University of Cambridge Computer Laboratory foto

Student Project Suggestions – Ross Anderson

Most of the chapters of my book have suggestions for further research at the end, some of which might make decent student projects.

Further ideas below.

Hardware trojan detection

There is a lot of interest in whether you can detect a hardware Trojan that a manufacturer has been ordered to insert by its government. In this project your task is to use one of the Lab teaching boards to create a CPU with such a Trojan, designed to signal out the contents of a certain memory location (that might contain, for example, a target cryptographic key) by modulating the device's power consumption using a secret pseudonoise sequence. You then measure whether the extra noise can be detected using standard testing techniques by someone who does not know the secret key, and whether the target can be extracted by someone who does. (For the former, see for example papers no. 63, 94 and 126 from here.)

Cocktail-party CAPTCHA

Many websites make life harder for robots using a CAPTCHA – a "Completely Automated Public Turing Test to Tell Computers and Humans Apart". Since these were devised by Luis von Ahn and colleagues at CMU, many types have been tried, with an arms race between website operators trying to design better CAPTCHAs and attackers finding ways to defeat them. The beauty of CAPTCHA research is that if you design a novel CAPTCHA, then either the bad guys break it or they don't; if they don't, you have a useful new security mechanism, while if they do you have made progress in a hard AI problem.

One problem that's easy for humans to solve but hard for current signal-processing software is the cocktail party problem – how we manage to follow a single conversation in a crowded room out of the dozen that go on round about us. The goal of this project is to develop a workable audio CAPTCHA which will identify humans by their ability to follow one conversation out of several overlaid ones, which may be in different voices (male vs female, old vs young) or different dialects (Glasgow vs Geordie vs RP). Robust evaluation is needed to see whether such designs will achieve good security and usability.

Contact details

University of Cambridge Computer Laboratory
JJ Thomson Avenue
Cambridge CB3 0FD, England

Tel: +44 1223 33 47 33
Fax: +44 1223 33 46 78