MSc Thesis Proposals
Please send me an email if you are interested in any of the following MSc thesis proposals.
Evaluation of smart speakers’ vulnerability to sound-squatting using quasi-homophones
In collaboration with Politecnico di Torino and Università di Torino
The increase in the usage of voice controls pushes the growth of sound-squatting attacks. Sound-squatting is a phishing technique that tries to trick users by leveraging words with pronunciation perceptively similar to targets. Sound-squatting is, in fact, generic and applies to the case of listeners that have to write (or interpret) a word pronounced by another person, such as, the speech recognition process used in smart speakers. In this thesis the student will evaluate if a data-driven generation of quasi-homophones can systematically trick speech recognition systems that power smart-speakers, specifically Alexa Skill Toolkit. The evaluation process will involve the collection of smart-speakers speech commands and the generation and evaluation of miss-interpretations made by the speech recognition system.
Homographic squatting generation made possible
In collaboration with Politecnico di Torino and Università di Torino
Homographic attack is a well-known squatting technique uses the visual similarity between characters to lure users into phishing campaigns (e.g., word and vvord). In this thesis the student will investigate the use of multi-modal generative models to generate homographic attacks using visual feedback. The visual feedback, obtained with techniques employed in computer vision, will inform the models about the similarity between characters and their context in words to generate words that can increase the effectiveness of the attack. This approach has a huge potential when we consider the internationalized scenarios (URLs), in which words can include a mix of character sets from various alphabets, such as Cyrilic and Persian, as well as the possibility of using multiple font types and sizes when transmitting phishing messages. The student will design and evaluate machine learn models capable of generate such attacks based on the actual graphic similarity between generated candidate words and target words.
Causal discovery for cybersecurity
In collaboration with Politecnico di Milano
The goal of this MSc thesis is to critically evaluate how causal discovery approaches can benefit a cyber threat intelligence analyst. Causal discovery is a highly challenging activity which often requires very specialised domain knowledge of the kind that might require decades to be gathered by an expert. Due to the cybersecurity domain, particular attention will have to be considered for uncertainty management and characterisation.
Ethical autonomous systems in cybersecurity
In collaboration with Politecnico di Milano
The goal of this MSc thesis is to critically study how complex constraint satisfaction problem solvers can be adopted to address ethical problems in autonomous and intelligent systems, in particular those used for situational understanding in cybersecurity. The IEEE, for instance, in its Global Initiative on Ethics of autonomous and intelligent systems https://ethicsinaction.ieee.org/ identified various ethical principles which can be represented as constraints over possible actions of the autonomous system.