Topics of Interest

The topics we are either currently working on or are interested in

To give you and idea about our interests, the following (non-exhaustive) list provides some topics we would like to investigate. If you are a student looking for a thesis topic, this might be a good point to start.

Internet of Things (IoT) Security and Privacy

Static and Dynamic Firmware analysis
Update mechanisms for constrained IoT systems
Secure embedded operating systems for IoT applications
IoT network protocol security analysis
Identification of privacy leaks and protections for IoT devices and protocols

System Security

Binary analysis and de-obfuscation
Binary decompilation
Fuzzing
Automated exploitation
Binary rewriting & hardening

Hardware Security

Fault Injection attacks
Side-channel attacks

However, as said before, this list is non-exhaustive. If you are generally interested, but not completely sure about the specific topics, contact us and we might be able to figure something out. Or we might have other, unlisted topics, which could be of interest for you.

Furthermore, if you already have a topic in mind, which might not be listed here but does fit the general direction of the topics, contact us as well.

Additionally, we might also list some more specific topics here:

Automated Identification and Emulation of Web Service Binaries Extracted from IoT Linux Firmware Samples (several BAs/MAs are possible)

The IoT is exposed to ongoing malicious attacks. The large set of diverse hardware and software combined with the neglection of security best practices, such as the use of the same default credentials on all devices, the often non-existent update policies, and the lack of software hardening techniques render IoT and IIoT devices an ideal target for attackers.

Idea Can we check with a static analyzer if a source code or a binary is prone to fault injection (e.g. voltage FI)? Can we patch the source code / binary (https://research.

Implementing Obfuscations as Additional LLVM Passes

Modern research on reverse engineering and binary analysis requires large datasets, e.g. for developing machine learning algorithms, and the corresponding ground truth. These datasets are usually generated by collecting open source repositories and compiling them with the needed compiler settings.

Nyx-Net on Embedded Systems

The Nyx fuzzer is a fuzzing project built around current top-research the field of fuzzing. A sub-project, Nyx-Net, provides a full-VM snapshot fuzzer for complex network-based targets. An interesting direction of research is how one could take Nyx-Net and extend it to work with embedded systems protocols, e.

Plugins for OSS Tools (e.g. Ghidra)

A lot of published research relies on proprietary tools, like IDA, to generate the ground truth for the methods they implement. In addition, certain tasks, e.g. during binary analysis, might be very common, but not supported by the tool itself or with plugins only existing for proprietary tools.

Research Projects at a Glance

Past and present project involvements

Here you can find further information on some of the research projects that we are either currently involved in, or have been involved in in the past. Our research focuses mostly on Security of IoT and embedded devices. But we are additionally interested in privacy aspects of such technologies.

FiBack

Semiautomatic Methods for finding hidden Backdoors

Georg Merzdovnik, Christian Kudera, Michael Pucher

AutoHoney(I)IoT

Automated Device Independent Honeypot Generation of IoT and Industrial IoT Devices

Christian Kudera, Georg Merzdovnik