Bachelorprojekt Applied IT-Security

Bachelor Project Applied IT-Security

German original title for this course: "Bachelorprojekt Angewandte IT-Sicherheit"

This course description is outdated. Please consider visiting the website of the NET group.

Lecture Objectives and Contents

This bachelor project (taught in German) aims to provide theoretical knowledge and practical experience in applied IT-Security topics.

Course Organization and Availability

Project kickoff: 7. April 2021
Wednesday, 2-6pm

Topics

Summer term 2021: Collaborative Home Network Intrusion Detection

With the rising number of insecure IoT devices, home networks arouse interest for cyber criminals. Most people are not aware of security leaks and their consequences. Thus, they are not capable of deciding whether devices are correctly configured or up to date. Due to the current peak of home offices, this also impacts the security of companies.
This term's bachelor project has the goal to develop a collaborative information and intrusion detection system for home networks. It will enable users to get an overview of the security status of their devices, detect (unknown) attacks, and provide users with potential countermeasures. The main component consists of an automated, privacy-preserving exchange of device characteristics and collaborative intrusion detection to detect attacks across networks while keeping personal network information as private as possible. For evaluation purposes, the system should be deployed in a real-world scenario with several home networks, where attacks are injected.

Therefore, the main components of the collaborative home network intrusion detection system in this project will include:

Extraction of network characteristics for intrusion detection using the open source intrusion detection system (IDS) Zeek
Enabling collaborative intrusion detection to detect (unknown) attacks by applying anomaly detection using Federated Learning (FL)
Evaluating the system based on penetration testing

Summer term 2020: Ikum Monitoring and Cyber Defense Platform (IMCDP)

The goal of this term's bachelor project is to build a security monitoring platform for our Informatikum campus. You can connect to a Virtual Private Network (VPN) to volunteer their traffic for analysis. Via the Intrusion Detection System (IDS) Zeek, the traffic will be analysed, e.g., for TLS certificates or other metadata to obtain an overview about the behavior of the devices.
Furthermore, the VPN will offer an optional active vulnerability scanning service, that checks your device for network-based problems and offers tips and tricks to make them more secure.
During this project you will develop multiple component that comprise the Ikum Monitoring and Cyber Defense Platform (IMCDP):

Passive and active scanning components based on various security tools such as Zeek, nmap and others
A backend for datastorage that stores and processes obtained network data
A web-based frontend that present the obtained statistics via charts and other graphic representations

Summer term 2019

Industry production processes are often automated by Programmable Logic Controllers (PLCs). In the "Factory of the Future", these PLCs are going to be connected to robots, smart devices, autonomous vehicles, augmented reality tools and the overall factory network. This increases the attack surface and the damage an attacker can cause, i.e., robots going rogue, vehicles driving into workers or manipulating the production line to produce defective units.
In this project, the students will set up real PLCs, other automation hardware, and a virtualized assembly line via FactoryIO to simulate a part of a factory. Then, possible attacks on the setup should be developed and evaluated, while a part of the student group tries to secure the setup against attacks.
In cooperation with AIRBUS the students will explore the chances and risks of Industry 4.0.
An introduction to the general topic and on PLCs will be given at the beginning of the project. Additionally, students will give presentations on related topics and report on the progress of the project.

Poster

Summer term 2018

A honeypot is an effective tool for network defenders to detect both reconnaissance and ongoing attacks in their networks. Building on the success of last year's bachelor projekt, the task in this year is to enhance the honeypot in various aspects.
For that, a red-team blue-team approach will be used to harden the honeypot and to extend its capabilities. Students in the blue team implement new features and enhance the honeypot, while students in the red team are up to detect the honeypot, to attack, and to compromise it.
Furthermore, the developed honeypots should be also deployable in large-scale, e.g., distributed on the Internet, to detect global threats early on. For that, the participants will develop the infrastructure to interconnect multiple honeypots and to optimally use the available resources for honeypot hosting.
Students will obtain the necessary background on honeypots during an introductory lecture and by giving presentations on related topics to their tasks.

Summer term 2017

Attacks on IT systems increasingly threaten our modern society. As there is no such thing as total security, it is essential to develop resilient systems that can tolerate attacks, detect attacks early on, and heal their impacts as fast as possible.
One technique to detect attacks on networks are honeypots. They represent devices whose sole purpose is to get compromised and to deliver information on attacks. The task of the project is to develop a light-weight medium-interaction network honypot for a small selection of well-known network protocols, e.g., tcp, http, https, smb, or ssh. The honeypot should provide a range of different export functions, so that the gathered information on attacks can be easily analyzed later on.
Students will obtain the necessary background on honeypots during an introductory lecture and by giving presentations on related topics.