Employees of SBA Research work and teach at Austrian universities and universities of applied sciences. We are supervising Bachelor, Master and PhD theses and are offering internships – for further details, please see below, and don’t hesitate to contact our researchers directly!

Research Areas and Topics

Security and Privacy in Machine Learning

Below is a list of topics related to security and privacy aspects of Machine Learning / Data Mining / Artificial Intelligence. If you are interested, please contact Rudolf Mayer

Adversarial Machine Learning:

A good overview talk (in German) into Adversarial Machine Learning is given by Konrad Rieck: “Sicherheitslücken in der künstlichen Intelligenz”: https://www.youtube.com/watch?v=j6nRPg2Y62w  

• Adversarial Inputs (resp. robustness against adversarial inputs)
  – Intro papers: “Explaining and Harnessing Adversarial Examples” (https://arxiv.org/abs/1412.6572), S&P 2017 paper on “Towards Evaluating the Robustness of Neural Networks” (https://arxiv.org/abs/1608.04644, “Making machine learning robust against adversarial inputs” (https://dl.acm.org/citation.cfm?id=3134599)
  – Video: https://www.youtube.com/watch?v=yIXNL88JBWQ)
  – Goal: systematically analyse existing evasion attacks and defenses and develop new attacks/defenses in specific application domains (such as industrial productions systems (https://www.sqi.at)).
• Backdoor (data poisoning) attacks & defenses
  – Intro papers, e.g. “Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning” (https://arxiv.org/abs/1712.05526) or “BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain” (https://arxiv.org/abs/1708.06733)
  – Video: a talk about one defense mechanism: https://www.youtube.com/watch?v=krVLXbGdlEg
  – Goal: analyse and evaluate attack vectors for poisoning attacks, evaluate their effectiveness and side-effects, as well as existing defenses, and develop new detection/defense mechanisms
• Membership inference attack
  – Intro papers: “Membership Inference Attacks against Machine Learning Models” (https://arxiv.org/abs/1610.05820)
  – Video: Reza Shokri, “Membership Inference Attacks against Machine Learning Models”: https://www.youtube.com/watch?v=rDm1n2gceJY
  – Goal: analyse and evaluate attack scenarios for membership inference, analyse existing attack and defense patterns, and develop new mechanisms
• Other attacks e.g.
  – Model stealing (Paper “Stealing Machine Learning Models via Prediction APIs” (https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/tramer,
  – Video: http://0b4af6cdc2f0c5998459-c0245c5c937c5dedcca3f1764ecc9b2f.r43.cf2.rackcdn.com/sec16/tramer.mp4)
  – Model inversion: Paper “Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures” (https://www.semanticscholar.org/paper/Model-Inversion-Attacks-that-Exploit-Confidence-and-Fredrikson-Jha/721c4169f2f81d2f0b475381a5af46589d36ef92)

Privacy-preserving Machine Learning / Data Mining

Privacy-preserving analysis of data is becoming more relevant with the increasing amount of personal data being gathered. Several different approaches aiming at this problem exist, e.g.:

• Privacy-preserving data publishing
  – k-anonymity, l-diversity, etc.
  – Differential privacy, including local differential privacy
  – Synthetic data generation
  – Goal: evaluation of privacy protection, utility of the published data, novel attack mechanisms, application of differential privacy to machine learning models, …
• Privacy-preserving computation
  – Secure Multi-party computation (SMPC / MPC). Teaser video: https://www.youtube.com/watch?v=l25jcolQW6Q, more detailed explanation: https://www.youtube.com/watch?v=NOtsxHoIcWQ
  – Homomorphic encryption. Intro Video: https://www.youtube.com/watch?v=f-85Tmr7ZWY, https://www.youtube.com/watch?v=xlcb_G1_rzk
  – Federated learning (e.g. https://federated.withgoogle.com/)
  – Goal: evaluation of effectiveness (e.g. accuracy) and efficiency of privacy-preserving approaches, compared to a base line of centralised learning. Application of approaches to new algorithms, data types, etc.

Watermarking / fingerprinting of datasets

• Goal: evaluation of schemes for their robustness of attacks, vs. their data utility, e.g. measured by effectiveness in machine learning tasks

Digital Sustainability

• Understanding runtime system behaviour: How can the runtime behaviour of a complex systems be described, modelled and monitored/checked?: Alexander Schatten
  • Literature research and interviews on status quo
  • Implementation of a model e.g.
    • Demonstrate a complex yet resilient component based infrastructure by implementing a (Netflix) Chaos Monkey demonstration setup with Docker/Kubernetes components.
    • Runtime analysis of selected open source system(s): use debug interface of (Java) virtual machine to analyse runtime behaviour, draw a “code-landscape” and identify processes.
  • These topics can also be split into several thesis
• Understanding and Handling Complexity: Complexity and software systems: Alexander Schatten
  • Find indicators to quantify complexity in software systems and organisations
  • Find and describe systemic patterns and complexity drivers that can help to understand problems in large software systems
  • Analyse typical software and architecture patterns with focus on complexity
  • Analyse the complexity of selected Open Source projects following established complexity- and entropy-indicators. This might include static code analysis and analysis of code changes (source code repository).
• Understanding and Handling Complexity: Mapping program language related complexity: Alexander Schatten
  • Find useful dimensions of comparison
  • intrinsic complicatedness
  • extrinsic complexity
• Management and Organisational Dynamic: Map existing IT management frameworks and patterns like ITIL, COBIT, SAFE, ISO9001: Alexander Schatten
  • find useful dimensions for comparison
  • outline overlaps and interfaces
  • describe conflicts and usage scenarios
• Management and Organisational Dynamic: Analyse organisational hierarchies, setup and processes (cooperation of business partners required): Alexander Schatten
  • Interface between business and IT to derive factors that lead to success or failure
  • Implement a dynamic simulation of an organisation and deduce efficiency “bottle-necks” using e.g. queuing theory

Security for Cyber Physical Production Systems

• Network Security in CPPS. Which tools (like metasploit) are readily available for pentesting CPPS (instead of business systems)? Edgar Weippl
• Forensics Analysis in CPPS. Which tools exist that can be used to analyse CPPS? Are there guidelines on how to proceed? Edgar Weippl
• Secure Software Engineering Processes in CPPS. Edgar Weippl

Combinatorial Testing for Information Security

• Test case generation for security testing: Dimitris Simos
• Combinatorial testing for hardware malware detection: Dimitris Simos
• Linux kernel testing for security bugs: Dimitris Simos
• Security protocol testing: Dimitris Simos
• Web application security testing: Dimitris Simos
• Combinatorial Testing of Tor Network: Dimitris Simos
• Mathematical modelling and analysis of security vulnerabilities: Dimitris Simos
• Optimizations Algorithms for Combinatorial Testing: Dimitris Simos
• Discrete Structures for fault-localization in Combinatorial Testing: Dimitris Simos

For more details or additional topics please have a look at: https://matris.sba-research.org/positions/

Cryptocurrencies

• Bitcoin scalability simulations: Aljosha Judmayer
• P2P networking aspects of cryptocurrencies: Aljosha Judmayer
• Alternative consensus/mining methods: Aljosha Judmayer
• Alternative applications and designs of block chain based consensus Systems: Aljosha Judmayer
• Bitcoin wallet Security: Aljosha Judmayer
• Altcoin evaluation and categorisation: Aljosha Judmayer
• Impact of cryptocurrencies on power grid stability (statistical analysis): Johanna Ullrich
• Power consumption of cryptocurrencies: Johanna Ullrich

Cryptography

• Cryptographic engineering for security applications: Dimitris Simos
• Hard problems for post-quantum cryptography: Dimitris Simos
• Mathematical properties for testing implementations of crypto schemes: Dimitris Simos
• Randomness extractors from discrete structures: Dimitris Simos
• Design Estimators for quantum protocols: Dimitris Simos

Fileformat Security

• File-format hacks (such as funky file formats): Edgar Weippl
• Hiding executable code in data files (such as Word, etc.): Edgar Weippl

Internet of Things (IoT) Security and Privacy

• Update mechanisms for constrained IoT systems
• Secure embedded operating systems for IoT applications: Georg Merzdovnik
• IoT network protocol security analysis
• Privacy leaks and protections for IoT devices and protocols
• Lightweight intrusion detection for IoT systems: Georg Merzdovnik
• Efficient implementation of security and cryptography for IoT
• Moving-target defenses in IoT environments
• Resilient communication protocols for IoT

Internet of Things (IoT) – Constrained Networks

• Integration of RIOT OS into SecureWSN
  – TinyIPFIX for Data Gathering
  – Aggregation Support
• Implementation of security solutions
• Optimization of system lifetime using energy harvesting mechanisms
• Extention of visualization mechanisms
• Integration of warning system for unnormal behavior (e.g., wrong values or to high packet loss rate)
• Integration of “Trust-Check” for devices
• Establishment of bidirectional communication (e.g., for updating purposes of intervals)

Topic description available under https://corinna-schmitt.de/student-theses.html

Power Consumption and Power Grid

• Power grid modelling (foreign languages beyond English helpful): Johanna Ullrich
• Resilience analysis of the power grid: Johanna Ullrich
• Power consumption modulation measurements (GPU, CPU, disk access, etc.): Johanna Ullrich
• Power consumption of Security Measures: Johanna Ullrich
• Power comsumption of TLS Implementations: Johanna Ullrich
• Power consumption of Secure Mailing: Johanna Ullrich
• Power consumption of SSH: Johanna Ullrich

Attacks against cyber-physical systems

• Physics-based attack modelling: Johanna Ullrich
• Physics-based intrusion detection: Johanna Ullrich 
• POSIX blackbox live forensic: Aljosha Judmayer

Mobile Security and Privacy

• Dynamic Instrumentation: Georg Merzdovnik
• Static code deobfuscation: Georg Merzdovnik
• Android native code analysis: Georg Merzdovnik
• Mobile OS Security (Firefox OS, Tizen,…): Georg Merzdovnik
• On-Device application analysis: Georg Merzdovnik

Network Security

• Internet measurement experiments: Johanna Ullrich
• Internet cartography: Johanna Ullrich
• Fingerprinting over the network: Johanna Ullrich
• IPv6 deployment: Johanna Ullrich
• IPv4/IPv6 sibling detection: Johanna Ullrich
• Comparison of IPv4/IPv6 Internet characteristics: Johanna Ullrich
• IPv6 scanning and reconnaissance: Johanna Ullrich
• Methods against Internet measurement (Anti-Census-Approaches): Johanna Ullrich
• Long term observations of IPv6 addresses: Johanna Ullrich
• Covert and side channel development: Johanna Ullrich
• Modelling of networking capabilities of hypervisors (Xen, KVM, etc.): Johanna Ullrich
• Modelling of networking capabilities of containers: Johanna Ullrich

Privacy Enhancing Technologies & Net Neutrality

• Tor network measurements: Wilfried Mayer
• Tor relay operator transparency: Wilfried Mayer
• Impact of Certificate Transparency on non-HTTPS-based ecosystems: Wilfried Mayer
• Censorship measurement technologies: Wilfried Mayer
• Net neutrality measurements: Wilfried Mayer
• Transparency of Internet-based protocols: Wilfried Mayer
• DoH & DoT measurements: Wilfried Mayer
• Measuring the impact of legislative changes in the Internet: Wilfried Mayer

Research in Information Security

• Comparing military research and academic research – analysis of de-classified content: Edgar Weippl
• Analysis of security in standardization processes: Johanna Ullrich

Software Security

• Source code analysis in code repositories: Edgar Weippl

System Security

• x64 binary analysis and de-obfuscation: Georg Merzdovnik
• Binary decompilation: Georg Merzdovnik
• Automated exploitation: Georg Merzdovnik
• Binary rewriting & hardening: Georg Merzdovnik
• Container based virtualization Security: Aljosha Judmayer
• Linux based local privilege escalation attacks case study: Aljosha Judmayer

Usable Security

• Usable crypography: Matthias Gusenbauer (remote)
• Usability of cryptographic protocols: Matthias Gusenbauer (remote)
• Usability of privacy enhancing technologies: Matthias Gusenbauer (remote)
• Trust in technology. How do humans form tust in technology artifacts?: Matthias Gusenbauer (remote)
• Incorporating trust in usability guidelines for secure software development: Matthias Gusenbauer (remote)
• Usable Security. Developing a guideline of how to do research correctly: Edgar Weippl

Links

• TexnicCenter
• IEEE Template for LaTeX and Word
• TISS