Search

AppSec - Applied Security
AppSec - Applied Security
  • Blog
  • People
  • Research
  • Publications
  • Contact
    Contact Us Impressum
  • Light Dark Automatic

BSc

Automated Identification and Emulation of Web Service Binaries Extracted from IoT Linux Firmware Samples (several BAs/MAs are possible)
The IoT is exposed to ongoing malicious attacks. The large set of diverse hardware and software combined with the neglection of security best practices, such as the use of the same default credentials on all devices, the often non-existent update policies, and the lack of software hardening techniques render IoT and IIoT devices an ideal target for attackers.
AppSec Team
Check if source code/binary is prone to fault injection and patch source code/binary with countermeasures
Idea Can we check with a static analyzer if a source code or a binary is prone to fault injection (e.g. voltage FI)? Can we patch the source code / binary (https://research.
AppSec Team
Implementing Obfuscations as Additional LLVM Passes
Modern research on reverse engineering and binary analysis requires large datasets, e.g. for developing machine learning algorithms, and the corresponding ground truth. These datasets are usually generated by collecting open source repositories and compiling them with the needed compiler settings.
AppSec Team
Nyx-Net on Embedded Systems
The Nyx fuzzer is a fuzzing project built around current top-research the field of fuzzing. A sub-project, Nyx-Net, provides a full-VM snapshot fuzzer for complex network-based targets. An interesting direction of research is how one could take Nyx-Net and extend it to work with embedded systems protocols, e.
Georg Merzdovnik, Michael Pucher
Plugins for OSS Tools (e.g. Ghidra)
A lot of published research relies on proprietary tools, like IDA, to generate the ground truth for the methods they implement. In addition, certain tasks, e.g. during binary analysis, might be very common, but not supported by the tool itself or with plugins only existing for proprietary tools.
AppSec Team

© 2023 The AppSec Team. This work is licensed under CC BY 4.0

Published with Wowchemy — the free, open source website builder that empowers creators.

Cite
Copy Download