I have three! Projects 2 and 3 didn't end up going anywhere, so most of my research experience was based on Project 1.

Project 1: Android Apps

As a follow-up to research that several grad students did last semester, we're investigating the permissions system in the Android operating system (i.e. what a given application has "permission" to do with the phone). We suspect that there are ways to get around the permissions, or even that they're not implemented as fully as the documentation says they are.

Project 2: Medical Devices

Steve and Prof Dawn are working with two professors at the University of Massachusetts to investigate security in the field of medicine. This project is broad and ongoing, but one thing we hope to do is to visit hospitals and conduct assessments of ways that security could be improved in them.

Project 3: Mobile Banking

We're investigating whether or not conducting banking on mobile phones is significantly riskier than banking on a PC. Rather than dealing with anything incredibly technical, we're approaching this practically, and considering things like: most mobile phone screens aren't large enough to display the full URL of a website, so it's easier for an attacker to set up a similar URL to maliciously collect information from people.