Marker: AA, BA, MA, ThomasLukaseder, itsec, networks

Zusammenfassung: DDoS Attacken gewinnen immer mehr an Relevanz. Eine aktuelle Studie hat ergeben, dass 1/3 aller IPv4-Adressen weltweit in den letzten Jahren angegriffen wurden. Wir arbeiten daran, DDoS-Attacken verschiedenster Art abzuwehren. Hierfür ist es essentiell zu analysieren, wie echte Angriffe in Produktivnetzwerken aussehen, um die eigenen Methoden zur Abwehr auf ihre Tauglichkeit hin prüfen zu können. Dies soll zusammen mit der Firma Isarnet aus München untersucht werden. IsarNet entwickelt das IsarFlow-System zur Netzverkehrsanalyse auf Basis von Netflow, welches in vielen Unternehmens- und Providernetzen eingesetzt wird. Im Rahmen dieser Arbeit wollen wir Aufzeichnungen echter Angriffe nutzen, analysieren und nachbilden um unser eigenes System mit realistischen Daten testen und verbessern zu können.

Marker: PROJEKT, AA, BA, MA, FrankKargl, retroaction, distributed, DominikMeissner

Zusammenfassung: Retroactive computing enables programmatical access to the history of an application. This offers a variety of capabilities, such as computations and predictions of alternate application timelines, post-hoc bug fixes, and retroactive state explorations. Reads and writes of the application state have to be tracked and persisted in order to support retroaction. This is fairly simple for a single-writer append-only log, but entails various issues in a distributed setting. This thesis/project should explore different approaches for a distributed dependency tracking, including a prototypical implementation based on an existing platform prototype and an evaluation of the resulting artifacts.

Marker: ABSCHLUSSARBEIT Master Bachelor AA BA MA DavidMödinger networks privacy itsec

Zusammenfassung: Dining Cryptographer Netzwerke bieten eine Möglichkeit um in einer Gruppe anonym eine Nachricht an alle zu verbreiten. Diese Konstruktion benötigt jedoch sehr viele Nachtrichten und erzeugt daher viel Overhead. Um die Effizienz dieser Netzwerke zu verbessern, haben von Ahn. et al. das Konzept der k-Anonymität auf sie angewandt: Kleinere Gruppen im Gesamtnetzwerk erlauben eine Einschränkung der Anonymität, erzeugen jedoch deutlich weniger Overhead. Um die k-Anonymitätsgarantie zu stärken, bietet die Kryptografie das Konzept der Threshold-Kryptografie an: Nur wenn ausreichend Nutzer sich beteiligen, kann die Nachricht entschlüsselt werden. Ziel dieser Arbeit ist es, die Umsetzung dieser Technik für k-DC Netze zu untersuchen.

Marker: AA, BA, HenningKopp, distributed, itsec, privacy

Zusammenfassung: Simple payment verification is a protocol which allows thin clients such as smartphones to use Bitcoin without downloading the whole blockchain. The thin client continually asks a full node for incoming transactions. Since the thin client only wants to know his/her own transactions but does not want the full node to link the transactions of the thin client to its identity, a bloom filter is used. Thus, false positives are introduced and the full node does not learn the account balance of the thin client. Stealth addresses are another privacy mechanism for Bitcoin addresses. They enable a sender of a transaction to derive new ephemeral recipient keys. Currently, stealth addresses are not compatible with simple payment verification and cannot be used on thin clients. One proposal is to add a fuzzy identifier (e.g., the first few bits) of the recipient long-term key to the transactions. One goal of the thesis is to evaluate and compare the privacy properties of current wallets for thin clients. Further, the tradeoff between privacy and efficiency of how the fuzzy identifier for stealth addresses is chosen should be evaluated and practical parameters proposed. Maybe you can even come up with own ideas for improving the privacy of thin clients.

Marker: AA, BA, MA, StephanKleber, FrankKargl, itsec, networks

Zusammenfassung: Security assessments of networked systems require knowledge about the utilized communication protocol. For proprietary protocols without known specification and with only limited access to the end-points, the only source of information is the communication itself. To correctly conclude from the captured byte stream to message-formats, -types, and finally a protocol model, structure, message- and field-boundaries, data-type, and semantics need to be inferred.After an initial inference procedure, it is desirable to refine the existing protocol model. Additional information gained by recorded network traffic needs to be incorporated by recognizing the appropriate parts of the model. The modeled knowledge is to be extended depending on the applicable information inferable from the new trace.

Marker: AA, BA, MA, ThomasLukaseder, distributed, itsec, networks

Zusammenfassung: We are working on a framework to mitigate DDoS attacks in high-speed networks. The framework uses software-defined networking to mitigate attacks. There are different areas of the system still under development and therefore different open theses or master project topics. Areas currently under development: Distribution of the current infrastructure, measurements of real-life networks to improve the data basis for attack mitigation, extending the system to mitigate a wider variety of attacks, and improving scalability of the system. There are open topics in all of these areas.

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: The ever increasing network bandwidth causes intrusion detection mechanisms to reach the limits of their capacity. Thus, new and improved implementations for security mechanisms are urgently required. Hardware support is one way to increase the performance of IDS. One of the bottlenecks of high-speed data analysis is regular expression matching. We currently examine two possible hardware support solutions to offload the regular expression matching to hardware modules: a FPGA-based Co-Processor (extending and evaluating an existing prototype) and offloading regular expression matching to GPUs. There are open topics in both areas.

Marker: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Zusammenfassung: Event sourcing is an alternative persistence approach that maintains a log of state-changing events instead of altering states directly. Event-sourced architectures require an event store for efficiently appending and retrieving log entries. In this project, an evaluation of different key/value stores and alternative (No)SQL stores is to be conducted in order to identify stores appropriate for event sourcing.

Marker: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Zusammenfassung: As part of an ongoing research project at our institute, we are currently developing a novel distributed computing platform prototype. The systems provides a graph-based, asynchronous programming model and takes advantage of event sourcing for history-aware computations. The aim of this student work is the identification and evaluation of appropriate secondary index structures, in order to provide fast access onto specific notes of the graph topology. Also, a prototypical implementation is part of this work.

Marker: AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed

Zusammenfassung: As part of an ongoing research project at our institute, we are currently developing a novel distributed computing platform prototype. The systems provides a graph-based, asynchronous programming model and takes advantage of event sourcing for history-aware computations. The aim of this student work is to compile a survey of data mining mechanisms that can be executed on graphs. Specifically, asynchronicity has to be considered here. As a result, our current prototype should be evaluated on how it suits existing graph mining approaches.

Marker: AA, BA, MA, ThomasLukaseder, itsec, networks

Zusammenfassung: DDoS Attacken gewinnen immer mehr an Relevanz. Eine aktuelle Studie hat ergeben, dass 1/3 aller IPv4-Adressen weltweit in den letzten Jahren angegriffen wurden. Wir arbeiten daran, DDoS-Attacken verschiedenster Art abzuwehren. Hierfür ist es essentiell zu analysieren, wie echte Angriffe in Produktivnetzwerken aussehen, um die eigenen Methoden zur Abwehr auf ihre Tauglichkeit hin prüfen zu können. Dies soll zusammen mit der Firma Isarnet aus München untersucht werden. IsarNet entwickelt das IsarFlow-System zur Netzverkehrsanalyse auf Basis von Netflow, welches in vielen Unternehmens- und Providernetzen eingesetzt wird. Im Rahmen dieser Arbeit wollen wir Aufzeichnungen echter Angriffe nutzen, analysieren und nachbilden um unser eigenes System mit realistischen Daten testen und verbessern zu können.

Marker: PROJEKT, AA, BA, MA, FrankKargl, retroaction, distributed, DominikMeissner

Zusammenfassung: Retroactive computing enables programmatical access to the history of an application. This offers a variety of capabilities, such as computations and predictions of alternate application timelines, post-hoc bug fixes, and retroactive state explorations. Reads and writes of the application state have to be tracked and persisted in order to support retroaction. This is fairly simple for a single-writer append-only log, but entails various issues in a distributed setting. This thesis/project should explore different approaches for a distributed dependency tracking, including a prototypical implementation based on an existing platform prototype and an evaluation of the resulting artifacts.

Marker: ABSCHLUSSARBEIT Master Bachelor AA BA MA DavidMödinger networks privacy itsec

Zusammenfassung: Dining Cryptographer Netzwerke bieten eine Möglichkeit um in einer Gruppe anonym eine Nachricht an alle zu verbreiten. Diese Konstruktion benötigt jedoch sehr viele Nachtrichten und erzeugt daher viel Overhead. Um die Effizienz dieser Netzwerke zu verbessern, haben von Ahn. et al. das Konzept der k-Anonymität auf sie angewandt: Kleinere Gruppen im Gesamtnetzwerk erlauben eine Einschränkung der Anonymität, erzeugen jedoch deutlich weniger Overhead. Um die k-Anonymitätsgarantie zu stärken, bietet die Kryptografie das Konzept der Threshold-Kryptografie an: Nur wenn ausreichend Nutzer sich beteiligen, kann die Nachricht entschlüsselt werden. Ziel dieser Arbeit ist es, die Umsetzung dieser Technik für k-DC Netze zu untersuchen.

Marker: AA, BA, MA, PROJEKT, StephanKleber, FrankKargl, itsec, networks

Zusammenfassung: For an effective evaluation of multiple inference methods for network messages with a representative set of network protocol traces, automation is required. To accomplish this, the tasks of this thesis are tree-fold:1. Generate test-case specimens by preprocessing and filtering of selected network traces. An examples for a possible metric to be filtered for is high field-type variance.2. Evaluate the inference of the generated traces with the tools ReverX, Netzob, PRISMA, or even with an own implementation of known methods.3. For the automated assessment of the result quality for all evaluated inference methods, dissectors, like those of of scapy or Wireshark may be used for a quantifiable quality validation.The scope for the evaluation is limited to message type and format explicitly excluding the behavior model of the protocol.

Marker: AA, BA, MA, StephanKleber, FrankKargl, itsec, networks

Zusammenfassung: Security assessments of networked systems require knowledge about the utilized communication protocol. For proprietary protocols without known specification and with only limited access to the end-points, the only source of information is the communication itself. To correctly conclude from the captured byte stream to message-formats, -types, and finally a protocol model, structure, message- and field-boundaries, data-type, and semantics need to be inferred.After an initial inference procedure, it is desirable to refine the existing protocol model. Actively probing an entity for the validity of message syntaxes allows to targetedly enhance the knowledge about the protocol. To do this efficiently a smart method of automatically generating test-cases depending on the current protocol model needs to be developed.

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: Security devices in networks such as firewalls or intrusion detection systems need to be evaluated concerning throughput, precision, and reliability before using them in production networks. We are working on different aspects of performance measurements of security devices: Performance evaluation of firewalls or IDS, building a network testing framework for evaluations. There are open topics in all of these areas.

Marker: PROJEKT, FelixEngelmann

Zusammenfassung: In dem Projekt soll eine Webanwendung entstehen, die Daten aus einer Blockchain visualisiert und mit zusätzlichen Informationen aufbereitet. Für die bekannten Blockchains wie Bitcoin und Ethererum existieren Portale wie z.B. etherscan.io , die detaillierte Informationen über die jeweilige Blockchain anzeigen. Für den Einsatz in der Industrie sind diese öffentlichen Blockchains jedoch nicht zuverlässig genug. Deshalb betreut das SAMPL Projekt eine eigene Blockchain, die auf Ethereum aufbaut und speziell für Lizenzverwaltung ausgerichtet ist. Dafür soll nun ein Explorer entwickelt werden der den gleichen Komfort bietet wie die existierenden Plattformen. Die Rohdaten können per REST API bezogen werden, sollten dann aber für die Verwendung aufbereitet werden und in einer durchsuchbaren Datenbank abgelegt werden. Die UI sollte durch eine zeitgemäße Webseite geschehen. Testprojekte gibt es mit node.js und angular, jedoch ist verwendete Technologie egal, solange die Software zuverlässig im Produktivbetrieb eingesetzt werden kann.

Marker: AA, MA, DA, PROJEKT, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Zusammenfassung: The chronograph platform is a system for computing on evolving graphs. One module of the platform should provide an interactive user interface for exploring the history, evolution, and topology of the graph. The goal of this project is the design and implementation of a scalable, web-based user interface for the exploration of chronograph data.

Marker: AA, BA, MA, ThomasLukaseder, itsec, networks

Zusammenfassung: DDoS Attacken gewinnen immer mehr an Relevanz. Eine aktuelle Studie hat ergeben, dass 1/3 aller IPv4-Adressen weltweit in den letzten Jahren angegriffen wurden. Wir arbeiten daran, DDoS-Attacken verschiedenster Art abzuwehren. Hierfür ist es essentiell zu analysieren, wie echte Angriffe in Produktivnetzwerken aussehen, um die eigenen Methoden zur Abwehr auf ihre Tauglichkeit hin prüfen zu können. Dies soll zusammen mit der Firma Isarnet aus München untersucht werden. IsarNet entwickelt das IsarFlow-System zur Netzverkehrsanalyse auf Basis von Netflow, welches in vielen Unternehmens- und Providernetzen eingesetzt wird. Im Rahmen dieser Arbeit wollen wir Aufzeichnungen echter Angriffe nutzen, analysieren und nachbilden um unser eigenes System mit realistischen Daten testen und verbessern zu können.

Marker: ABSCHLUSSARBEIT Master Bachelor AA BA MA DavidMödinger networks privacy itsec

Zusammenfassung: Dining Cryptographer Netzwerke bieten eine Möglichkeit um in einer Gruppe anonym eine Nachricht an alle zu verbreiten. Diese Konstruktion benötigt jedoch sehr viele Nachtrichten und erzeugt daher viel Overhead. Um die Effizienz dieser Netzwerke zu verbessern, haben von Ahn. et al. das Konzept der k-Anonymität auf sie angewandt: Kleinere Gruppen im Gesamtnetzwerk erlauben eine Einschränkung der Anonymität, erzeugen jedoch deutlich weniger Overhead. Um die k-Anonymitätsgarantie zu stärken, bietet die Kryptografie das Konzept der Threshold-Kryptografie an: Nur wenn ausreichend Nutzer sich beteiligen, kann die Nachricht entschlüsselt werden. Ziel dieser Arbeit ist es, die Umsetzung dieser Technik für k-DC Netze zu untersuchen.

Marker: AA, BA, MA, StephanKleber, FrankKargl, itsec, networks

Zusammenfassung: Security assessments of networked systems require knowledge about the utilized communication protocol. For proprietary protocols without known specification and with only limited access to the end-points, the only source of information is the communication itself. To correctly conclude from the captured byte stream to message-formats, -types, and finally a protocol model, structure, message- and field-boundaries, data-type, and semantics need to be inferred.After an initial inference procedure, it is desirable to refine the existing protocol model. Additional information gained by recorded network traffic needs to be incorporated by recognizing the appropriate parts of the model. The modeled knowledge is to be extended depending on the applicable information inferable from the new trace.

Marker: AA, BA, MA, ThomasLukaseder, distributed, itsec, networks

Zusammenfassung: We are working on a framework to mitigate DDoS attacks in high-speed networks. The framework uses software-defined networking to mitigate attacks. There are different areas of the system still under development and therefore different open theses or master project topics. Areas currently under development: Distribution of the current infrastructure, measurements of real-life networks to improve the data basis for attack mitigation, extending the system to mitigate a wider variety of attacks, and improving scalability of the system. There are open topics in all of these areas.

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: The ever increasing network bandwidth causes intrusion detection mechanisms to reach the limits of their capacity. Thus, new and improved implementations for security mechanisms are urgently required. Hardware support is one way to increase the performance of IDS. One of the bottlenecks of high-speed data analysis is regular expression matching. We currently examine two possible hardware support solutions to offload the regular expression matching to hardware modules: a FPGA-based Co-Processor (extending and evaluating an existing prototype) and offloading regular expression matching to GPUs. There are open topics in both areas.

Marker: ABSCHLUSSARBEIT, THESIS, Master, AA, MA, MuntazirMehdi, mobile, misc

Zusammenfassung: Neurofeedback provides the necessary means to visualize selected and controlled parameters of the brain activity. In healthcare domain, neurofeedback studies enable mitigation of many psychological disorders and illnesses, mainly by therapies that help patients to better self-regulate their brain activity. Electroencephalography (EEG) is the method of monitoring the electrical activity of the brain, thus providing the necessary feedback. In this thesis work, the student is required to survey the current state of frameworks, techniques, or methods that enable coupling of Mobile EEGs with Smartphones. Bluetooth 2.1 with Enhanced Data Rate (EDR) capability is one of the most effective mean of coupling EEGs with Smartphones. The student would therefore be required to work on the Bluetooth stack to acquire real-time data generated from the Mobile EEGs, parse the electrical signal, and visualize the signal semantically. For successful completion of the thesis, the student would be required to identify and address any one of the open challenges faced by the proposed topic. An example of this can be addressing the bandwidth challenges, battery consumption, or signal accuracy

Marker: PROJEKT, AA, BA, MA, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Zusammenfassung: Blockchain technology allows for decentralized, distributed, and secure ledgers that store records (e.g., transactions). Popular blockchain-based systems such as Bitcoin and Etherum have emerged as so-called crypto-currencies. As the ledger maintains the full history of transactions, interactions within the system are always persisted. In this work, the student is asked to design and implement online and offline transaction analyses based on Chronograph, a data processing platform for evolving graphs developed at our Institute. Therefore, different blockchain-based systems should be surveyed and appropriate analysis mechanisms should be conducted.

Marker: AA, BA, HenningKopp, distributed, itsec, privacy

Zusammenfassung: Simple payment verification is a protocol which allows thin clients such as smartphones to use Bitcoin without downloading the whole blockchain. The thin client continually asks a full node for incoming transactions. Since the thin client only wants to know his/her own transactions but does not want the full node to link the transactions of the thin client to its identity, a bloom filter is used. Thus, false positives are introduced and the full node does not learn the account balance of the thin client. Stealth addresses are another privacy mechanism for Bitcoin addresses. They enable a sender of a transaction to derive new ephemeral recipient keys. Currently, stealth addresses are not compatible with simple payment verification and cannot be used on thin clients. One proposal is to add a fuzzy identifier (e.g., the first few bits) of the recipient long-term key to the transactions. One goal of the thesis is to evaluate and compare the privacy properties of current wallets for thin clients. Further, the tradeoff between privacy and efficiency of how the fuzzy identifier for stealth addresses is chosen should be evaluated and practical parameters proposed. Maybe you can even come up with own ideas for improving the privacy of thin clients.

Marker: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Zusammenfassung: Pause/Shift/Resume is a mechanism for doing iterative graph processing on an evolving graph using snapshots. Our Chronograph graph processing platform provides very similar functionalities based on an event-sourced graph model. In this work, the student is asked to incorporate the Pause/Shift/Resume mechanism into our platform. Therefore, the mechanism has to be adapted and adjusted to event-sourced graphs. Furthermore, an evaluation should highlight the runtime behavior of the approach in different workloads.

Marker: PROJEKT, AA, BA, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Marker: AA, MA, DA, PROJEKT, BenjaminErb, FrankKargl, sidgraph, distributed, DominikMeissner

Zusammenfassung: The chronograph platform is a system for computing on evolving graphs. One module of the platform should provide an interactive user interface for exploring the history, evolution, and topology of the graph. The goal of this project is the design and implementation of a scalable, web-based user interface for the exploration of chronograph data.

Marker: ABSCHLUSSARBEIT PROJEKT Bachelor AA BA DavidMödinger VAPS networks privacy

Zusammenfassung: Um Transaktionen in Blockchain Netzwerken zu verteilen wird üblicherweise ein Broadcast Mechanismus verwendet. Dieser bietet jedoch Angriffsfläche für verschiedene Arten der Deanonymisierung. Da die Privatsphäre im Umgang mit Geld jedoch besonders wichtig ist, arbeiten wir an einem Protokoll um diese zu schützen. Derzeit existieren bereits einige Vorschläge für verwandte Protokolle. Für vergleichbare Untersuchungen sollten alle unter denselben Bedingungen evaluiert werden. Um diese Umstände zu erreichen, möchten wir dieselbe Simulationsumgebung für alle verwenden. Ziel der Arbeit ist die Implementierung verschiedener Protokolle und deren Auswertung. Literaturrecherche fällt je nach gewähltem Umfang und Arbeitsart an.

Marker: AA, BA, HenningKopp, distributed, itsec, privacy

Zusammenfassung: Simple payment verification is a protocol which allows thin clients such as smartphones to use Bitcoin without downloading the whole blockchain. The thin client continually asks a full node for incoming transactions. Since the thin client only wants to know his/her own transactions but does not want the full node to link the transactions of the thin client to its identity, a bloom filter is used. Thus, false positives are introduced and the full node does not learn the account balance of the thin client. Stealth addresses are another privacy mechanism for Bitcoin addresses. They enable a sender of a transaction to derive new ephemeral recipient keys. Currently, stealth addresses are not compatible with simple payment verification and cannot be used on thin clients. One proposal is to add a fuzzy identifier (e.g., the first few bits) of the recipient long-term key to the transactions. One goal of the thesis is to evaluate and compare the privacy properties of current wallets for thin clients. Further, the tradeoff between privacy and efficiency of how the fuzzy identifier for stealth addresses is chosen should be evaluated and practical parameters proposed. Maybe you can even come up with own ideas for improving the privacy of thin clients.

Marker: AA, BA, MA, ThomasLukaseder, itsec, networks

Zusammenfassung: DDoS Attacken gewinnen immer mehr an Relevanz. Eine aktuelle Studie hat ergeben, dass 1/3 aller IPv4-Adressen weltweit in den letzten Jahren angegriffen wurden. Wir arbeiten daran, DDoS-Attacken verschiedenster Art abzuwehren. Hierfür ist es essentiell zu analysieren, wie echte Angriffe in Produktivnetzwerken aussehen, um die eigenen Methoden zur Abwehr auf ihre Tauglichkeit hin prüfen zu können. Dies soll zusammen mit der Firma Isarnet aus München untersucht werden. IsarNet entwickelt das IsarFlow-System zur Netzverkehrsanalyse auf Basis von Netflow, welches in vielen Unternehmens- und Providernetzen eingesetzt wird. Im Rahmen dieser Arbeit wollen wir Aufzeichnungen echter Angriffe nutzen, analysieren und nachbilden um unser eigenes System mit realistischen Daten testen und verbessern zu können.

Marker: AA, BA, HenningKopp, distributed, itsec, privacy

Zusammenfassung: Simple payment verification is a protocol which allows thin clients such as smartphones to use Bitcoin without downloading the whole blockchain. The thin client continually asks a full node for incoming transactions. Since the thin client only wants to know his/her own transactions but does not want the full node to link the transactions of the thin client to its identity, a bloom filter is used. Thus, false positives are introduced and the full node does not learn the account balance of the thin client. Stealth addresses are another privacy mechanism for Bitcoin addresses. They enable a sender of a transaction to derive new ephemeral recipient keys. Currently, stealth addresses are not compatible with simple payment verification and cannot be used on thin clients. One proposal is to add a fuzzy identifier (e.g., the first few bits) of the recipient long-term key to the transactions. One goal of the thesis is to evaluate and compare the privacy properties of current wallets for thin clients. Further, the tradeoff between privacy and efficiency of how the fuzzy identifier for stealth addresses is chosen should be evaluated and practical parameters proposed. Maybe you can even come up with own ideas for improving the privacy of thin clients.

Marker: AA, BA, MA, StephanKleber, FrankKargl, itsec, networks

Zusammenfassung: Security assessments of networked systems require knowledge about the utilized communication protocol. For proprietary protocols without known specification and with only limited access to the end-points, the only source of information is the communication itself. To correctly conclude from the captured byte stream to message-formats, -types, and finally a protocol model, structure, message- and field-boundaries, data-type, and semantics need to be inferred.After an initial inference procedure, it is desirable to refine the existing protocol model. Additional information gained by recorded network traffic needs to be incorporated by recognizing the appropriate parts of the model. The modeled knowledge is to be extended depending on the applicable information inferable from the new trace.

Marker: AA, BA, MA, ThomasLukaseder, distributed, itsec, networks

Zusammenfassung: We are working on a framework to mitigate DDoS attacks in high-speed networks. The framework uses software-defined networking to mitigate attacks. There are different areas of the system still under development and therefore different open theses or master project topics. Areas currently under development: Distribution of the current infrastructure, measurements of real-life networks to improve the data basis for attack mitigation, extending the system to mitigate a wider variety of attacks, and improving scalability of the system. There are open topics in all of these areas.

Marker: AA, BA, MA, Project, ThomasLukaseder, itsec, networks

Zusammenfassung: The ever increasing network bandwidth causes intrusion detection mechanisms to reach the limits of their capacity. Thus, new and improved implementations for security mechanisms are urgently required. Hardware support is one way to increase the performance of IDS. One of the bottlenecks of high-speed data analysis is regular expression matching. We currently examine two possible hardware support solutions to offload the regular expression matching to hardware modules: a FPGA-based Co-Processor (extending and evaluating an existing prototype) and offloading regular expression matching to GPUs. There are open topics in both areas.

Marker: AA, MA, HenningKopp, FrankKargl, itsec

Zusammenfassung: Cryptographical hash functions are functions which compress an arbitrarily large (finite) input into a fixed finite set. They can serve as fingerprint of a file, since it is computationally difficult to find two inputs which yield the same hash value. Recently there appeared numerous cryptographic constructions which require a hash function which maps into an elliptic curve. This is a pretty recent development and has not yet been thoroughly researched. There are some candidate constructions but without performance measurements. The goal of the thesis is to compare the security properties of the schemes, as well as measuring their performance. Maybe you can even come up with your own own scheme for hashing into elliptic curves which you will get time to investigate.

Marker: ABSCHLUSSARBEIT, THESIS, Master, AA, MA, MuntazirMehdi, mobile, misc

Zusammenfassung: Neurofeedback provides the necessary means to visualize selected and controlled parameters of the brain activity. In healthcare domain, neurofeedback studies enable mitigation of many psychological disorders and illnesses, mainly by therapies that help patients to better self-regulate their brain activity. Electroencephalography (EEG) is the method of monitoring the electrical activity of the brain, thus providing the necessary feedback. In this thesis work, the student is required to survey the current state of frameworks, techniques, or methods that enable coupling of Mobile EEGs with Smartphones. Bluetooth 2.1 with Enhanced Data Rate (EDR) capability is one of the most effective mean of coupling EEGs with Smartphones. The student would therefore be required to work on the Bluetooth stack to acquire real-time data generated from the Mobile EEGs, parse the electrical signal, and visualize the signal semantically. For successful completion of the thesis, the student would be required to identify and address any one of the open challenges faced by the proposed topic. An example of this can be addressing the bandwidth challenges, battery consumption, or signal accuracy