Theses Topics

We currently offer thesis topics in four main research areas. Below you find a short description of each area together with contact people for different sub-areas.



Runtime Enforcement

When a program does not comply with given security requirements itself, one can employ a dynamic enforcement mechanism to make the program compliant while it is executed. A dynamic enforcement mechanism can be seen as an encapsulation that protects a program from a malicious environment or, vice versa, the environment from a malicious program. Dynamic enforcement is an active research area which comprises both theoretical aspects (e.g., the question which security policies are enforceable) as well as practical aspects (e.g., how to implement dynamic enforcement mechanisms). At MAIS, we particularly focus on distributed dynamic enforcement, which bears challenges like race conditions and incomplete information about the global state of the program.

Runtime Enforcement
Potential areas for theses
  • Efficient runtime enforcement for distributed applications (contact Richard Gay.)
  • Policy languages for decentralized distributed runtime enforcement (contact Richard Gay.)
  • Security enforcement in Android applications / smart phones, service-oriented architectures, business processes, file systems, etc. (contact Tobias Hamann)
  • Runtime enforcement for distributed applications with dynamically joining and leaving components (contact Yuri Gil Dantas)


Security Engineering

Creating information systems that process private information requires special care to ensure the systems' security. Deferring the consideration of security aspects until the system is implemented is risky since the mitigation of security issues may require expensive changes to the system's design. The approach of security engineering is to determine security requirements upfront and design the system such that it conforms these requirements.

At MAIS, we develop methodology and tools for the design and verification of secure information systems and investigate how these designs can be implemented such that their security guarantees are preserved.

Potential areas for theses
  • Information flow security by design (contact Markus Tasch)


Information-flow Security

When running a program that requires access to confidential data, one wants to be sure that no information about the confidential data is leaked to untrusted third parties. For instance, a banking application requires access to a user's login credentials, but no information about the login credentials must be leaked to the developers of the app even if they legitimately receive other information, e.g. usage statistics. Such security requirements can be formally expressed with information-flow properties. Program analysis techniques, such as security type systems, can check automatically whether a program satisfies a given information-flow property. In the scenario of the banking application, a positive result of the analysis combined with a so-called soundness result for the analysis technique guarantees that no information about the user's login crendentials is leaked to the developers.

At MAIS, we develop and improve information-flow properties, and sound analysis techniques for these properties. Furthermore, we develop tools for the automatic verification of programs based on these analysis techniques.

Potential areas for theses
  • Automated information flow analysis of programs (contact David Schneider)
  • Concurrency features and their impact on information-flow security (contact Matthias Perner)
  • Software security for mobile devices (contact David Schneider)


Side-Channel Analysis and Mitigation

Side channels are unintended indirect flows of information revealed by physical executions of a computer program. Examples of side channels include program's running time, cache behavior, power consumption, electromagnetic radiation, etc. Such unintended flows of information may be correlated to secrets e.g., private cryptographic keys, and this makes side channels a severe security vulnerability. By exploiting such correlation, the hacker can recover the secrets, and this is known as a side-channel attack. Due to improvements in security protection mechanisms traditional security vulnerabilities like programming bugs, are getting harder to exploit, and that is why side channels are becoming now more and more attractive to hackers. Among different types of side channels, timing side channels are particularly critical since timing attacks can be mounted remotely over computer networks and do not require direct physical access to the system under attack.

At MAIS, we develop methods and tools for sound detection of timing side channels, assessment of their seriousness, construction of timing attacks and design of proper countermeasures.

Sample topics for theses
A A A | Print | Imprint | Sitemap | Contact
zum Seitenanfang