Theses/Practicum

Bachelor Thesis / Master Thesis / Master Practicum

Software Security

(Master Thesis) Pointer boundary protections using memory coloring

(Master Thesis) Automatic identification of security-critical software parts for hardening with GNNs

(Bachelor Thesis) Penetration Testing for Applimeda Mobile App

Application of Machine Learning for Improving Security

(Master Thesis) Detection of Hardware Vulnerabilities using ML

(Bachelor Thesis / Practicum) Intrusion Detection in Databases using Machine Learning and Petri-nets

(Bachelor Thesis / Practicum) Congestion in LEO Satellites - ML-based Detection of DDoS Attacks on Intersatellite Links

Improving the Security of Machine Learning

(Bachelor Thesis / Practicum) Backdoor Detection in Federated Learning on the Basis of Siamese Networks

(Bachelor Thesis / Master Thesis) Exploration of ML Models for Transmitting Covert Information

(Bachelor Thesis / Practicum) Proof of Work by Cloud Provider during MLaaS

(Practicum) Extended Evaluation of Poisoning Attacks on New Defenses in Federated Learning

IoT - Security

(Bachelor Thesis) Eclipse-Attack-Resilient Responses from Blockchains in IoT Applications

Contact

If you are interested in the topics above, please contact us.

Please note that some topics advertised as a master thesis may also be suitable for a bachelor thesis with some modifications. You may also propose topics of your own choosing.

Past Theses written by our Students

2021[ to top ]

Security and Privacy Aspects of Digital Contact Tracing Roos, Filipp; Thesis; University of Würzburg. (2021, October).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@mastersthesis{roos2021security, author = {Roos, Filipp}, keywords = {tracing}, month = {oct}, school = {University of Würzburg}, title = {Security and Privacy Aspects of Digital Contact Tracing}, type = {Master Thesis}, year = 2021 }
Security Analysis of UniNow App Zimmermann, Keven; Thesis; University of Würzburg. (2021, July).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
We performed a security analysis of the UniNow application, focusing on private user data. The application was chosen for its high popularity and amount of sensitive information handled through its new contact tracing functionality. This functionality is used by many universities for mandatory contact tracing against COVID-19. Our analysis concerned the Android mobile application and all web services. After mapping the attack surface using many tools to automate the process, we tested the potential issues in order of impact. We reveal multiple security issues with low to critical severity. Most of these vulnera�bilities threatened private user data directly. In particular, we found multiple disclosed secret keys that were used to encrypt user data on the client side, among others. Fur�thermore, we show how an in-app browser as well as an open redirect vulnerability were easing phishing attacks, and how university access tokens were shared with UniNow. Our more severe findings include how sensitive data was sent automatically to Google servers through backup files, how strict SSL certificate checking was disabled deliberately for many university endpoints, how JavaScript could be injected into the email viewer, and how ap�pointment invitations could be brute forced to get sensitive information about past and future appointments. The two critical security issues concern how user accounts could be taken over by using an account identifier, and how an internal service was accessible by anyone, allowing to change university configurations and potentially make user devices sent their user’s university credentials to the attacker. We performed a responsible disclosure, which serves as a reference to UniNow, enabling them to fix the discovered issues. Our work tangibly improves the security of student data handled by the company.

@mastersthesis{noauthororeditor, abstract = {We performed a security analysis of the UniNow application, focusing on private user data. The application was chosen for its high popularity and amount of sensitive information handled through its new contact tracing functionality. This functionality is used by many universities for mandatory contact tracing against COVID-19. Our analysis concerned the Android mobile application and all web services. After mapping the attack surface using many tools to automate the process, we tested the potential issues in order of impact. We reveal multiple security issues with low to critical severity. Most of these vulnera�bilities threatened private user data directly. In particular, we found multiple disclosed secret keys that were used to encrypt user data on the client side, among others. Fur�thermore, we show how an in-app browser as well as an open redirect vulnerability were easing phishing attacks, and how university access tokens were shared with UniNow. Our more severe findings include how sensitive data was sent automatically to Google servers through backup files, how strict SSL certificate checking was disabled deliberately for many university endpoints, how JavaScript could be injected into the email viewer, and how ap�pointment invitations could be brute forced to get sensitive information about past and future appointments. The two critical security issues concern how user accounts could be taken over by using an account identifier, and how an internal service was accessible by anyone, allowing to change university configurations and potentially make user devices sent their user’s university credentials to the attacker. We performed a responsible disclosure, which serves as a reference to UniNow, enabling them to fix the discovered issues. Our work tangibly improves the security of student data handled by the company.}, author = {Zimmermann, Keven}, keywords = {thesis_supervised_by_SSS_member}, month = {jun}, school = {University of Würzburg}, title = {Security Analysis of UniNow App}, type = {Bachelor Thesis}, year = 2021 }
Intrusion Detection Using Machine Learning in Databases Schindler, Sebastian; Thesis; University of Würzburg. (2021, May).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Ransomware is a known threat that had a severe impact on computer security in the past five years. This type of malware has caused financial losses of about $13 Billion in 2017 and 2018 combined. Ransomware makes a user’s data unavailable to them, only granting access again when they pay a ransom. Traditionally, ransomware targeted the computer’s filesystem. Database ransomware is a new variant of the same principle. Instead of targeting individual files, it logs into DBMSs remotely and destroys the data, leaving only a ransom message behind. In most cases, attackers do not create a backup copy of the data. In this case, the data cannot be restored by the attackers, even if the ransom is paid. In 2018, Jobst et al. presented DIMAQS, a MySQL plugin to mitigate these attacks by detecting malicious activity through a Petri net classifier. Our work recognizes the main drawback of this approach: The Petri net cannot be easily adapted to new attack scenarios and has to be re-engineered manually. To solve this problem, we design a machine learning classifier to replace the original one. This approach yields a model that detects all attacks in our tests. Unfortunately, the model also produces a high number of false positives when trying to detect attacks before any harmful queries are issued. Overall, our approach achieves a 85.23% f1-score. The performance impact of the revised plugin is nonexistent for OLAP workloads and stays under 15% for OLTP tasks.

@mastersthesis{noauthororeditor, abstract = {Ransomware is a known threat that had a severe impact on computer security in the past five years. This type of malware has caused financial losses of about $13 Billion in 2017 and 2018 combined. Ransomware makes a user’s data unavailable to them, only granting access again when they pay a ransom. Traditionally, ransomware targeted the computer’s filesystem. Database ransomware is a new variant of the same principle. Instead of targeting individual files, it logs into DBMSs remotely and destroys the data, leaving only a ransom message behind. In most cases, attackers do not create a backup copy of the data. In this case, the data cannot be restored by the attackers, even if the ransom is paid. In 2018, Jobst et al. presented DIMAQS, a MySQL plugin to mitigate these attacks by detecting malicious activity through a Petri net classifier. Our work recognizes the main drawback of this approach: The Petri net cannot be easily adapted to new attack scenarios and has to be re-engineered manually. To solve this problem, we design a machine learning classifier to replace the original one. This approach yields a model that detects all attacks in our tests. Unfortunately, the model also produces a high number of false positives when trying to detect attacks before any harmful queries are issued. Overall, our approach achieves a 85.23% f1-score. The performance impact of the revised plugin is nonexistent for OLAP workloads and stays under 15% for OLTP tasks.}, author = {Schindler, Sebastian}, keywords = {thesis_supervised_by_sss_member}, month = {apr}, school = {University of Würzburg}, title = {Intrusion Detection Using Machine Learning in Databases}, type = {Master Thesis}, year = 2021 }
Remote Attestation for IoT with Smart Verifier Petzi, Lukas; Thesis; University of Würzburg. (2021, January).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The Internet is evolving. The Internet of Things (IoT) is a disruptive technology, billions of small and smart devices are encompassing every aspect of our lives, which leads us to a new era of the Internet. IoT connects billions of heterogeneous embedded devices in large networks. Restricted capabilities of the devices in combination with various mutually mistrusting parties throughout the network pose new challenges to security. As IoT devices become increasingly important, so does trust in their secure and reliable operation. But before we can trust them, we need to establish the trust. In the past, remote attestation has emerged into a very powerful tool in order to establish trust between devices. Traditional remote attestation establishes a static trust between two devices. This approach suffers badly heterogeneity of IoT network and purely scales to a large number of devices. Furthermore, it is very vulnerable to Denial of Service attacks. Within this thesis, we present a new approach to Remote Attestation in IoT networks. Our design combines the core strength of Remote Attestation with the advantages blockchain technology in order to enable attestation and validation of attestation evidences in a scalable manner. At rst, we develop a remote attestation scheme on a low end device serving as an exemplary IoT device. Second, we design our smart verifier, a flexible system capable of validating and storing attestation evidence. The system is build on top of blockchain technology and solves several issues accompanied by Traditional Remote Attestation in IoT such as scalability and device heterogeneity. In the end, we build and evaluate a proof of concept implementation based on ARM TrustZone and Sawtooth Hyperledger. The proposed system architecture enables trust establishment in a scalable manner even in heterogeneous networks while preventing denial of service attacks

@mastersthesis{chan2019remote, abstract = {The Internet is evolving. The Internet of Things (IoT) is a disruptive technology, billions of small and smart devices are encompassing every aspect of our lives, which leads us to a new era of the Internet. IoT connects billions of heterogeneous embedded devices in large networks. Restricted capabilities of the devices in combination with various mutually mistrusting parties throughout the network pose new challenges to security. As IoT devices become increasingly important, so does trust in their secure and reliable operation. But before we can trust them, we need to establish the trust. In the past, remote attestation has emerged into a very powerful tool in order to establish trust between devices. Traditional remote attestation establishes a static trust between two devices. This approach suffers badly heterogeneity of IoT network and purely scales to a large number of devices. Furthermore, it is very vulnerable to Denial of Service attacks. Within this thesis, we present a new approach to Remote Attestation in IoT networks. Our design combines the core strength of Remote Attestation with the advantages blockchain technology in order to enable attestation and validation of attestation evidences in a scalable manner. At rst, we develop a remote attestation scheme on a low end device serving as an exemplary IoT device. Second, we design our smart verifier, a flexible system capable of validating and storing attestation evidence. The system is build on top of blockchain technology and solves several issues accompanied by Traditional Remote Attestation in IoT such as scalability and device heterogeneity. In the end, we build and evaluate a proof of concept implementation based on ARM TrustZone and Sawtooth Hyperledger. The proposed system architecture enables trust establishment in a scalable manner even in heterogeneous networks while preventing denial of service attacks}, author = {Petzi, Lukas}, booktitle = {CVPR Workshops}, keywords = {thesis_supervised_by_sss_member}, month = {jan}, school = {University of Würzburg}, title = {Remote Attestation for IoT with Smart Verifier}, type = {Bachelor Thesis}, year = 2021 }

2020[ to top ]

Understanding UI attacks on Android Jasper, Stang; (2020, December).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
In this thesis, we closely examine an important type of attack against Android smart- phones that exploit weaknesses in the user interface. In particular, we study, analyze and implement the “Keystroke Inference #3” attack from the “Cloak and Dagger” paper by Fratantonio et al. [1, 2], which enables an attacker to steal sensitive input such as pass- words. The attack takes advantage of a vulnerability that was subsequently patched on all newer Android versions. Yet, it still affects a significant user base that utilizes older devices. In this paper, we present the end-to-end attack implementation of the “Keystroke Inference #3” concept and elaborate on in-depth details. In order to make the attack fea- sible certain technical challenges needed to be solved, therefore our developed approaches are presented as well. After the evaluation of the results, we show that the implementa- tion is applicable to a wide range of Android versions. We then present our novel defense technique OverlayShifter, which fully prevents the attack while being independent of operating system modifications. Moreover, characteristics that facilitate the detection of the attack are discussed.

@mastersthesis{jasper2020understanding, abstract = {In this thesis, we closely examine an important type of attack against Android smart- phones that exploit weaknesses in the user interface. In particular, we study, analyze and implement the “Keystroke Inference #3” attack from the “Cloak and Dagger” paper by Fratantonio et al. [1, 2], which enables an attacker to steal sensitive input such as pass- words. The attack takes advantage of a vulnerability that was subsequently patched on all newer Android versions. Yet, it still affects a significant user base that utilizes older devices. In this paper, we present the end-to-end attack implementation of the “Keystroke Inference #3” concept and elaborate on in-depth details. In order to make the attack fea- sible certain technical challenges needed to be solved, therefore our developed approaches are presented as well. After the evaluation of the results, we show that the implementa- tion is applicable to a wide range of Android versions. We then present our novel defense technique OverlayShifter, which fully prevents the attack while being independent of operating system modifications. Moreover, characteristics that facilitate the detection of the attack are discussed.}, author = {Jasper, Stang}, keywords = {thesis_supervised_by_SSS_member}, month = {December}, title = {Understanding UI attacks on Android}, type = {Bachelor Thesis}, year = 2020 }
Aggregatable Remote Attestation for IoT Alistarov, Vasil; Thesis; University of Würzburg. (2020, December).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
With the recent spike of Internet of Things (IoT) and "smart" devices, there has also been an increase in the amount of attacks on IoT networks. Wide-reaching attacks such as the one from the Mirai botnet in 2016 show how crucial it is to know that a device can be trusted before initiating communication. Remote Attestation (RA) is a proven method for asserting that a device is in a benign state. It is a challenge-response process between two parties, where the first checks the trustworthiness of the second. However, it is characterizable with low scalability a critical issue in the IoT sector. In our work, we model a new RA protocol, called Aggregatable Remote Attestation, which would allow a device to process multiple RA challenges simultaneously. We base it on the already existing SIMPLE architecture and implement it as a Proof-of-Concept (PoC) by modifying the code of the Security MicroVisor the core component of SIMPLE. We evaluate our work in terms of security and performance and show that it greatly outperforms the underlying SIMPLE. We discuss the relevance of our design in relation to the IoT sphere and denote a small set of potential topics for future work and research.

@mastersthesis{alistarov2020aggregatable, abstract = {With the recent spike of Internet of Things (IoT) and "smart" devices, there has also been an increase in the amount of attacks on IoT networks. Wide-reaching attacks such as the one from the Mirai botnet in 2016 show how crucial it is to know that a device can be trusted before initiating communication. Remote Attestation (RA) is a proven method for asserting that a device is in a benign state. It is a challenge-response process between two parties, where the first checks the trustworthiness of the second. However, it is characterizable with low scalability a critical issue in the IoT sector. In our work, we model a new RA protocol, called Aggregatable Remote Attestation, which would allow a device to process multiple RA challenges simultaneously. We base it on the already existing SIMPLE architecture and implement it as a Proof-of-Concept (PoC) by modifying the code of the Security MicroVisor the core component of SIMPLE. We evaluate our work in terms of security and performance and show that it greatly outperforms the underlying SIMPLE. We discuss the relevance of our design in relation to the IoT sphere and denote a small set of potential topics for future work and research.}, author = {Alistarov, Vasil}, keywords = {thesis_supervised_by_sss_member}, month = {dec}, school = {University of Würzburg}, title = {Aggregatable Remote Attestation for IoT}, type = {Bachelor Thesis}, year = 2020 }
Testbed for Security Testing of Smart Contracts Denk, Lukas; Thesis; University of Würzburg. (2020, December).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Ethereum, one of the most popular decentralized blockchain-based platforms [1], manages cryptocurrency worth more than 40 billion US Dollars [2]. A lot of the money is controlled by autonomous programs, so called smart contracts. They are executed on the platform and everyone can call their functions; vulnerabilities are therefore easily exploited. The immutable nature of the blockchain sharpens the problem even further by prohibiting belated bug fixes. In fact, there were several cases where attackers were able to steal cryptocurrency worth several millions of US Dollar [3]. This emphasises the need of soundly testing a smart contract before deployment. Unfortunately, existing security analysing tools each cover a different subsets of vulnerabilities [4]. Moreover, even when they test for the same security issues, they often find different results. A solid test run should therefore contain several tools, which makes the whole procedure very laborious. For these reasons, we provide a testbed which runs on a virtual machine (VM) with several smart contract security analysing tools integrated. It does not only offer a command line- but also an intuitive web interface. Both interfaces allow the user to analyse his contract with all the underlying tools in a single step. Additionally, our testbed provides a detailed report for each of the tools’ test runs as well as an overview of the overall security issues the different tools found. Our evaluation shows that our testbed identifies significantly more potential security issues than each of the compared smart contract analysing tools individually does. Indeed, we found 92% of our analysed contracts as potentially being vulnerable, while even the most sensitive tool only flagged 76% of its successfully analysed contracts. Furthermore, we observed that occasionally, two tools testing for the same vulnerability, contradict themselves in more than 81% of the contracts successfully analysed by both tools

@mastersthesis{denk2020testbed, abstract = {Ethereum, one of the most popular decentralized blockchain-based platforms [1], manages cryptocurrency worth more than 40 billion US Dollars [2]. A lot of the money is controlled by autonomous programs, so called smart contracts. They are executed on the platform and everyone can call their functions; vulnerabilities are therefore easily exploited. The immutable nature of the blockchain sharpens the problem even further by prohibiting belated bug fixes. In fact, there were several cases where attackers were able to steal cryptocurrency worth several millions of US Dollar [3]. This emphasises the need of soundly testing a smart contract before deployment. Unfortunately, existing security analysing tools each cover a different subsets of vulnerabilities [4]. Moreover, even when they test for the same security issues, they often find different results. A solid test run should therefore contain several tools, which makes the whole procedure very laborious. For these reasons, we provide a testbed which runs on a virtual machine (VM) with several smart contract security analysing tools integrated. It does not only offer a command line- but also an intuitive web interface. Both interfaces allow the user to analyse his contract with all the underlying tools in a single step. Additionally, our testbed provides a detailed report for each of the tools’ test runs as well as an overview of the overall security issues the different tools found. Our evaluation shows that our testbed identifies significantly more potential security issues than each of the compared smart contract analysing tools individually does. Indeed, we found 92% of our analysed contracts as potentially being vulnerable, while even the most sensitive tool only flagged 76% of its successfully analysed contracts. Furthermore, we observed that occasionally, two tools testing for the same vulnerability, contradict themselves in more than 81% of the contracts successfully analysed by both tools}, author = {Denk, Lukas}, keywords = {thesis_supervised_by_SSS_member}, month = {November}, school = {University of Würzburg}, title = {Testbed for Security Testing of Smart Contracts}, type = {Bachelor Thesis}, year = 2020 }
Detection of Software Vulnerabilities in Smart Contracts using Deep Learning Lutz, Oliver; Thesis; University of Würzburg. (2020, October).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Der Missbrauch von Programmierfehlern in Kryptowährungsplattformen kann zu großen wirtschaftlichen Schäden fuhren. Deshalb wird in dieser Arbeit analysiert, wie Deep-Learning genutzt werden kann, um Schwachstellen in Ethereum Smart Contracts aufzudecken. Als Ergebnis ist ein Framework entwickelt worden, das sich um die Datengewinnung, Vorklassifizierung und Modellbildung kummert. Mit diesem Framework können Deep-Learning-Modelle entwickelt, trainiert und evaluiert werden, um einen KI-Scanner zu erstellen. Selbst bei einfachen neuronalen Netz-Architekturen erreicht der KI-Scanner, der acht verschiedene Arten von Schwachstellen erkennen kann, eine Genauigkeit von 98%. Dieser KI-Scanner kann zur weiteren Verwendung eingesetzt werden. Er kann jedoch auch um Schwachstellentypen erweitert werden, um ein noch mächtigeres Tool zu bilden.

@mastersthesis{lutz2020detection, abstract = {Der Missbrauch von Programmierfehlern in Kryptowährungsplattformen kann zu großen wirtschaftlichen Schäden fuhren. Deshalb wird in dieser Arbeit analysiert, wie Deep-Learning genutzt werden kann, um Schwachstellen in Ethereum Smart Contracts aufzudecken. Als Ergebnis ist ein Framework entwickelt worden, das sich um die Datengewinnung, Vorklassifizierung und Modellbildung kummert. Mit diesem Framework können Deep-Learning-Modelle entwickelt, trainiert und evaluiert werden, um einen KI-Scanner zu erstellen. Selbst bei einfachen neuronalen Netz-Architekturen erreicht der KI-Scanner, der acht verschiedene Arten von Schwachstellen erkennen kann, eine Genauigkeit von 98%. Dieser KI-Scanner kann zur weiteren Verwendung eingesetzt werden. Er kann jedoch auch um Schwachstellentypen erweitert werden, um ein noch mächtigeres Tool zu bilden.}, author = {Lutz, Oliver}, keywords = {thesis_supervised_by_SSS_member}, month = {October}, school = {University of Würzburg}, title = {Detection of Software Vulnerabilities in Smart Contracts using Deep Learning}, type = {Master Thesis}, year = 2020 }
Evaluating the Privacy of Contact Discovery Sendner, Christoph; Thesis; University of Würzburg. (2020, July).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Currently deployed contact discovery of mobile messengers is based on the transmission of phone numbers to the service provider. This information is private and anonymized by hashing them. In this work, we show, that this anonymization is pseudo-anonymous and can easily be broken by an attacker. For that, we develop two hash reversal techniques: one using brute-force approach and another one using look-up databases. We provide generic architectures for each of the ap- proaches. Additionally, we provide and compare two instantiations for each. Furthermore, we evaluate and compare them to the third approach based on rainbow tables. The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup databases, this approach is however costly in terms of memory – it would require over 10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an astonishing performance, being able to reverse any mobile number in under 100 seconds using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes with a success rate of over 99.99%. The results of our evaluation demonstrate, that hash reversals of mobile phone numbers are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile phone numbers and de-anonymize personally identifiable information – like phone numbers transmitted to the service provider of mobile messenger apps.

@mastersthesis{sendner2020contactdiscovery, abstract = {Currently deployed contact discovery of mobile messengers is based on the transmission of phone numbers to the service provider. This information is private and anonymized by hashing them. In this work, we show, that this anonymization is pseudo-anonymous and can easily be broken by an attacker. For that, we develop two hash reversal techniques: one using brute-force approach and another one using look-up databases. We provide generic architectures for each of the ap- proaches. Additionally, we provide and compare two instantiations for each. Furthermore, we evaluate and compare them to the third approach based on rainbow tables. The evaluation shows near instant lookup-times of under 0.1 ms using in-memory lookup databases, this approach is however costly in terms of memory – it would require over 10 TB RAM, which would be difficult to obtain. Our brute-force approach shows an astonishing performance, being able to reverse any mobile number in under 100 seconds using consumer-level hardware. The rainbow tables produce lookup-times of 4.5 minutes with a success rate of over 99.99%. The results of our evaluation demonstrate, that hash reversals of mobile phone numbers are practical and near instant. Thus, an attacker can easily reverse hash digests of mobile phone numbers and de-anonymize personally identifiable information – like phone numbers transmitted to the service provider of mobile messenger apps.}, author = {Sendner, Christoph}, keywords = {thesis_supervised_by_sss_member}, month = {July}, school = {University of Würzburg}, title = {Evaluating the Privacy of Contact Discovery}, type = {Master Thesis}, year = 2020 }
Strategies for the Security Assessment of IoT Devices by Certification Authorities Finke, Moritz Anton; Thesis; University of Würzburg; University of Würzburg. (2020, May).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
The Internet of Things (IoT) is a global infrastructure that interconnects physical and virtual things based on evolving information and communication technologies. Along with the rise of the IoT, multiple unprecedented forms of security issues and attacks have emerged. While their limited resources disallow the utilization of computing-intensive security measures, the services of IoT devices represent an attractive target for vulnerability exploitation. Certification Authorities (CAs) have responded to the trend and offer security assessments and certification for IoT devices. To ensure qualitative and fair certification, security testing requires well-defined strategies. This bachelor thesis analyzes the existing IoT security assessment models and proposes a novel, CA oriented Testing Guide Model (TGM) for standardized and reproducible assessments. The TGM describes a complete security assessment approach for application in IoT device security certification procedures of CAs. As part of the bachelor thesis, the TGM is specified, implemented, and its applicability evaluated with the help of existing IoT devices. CAs account for the security of certified products. The certification of devices that (subsequently) prove to be insecure can lead to a consumer's loss of trust in the CA. Therefore, the decision for issuing certificates must be comprehensible and made carefully. For the risk estimation of security issues and vulnerabilities, it is common to make use of numerical scoring systems. Well-defined scoring systems allow precise and reproducible estimations. In addition to the introduction of the TGM, this bachelor thesis analyzes the scoring systems established in the field of IT security in regard to their applicability for the scoring of IoT related vulnerabilities, complete IoT devices, and for the specific requirements of CAs. This thesis uncovers incompatibilities and insufficiencies in the existing systems that disallow application for the scoring of IoT devices and for application by CAs. To counter these issues, the thesis introduces a novel Security Scoring System (SSS) for rating IoT devices based on the risks of their vulnerabilities, services, and operational contexts. The SSS is integrated into the TGM, implemented in software, and evaluated with a comparison to the existing scoring systems. To summarize, the contributions of this bachelor thesis are two novel models for the security assessment of devices of the IoT: the TGM and the SSS. The models are intended to find application for CAs and both standardize and improve the security testing and assessment procedures.

@mastersthesis{finke2020strategies, abstract = {The Internet of Things (IoT) is a global infrastructure that interconnects physical and virtual things based on evolving information and communication technologies. Along with the rise of the IoT, multiple unprecedented forms of security issues and attacks have emerged. While their limited resources disallow the utilization of computing-intensive security measures, the services of IoT devices represent an attractive target for vulnerability exploitation. Certification Authorities (CAs) have responded to the trend and offer security assessments and certification for IoT devices. To ensure qualitative and fair certification, security testing requires well-defined strategies. This bachelor thesis analyzes the existing IoT security assessment models and proposes a novel, CA oriented Testing Guide Model (TGM) for standardized and reproducible assessments. The TGM describes a complete security assessment approach for application in IoT device security certification procedures of CAs. As part of the bachelor thesis, the TGM is specified, implemented, and its applicability evaluated with the help of existing IoT devices. CAs account for the security of certified products. The certification of devices that (subsequently) prove to be insecure can lead to a consumer's loss of trust in the CA. Therefore, the decision for issuing certificates must be comprehensible and made carefully. For the risk estimation of security issues and vulnerabilities, it is common to make use of numerical scoring systems. Well-defined scoring systems allow precise and reproducible estimations. In addition to the introduction of the TGM, this bachelor thesis analyzes the scoring systems established in the field of IT security in regard to their applicability for the scoring of IoT related vulnerabilities, complete IoT devices, and for the specific requirements of CAs. This thesis uncovers incompatibilities and insufficiencies in the existing systems that disallow application for the scoring of IoT devices and for application by CAs. To counter these issues, the thesis introduces a novel Security Scoring System (SSS) for rating IoT devices based on the risks of their vulnerabilities, services, and operational contexts. The SSS is integrated into the TGM, implemented in software, and evaluated with a comparison to the existing scoring systems. To summarize, the contributions of this bachelor thesis are two novel models for the security assessment of devices of the IoT: the TGM and the SSS. The models are intended to find application for CAs and both standardize and improve the security testing and assessment procedures.}, address = {University of Würzburg}, author = {Finke, Moritz Anton}, keywords = {thesis_supervised_by_SSS_member}, month = {may}, school = {University of Würzburg}, title = {Strategies for the Security Assessment of IoT Devices by Certification Authorities}, type = {Bachelor Thesis}, year = 2020 }

2019[ to top ]

Implementation and Evaluation of a Group Encryption Scheme Ten, Peter; Thesis; University of Würzburg. (2019, December).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
@mastersthesis{2019-BA-Peter-Ten, author = {Ten, Peter}, keywords = {thesis_supervised_by_SSS_member}, month = {December}, school = {University of Würzburg}, title = {Implementation and Evaluation of a Group Encryption Scheme}, type = {Bachelor Thesis}, year = 2019 }

2018[ to top ]

Hardening Bitcoin Against Off-Topic Data Inclusion Attacks Seeg, Andreas; Thesis; University of Würzburg. (2018, August).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Bitcoin is a novel peer to peer payment network that was started in 2009 and that has since flourished, gaining acceptance all over the world. By contributing their resourcefulness as network connectivity and computing power, all participants are creating the the Bitcoin network together. Designed as an open source software system, the participation rules for this network are not upheld by humans, but implemented in code, and generally allow anyone to join or leave the network at will.Since the time of Bitcoin’s inception, software errors had to be fixed and network attacks that tried to make parts of the network unavailable have been endured. This thesis provides a solution to the problem of illegal data inclusions within the blockchain, a data structure that cannot easily be changed and that has to be transmitted to participants of Bitcoin.The flaw, i.e. the possibility for any user of Bitcoin to potentially include illegal data and therefore illegalizes the whole blockchain, is not just a software flaw, but can be seen as a structural one if free participation and uncensorable payments are to be provided.The proposal to solve the problem is layered in two tiers. The first tier prevents effective data inclusion for some standard payment functions within Bitcoin. This allows participants to be certain that these transactions do not contain bad data, allowing them to be included into Bitcoin blocks. It also solves the problem of illegal data permanently occupying valuable resources on Bitcoin nodes, as parts of the provably clean transactions are generally held in RAM until they have been spent. The prevention mechanism is essentially a system that provides proof that bitcoins were sent to actual Bitcoin addresses,stopping data inclusion by address fields abusal.The second tier consists of rule changes for Bitcoin. First of all, all non-standard payment transactions are removed from Bitcoin, with the exception of the more computationally flexible and popular P2SH transactions. This limits the avenues for data inclusion in Bitcoin without destroying its flexibility or its smart contract capabilities. Then, P2SHtransactions are redesigned to allow for a more fine grained deletion of their data, so only offending parts could be removed without destroying the integrity of the rest. Finally, a special type of transaction is introduced that allows censorship of just the signature data of a P2SH transaction. This transaction has to include a payment equal to the Bitcoin provided by the previous P2SH transaction, however. By adding this requirement, the system is protected from becoming open to money creation attacks that might inflate the currency without the agreement of all participants.With these changes, illegal data inclusion becomes either impossible, or they can be re-moved without destroying the integrity of the payment system as a whole or for payments that have already happened.Implementing all proposed changes would go beyond the scope of a master thesis. Tier1 of the presented solution has been implemented as a proof-of-concept, though. As a basis, the most popular Bitcoin node software, Bitcoin Core, has been used. Additionally,the ideas behind tier 2 are explained in full, and the potential impact on the system is discussed.v This thesis also covers previous attempts to allow for data removal in similar systems. Their discussion is meant to encourage the adoption of the presented proposal, as it should causeless disruption than some more extreme measurements that might introduce centralization into a system that was meant to run decentralized.

@mastersthesis{seeg2018hardening, abstract = {Bitcoin is a novel peer to peer payment network that was started in 2009 and that has since flourished, gaining acceptance all over the world. By contributing their resourcefulness as network connectivity and computing power, all participants are creating the the Bitcoin network together. Designed as an open source software system, the participation rules for this network are not upheld by humans, but implemented in code, and generally allow anyone to join or leave the network at will.Since the time of Bitcoin’s inception, software errors had to be fixed and network attacks that tried to make parts of the network unavailable have been endured. This thesis provides a solution to the problem of illegal data inclusions within the blockchain, a data structure that cannot easily be changed and that has to be transmitted to participants of Bitcoin.The flaw, i.e. the possibility for any user of Bitcoin to potentially include illegal data and therefore illegalizes the whole blockchain, is not just a software flaw, but can be seen as a structural one if free participation and uncensorable payments are to be provided.The proposal to solve the problem is layered in two tiers. The first tier prevents effective data inclusion for some standard payment functions within Bitcoin. This allows participants to be certain that these transactions do not contain bad data, allowing them to be included into Bitcoin blocks. It also solves the problem of illegal data permanently occupying valuable resources on Bitcoin nodes, as parts of the provably clean transactions are generally held in RAM until they have been spent. The prevention mechanism is essentially a system that provides proof that bitcoins were sent to actual Bitcoin addresses,stopping data inclusion by address fields abusal.The second tier consists of rule changes for Bitcoin. First of all, all non-standard payment transactions are removed from Bitcoin, with the exception of the more computationally flexible and popular P2SH transactions. This limits the avenues for data inclusion in Bitcoin without destroying its flexibility or its smart contract capabilities. Then, P2SHtransactions are redesigned to allow for a more fine grained deletion of their data, so only offending parts could be removed without destroying the integrity of the rest. Finally, a special type of transaction is introduced that allows censorship of just the signature data of a P2SH transaction. This transaction has to include a payment equal to the Bitcoin provided by the previous P2SH transaction, however. By adding this requirement, the system is protected from becoming open to money creation attacks that might inflate the currency without the agreement of all participants.With these changes, illegal data inclusion becomes either impossible, or they can be re-moved without destroying the integrity of the payment system as a whole or for payments that have already happened.Implementing all proposed changes would go beyond the scope of a master thesis. Tier1 of the presented solution has been implemented as a proof-of-concept, though. As a basis, the most popular Bitcoin node software, Bitcoin Core, has been used. Additionally,the ideas behind tier 2 are explained in full, and the potential impact on the system is discussed.v This thesis also covers previous attempts to allow for data removal in similar systems. Their discussion is meant to encourage the adoption of the presented proposal, as it should causeless disruption than some more extreme measurements that might introduce centralization into a system that was meant to run decentralized.}, author = {Seeg, Andreas}, keywords = {thesis_supervised_by_SSS_member}, month = {aug}, school = {University of Würzburg}, title = {Hardening Bitcoin Against Off-Topic Data Inclusion Attacks}, type = {Master Thesis}, year = 2018 }
Design of a Shared Parking System with Special Attention to Security Aspects Englert, Simon; Thesis; University of Würzburg. (2018, August).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
As major cities are growing more and more, the parking situation in those cities is becoming more precarious than ever. Parking demand already exceeds the limited amount of parking spaces available, and thus people searching for a place to park generate a significant part of those cities traffic. This leads to frustration with drivers, more traffic jams, unnecessary use of petrol and further air pollution. The creation of new parking spaces is often either difficult or very expansive, which means existing parking spots have to be used more efficiently. Solutions realizing that idea to try and solve those problems are for the most part called intelligent parking systems. This thesis is focused on Shared Parking, a special kind of intelligent parking system, which opens the possibility of sharing a parking place between different people. This work features the design and implementation of such a system with special attention given to security aspects.

@mastersthesis{2018-BA-Simon-Engelert, abstract = {As major cities are growing more and more, the parking situation in those cities is becoming more precarious than ever. Parking demand already exceeds the limited amount of parking spaces available, and thus people searching for a place to park generate a significant part of those cities traffic. This leads to frustration with drivers, more traffic jams, unnecessary use of petrol and further air pollution. The creation of new parking spaces is often either difficult or very expansive, which means existing parking spots have to be used more efficiently. Solutions realizing that idea to try and solve those problems are for the most part called intelligent parking systems. This thesis is focused on Shared Parking, a special kind of intelligent parking system, which opens the possibility of sharing a parking place between different people. This work features the design and implementation of such a system with special attention given to security aspects.}, author = {Englert, Simon}, keywords = {thesis_supervised_by_sss_member}, month = {August}, school = {University of Würzburg}, title = {Design of a Shared Parking System with Special Attention to Security Aspects}, type = {Bachelor Thesis}, year = 2018 }
DIMAQS - Dynamic Identiﬁcation of Malicious Query Sequences Jobst, Michael; Thesis; University of Würzburg. (2018, July).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
Ransomware is an emerging threat which imposed 5 billion USD loss in 2017 and is predicted to hit 11.5 billion in 2019. While initially targeting PC (client) platforms,recently it made a leap to server-side databases – in January 2017 we faced MongoDB Apocalypse attack, followed by other attack waves targeting a wide range of DB technologies such as MongoDB, MySQL, ElasticSearch, Cassandra, Hadoop, and CouchDB. While previous research has developed countermeasures against client-side ransomware (e.g., CryptoDrop and ShieldFS), no attention was given to the problem of server-side ransomware yet.This thesis aims to bridge this gap and presents design and implementation of the tool DIMAQS (Dynamic Identification of Malicious Query Sequences) for MySQL servers that can efficiently and effectively detect server-side ransomware. DIMAQS performs run-time monitoring of incoming queries and pattern matching using a Colored Petri Net (CPN) for attack detection. The system design of DIMAQS exhibits several novel techniques to enable efficient detection of malicious query sequences globally (i.e., without limiting detection to distinct user connections). Evaluation results show high efficiency with no false positives and no false negatives,and a very moderate performance overhead (for a run-time monitoring tool) of under5% in worst case scenarios.

@mastersthesis{jobst2018dimaqs, abstract = {Ransomware is an emerging threat which imposed 5 billion USD loss in 2017 and is predicted to hit 11.5 billion in 2019. While initially targeting PC (client) platforms,recently it made a leap to server-side databases – in January 2017 we faced MongoDB Apocalypse attack, followed by other attack waves targeting a wide range of DB technologies such as MongoDB, MySQL, ElasticSearch, Cassandra, Hadoop, and CouchDB. While previous research has developed countermeasures against client-side ransomware (e.g., CryptoDrop and ShieldFS), no attention was given to the problem of server-side ransomware yet.This thesis aims to bridge this gap and presents design and implementation of the tool DIMAQS (Dynamic Identification of Malicious Query Sequences) for MySQL servers that can efficiently and effectively detect server-side ransomware. DIMAQS performs run-time monitoring of incoming queries and pattern matching using a Colored Petri Net (CPN) for attack detection. The system design of DIMAQS exhibits several novel techniques to enable efficient detection of malicious query sequences globally (i.e., without limiting detection to distinct user connections). Evaluation results show high efficiency with no false positives and no false negatives,and a very moderate performance overhead (for a run-time monitoring tool) of under5% in worst case scenarios.}, author = {Jobst, Michael}, keywords = {thesis_supervised_by_SSS_member}, month = {June}, school = {University of Würzburg}, title = {DIMAQS - Dynamic Identiﬁcation of Malicious Query Sequences}, type = {Master Thesis}, year = 2018 }