Theses

On this page you can find information about on-going and completed Theses. Where possible, a download link is provided. Note that because many of our topics are issued in German, some of the descriptions on this page are also German only.

On-going Theses


9.
default
Diebold, Johannes
Angriffe auf Cooperative adaptive cruise control (CACC)
Bachelorarbeit
Institute of Distributed Systems, Ulm Univerisity,
2017
to be published

Tags: AA, BA, RensVanDerHeijden, mobile, networks, itsec

8.
default
Matousek, Matthias and Lang, Dominik
OBD Data-Logger for Driving Behaviour Analysis
Project
Institute of Distributed Systems, Ulm University,
2017
to be published

Tags: MatthiasMatousek, DominikLang, PROJEKT, AA

Abstract: Analysis of driving behaviour presents opportunities for security, but comes with implications for privacy. In order to conduct research in this field, driving data is required. The goal of this project is to implement tools that log driving data from a vehicle's OBD port. Further, a framework for data analysis — e.g. via machine learning mechanisms — should be provided.

7.
default
Matousek, Matthias
Comparison of Homomorphic Encryption Scheme Implementations
Master Thesis, Project
Institute of Distributed Systems, Ulm University,
2017
to be published

Tags: AA, MA, PROJEKT, MatthiasMatousek

Abstract: Homomorphic Encryption (HE) -- the "holy grail" of cryptography -- allows computation on encrypted data without knowledge of the encryption keys. While it has been shown that both partially (only limited operations) as well as fully homomorphic crypto-systems (unlimited, arbitrary operations) are possible, they still come with substantial computation complexity and storage requirements. Goal of this work is to survey and compare HE scheme implementations. Properties of interest are their capabilities (partially vs. fully homomorphic), performance (speed and storage), as well as their favourable applications. The applicant should be familiar with IT security concepts (lecture "Security of IT-Systems") and cryptography (lecture "Kryptologie - Methoden und Algorithmen" and optimally "Privacy Engineering and Privacy Enhancing Technologies - PET"). They should further be interested in the application of different programming languages (such as C++, Python, Haskell, Java, and others). While no expert knowledge of programming languages is required, HE schemes are implemented in different languages, and thus, the willingness to explore these should be present. This topic is suitable for a Master thesis, or as a Master project.

6.
default
Martel, Alexander
Vergleich Statistischer Informationsverteilung in Peer-to-Peer Netzen
Bachelorarbeit
Institut für Verteilte Systeme, Universität Ulm,
2017
to be published

Tags: AA, BA, DavidMoedinger, networks, distributed, privacy, p2p

Abstract: With classical broadcast mechanism, a source detection algorithm is fairly successful. There exist proposals to break the symmetry and make source detection hard. In this thesis, two of those proposals, adaptive diffusion and dandelion, should be implemented in a simulator and evaluated for interesting characteristics in realistic networks.

5.
default
Schmidt, Sergej
Automatic and Architecture-Agnostic Message Format Extraction
Master's thesis
Institute of Distributed Systems, Ulm University,
2017
to be published

Tags: AA, MA, StephanKleber, FrankKargl, itsec

4.
default
Lüthi, Christian
Secure Reset: Transforming a Comprised System into a Secure State
Master's thesis or Diploma thesis
Institute of Distributed Systems, Ulm University,
2017
to be published

Tags: AA, MA, DominikLang

Abstract: Modern vehicles contain up to 100 ECUs (Electronic Control Units). These are interconnected via an on-board network and together form a complex computer system on wheels. Vehicles now also include various wireless communication systems, such as WiFi for infotainment, Bluetooth for TPMS (Tire Pressure Monitoring System), and cellular communication for backend services. It has been shown that it is possible to gain access to the internal network and compromise ECUs, for example by flashing the ECUs to add backdoors. Consequently, it is necessary to create methods for a secure bootstrapping process that resets all ECUs of a vehicle to a secure state after a compromise has been detected. With this scenario in mind, the goal of this Master's thesis is to create an architecture and respective strategies that allow for an over-the-air secure bootstrapping process. This process should be based on a security module, such as can been found in modern ARM processors. In addition, the student should create and evaluate a prototype implementation.

3.
default
Diemer, Florian
Improving position verification in VANETs
Bachelor Thesis
Institute of Distributed Systems, Ulm Univerisity,
2017
to be published

Tags: AA, BA, RensVanDerHeijden, networks, mobile, itsec

Abstract: One important use case for vehicular ad-hoc networks is to improve safety by giving vehicles communication capabilities, allowing them to respond to dangers earlier than autonomously operating vehicles, which must rely on their sensors alone. However, it is possible that vehicles transmit incorrect positions into the network. In this work, the goal is to detect such incorrect positions. This involves several steps; designing an attacker model, developing or implementing detection approaches, and evaluating the result. The implementation work will be in Java, within the Maat framework, a prototype detection framework under development at the institute of distributed systems.

2.
default
Nieß, Tobias
DoS Attacks on Congestion Control Algorithms
Bachelorarbeit
Institut für Verteilte Systeme, Uni Ulm,
2016
to be published

Tags: AA, BA, ThomasLukaseder, itsec, networks

Abstract: Current TCP congestion control algorithms have many drawbacks, especially the introduction of new high-speed and low-delay congestion control variants is impaired by the aggressiveness of the existing variants. In context of a research project by the state of Baden-Württemberg, a new system for the coexistence of different congestion control mechanisms is currently in development. As this new system strongly depends on conform/honest behavior of network subscribers, DoS attacks paralyzing the network might be possible. This thesis shall evaluate possible attack vectors and methods to detect and mitigate or prevent successful attacks.

1.
default
Schwerin, Sven
Identifikation optimaler Einsatzbereiche der Einigungsalgorithmen Paxos und Vertical Paxos
Masterarbeit
Institut für Verteilte Systeme, Universität Ulm,
2014
to be published

Keywords: Paxos, State Machine Replication, Group Communication, Primary Backup

Tags: DA, MA, AA, ChristianSpann, FranzHauck

Abstract: Die beiden Einigungsalgorithmen Paxos und dessen Erweiterung Vertical Paxos sind strukturell grundverschieden. Das daraus resultierende, vermutlich sehr unterschiedliche Verhalten soll in dieser Arbeit in geeigneten Evaluationen untersucht und beschrieben werden. Der Unterschied der Verfahren ergibt sich in der Verteilung des Aufwands zur Fehlererholung. In Paxos kann jeder Knoten selbst direkt mit Fehlern umgehen, in Vertical Paxos gibt es einen externen Knoten, der das System überwacht.

Completed Theses


2017

76.
default
Hess, Alexander
Feature Extraction by Natural Language Processing for Type-based Alignment
Bachelor's thesis
Institute of Distributed Systems, Ulm University,
November 2017

Tags: AA, BA, StephanKleber, FrankKargl, itsec, networks

Abstract: The field of research of protocol reverse-engineering has gained increasing popularity in the recent years. Several papers proposing automatic protocol reverse-engineering tools for inferring the message formats of unknown network protocols operating on captured network traces were published in the past years. While some of these tools rely on field distinguisher tokens for approximating field boundaries with sequences of tokens, which can be used for inferring the message formats, others have adopted natural language processing methods for the identification of protocol keywords, which can be used to group similar messages together and use a sequence alignment algorithm to retrieve the message formats. The major limitation of these existing approaches is their computational efficiency. Therefore this thesis proposes an implementation which combines the ideas of two existing approaches and introduces some additional functionality in order to address these performance issues.

75.
default
Speidel, Philipp
Anonymity in Peer-to-Peer Storage Systems
Masterarbeit
Institut für Verteilte Systeme, Universität Ulm,
May 2017

Tags: AA, MA, DavidMoedinger, networks, p2p

74.
default
Jäger, Tobias
Design and Implementation of an Web-based API and Interactive Dashboard
Bachelorarbeit VS-B07-2017
Institut für Verteilte Systeme, Universität Ulm,
May 2017

Tags: BA, AA, BenjaminErb, sidgraph

73.
default
Gassner, Manuel
Recording and analysing attacks on Industrial Control Systems
Bachelorarbeit
Institute of Distributed Systems, Ulm University,
March 2017

Tags: AA, BA, RensVanDerHeijden, StephanKleber, FrankKargl, itsec, networks, tss

Abstract: Die Arbeit wird in Kooperation mit Daimler TSS durchgeführt.

72.
default
Ogger, Ferdinand
Asynchrones latentes Snapshotting von dynamischen event-sourced Systemen
Bachelorarbeit VS-B05-2017
Institut für Verteilte Systeme, Universität Ulm,
March 2017

Tags: BA, AA, BenjaminErb, sidgraph

2016

71.
default
Nölscher, Henrik Ferdinand
Automatisiertes PCB Reverse Engineering
Bachelorarbeit
Institut für Verteilte Systeme, Universität Ulm,
November 2016

Tags: AA, BA, StephanKleber, FrankKargl, itsec

Abstract: Die Arbeit wird in Kooperation mit Code White durchgeführt.

70.
default
Keazor, Christopher
World-Modeling in Cooperative Intelligent Transport Systems
Diplomarbeit
Institute of Distributed Systems, Ulm Univerisity,
November 2016

Tags: AA, DA, RensVanDerHeijden, mobile, distributed

69.
default
Hauser, Lukas
A Persistence Layer for Distributed Event-Sourced Architectures
Masterarbeit VS-M09-2016
Institut für Verteilte Systeme, Universität Ulm,
August 2016

Tags: MA, AA, BenjaminErb, sidgraph

Abstract: Due to the increasingly large amount of data which is collected and processed each day, enabling fast, reliable, and scalable distributed computing on very large datasets has become more important than ever. Unfortunately, distributed computation on large inhomogeneous datasets is still time-consuming and it is very difficult to make evaluations and predictions. To address these issues, event sourcing and graph computing are relevant topics. While event sourcing provides techniques to save data in a particular way, which enables evaluations and makes predictions possible, graph computing provides a way to distribute the computation on large datasets. Although there is a conceptual idea which addresses these issues, no practical experience how such a concept can be implemented in case of persistence and communication is available. As a result, a prototype system to measure and evaluate different persistence and communication implementations for distributed event-sourced architectures using event sourcing and graph computing needs to be created. Such a system can be used to find a way how to persist and work on large distributed inhomogeneous datasets efficiently.

68.
default
Alev, Celebi
Performance Engineering in verteilten, polyglotten Berechnungsplattformen
Masterarbeit VS-M08-2016
Institut für Verteilte Systeme, Universität Ulm,
June 2016

Tags: AA, BA, MA, PROJEKT, BenjaminErb, FrankKargl, sidgraph, distributed

67.
default
Moll, Markus
Survey von Physically-Unclonable-Functions- (PUF) Anwendungsszenarien
Bachelorarbeit
Institut für Verteilte Systeme, Universität Ulm,
June 2016

Tags: AA, BA, StephanKleber, FrankKargl, itsec

Abstract: Sicherheit in IT-Systemen vor allem im Bereich von verteilten Systemen wird immer wichtiger. Jedoch sind Softwarelösungen für diesen Zweck nicht als Sicher einzustufen. Der relativ leichte Zugang zu der Hardware von solchen Systemen stellt dabei das größte Problem dar, Damit kann die Software umgangen werden. Somit sind Sicherheitslösungen über Hardwarekomponenten nötig. Eine solche Komponente stellt die Physical Unclonabel Functions(PUF) dar. In dieser Arbeit werden mögliche Anwendungsszenarien vorgestellt in denen diese zum Einsatz kommen können. Die Einsatzgebiete sind die Bereiche Authentifizierung und Identifizierung, Verwaltung von geheimen Schlüsseln und Kryptographische Primitive An Hand der vorgestellten Szenarien werden dann Kriterien aufgestellt mit denen beurteilt werden kann wann und ob eine PUF eingesetzt werden kann.

66.
default
van der Heijden, Rens and Kargl, Frank
Subjective Logic Operators for Fusion of Misbehavior Detection Mechanisms
Bachelor Thesis
Institute of Distributed Systems, Ulm Univerisity,
May 2016

Tags: BA, AA, RensVanDerHeijden, mobile, itsec

65.
default
Wagner, Denis
Vergleich und Evaluierung von Time Series Databases
Bachelorarbeit VS-B07-2016
Institut für Verteilte Systeme, Universität Ulm,
May 2016

Tags: AA, MA, DA, BA, BenjaminErb, sidgraph, distributed, cloud

64.
default
Müller, Michael
Enabling Retroactive Computing Through Event Sourcing
Masterarbeit VS-M01-2016
Institut für Verteilte Systeme, Universität Ulm,
April 2016

Tags: BA, AA, MA, DA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: Event sourcing is a style of software architecture wherein state altering operations to an application are captured as immutable events. Each event is appended to an event log, with the current state of a system derived from this series of events. This thesis addresses the utilization of retroactive capabilities in event-sourced systems: computing alternate application states, post hoc bug fixes, or the support of algorithms which have access to their own history, for example. The possibility of retroactively accessing and modifying this event log is a potential capability of an event-sourced system, but a detailed exploration how these operations can be facilitated and supported has not yet been conducted. We examine how retroaction can be applied to event-sourced systems and discuss conceptual considerations. Furthermore, we demonstrate how different architectures can be used to provide retroaction and describe the prototypical implementation of an appropriate programming model. These findings are applied in the Chronograph research project, in order to utilize potential temporal aspects of this platform.

63.
default
Maile, Lisa
Processes for Network Protocol Analyses
Bachelorarbeit
Institut für Verteilte Systeme, Universität Ulm,
January 2016

Tags: AA, BA, StephanKleber, FrankKargl, itsec, networks

Abstract: For every communication between two or more participants in distributed systems or networks, protocols are needed in order to agree upon the way the communication messages are interpreted. Unfortunately, many protocols are unknown to the public because of missing or unavailable specifications. To understand the functionality of these protocols and, eventually, their message content, these unknown protocols need to be reversed engineered. At present, network protocol reverse engineering is performed mostly manually with the expertise and intuition of the engineer, insofar as there are no completely automated methods yet. If analyzed by hand, the most difficulties are faced when comparing protocols with variable field lengths, since the protocol’s structure is blurred and patterns cannot be detected easily. Furthermore, complex state machines are hardly manageable without the support of automated tools. The value gained from protocol analyses research ranges from general understanding of the protocol to security issues, such as the creation of specific firewall rules or by helping intrusion detection systems to identify the behavior of malware. This bachelor thesis analyzes static protocol analyses and describes every stage passed from capturing unknown protocols to the deduction of protocol message formats and the state machine. It thereby presents currently existing automatic approaches for each stage and the benefits compared to a purely manual task. Finally, it evaluates the current processes, emphasizes limitations and proposes improvement suggestions for the future.

62.
default
Cepcik, Stefan
Update Strategie für IoT-Geräte auf Basis der Windows 10 IoT Core Plattform im Kontext von Industrie 4.0
Masterarbeit
Institut für Verteilte Systeme, Universität Ulm,
2016

Tags: AA, MA, DominikLang

61.
default
Schimmele, Benjamin
Implementation of a Pre-Filter for Network Intrusion Detection Systems
Diplomarbeit
Institut für Verteilte Systeme, Uni Ulm,
2016

Tags: AA, DA, ThomasLukaseder

60.
default
Forst, Christian
Erstellung eines dynamischen Testdatensets zur Sicherheitsanalyse
Masterarbeit
Institut für Verteilte Systeme, Uni Ulm,
2016

Tags: AA, MA, ThomasLukaseder

59.
default
Waldenmaier, Tobias
Privacy-Preserving Geofencing
Master's Thesis
Institute of Distributed Systems, Ulm University,
2016

Tags: AA, MA, MatthiasMatousek, privacy

Abstract: With geofencing, car holders can get notified when their vehicle leaves a predetermined area. This feature can be used by companies to keep tabs on their company vehicles, or by private individuals to gain higher security. However, when the vehicle manufacturer or a third-party provider is hosting the geofencing service, he also needs access to the vehicle location. This also means that the provider can derive movement profiles of the vehicle's drivers. So-called searchable encryption has the potential to enable geofencing without the need for the provider to know the exact vehicle locations. The goal of this thesis is to develop and evaluate a proof-of-concept that provides geofencing while preserving the drivers' privacy. Thus, several searchable encryption schemes should be compared and assessed for their applicability to this task. At least one of the schemes should be implemented and the resulting prototype evaluated regarding its adequacy and efficiency.

58.
default
Kneer, Daniel
Simulation of Backend-Based Misbehaviour Detection for Connected Cars
Master's Thesis
Institute of Distributed Systems, Ulm University,
2016

Tags: AA, MA, MatthiasMatousek, itsec

57.
default
Hunt, Alexander
Erkennung und Abwehr von DoS-Attacken mit Hilfe von Software Defined Networking
Bachelorarbeit
Institut für Verteilte Systeme, Uni Ulm,
2016

Tags: AA, BA, ThomasLukaseder

56.
default
Strobel, Manuel
Untersuchung der Sicherheit von Eduroam (IEEE 802.1X)
Bachelorarbeit
Institut für Verteilte Systeme, Uni Ulm,
2016

Tags: AA, BA, ThomasLukaseder, networks, itsec

Abstract: Das Absichern von kabellosen Netzwerken stellt die Informatik schon seit langem vor große Herausforderungen. Viele Firmen entscheiden sich noch heute dafür nur kabelgebundene Internetverbindungen in ihren Netzwerken zu erlauben um so Angriffe zu erschweren. Der IEEE Standard 802.1X, der zum Beispiel bei Eduroam Anwendung findet, gilt als einer der sichersten Möglichkeiten kabellose Netzwerke gegen Angriffe abzusichern. Doch auch für Implementierungen dieses Standards sind Attacken bekannt. Smartphones mit dem Android Betriebssystem etwa verwenden in der Standardeinstellung kein Zertifikat zur Überprüfung der Validität des Access Points, was Man-in-the-Middle-Attacken ermöglichen kann. Auch Denial of Service Angriffszenarien sind bekannt. Ziel dieser Arbeit soll sein, eine Übersicht dieser Attacken zu erstellen, Proof of Concept Angriffe zu implementieren und zu testen wie anfällig aktuelle Implementierungen des Standards gegenüber Angriffen sind.

2015

55.
default
Habiger, Gerhard
Distributed Versioning and Snapshot Mechanisms on Event-Sourced Graphs
Masterarbeit VS-M13-2015
Institut für Verteilte Systeme, Universität Ulm,
October 2015

Tags: BA, AA, MA, DA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: Two interesting approaches to tackle many of today's problems in large scale data processing and live query resolution on big graph datasets have emerged in recent years. Firstly, after Google's presentation of its graph computing platform Pregel in 2010, an influx of more or less similar platforms could be observed. These platforms all share the goal of providing highly performant data mining and analysis capabilities to users, enabling a wide variety of today's technologies like ranking web pages in the the web graph of the WWW or analysing user interactions in social networks. Secondly, the old concept of message logging for failure recovery was rediscovered and combined with event based computing in the early 2000s and is now known as event sourcing. This approach to system design keeps persistent logs of every single change of all entities in a computation, providing highly interesting options like state restoration by replaying old events, retroactive event modifications, phenomenal debugging capabilities and many more. A recently published paper suggests the merging of those two approaches to create a hybrid event-sourced graph computing platform. This platform would show unique characteristics compared to other known solutions. For example, computations on temporal data can yield information about the evolution of a graph and not only its current state. Furthermore, for backups or to enable offline analysis on large compute clusters, snapshot extraction – i.e. reproducing any consistent global state the graph has ever been in – from the event logs produced by event-sourced graph computations is possible. This thesis provides one of the first major works related to this proposed hybrid platform and provides background knowledge related to these aforementioned topics. It presents a thorough overview over the current state-of-the-art in graph computing platforms and causality tracking in distributed systems and finally develops an efficient mechanism for extracting arbitrary, consistent global snapshots from a distributed event log produced by an event-sourced graph computation.

54.
default
Meißner, Dominik
Designing a Disaster Area Network for First Responders in Disastrous and Emergency Scenarios
Bachelorarbeit VS-B18-2015
Institut für Verteilte Systeme, Universität Ulm,
October 2015

Tags: BA, AA, MA, DA, BenjaminErb, RensVanderHeijden, FrankKargl, distributed

Abstract: Man-made disasters, earthquakes, floods, and other natural disasters come with a great number of casualties, which have to be treated as quickly as possible by emergency services to minimize fatalities. Due to the large number of casualties and aid workers, it is difficult to maintain an accurate overview of the situation. To improve the clarity of the situation, a comprehensive support system can be used for the forces on-site, which supports them in information gathering and distribution to all involved parties. Previous work has failed to implement independency of public infrastructure (e.g. power grid, cellular network) or suffer data loss due to single node failures. To solve this problem, we propose a fault-tolerant design that fully distributes information to all devices in a mobile ad hoc network, while allowing offline work outside of it. We present a proof-of-concept prototype for the proposed design and show that its data distribution component behaves as designed using a series of trials. To the best of our knowledge, there is currently no DAN system that uses multi master replication to fully distribute data, where every node has an individual copy of every piece of information.

53.
default
Koenig, Sonja
An Evaluation of Distributed Approaches to Large-Scale Graph Computing
Bachelorarbeit VS-B09-2015
Institut für Verteilte Systeme, Universität Ulm,
October 2015

Tags: BA, AA, MA, DA, BenjaminErb, FrankKargl, sidgraph, distributed

Abstract: This thesis takes a look at several considerations for developers and users of distributed graph computing platforms. Two popular computing platforms, Apache Giraph on Hadoop and the GraphX library in Apache Spark, are analyzed and tested through a benchmarking process. We examine a basic PageRank and ConnectedComponents algorithm for a variety of input graphs and cluster sizes. We hereby discover how immensely different parameters of distributed graph computations, such as graph sizes and topology properties, impact the execution time. Concluding, we carve out the application fields, for which both platforms are practical and where trade-offs have to be made.

52.
default
Bradatsch, Leonard
Verhalten von TCP-Varianten in Hochgeschwindigkeitsnetzwerken
Bachelorarbeit VS-B08-2015
Institut für Verteilte Systeme, Universität Ulm,
September 2015

Tags: AA, BA, ThomasLukaseder, BenjaminErb, networks

Export as: BibTeX, XML