM2: Deep learning based dynamics for animation and biomechanics

Tutor: Henry Mauranen (henry.mauranen@aalto.fi)

Research in applying deep learning to find human poses and kinematics is quite well established. However, dynamics are not often discussed in this context. Dynamics are essential for biomechanical applications, and introduction of extra information could improve the deep learning based pose estimates and animations. In this research topic, we will be investigating the use of machine learning techniques to model the dynamics of the body for animation and biomechanics. The goal is to gain a deeper understanding of body mechanics and create more realistic animations. The objective of this topic is to give you an overview of the current state of the art. For eager students, you will also have the opportunity to explore and implement some of the researched techniques and potentially create or continue your work into a publication in the domain.

References:

https://en.wikipedia.org/wiki/Denavit%E2%80%93Hartenberg_parameters#Modified_DH_parameters
https://github.com/vchoutas/smplx -Saxby et al., Machine learning methods to support Personalized neuromusculoskeletal modelling, 2020,
https://link.springer.com/content/pdf/10.1007/s10237-020-01367-8.pdf?pdf=button
Caulcrick et al., Human Joint Torque Modelling with MMG and EMG During Lower Limb Human-Exoskeleton Interaction, 2021, https://ieeexplore.ieee.org/abstract/document/9490364
Cop et al., Electromyography-driven model-based estimation of ankle torque and stiffness during dynamic joint rotations in perturbed and unperturbed conditions, 2022, https://www.sciencedirect.com/science/article/pii/S0021929022004249

CB: Secure Multi-Party Computation

Tutor: Christopher Brzuska (chris.brzuska@aalto.fi)

This topic has CS-E4340 Cryptography or MS-1687 Advanced Topics in Cryptography (or equivalent) as pre-requisit. You will not be able to read research articles in cryptography without pre-requisits in cryptography, and gaining the pre-requisits during the course is impossible due to the tight schedule. Secure multi-party computation allows several parties P_1,...,P_n with secret input x_1,...,x_n to jointly compute a function f(x_1,..,x_n)=y such that everyone learns the output y, but nothing else about the inputs. In this way, for examples, hospitals can combine medical data in a privacy-preserving way. There have also been first discussions on combining MPC in order to achieve privacy-preserving distributed machine-learning. Secure multi-party computation (MPC) is a quite large field, and many topics are possible.

References:

**Winter Schools on MPC**

General introduction: https://cyber.biu.ac.il/event/the-12th-biu-winter-school-on-cryptography/
Information-theoretic security: https://cyber.biu.ac.il/event/the-10th-biu-winter-school-on-cryptography/
Older and practice-oriented version of the event: https://cyber.biu.ac.il/event/the-5th-biu-winter-school/

**Topics** You can find your own perspective, what you find interesting etc.. To me, most topics in MPC are interesting to read as long as the topic is sufficiently deep. Here are a couple of topics I would find interesting:

Overview over threshold secret-sharing schemes and applications such as Shamir's secret-sharing scheme
Constructions of function-secret sharing schemes (and applications), see, e.g., First paper: https://link.springer.com/chapter/10.1007/978-3-662-46803-6_12 Follow-up paper: https://eprint.iacr.org/2018/707
Oblivious transfer extension First paper: https://www.iacr.org/archive/crypto2003/27290145/27290145.pdf Follow-up paper: https://eprint.iacr.org/2019/1159
Real-life applications on MPC (What are the applications and methods? What makes them be sufficiently enough to be used in practice?) https://eprint.iacr.org/2008/068.pdf https://dl.acm.org/doi/10.1145/3209811.3212701
Lower bounds in MPC: https://eprint.iacr.org/2019/220 https://arxiv.org/abs/1512.07735 - Feel free to define your own sub-topic within MPC.

**Further Resources:**

Articles published at the conferences EUROCRYPT, CRYPTO, ASIACRYPT, Theory of Cryptography (TCC), IEEE Security & Privacy, and ACM CCS are a reliable source of state-of-the-art research. You can also look for talks at TPMPC (no proceedings).
More hints for how to navigate research: http://chrisbrzuska.de/research.html

LG: Formal Verification of Security Properties

Tutor: Lachlan Gunn (lachlan.gunn@aalto.fi)

Formal methods have become a basic element of the cryptographer’s toolbox: we use formal methods to verify the algorithms, their implementations, and the hardware that they run on. Firefox, for example, uses HACL* [1] in its cryptographic implementations, a mechanically-verified implementation of various cryptographic primitives.

Formal verification has been applied to many other systems:

Software implementing the Signal messaging protocol [2]
The software running the Ariane 5 rocket, and various metro lines [3]
The TLS 1.3 [4] and WireGuard [5] protocols

In this project, you will examine aspects of how to find bugs and demonstrate security using formal verification. Each of up to six students will examine a different aspect of the topic; some examples:

How to join different proofs together to prove the security of a large system
How different programming languages are better or worse suited to formal verification
How different proof techniques can aid the user by automation

References:

JR1: A survey on artificial noise management for backscatter communication (Customized topic, do not select)

Tutor: Jäntti Riku (riku.jantti@aalto.fi)

Student: Yifan Zhang

In this paper, we first retrospect the history of AN technologies research in BackComm to introduce the concept of ANM. Then, a set of criteria and a taxonomy of ANM technologies are proposed to evaluate existing work. Through review and analysis, we finally point out open issues with valuable suggestions on future research directions.

References：

Zou, Yulong, et al. "A survey on wireless security: Technical challenges, recent advances, and future trends." Proceedings of the IEEE 104.9 (2016): 1727-1765.
Hamamreh, Jehad M., Haji M. Furqan, and Huseyin Arslan. "Classifications and applications of physical layer security techniques for confidentiality: A comprehensive survey." IEEE Communications Surveys & Tutorials 21.2 (2018): 1773-1828.
Saad, Walid, et al. "On the physical layer security of backscatter wireless systems." IEEE transactions on wireless communications 13.6 (2014): 3442-3451.
Yang, Qian, et al. "Exploiting randomized continuous wave in secure backscatter communications." IEEE Internet of Things Journal 7.4 (2020): 3389-3403.

JR2: Towards Autonomous Multi-UAV Wireless Networks: A Survey of Reinforcement Learning-based Approaches (Customized topic, do not select)
Tutor: Jäntti Riku (riku.jantti@aalto.fi)

Student: Bai Yu

Unmanned aerial vehicles (UAVs), an emerging flexible flying platform, have been applied in various fields in recent years because of their high flexibility and low deployment costs. The multi-UAV wireless network (MUWN) is promising in sophisticated situations, as it has enhanced coverage and service resources, and allows the simultaneous coordination and cooperation of multiple UAVs to accomplish large-scale (multi-objective) tasks. Reinforcement learning (RL) is considered to be one of the most promising ways to achieve artificial intelligence, which can help to construct autonomous and intelligent UAV networks.

References:

[1] Luong N C, Hoang D T, Gong S, et al. Applications of deep reinforcement learning in communications and networking: A survey[J]. IEEE Communications Surveys & Tutorials, 2019, 21(4): 3133-3174.

[2] Gupta L, Jain R, Vaszkun G. Survey of important issues in UAV communication networks[J]. IEEE Communications Surveys & Tutorials, 2015, 18(2): 1123-1152.

EO: Exploring the sparsity and low-rankness in Tensor Regression (Customized topic, do not select)

Tutor: Esa Ollila (esa.ollila@aalto.fi)

Student: Xinjue Wang

The target of this topic is to study regression methods for low-rank tensor using sparse regularizations (like Lasso, TV, Fused Lasso and etc.).

PS: Kubernetes Approach to Public Key Infrastructure (Customized topic, do not select)

Tutor: Siekkinen Matti (matti.siekkinen@aalto.fi)

Student: Pham Thi Song Huong

Managing TLS/SSL certificates has been a challenge for organizations. However, Kubernetes manages to handle these elegantly. We could learn how Kubernetes handles its own internal certificates and how organizations can leverage Kubernetes to manage their certificates.

References:

Last modified: Wednesday, 18 January 2023, 12:22 PM