Security assessments of networked systems require knowledge about the utilized communication protocol. For proprietary protocols without known specification and with only limited access to the end-points, the only source of information is the communication itself. To correctly conclude from the captured byte stream to message-formats, -types, and finally a protocol model, structure, message- and field-boundaries, data-type, and semantics need to be inferred.After an initial inference procedure, it is desirable to refine the existing protocol model. Additional information gained by recorded network traffic needs to be incorporated by recognizing the appropriate parts of the model. The modeled knowledge is to be extended depending on the applicable information inferable from the new trace.

The goal of this project is to extend the Monero project [1] to support an additional transaction type. The transaction itself is already implemented, but is not integrated into the cli tools and the consensus mechanism. A good knowledge of C++ is required and a basic understanding of cryptocurrencies is helpful. The evaluation of the project consists of creating a cli demo in a test setup.

Die Transaktionsverbreitung in Blockchain Netzwerken findet üblicherweise über einen Broadcastmechanismus statt. In einer ersten Forschungsarbeit am Institut haben wir das Verhalten dieses Broadcasts im Bitcoin Netzwerk untersucht. Ziel dieser Arbeit ist es, für alternative Blockchain Netzwerke, wie Beispielsweise das Ethereum oder Monero Netzwerk, die Untersuchung zu replizieren. Hierfür gilt es einen geeigneten Crawler zu erstellen, Datensets zusammen zu stellen und geeignete stochastische Methoden anzuwenden. Das Ausmaß dieser Untersuchung richtet sich nach der gewählten Art der Arbeit.

To build powerful machine learning models, lots of data is required. However, obtaining the data comes with privacy risks for the people or entities that provide their data. Recently, Google published TensorFlow Federated - an open source framework to allow machine learning on decentralized data. The approach of federated learning makes machine learning in the age of mobile devices and wearables both more efficient, as well as more privacy-friendly. The goal of this thesis or project is to become familiar with the TensorFlow Federated framework, to understand and be able to explain the techniques which are implemented in it, to be able to build machine learning models in a federated way, and possibly to implement own enhancements of the framework.

Machine learning offers great opportunities, but also comes with risks. Especially the privacy risks are becoming more prevalent in the discussions about machine learning. Recently, Google published a machine learning library called TensorFlow Privacy. Its goal is to make it easier for developers and researchers to build privacy-preserving machine learning models. Specifically, it utilizes Differential Privacy, which mathematically guarantees that the training data to create the models is protected from being extracted. The goal of this thesis or project is to become familiar with the TensorFlow Privacy library, to understand and be able to explain the techniques which are implemented in it, to be able to build privacy-preserved machine learning models, and possibly to implement own protection techniques that could enhance the TensorFlow Privacy library.

Security assessments of networked systems require knowledge about the utilized communication protocol. For proprietary protocols without known specification and with only limited access to the end-points, the only source of information is the communication itself. To correctly conclude from the captured byte stream to message-formats, -types, and finally a protocol model, structure, message- and field-boundaries, data-type, and semantics need to be inferred.After an initial inference procedure, it is desirable to refine the existing protocol model. Actively probing an entity for the validity of message syntaxes allows to targetedly enhance the knowledge about the protocol. To do this efficiently a smart method of automatically generating test-cases depending on the current protocol model needs to be developed.

Die Verbreitung von Transaktionen in Blockchain-Netzwerken kann viele Informationen über deren Nutzer preisgeben. Ins- besonder muss die Vertraulichkeit von Zahlungsinformationen geschützt werden. Um diesen Schutz zu erreichen, haben wir ein Protokoll entworfen, welches die Privatsphäre dieser Trans-aktionen gewährleistet und Entwicklern die nötige Flexibilität für verschiedenste Anwendungsszenarien bereitstellt. Doch es bleiben viele offene Fragen für die Umsetzung in der Praxis, beispielsweise die Anpassung an praktische Begebenheiten und die Erstellung der nötigen Gruppen. Ziel dieser Arbeit ist es, einige der offenen Fragen zu klären und das Protokoll im Rahmen einer Proof-of-Concept-Implementierung zu evaluieren. Geeignet für Studierende mit Erfahrung Netzwerkprogrammierung. This project can also be completed in English. Please contact me for further details.

Neurofeedback provides the necessary means to visualize selected and controlled parameters of the brain activity. In healthcare domain, neurofeedback studies enable mitigation of many psychological disorders and illnesses, mainly by therapies that help patients to better self-regulate their brain activity. Electroencephalography (EEG) is the method of monitoring the electrical activity of the brain, thus providing the necessary feedback. In this thesis work, the student is required to survey the current state of frameworks, techniques, or methods that enable coupling of Mobile EEGs with Smartphones. Bluetooth 2.1 with Enhanced Data Rate (EDR) capability is one of the most effective mean of coupling EEGs with Smartphones. The student would therefore be required to work on the Bluetooth stack to acquire real-time data generated from the Mobile EEGs, parse the electrical signal, and visualize the signal semantically. For successful completion of the thesis, the student would be required to identify and address any one of the open challenges faced by the proposed topic. An example of this can be addressing the bandwidth challenges, battery consumption, or signal accuracy

Encryption is one of the most reliable techniques for protecting information. However, once data is encrypted, using it becomes very difficult. Goal of this thesis or project, is to explore how Machine Learning algorithms can be designed to be able to deal with encrypted data. Firstly, a survey of existing mechanisms should be conducted. In a second part, algorithms will be comparatively implemented, or own encryption mechanisms introduced.

Vehicular ad-hoc networks (VANETs) are designed to provide various services to drivers and passengers by exchanging information between vehicles. Services include improved safety, better navigation recommendations, road condition warnings and features to support self-driving vehicles. For these services to work correctly, data correctness is extremely important. Literature suggests that node-centric detection mechanisms are a potential solution: by monitoring the behavior of other vehicles over time, vehicles can determine who is most reliable. It is also possible to exchange this information between vehicles using trust mechanisms. In this thesis, the goal is to improve existing trust mechanisms and implement the resulting mechanisms in the Maat framework, a Java-based prototype detection framework under development at the institute of distributed systems.

In den letzten 10 Jahren entstand eine neue Art von Netzwerken, die dafür entwickelt wurde Fahrzeuge ad-hoc kommunizieren zu lassen. Diese Netzwerke, so genannte Fahrzeug-Fahrzeug-Kommunikationssysteme, können erweitert werden durch zentrale Backend Systeme und so genannte Road-Side-Units (RSUs), die am Straßenrand aufgestellt werden. Das gesamte System, inklusive Infrastruktur, bezeichnet man auch als kooperatives intelligentes Transport-Systemen (cITS). In diesen Netzwerken sollen Fahrzeuge regelmäßig Nachrichten austauschen, um festzustellen wo sich einzelne Fahrzeuge befinden und wie schnell sie fahren. Darüber hinaus schicken sie auch Warnungen wenn bestimmte Ereignisse erkannt wurden (z.B. ein Stau oder vereiste Fahrbahn). Um diese Daten effizient zu nutzen und Ereignisse sinnvoll erkennen zu können, sollte es ein Welt-Modell geben, in dem alle empfangenen Informationen gesammelt werden. Außer der direkten Nutzung als Informationsquelle kann das Weltbild dazu genutzt werden, festzustellen wenn Daten miteinander in Konflikt stehen. Solche Konflikte können auf Angreifer hindeuten, die gefälschte Daten verschickt haben. Das Welt-Modell sollte daher möglichst flexibel sein und eine Vielzahl von unterschiedlichen Daten abbilden können. Ziel der Arbeit ist, ein Konzept für ein solches Weltmodell zu entwickeln und es erweiterbar und flexibel zu implementieren. Es existieren Vorarbeiten, auf denen gerade bei der Konzept-Erstellung aufgebaut werden kann. Neben konzeptuellen Aspekten und möglichst generischer Repräsentation soll die Arbeit auch effiziente Skalierbarkeit und Performanz betrachten.

In recent literature on Vehicular Networks, many works assume the existence of data consistency mechanisms, physical model checks and other data-centric verification. However, little is known about how well these mechanisms can work, what type of guarantees they can give, what to do with errors and whether they can be used for attacker detection. Many of these unanswered questions relate to the fact that data consistency mechanisms are still a relatively new concept, and they are not exclusively used for security purposes. The goal of this thesis is to provide a brief summary of existing mechanisms and to provide a good method for evaluating data consistency mechanisms, either with formal verification or with simulation. Initial Literature: Dietzel, S.; Schoch, E.; Konings, B.; Weber, M.; Kargl, F.: Resilient secure aggregation for vehicular networks; IEEE Network; Vol. 24(1); January 2010. Raya, M.; Hubaux, J-P.: The security of vehicular ad hoc networks; ACM SASN 2005.