State-machine replication is a concept to achieve availability be replicating software components on multiple servers, called replicas. As these replicas have to come to the same state and output the same data, they need be deterministic. UDS is a scheduling algorithm to provide deterministic multi-threading within replicas. So far, UDS is based on locks that protect shared state similar to the synchronized statement in Java. Task of this work is to develop locks that distinguish read and write accesses, i.e. a read lock may be acquired by many threads but not at the same time as a write lock of the same data. In a Bachelor's thesis, we would also expect an evaluation of performance gains compared to the current version of UDS. All developed software shall be implemented in Java.

State-machine replication is a concept to achieve availability be replicating software components on multiple servers, called replicas. These replicas have to communicate among each other and with clients in order to achieve consensus on the execution order of incoming requests. At the instute, we developed a message layer for replicas that takes care of encryption, addressing and group management. In a replica, there has to be an implementation of a consensus protocol on top of the message layer. The task of this work is to implement the well known PBFT protocol by exploiting the capabilities of the message layer. The protocol is well documented in papers and there is a C/C++ implementation that can be used as a template. With our message layer, the implementation should be relieved from non-consensus-related task as cryptography and group management. All developed software needs to be developed in Java.

Network simulators/emulators are a useful option to create virtual network environments for distributed applications on a single machine. In general, network emulators offer more realistic environments compared to simulators, however in terms of scalability and reproducibility of the experiments network simulators tend to have an advantage. The goal of this project or bachelor thesis is to compare the feature sets and usability of different network emulators and simulators using one or multiple representative demo applications.

State-machine replication (SMR) is a fault-tolerance concept where multiple servers (replicas) execute the same requests. Replicas are then able to replace each other in case of faulty servers. For a popular SMR framework, called BFT-SMaRt, we developed a command utility that can start and stop a group of replicas. This tool has a GUI, but not yet a command line interface (CLI). The task of this work is to develop such a CLI and improve the usability of this tool so that it it becomes easy to setup and manage groups of replicas, and manage and monitor their execution. This task could be enriched by optional aspects like injecting faults into the replicas in order to test their fault-tolerance capabilities. All developed software components should be implemented in Java.

State-machine replication is a concept to achieve availability be replicating software components on multiple servers, called replicas. These replicas have to communicate among each other and with clients in order to achieve consensus on the execution order of incoming requests. At the instute, we developed a message layer for replicas that takes care of encryption, addressing and group management. So far the protocols TCP and QUIC were used. Task of this work is to develop a simple UDP-based protocol that can reliably send messages to other replicas or clients. However, the new protocol shall be TCP-friendly, i.e. it also adapts its data rate if the network shows signs of congestions so that the network is not overloaded. In a Bachelor's thesis, we would also expect an evaluation of performance compared to the other protocols of the existing message layer. All developed software shall be implemented in Java.

in.Crease ist ein geplantes Informationssystem für Studierende. In Vorarbeiten wurde bereits ein Modul entworfen, um Personen und Gremien zu verwalten und geeignet darszustellen. Ziel dieses Projekts ist es die Anforderungen an die Darstellung von Personen und Gremien zu überarbeiten und neu zusammen zu stellen. Auch das Datenmodell soll auf Vollständigkeit und Konsistenz abgeklopft werden. Im Anschluss sollen UI-Elemente sowie entsprechende Berechtigungen für die einzelnen Use-Cases implementiert werden - je nach Umfang eventuell nur eine Teilmenge von wichtigen Use-Cases. Zu den Use-Cases gehören nicht nur lesende Zugriffe in Form von geeigneten Anzeigeelementen sondern auch Editier-, Anlege- und Löschfunktionen. Die Arbeit hat damit einen konzeptionellen Anteil sowie einen Implementierungsanteil, der mit TypeScript und Angular in Verbindung mit einem Redux-Store.

Intel SGX is a technology that allows to launch tamper-proof enclaves in main memory, which isolate parts of applications that deal with sensitive data. There is a broad spectrum of application scenarios, ranging from fault-tolerant systems to privacy-preserving machine learning approaches. Intel provides a native SDK that can be used to derive low-level wrapper functions from a function definitions provided in a DSL, which are then used to interact with the protected parts of the application applications. However, the SDK requires special care during the design process as well as C/C++ programming skills, in order to create a bulletproof interface to the enclave. The Gramine project promises to simplify the SGX application development process by providing functionality to wrap unmodified linux applications in Intel SGX enclaves. Since this approach trades in performance for usability, the goal of this project is to conduct a performance evaluation for different applications launched natively and wrapped with Gramine.

The Vehicular Reference Misbehavior (VeReMi) dataset is a dataset is a dataset for evaluationg of misbehavior detection mechanisms for V2X networks. The dataset consists of message logs generated from a simulation environment. The dataset contains malicious messages which the single misbehavior detectors of a misbehavior detection system (MBD) intend to detect. The VeReMi dataset serves as a baseline to compare different MBDs. However, the existing VeReMi dataset lacks some information, so that not all existing misbehavior detectors of an MBD system receive the necessary information to work accordingly. In this project, the existing VeReMi dataset should be extended with the necessary information so that further misbehavior detectors receive the necessary information to work accordingly.

This project will focus on improving the trustworthiness of generated information through the fine-tuning of the Llama 3 8b model using the Unsloth training performance optimization library. The primary goal is to enhance the reliability and accuracy of AI-generated content by leveraging advanced training techniques. The research will involve evaluating the performance of the Llama 3 8b model before and after fine-tuning, analyzing improvements in trustworthiness metrics, and developing new methodologies to further optimize the model’s performance.

This project will investigate the performance differences between Kolmogorov-Arnold Networks (KANs) and Multi-Layer Perceptrons (MLPs) in the context of image classification tasks. Kolmogorov-Arnold Networks offer a novel approach to neural network architecture based on mathematical foundations that differ from traditional MLPs. The primary goal of this research is to empirically compare these two types of neural networks to evaluate their classification accuracy. The outcome of this research may provide insights into the potential advantages of KANs over conventional MLPs in practical applications.

Service Function Chaining (SFC) is a technice to steer traffic through specific network services. To proof that the traffic was actually forwarded through the specified services, a Proof Of Transit (PoT) is used. In this project, different PoT approaches are compared and the most promising solution implemented in a HTTPS-based SFC environment.

Since Google introduced their BeyondCorp project, Zero Trust (ZT) is one of the most popular buzzwords in the area of network security. In a ZT network, Policy Enforcement Point (PEP) and Policy Decision Point (PDP) are responsible for central authentication and authorization (Auth*). Both mentioned components and conventional security functions such as firewalls work largely independently of each other when it comes to processing packets. This leads to inefficient scenarios in which all packets are processed by time- consuming security functions. By coupling the conventional security functions to the PEP/PDP, higher efficiency in security-relevant packet processing can be achieved. This can be achieved by leveraging the Service Function Chaining (SFC) approach. SFC allows the dynamic chaining of conventional network service functions such as HTTP header enricher or firewalls. For each network flow can be decided what service function should be applied to all the flow's packets. The PEP/PDP in a ZT network acts then as the orchestrator, decides about the functions that should be chained together. By doing this, it can be efficiently decided which function should be applied. The goal of the project is to implement one of the thus orchestrated security service functions namely a Multi Factor Authenticator (MFA) that is embedded in a already existing Zero Trust SFC prototype. The MFA must be HTTP based and written in Go. Requirements: Good knowledge of Go and security protocols).