Thesis Topics

State-Machine Replication (SMR) is an established mechanism to build fault-tolerant services. Byzantine Fault-tolerant SMR systems are able to guarantee liveness and safety even if a subset of replicas is malicious. However, since client requests are issued to all replicas and the application state is also replicated on all replicas, individual malicious nodes are able to leak potentially sensitive information. In recent years there have been several proposals to use additional cryptographic mechanisms, such as verifiable secret sharing, to protect the confidentiality of the issued requests and the application state. These approaches differ in terms of the supported applications, and especially the performance The goal of this master thesis is to investigate the capabilities and performance impact of different cryptographic primitives that can be used to implement confidentiality in SMR systems.

State-machine replication is a concept to achieve availability be replicating software components on multiple servers, called replicas. As these replicas have to come to the same state and output the same data, they need be deterministic. UDS is a scheduling algorithm to provide deterministic multi-threading within replicas. So far, UDS is based on locks that protect shared state similar to the synchronized statement in Java. Task of this work is to develop locks that distinguish read and write accesses, i.e. a read lock may be acquired by many threads but not at the same time as a write lock of the same data. In a Bachelor's thesis, we would also expect an evaluation of performance gains compared to the current version of UDS. All developed software shall be implemented in Java.

State-machine replication is a concept to achieve availability be replicating software components on multiple servers, called replicas. These replicas have to communicate among each other and with clients in order to achieve consensus on the execution order of incoming requests. At the instute, we developed a message layer for replicas that takes care of encryption, addressing and group management. In a replica, there has to be an implementation of a consensus protocol on top of the message layer. The task of this work is to implement the well known PBFT protocol by exploiting the capabilities of the message layer. The protocol is well documented in papers and there is a C/C++ implementation that can be used as a template. With our message layer, the implementation should be relieved from non-consensus-related task as cryptography and group management. All developed software needs to be developed in Java.

Network simulators/emulators are a useful option to create virtual network environments for distributed applications on a single machine. In general, network emulators offer more realistic environments compared to simulators, however in terms of scalability and reproducibility of the experiments network simulators tend to have an advantage. The goal of this project or bachelor thesis is to compare the feature sets and usability of different network emulators and simulators using one or multiple representative demo applications.

State-machine replication is a concept to achieve availability be replicating software components on multiple servers, called replicas. These replicas have to communicate among each other and with clients in order to achieve consensus on the execution order of incoming requests. At the instute, we developed a message layer for replicas that takes care of encryption, addressing and group management. So far the protocols TCP and QUIC were used. Task of this work is to develop a simple UDP-based protocol that can reliably send messages to other replicas or clients. However, the new protocol shall be TCP-friendly, i.e. it also adapts its data rate if the network shows signs of congestions so that the network is not overloaded. In a Bachelor's thesis, we would also expect an evaluation of performance compared to the other protocols of the existing message layer. All developed software shall be implemented in Java.

This thesis aims to investigate the reliability and trustworthiness of traffic sign classifiers when subjected to occlusions. Utilizing the German Traffic Sign Recognition Benchmark (GTSRB) dataset, this research will focus on annotating the dataset with various levels and types of occlusions to evaluate if the predictions are still trustworthy. The primary objective is to assess the performance degradation of the classifier under different occlusion scenarios and to develop strategies to enhance its robustness. This study is crucial for improving the safety and reliability of autonomous driving systems where traffic signs might be partially obscured.

The aim of this thesis is the analysis and prototypical evaluation of different replication strategies in which computations on highly volatile data structures are outsourced to different remote nodes. The thesis should explore the solution space in terms of consistency and latency properties, timeliness as well as migration capabilites. As a concrete example, the work should examine the scenario of an automotive application that replicates its local application state onto nearby multi-access edge computing nodes that will then run computationally heavy calculations.

To realize an intelligent traffic lights system, a Road Side Unite (RSU) is positioned at an interactions. This RSU receives data from other vehicles via a V2X network. Based on this data, the RSU can implement an intelligent traffic lights system. The RSU knows at which point in time which vehicle arrives at the intersection. In this way, the RSU can schedule the vehicles, resulting in a higher traffic flow and less congestion in cities. Since an intelligent traffic lights system is very safety critical, it is important for the RSU to evaluate the trustworthiness of the data provided by the other vehicles. In this thesis, an approach is designed/enhanced to assess the trustworthiness of received data from other vehicles in the context of subjective logic. In the second step, the approach is evaluated by testing how effectively attacks are mitigated by the created approach.

In-vehicle networks are critical for modern automobiles, enabling communication between the central vehicle computer and different electronic control units (ECUs) for various safety-critical functions such a Cooperative Adaptive Cruise Control, Intersection Movement Assist, Lane Change Assist, etc. However, in-vehicle networks are increasingly vulnerable to attacks, especially with the rise of connected, cooperative, and autonomous mobility (CCAM). The goal of this thesis is to investigate how a Trust Assessment Framework (TAF) designed specifically for in-vehicle networks can help detect a variety of attacks. This will be done by setting up a mock-up in-vehicle network, designing appropriate trust models to be used by the TAF, and investigating which trust assessment approach, centralized or decentralized, achieves better results. The TAF itself will be provided.

The Vehicular Reference Misbehavior (VeReMi) dataset is a dataset is a dataset for evaluationg of misbehavior detection mechanisms for V2X networks. The dataset consists of message logs generated from a simulation environment. The dataset contains malicious messages which the single misbehavior detectors of a misbehavior detection system (MBD) intend to detect. The VeReMi dataset serves as a baseline to compare different MBDs. However, the existing VeReMi dataset lacks some information, so that not all existing misbehavior detectors of an MBD system receive the necessary information to work accordingly. In this project, the existing VeReMi dataset should be extended with the necessary information so that further misbehavior detectors receive the necessary information to work accordingly.

This thesis will investigate methods for detecting natural adversarial examples against ImageNet classifiers using classic computer vision techniques. Adversarial examples are inputs to machine learning models that are designed to cause the model to make a mistake. This project will utilize the Harder ImageNet Test Set (https://arxiv.org/abs/1907.07174) as an dataset for Natural Adversarial Examples. The primary objective is to explore and compare the effectiveness of traditional computer vision methods, such as histograms and SIFT (Scale-Invariant Feature Transform), in identifying these adversarial examples. The outcome of this research will enhance our understanding of model vulnerabilities and contribute to developing more robust machine learning systems.

An autonomous vehicle is equipped with a variety of sensors that produce large quantites of data which the vehicle uses to run a lot of different safety-critical functions, such as Cooperative Adaptive Cruise Control or Park Assist. In this thesis, we focus on the trust between the vehicle computer and other in-vehicle components that it relies upon to provide non-compromised data as input to different safety-critical functions. The goal of the thesis is to build a tool that will automate building of in-vehicular trust models based on a system model of a vehicle. A system model of a simplified vehicle will first need to be created by using the System Modeling Language (SysML). This model will serve as an input to the automation tool that needs to output a trust model in a pre-defined form. The methodology for building such trust models will be provided.

Public research data sets are an important cornerstone of the open science movement. In some empirical disciplines such as psychology, these data sets contain data from individuals. However, some of these data sets have not been anonymized in a propper way or they contain unwanted personally indentifiable information. This work should explore whether such data sets can be identified and used in an automated way in order to identify potential countermeasures.

This thesis will explore the effectiveness of different optimization strategies in the generation of adversarial patches. Adversarial patches are small, intentionally designed perturbations that can cause machine learning models, particularly in computer vision, to misclassify inputs. The primary objective of this research is to compare various optimization techniques, such as gradient-based methods, evolutionary algorithms, and reinforcement learning, to determine which methods are most effective and efficient in creating these patches. The outcome of this research could significantly enhance our understanding of model vulnerabilities and contribute to the development of more robust machine learning systems.

Abstract: Policy Languages such as XACML or ALFA are well-known and well-defined in the area of access control. With Zero Trust Service Function Chaining (ZTSFC) [https://journal.ub.tu-berlin.de/eceasst/article/view/1138], an advanced Zero Trust (ZT) architecture, new requirements came up for such Policy Languages. The goal of the thesis is to set up a list of this requirements, to identify missing features in existing policy languages. Based on this, the most promising policy language is to be extended by this missing features.

Service Function Chaining (SFC) is a technice to steer traffic through specific network services. To proof that the traffic was actually forwarded through the specified services, a Proof Of Transit (PoT) is used. In this project, different PoT approaches are compared and the most promising solution implemented in a HTTPS-based SFC environment.