Instructions for Faculty Members

Students:

• Please note that this content is 'live' and will be updated on an on-going basis in the weeks prior to the start of the term.
• You can subscribe to this page in order to receive an email whenever the project listing page updates. Only logged in users have access to the “Manage Subscriptions” page tool. See https://www.dokuwiki.org/subscription
• The Table of Contents can be collapsed/expanded.

Note also that LURA/USRA deadlines also take place in the winter; you will want to be mindful of these if you are intending to apply for a summer subsidized project experience. Information about the LURA/USRA program can be found at this link.

[added 2025-11-08]

Course: {EECS4480}

Supervisor: Ruba Al Omari

Supervisor's email address: alomari@yorku.ca

Project Description: This project examines vulnerabilities in consumer robotics, using Amazon Astro as a case study. Autonomous household robots are becoming increasingly integrated into daily life, with Astro marketed as a personal assistant that interacts with cloud-based services and Alexa’s ecosystem. While Astro performs local tasks such as navigation, facial recognition, and spatial mapping, it relies heavily on Amazon’s cloud infrastructure, and by extension, external data sources accessed through Alexa’s services to process user commands, retrieve information, and deliver personalized responses.

This cloud dependence introduces potential security and privacy challenges. If external data or third-party integrations are manipulated, Astro could inadvertently relay or act upon inaccurate or deceptive information. For example, attackers might exploit data voids, gaps in online information ecosystems, to inject misleading content into services or APIs that Astro indirectly depends on. Such vulnerabilities carry heightened risks, as domestic robots operate within private living spaces and interact directly with household members.

The project will begin with a baseline assessment of Amazon Astro’s broader vulnerability landscape, examining how its sensors, cloud dependencies, and AI-driven decision modules interact and process data. This phase will identify potential weaknesses in data validation, network communication, and contextual inference that could predispose Astro to misinformation or manipulation. Findings from this stage will inform controlled data void experiments, establishing a clearer link between system-level vulnerabilities and information-based attack vectors.

Building on the findings, the project will explore how data voids can influence Astro’s behaviour and decision-making. Controlled experiments will simulate attacker-created data environments to test whether Astro or related cloud services can be misled by fabricated or adversarial content.

Required skills or prerequisites:

• Proficient in Python and in ML libraries (TensorFlow or PyTorch, scikit-learn)
• Good understanding of AI Systems (Reinforcement Learning is an asset)
• Completion of either EECS3214 or EECS4482
• Familiarity with experimental design and system testing

Instructions: Please email your CV and unofficial transcript to the supervisor. In your email, briefly explain how your coursework or experience aligns with the required skills.