Individual Projects and Labs

In addition to our periodically scheduled projects and labs (see right column), you can also participate in a number of individual and group projects or labs. Depending on your program of study, these can be credited either as a master project module or as a lab certificate for diploma students. Please contact us for details.

Available Topics


18.
default
Al-Momani, Ala'a
Detection of Covert Channels: A Systematic Survey & Analysis
Project (8 ECTS)
Institute of Distributed Systems, Ulm University,
2017
in preparation

Tags: PROJEKT

Abstract: The topic of covert channels is a current issue when it comes to security and privacy, and detecting them is therefore a challenging task. In this project, you will systematically survey and analyze this issue considering several aspects. In particular, you will start with the confinement problem and move toward attacks using covert channels while classifying them (conventionally, they are classified into timing and storgae channels. Is there another approach to classify them differently, e.g. layer 4 covert channel, layer 7 covert channel, etc.?). Thereafter, you will investigate and analyze recent methodologies in detecting and mitigating covert channels, while classifying them as well. In here, you will address the potential use of machine learning techniques in doing so. Throughout this survey, you will examine and analyze the effects not only on security, but also on privacy and data protection. An essential use case example would be Intel's SGX processor, which has been developed aiming at enhancing security and privacy of applications and data, respectively. Therefore, you will analyze possible attacks on this processor's architecture and usage, e.g. side-channel attacks. Depending on the findings, you will implement some proofs of concept, benchmark and compare related implementations (either attacks and/or detection/mitigation strategies). At the end of this suvey, you will address the challenges and open issues that future work need to address.

17.
default
Kleber, Stephan and Kargl, Frank
Automation of Analysis Result Quality Assessment
Bachelor's or Master's thesis, Project
Institut of Distributed Systems, Ulm University,
2017
in preparation

Tags: AA, BA, MA, PROJEKT, StephanKleber, FrankKargl, itsec, networks

Abstract: For an effective evaluation of multiple inference methods for network messages with a representative set of network protocol traces, automation is required. To accomplish this, the tasks of this thesis are tree-fold:1. Generate test-case specimens by preprocessing and filtering of selected network traces. An examples for a possible metric to be filtered for is high field-type variance.2. Evaluate the inference of the generated traces with the tools ReverX, Netzob, PRISMA, or even with an own implementation of known methods.3. For the automated assessment of the result quality for all evaluated inference methods, dissectors, like those of of scapy or Wireshark may be used for a quantifiable quality validation.The scope for the evaluation is limited to message type and format explicitly excluding the behavior model of the protocol.

16.
default
Matousek, Matthias
Neural Network Prototyping
Bachelor Thesis, Project
Institute of Distributed Systems, Ulm University,
2017
in preparation

Keywords: AA,

Tags: AA, BA, PROJEKT, MatthiasMatousek

Abstract: Machine learning with Neural Networks — especially Deep Learning — is currently booming. In order to test the potential of such algorithms for specific use cases, it is necessary to be able to quickly prototype and evaluate neural networks. In this thesis or project, the student shall compare different neural network frameworks, such as TensorFlow or Caffe, and implement an exemplary use case. Such a use case could be an anomaly detection mechanism for connected cars.

15.
default
Erb, Benjamin
Log Pruning in Distributed Event-Sourced Applications
Bachelor's thesis, Master's thesis or individual lab project
Institute of Distributed Systems,
2017
in preparation

Tags: PROJEKT, AA, BA, MA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: Event sourcing is an alternative persistence approach that maintains a log of state-changing events instead of altering states directly. While event sourcing allows for the reconstruction of previous application states, an unbounded log is difficult to maintain for many applications. Log pruning provides boundaries to the event logs and provide appropriate mechanisms to restrict the event log lengths while keeping the benefits of event sourcing still available for the most part.

14.
default
Erb, Benjamin
Pause/Shift/Resume in Chronograph
Bachelor's thesis or individual lab project
Institute of Distributed Systems,
2017
in preparation

Tags: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: Pause/Shift/Resume is a mechanism for doing iterative graph processing on an evolving graph using snapshots. Our Chronograph graph processing platform provides very similar functionalities based on an event-sourced graph model. In this work, the student is asked to incorporate the Pause/Shift/Resume mechanism into our platform. Therefore, the mechanism has to be adapted and adjusted to event-sourced graphs. Furthermore, an evaluation should highlight the runtime behavior of the approach in different workloads.

13.
default
Erb, Benjamin
Chronograph Applications for Controlling IoT Systems
Bachelor's thesis, Master's thesis or individual lab project
Institute of Distributed Systems,
2017
in preparation

Tags: PROJEKT, AA, BA, MA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: Chronograph is a distributed platform for processing dynamic graph scenarios. A potential application domain which should be evaluated as part of this work is the usage within IoT topologies, such as the local LoRaWAN network (LoRa / TTN Ulm).

12.
default
Engelmann, Felix
Blockchain Explorer
Projekt
Institute of Distributed Systems, Ulm University,
2017
in preparation

Tags: PROJEKT, FelixEngelmann

Abstract: In dem Projekt soll eine Webanwendung entstehen, die Daten aus einer Blockchain visualisiert und mit zusätzlichen Informationen aufbereitet. Für die bekannten Blockchains wie Bitcoin und Ethererum existieren Portale wie z.B. etherscan.io , die detaillierte Informationen über die jeweilige Blockchain anzeigen. Für den Einsatz in der Industrie sind diese öffentlichen Blockchains jedoch nicht zuverlässig genug. Deshalb betreut das SAMPL Projekt eine eigene Blockchain, die auf Ethereum aufbaut und speziell für Lizenzverwaltung ausgerichtet ist. Dafür soll nun ein Explorer entwickelt werden der den gleichen Komfort bietet wie die existierenden Plattformen. Die Rohdaten können per REST API bezogen werden, sollten dann aber für die Verwendung aufbereitet werden und in einer durchsuchbaren Datenbank abgelegt werden. Die UI sollte durch eine zeitgemäße Webseite geschehen. Testprojekte gibt es mit node.js und angular, jedoch ist verwendete Technologie egal, solange die Software zuverlässig im Produktivbetrieb eingesetzt werden kann.

11.
default
Mödinger, David
PriPlus: Userfriendly Privacy for a Blockchain Filestorage
Projekt
Institut für Verteilte Systeme,
2017
in preparation

Tags: PROJEKT, DavidMoedinger

Abstract: PriCloud ist ein Projekt mit dem Ziel einen Privatsphäre erhaltenden Cloudspeicher zu erhalten. Hierfür wird im Insitut an einem Prototypen in Python gearbeitet. Dieser bietet jedoch nur Konsolenzugriff auf die Subsysteme des Prototypen. Ziel des Projektes ist es ein fundiertes und geeignetes User Interface zu entwerfen und dieses praktisch zu erstellen.

10.
default
Mödinger, David
NetVision: Simple Visualization of Distributed Alogrithms
Projekt
Institut für Verteilte Systeme,
2017
in preparation

Tags: PROJEKT, DavidMoedinger

Abstract: In der Lehre steht man häufig vor der Herausforderung ein Problem geeignet zu visualisieren. Findet man eine geeignete Darstellung ist diese jedoch meist statisch, auf eine einzige Probleminstanz beschränkt und nicht interaktiv für die Studierenden. Ziel dieser Arbeit ist es ein Werkzeug zu erstellen um verteilte Algorithmen interaktiv zu visualisieren und so Studierenden die Möglichkeit zu geben damit zu experimentieren. Als erster Schritt muss hierfür ein Konzept erstellt werden (bestimmung geeigneter Einschränkungen für eine einfache Darstellung und Interaktion) sowie eine grafische Interaktion für die Modellierung des Algorithmus und des zu visualisierenden Netzes. Zuletzt gilt es diese Erkenntnisse in einer Applikation (Java, Web oder vergleichbares) umzusetzen. Der genaue Umfang des Projekts richtet sich nach den gewählten Leistungspunkten und im Konzept ermittelten Herausforderungen und Einschränkungen.

9.
default
Erb, Benjamin
Evaluation of Key/Value Stores for Event Sourcing
Bachelor's thesis or individual lab project
Institute of Distributed Systems,
2017
in preparation

Tags: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: Event sourcing is an alternative persistence approach that maintains a log of state-changing events instead of altering states directly. Event-sourced architectures require an event store for efficiently appending and retrieving log entries. In this project, an evaluation of different key/value stores and alternative (No)SQL stores is to be conducted in order to identify stores appropriate for event sourcing.

8.
default
Erb, Benjamin
Design and Implementation of a REPL Interface for a Distributed Graph Processing Platform
Bachelor thesis or individual lab project
Institute of Distributed Systems,
2017
in preparation

Tags: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed

7.
default
van der Heijden, Rens
Replicating data-centric detection results in VANETs
(Individual) Project
Institute of Distributed Systems, Ulm Univerisity,
2017
in preparation

Tags: PROJEKT, RensVanDerHeijden, networks, mobile, itsec

Abstract: Vehicular ad-hoc networks (VANETs) have many applications that rely on the same type of data that is directly related to traffic and sensor data available to a vehicle. These applications include traffic jam warnings, efficient navigation for drivers, and improved safety; all of them rely on the accuracy of the data stored in the vehicle. In the scientific literature, there is a multitude of mechanisms to determine this accuracy; however, existing work is often not comparable. In this project, the goal is to implement several such mechanisms in the Java-based Maat framework, which is a prototype detection framework designed to combine detection results. The purpose is twofold; verifying that existing work behaves as expected (i.e., reproducing results) and enabling the use of these mechanisms in future studies.

6.
default
Erb, Benjamin
Secondary Index Structures on Event-sourced Graphs
Bachelor's thesis or individual lab project
Institute of Distributed Systems,
2017
in preparation

Tags: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: As part of an ongoing research project at our institute, we are currently developing a novel distributed computing platform prototype. The systems provides a graph-based, asynchronous programming model and takes advantage of event sourcing for history-aware computations. The aim of this student work is the identification and evaluation of appropriate secondary index structures, in order to provide fast access onto specific notes of the graph topology. Also, a prototypical implementation is part of this work.

5.
default
Kleber, Stephan and Kargl, Frank
Evaluation and Enhancement of the Dynamic Network Traffic Analysis Framework ''ReFuzz''
Bachelor's thesis
Institute of Distributed Systems, Ulm University,
2017
in preparation

Tags: AA, BA, PROJEKT, StephanKleber, FrankKargl, itsec, networks

Abstract: A previous project implemented the dynamic network traffic analysis framework "ReFuzz". It allows to analyze unknown network protocols without having access to a endpoint implementation. For this framework, first, an evaluation of efficacy and efficiency of the method shall be performed for the use case of protocol reverse engineering. Therefore, suitable protocol specimens should be selected and metrics for the evaluation created from them. Measurements shall show the utility of ReFuzz for the use case of protocol reverse engineering in general.

4.
default
Kopp, Henning and van der Heijden, Rens
Design und Implementierung einer verschlüsselten Mailinglistensoftware
Projekt
Institute of Distributed Systems, Ulm University,
2016
in preparation

Tags: PROJEKT

Abstract: Normalerweise werden E-Mails unverschlüsselt über das Internet versendet. Technisch ist es jedoch möglich diese mit dem Schlüssel des Empfängers zu verschlüsseln, damit dritte Parteien die Inhalte nicht lesen können. Bei Mailinglisten stellt dies jedoch ein Problem dar, da der Sender die jeweiligen Empfänger nicht kennt Eine Möglichkeit ist ein Gruppenschlüssel, der von den Abonnenten der Mailingliste geteilt wird. Dabei ist jedoch das Schlüsselmanagement beim Hinzufügen und Entfernen von Abonnenten komplex. Eine andere Möglichkeit ist die sogenannte Proxy Re-encryption. Dies sind besondere Verschlüsselungen bei denen der Abonnent mit seinem Schlüssel dem Mailinglistenserver dazu ermächtigen kann, einkommende verschlüsselte Mails für ihn neu zu verschlüsseln, ohne dass der Mailinglistenserver Zugriff auf den Inhalt hat. Diese Projekt umfasst die Einarbeitung in solche Schemes, ebenso wie das Design und die Implementierung einer solchen verschlüsselten Mailinglistensoftware.

3.
default
Habiger, Gerhard
Implementation of asynchronous request handling in BFT SMaRt
Institute of Distributed Systems,
2016
in preparation

Tags: PROJEKT, GerhardHabiger

Abstract: Current research efforts of our institute include a project on deterministic scheduling of multithreaded applications for State Machine Replication (SMR) systems with Byzantine Fault Tolerance (BFT). One part of this project aims to integrate our own work on deterministic scheduling with the BFT SMaRt library. Currently, BFT SMaRt only supports synchronous request-response patterns, whereas our planned SMR platform needs these patterns to be asynchronous. The goals of this project are (i) to analyze the existing BFT SMaRt codebase, (ii) to implement the necessary interfaces for asynchronous request handling and (iii) to integrate these changes into the existing BFT SMaRt libraries.

2.
default
Kopp, Henning
Attacks on Cryptocurrencies using Proof of Stake
Individual lab project
Institute of Distributed Systems,
2016
in preparation

Tags: PROJEKT, HenningKopp, FrankKargl, itsec, misc

Abstract: Over the last years, cryptocurrencies like Bitcoin gained widespread popularity. These are digital peer-to-peer payment systems without any central authority. Since Bitcoin uses a resource-intensive process called Proof of Work to secure the network, it was often criticized as being a waste of energy. Lightweight alternatives like Proof of Stake emerged, which will be the focus of this project. Proof of Stake has never been formally proven to be secure and there exist numerous attacks which are theoretically feasible but have not been seen in the wild. The goal of this individual project is • to modify the source code of the Proof of Stake currency Peercoin to be able to set up a local network. • to simulate the Nothing at Stake and/or Costless simulation attack and provide accurate measurements of its efficiency. • provide hints why the Nothing at Stake and/or Costless simulation attack has not been seen in the wild.

1.
default
Erb, Benjamin
Interactive exploration of event-sourced graphs
Master's thesis, Diploma thesis, or Project (8 or 16 ECTS)
Institute of Distributed Systems,
2016
in preparation

Tags: AA, MA, DA, PROJEKT, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: The chronograph platform is a system for computing on evolving graphs. One module of the platform should provide an interactive user interface for exploring the history, evolution, and topology of the graph. The goal of this project is the design and implementation of a scalable, web-based user interface for the exploration of chronograph data.

Periodic Master Projects

Multimedia- und Internetsysteme i.E.
3Pj, 12LP, project seminar, each term
Praxisseminar IT-Sicherheit 
2S, 6LP, lecture, each summer term
Rechnernetze und IT-Sicherheit
3Pj+3Pj, 6+10 LP, project, starts winter term
Multimedia- und Internetsysteme
4P, 8LP, lab, each term