Bachelor Theses

Security of e-scooters

TIER, Arolla, Wind, Lime, voi. ... after only two month e-scooters are all over Linz. The idea has been picked up pretty well and even the StVO (traffic rules) is going to be updated to bring (legal) clarity for the use of them. Besides all the positive voices, there is also quite some criticism, mainly about cityscape and safety. Above that, pushing to the market in such a short time frame also has the potential that security considerations have been left behind. Therefore, we are interested in various aspects of e-scooter security and have a few topics for bachelor theses to work on.
Contact: Michael Roland

Analysis and implementation of the iButton/1-Wire protocol (ELECTRONICS SKILLS REQUIRED)

The goal of this bachelor thesis project is to analyze the iButton®/1-Wire® protocol and to build an environment for reading and emulating iButton slave devices.
Contact: Michael Roland

Analyze the IDS Reports of the Tor exit node

The outgoing traffic of the tor exit node of the institute passes through the intrusion detection system of the university (IDS), which filters out attacks (not only those directed at the university, but everything which clearly malicious). The institute receives a weekly automated report from this IDS. These reports should be analyzed and statistics should be generated: Would it be useful to integrfate a mini IDS into an exit node? How many attacks are performed (in relation to the exit traffic)? How do they change over time? How "new" are the attacks discovered? Investigating the data for own measurements, trends etc is also part of the project.

Contact: Michael Sonntag

Implement a VoIP tap for Softphones (i.e. VoIP phones implemented as software running on a PS)

This should copy the network traffic and/or the sound output. This should then be run through libraries (to be obtained: Open Source like and speaker detection. This should then show feedback about who is talking how much (e.g. percent) and the mood of the speakers.

Contact: Michael Sonntag

Reconstructing internet video from a network trace

This should work for IP video telephony, but potentially also for other communications. The main task here is to handle missing parts, e.g. keeping the old picture or replacing it with "white/black screen". The sniffed traffic should then be playable and be accompanied by exact specifications what was found, and what/when there were "holes" filled.

Contact: Michael Sonntag

Implement an IDS as a docker container listening on a network interface

This is to be specially configured for the project DURCHBLICK (mobile robot for defusing bombs; INS works on communication and forensics).

Contact: Michael Sonntag

Nagios/Icinga/... plugin for verifying the presence of a video or voice stream on a router (or a monitoring port)

Additional configurations for source/target, properties (e.g. size, bandwidth). This is for verifying that e.g. a surveillance camera is still sending data to a monitoring system.

Contact: Michael Sonntag

Hidden data channel for car lights (ELECTRONICS SKILLS REQUIRED)

Develop the electronics for a normal car head-/tail-light (LEDs) to modulate the light to transmit data. Also build a receiver. Then test what data transmission rate is possible and when/under what conditions it becomes visible to humans.

Contact: Michael Sonntag

Implementation of an Android app for managing 802.1x based WLAN guest accounts

As part of a recent Master's thesis, server-side support for using 802.1x in home WLANs for guest accounts has been implemented on OpenWRT access points. The existing web interface should be extended towards more options for managing these guest accounts, and a corresponding Android app for the home owner's device should be created to ease the guest user management.
Test hardware in the form of an access point with OpenWRT and an Android phone are available.

Monitoring für Smart-Home Netzwerke

Ziel dieser Bachelorarbeit ist, bestehende Monitoring-System wie z.B. Nagios/Icinga, Zabbix, etc. speziell für "Smart Homes" zu evaluieren und einen Leitfaden zum Einsatz solcher Monitoring-Tools zur erstellen. Dabei sollten übliche Fehlerfälle wie z.B. ausgefallene Internetanbindung, DNS-Probleme, Ausfall (oder fehlende Aktualisierung) von DynDNS-Einträgen, Probleme mit VPN-Verbindungen, Nicht-Verfügbarkeit interner Services (z.B. NAS-Dienste, Webcams, etc.), Überlastung von WLANs, unüblich hohe Netzlasten, usw. per expliziten Tests abgedeckt und an Benutzer gemeldet werden können. Zum Testen können entweder das eigene Netzwerk oder ein Test-Netzwerk am Institut für Netzwerke und Sicherheit verwendet werden.

Contact: Michael Sonntag

Injecting URLs and other data to Smart TVs via DVB-T

The Institute of Networks and Security has software-defined radio hardware that should be suitable to create and inject DVB-T signals into receivers such as Smart TVs. The aim of this thesis is to reproduce the work shown in on how injected HbbTV URLs are automatically opened/executed on some Smart TVs to allow a remote code execution.


Software zur genauen und beweissicheren Dokumentation von Aktionen und Daten, die z.B. beim forensischen Zugriff auf einen fremden Webmail-Account erfolgen

Contact: Michael Sonntag

Asterisk als Anonymisierungsserver

Eingehende Telefonate weitervermitteln, ähnlich zu TOR (evtl. mittels VoIP + Ausgangsserver etc.)

Contact: Michael Sonntag

Targeted Metasploit Modules Identifying Exploits in Sophos SafeGuard Encryption

The objective of these projects (the work is planned to comprise multiple practical projects or multiple bachelor theses that each comprise at least one Metasploit module) is to create very specific Metasploit exploit modules that directly target (potential) vulnerabilities in our Sophos SafeGuard Encryption products.
An important demand of the developed modules is that they can be integrated (semi-)automated in a test environment to highlight and ultimately prevent security regression bugs of known and already fixed vulnerabilities in the future.
If despite of intensive penetration testing a potential vulnerability of the product can still not be practically exploited (or not in a automatable manner) the expected outcome of the project is a detailed report describing all the steps that were taken in investigating the issue as well as a recommendation on how to fix it.

Traces in Executables

Wie viele/welche Spuren bleiben bei verschiedenen Arten ein Programm zu übersetzen in der ausführbaren Datei zurück, die zum Account/Computer zurückführen? Sowohl direkt ("Das war Benutzeraccount X") als auch bei Zugriff auf diesen Computer ("Wurde sicher auf diesem Computer übersetzt") bzw. allgemein ("Muss Windows 8.1 gewesen sein"). Siehe auch

Contact: Michael Sonntag

Extraction of personally identifiable information from Wi-Fi (802.11) frames

The goal of this bachelor thesis project is to build an environment to passively collect (sniff) Wi-Fi communication and to extract data that could (potentially) be used to track or identify an individual. In particular, 802.11 management frames such as probe requests seem to broadcast usable information.
Contact: Michael Roland

Design and implementation of a Wi-Fi-enabled UART tap (ELECTRONICS SKILLS REQUIRED)

The goal of this bachelor thesis project is to build an UART-to-WLAN adapter that can be used to monitor, inject, and replace data transmitted over a UART transceiver (as e.g. used for RS232 or RS485).
Contact: Michael Roland