How to collaborate

Applications for FALL 2025 ARE OPEN.

We are excited to announce the list of collaboration opportunities in our Mon(IoT)r IoT lab. These can be interesting opportunities to get exposed to cutting-edge IoT technologies and understand how they work.

If you are interested in any of these projects, you are a current active undergraduate or graduate student at Northeastern University, and you satisfy the prerequisites for the project you are interested in, please send an email using the contact information of the project of your choice with subject “Fall 2025 Mon(IoT)r Lab collaboration PROJECT NAME” and a recent resume attached (with GPA), specifying the following:

  • What project you are interested in, specifying (a) why you are interested in that particular project, (b) why you are a fit for that project, (c) how you plan to use your existing experience to contribute to that project, (d) how collaborating to the project aligns with your career goals. If you are interested in more than one project, please rank them starting from the one you are interested the most.
  • The preferred start date and end date for the collaboration, and the total number of average hours you plan to spend per week on this project;
  • Your expected course load for the semester (list of classes and credits);
  • Any other time commitments you have during the semester, for example TA, RA, a co-op, side jobs, on campus / off campus activities, clubs, both paid and unpaid;
  • Your availability for a volunteer (unpaid) position. Note that we do not currently have any available paid or for-credits positions;
  • The Northeastern University campus location you are based on and the possibility or preference to work on site in Boston, remotely, or both.

Please note that, in general, we have a preference for projects that are on-site, that last a whole semester (15 weeks), and for a minimum of 10 hours per week.

We will start reviewing applications for Fall 2025 as soon as we receive them and will be back to you within two weeks, so please be patient if you do not hear back by then. Also, for some projects, we may give you a take-home exercise related to the project before starting working with us.

If you are interested in applying for a later term (e.g., Spring 2026), we cannot guarantee that this list of projects will still be valid. Therefore, we suggest waiting for the projects to be updated before applying, which typically happens within two weeks after the Spring or Fall semester starts. We are not currently offering summer projects.

Fall 2025 projects

Project “IoT/SPHERE”: IoT Analysis From Network Traffic Using SPHERE

Internet of Things (IoT) devices are increasingly found in homes, providing useful functionality for devices such as TVs, smart speakers, and video doorbells. Along with their benefits come potential risks, since these devices can communicate information (audio recordings, video recordings, television viewing habits) about their users to other parties over the Internet. However, understanding these risks is difficult due to heterogeneity in devices’ online behaviors. For example, smart speakers responding to voice commands send very different network traffic than a smart power plug that is activated via a companion app.

The goal of this project is to measure what IoT devices are doing, simply based on the network traffic they generate. For example, we would like to know if a smart speaker is recording audio from users when it should not, and we can automatically infer this if we have a good model and analysis of what normal, expected recording behavior looks like.

This project will have several outcomes, including published source code and data, published research papers in academic venues, and press articles about our findings through our journalist partners.

In the Fall 2025 semester, this project will focus on reproducing the results we obtained in one of our previous papers using the SPHERE IoT testbed (the SPHERE IoT testbed allows remote interaction with more than 100 IoT devices). Particular emphasis will be given in helping testing and evaluating the usefulness of the SPHERE IoT testbed as a research tool.

This research can be performed on site and/or remotely.

Prerequisites:

  1. Familiarity with the most important Internet and networking protocols and measurement tools (e.g., TLS, DNS, Wireshark/tshark, port scanning)
  2. Extensive programming experience (python recommended)
  3. Strong interest in cybersecurity, privacy, and IoT.

Contact information: Daniel Dubois (d.dubois@northeastern.edu)

Project “Robots”: AI Social Robots

Social robots powered by popular large language models (LLMs) models are increasingly available on the consumer market where they interact with users of all ages through natural language, facial recognition, and adaptive behaviors. These robots can provide companionship, assistance, and therapeutic support, but they also raise important questions about privacy, data collection, safety, and the ethical implications of human-robot interaction. Understanding how these robots process, store, and share user data—and whether they deliver on their advertised promises—is critical for ensuring they are deployed safely and responsibly.
This project builds prior work from the IoT lab team team investigating AI social robots available in the consumer market. The projects goals are to: evaluate whether these robots deliver upon their initial promises, understand what customizations have been made to their underlying LLMs, assess their vulnerability to known safety issues in LLMs, examine anthropomorphism and emotional attachment design patterns, and understand user experiences through customer review analysis. This includes investigating system prompts and guardrails through network traffic analysis and differential testing, replicating documented safety vulnerabilities, analyzing packaging and setup for dark patterns, examining API costs and data collection practices, and performing qualitative coding of customer reviews.
This project will have several outcomes, including published source code and data, published research papers in academic venues, and press articles about our findings through our journalist partners.
This research can be performed on site and/or remotely.

Prerequisites:

  1. Interest in at least one of the following areas: network traffic analysis, qualitative research methods, LLM safety and jailbreaking, or human-robot interaction
  2. Programming experience (python recommended)
  3. Strong interest in AI ethics, privacy, child safety, and human-computer interaction
  4. Willingness to learn new technical skills (the project can accommodate a range of skill levels, from network traffic analysis to qualitative coding).

Contact information: Sarah Gillespie (gillespie.s@northeastern.edu)