Individualprojekte

Neben unseren regelmäßig stattfindenden Projektveranstaltungen (siehe rechte Spalte) bieten wir zusätzlich eine Reihe von individuellen Einzel- und Gruppenthemen für Projekte an. Diese können je nach Prüfungsordnung als Teil des Projektmoduls im Master eingebracht werden. Beachten Sie, dass in der Liste auch Arbeiten vorkommen, die sowohl als Abschluss- als auch als Projektarbeit ausgeschrieben wurden. Der Schwierigkeitsgrad und Umfang wird dann jeweils nach der Art der Arbeit angepasst.

„A Tool Support for Privacy Threat Modelling,“ Masterarbeit, Bachelorarbeit, Projektarbeit, A. Al-Momani (Betreuung), F. Kargl (Prüfer), Inst. of. Distr. Sys., Ulm Univ., 2020 – Verfügbar.
Privacy engineering and particularly privacy threat modelling have gained a lot of attention in the recent years. Many methodologies have been proposed to model privacy threats. An example of such methods is the widely used LINDDUN method. As some recent (ISO/IEC) standards and regulations (e.g., GDPR) require handling risks associated with the elicited threats, we combined the LINDDUN method with a privacy risk rating method forming a holistic method that takes the system model as input and outputs a list of privacy risks. Your task in this project/thesis work is to implement a tool to support the the deployment of our developed method. Related work to such a tool is the commonly used Microsoft threat modelling tool which is used for security. Another very related example that is considered an extension to the MS tool is the TMTe4PT tool. There are no restrictions on the technologies or languages used in the implementation as long as it achieves the required features similarly to, e.g., TMTe4PT. This project can also be extended to a thesis by including research questions related to the countermeasure selection process.
„Applications for the LoRaPark Ulm,“ Projektarbeit, F. Kargl and B. Erb (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Verfügbar.
„Entwicklung einer web-basierten Anwendung für die Konfiguration von IoT-Komponenten,“ Projektarbeit, A. Heß (Betreuung), F. J. Hauck (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Verfügbar.
Das SORRIR Forschungsprojekt befasst sich mit der Entwicklung eines Frameworks für resiliente IoT-Systeme. Ein Aspekt dieses Frameworks ist ein Degradierungsmechanismus, welcher den Betriebsmodus einer IoT-Komponente automatisch anpasst, falls es zu Ausfällen von angebundenen (Teil-)Komponenten kommt. Damit soll sichergestellt werden, dass einzelne Komponenten weiterhin arbeiten, wenn auch mit reduzierter Funktionalität. In dieser Projektarbeit soll eine web-basierte Anwendung entwickelt werden, welche die Konfiguration dieses Mechanismus mittels Drag & Drop Elementen erleichtert und damit eine leichte Programmierung des Verhaltens einer IoT-Komponente ermöglicht. Gerne können hier eigene Ideen zur Umsetzung eingebracht werden. Aus der graphischen Konfiguration sollen Dateien generiert werden, die das SORRIR-Framework zur Laufzeit verwenden kann.
„Generating synthetic data using MABS,“ Bachelorarbeit, Projektarbeit, M. Wolf (Betreuung), Inst. of Distr. Sys., Ulm Univ., 2020 – Verfügbar.
PaySim, a Mobile Money Payment Simulator simulates money transactions between users based on Multi Agent Based Simulation (MABS). It also generates data that can be used to test algorithms which should detect suspicious activities or fraud. This generated data is based on real financial data, which cannot be published for security reasons. In order to use or train the detection algorithms on real data, the synthetic information should be as similar as possible to the real one but not exactly the same. In this project or thesis, you should read the work of A. Elmir and E. Lopez-Rojas (PaySim), as well as the theory of MABS. Then you should implement a similar program to PaySim, which has certain data as input and should output generated synthetic data which fulfills the above requirement. As a test, you have to use the VeReMi Dataset where detection algorithms and results already exist. Then, the tool will be used on CAN messages.
„Login and user mangement for Angular and Shibboleth,“ Bachelorarbeit, Projektarbeit, F. J. Hauck (Betreuung), F. J. Hauck (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Verfügbar.
Angular is a web framework for single-page application, i.e., most business logic resides in the browser not on the server. The server is contact by a REST interface, mainly used to get direct access to the application data. Shibboleth is an authentication technology used also by KIZ to authenticate and authorise web access. In this work, a simple demo application has to be developed together with a concept for authenticating users and authorisation of their application-logic and REST-based data accesses. Ideally the concept is some sort of library including guidelines, and is tested against the KIZ identity provider. This work includes some basic user management in the application to recognise already known users and attach preferences etc. to it. Challenges are user-authentication expiry during user sessions and version updates in the backend server during the life time of the single-page application.
„Yahoo Cloud Storage Benchmark for State-Machine Replication,“ Projektarbeit, G. Habiger (Betreuung), F. J. Hauck (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Verfügbar.
The YCSB is an open source benchmarking specification and framework for evaluating the performance of database-like software. Since its release in 2010, it has evolved into a de facto stan-dard for benchmarking commercial products like Redis, HBase, Cassandra and many others. Not only in the industry, but also in the scientific community, many researchers are using the YCSB to evaluate and compare their scientific findings and software artifacts against other published solutions. This project should create a YCSB Client implementation and workloads for benchmarking our platform for replicated state-machines built within our institute in the recent years. State-machine replication is a technique for providing high levels of fault-tolerance. In research projects we extended the existing BFT-SMaRt framework for our use. In the future we would like to use the results of this project to evaluate performance changes when extending the framework further. Students with previous knowledge in these areas are preferred, but the necessary skills can also be acquired during the project. At the end of the project, a thorough comparison of the newly YCSB-enabled software artifacts should be conducted.
„Zero Trust SFC enabled HTTP based Multi Factor Authentication,“ Projektarbeit, L. Bradatsch (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2020 – Verfügbar.
Since Google introduced their BeyondCorp project, Zero Trust (ZT) is one of the most popular buzzwords in the area of network security. In a ZT network, Policy Enforcement Point (PEP) and Policy Decision Point (PDP) are responsible for central authentication and authorization (Auth*). Both mentioned components and conventional security functions such as firewalls work largely independently of each other when it comes to processing packets. This leads to inefficient scenarios in which all packets are processed by time- consuming security functions. By coupling the conventional security functions to the PEP/PDP, higher efficiency in security-relevant packet processing can be achieved. This can be achieved by leveraging the Service Function Chaining (SFC) approach. SFC allows the dynamic chaining of conventional network service functions such as HTTP header enricher or firewalls. For each network flow can be decided what service function should be applied to all the flow's packets. The PEP/PDP in a ZT network acts then as the orchestrator, decides about the functions that should be chained together. By doing this, it can be efficiently decided which function should be applied. The goal of the project is to implement one of the thus orchestrated security service functions namely a Multi Factor Authenticator (MFA) that is embedded in a already existing Zero Trust SFC prototype. The MFA must be HTTP based and written in Go. Requirements: Good knowledge of Go and security protocols).
„Using Machine Learning for Misbehavior Detection in CACC,“ M. Wolf (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2019 – Verfügbar.
Modern vehicles will use communication to increase the safety of its passengers, reduce fuel consumption, travel time, and more. The communication between the vehicles will be mainly beacon messages containing the speed, position, acceleration and other properties. These messages need to be validated, if they contain correct (plausible) information. For example, when a vehicle is suddenly stopping, but sending an increase in speed, the following vehicles may crash into the misbehaving vehicle. In literature, there is already existing work on detecting misbehavior in the data with different techniques such as subjective logic or machine learning. In this project, we will analyze the VeReMi data-set with the help of different machine learning algorithms. The number of algorithms compared is depending on the scope (credits). The student can choose the framework, e.g. PyTorch.
„Machine Learning on Encrypted Data,“ Bachelor Thesis, Master Thesis, Projektarbeit, M. Matousek (Betreuung), F. Kargl (Prüfer), Inst. of Distr. Sys., Ulm Univ., 2018 – Verfügbar.
Encryption is one of the most reliable techniques for protecting information. However, once data is encrypted, using it becomes very difficult. Goal of this thesis or project, is to explore how Machine Learning algorithms can be designed to be able to deal with encrypted data. Firstly, a survey of existing mechanisms should be conducted. In a second part, algorithms will be comparatively implemented, or own encryption mechanisms introduced.

Reguläre Projekte im Master

Rechnernetze und IT-Sicherheit I und II
4Pj, 8LP, jedes Semester

Verteilte Anwendungen, Plattformen und Systeme I und II
3Pj, 8LP, jedes Semester

Kontakt

Sekretariat

Marion Köhler
Claudia Kastner
Emailaddresse Sekretariat
Telefon: +49 731 50-24140
Telefax: +49 731 50-24142

Postanschrift

Institut für Verteilte Systeme
Universität Ulm
Albert-Einstein-Allee 11
89081 Ulm

Besucheranschrift

James-Franck-Ring
Gebäude O27, Raum 349
89081 Ulm

Anfahrt