Students' proposed topics about network security or cybersecurity are welcome.
Please accept my apologies if I am unable to provide a quick answer to thesis requests. It can take a while to conceive an adequate proposal.
More examples can be found on the website of our Network Security Lab group.
Cyber ranges are a relevant component of cybersecurity expert education. Providing automation tools is beneficial for the setup and effectiveness of gaming sessions. The design and implementation of automation tools in this field are in high demand. Automation can be beneficial to any team involved in gaming sessions, i.e., red team, blue team, white team, or yellow team.
Cyber-range exercises like Locked Shields are very effective formative assessments for learning and making in practice cybersecurity skills. However, some of the activities performed in the evaluation of the exercises are still manually done by members of the white team, with tedious, repetitive and error-prone tasks. Is it possible to improve the level of automation of the white team activities?
Security and dependability of devices are paramount for the IoT ecosystem. Message Queuing Telemetry Transport protocol (MQTT) is the de facto standard and the most common alternative for those limited devices that cannot leverage HTTP. However, the MQTT protocol was designed with no security concern since initially designed for private networks of the oil and gas industry. Since MQTT is widely used for real applications, it is under the lens of the security community, also considering the widespread attacks targeting IoT devices.
Since the origins of the Internet, various vulnerabilities exploiting the IP fragmentation process have plagued IPv4 protocol, many of them leading to a wide range of attacks. One of the main sources of problems have been the overlapping fragments, namely fragments that when reassembled, result in unexpected –possibly malicious– packets. To overcome the problem related to fragmentation, in IPv6 a specific extension header has been introduced and a RFC 5722 developed, proposing that overlapping fragments are simply and directly dropped when encountered. Since then, several studies have proposed some methodologies to check if IPv6 websites are still accepting overlapping fragments and, than, still vulnerable to the attacks that originate from them. However, some of the above methodologies have been also proved to be incomplete or misleading.
System hardening (Android, Windows or Linux)
The security group at NEC Laboratories Europe works in many topics in the area of security and privacy, and offers paid internship to graduating master students. If interested, contact me for discussing details and possible thesis-topics.