Internships and Theses

If you would like to do a praktikum (project) or a diploma thesis at out lab, please take your time and read this page first. You will understand what we expect from you and what we can offer in return.

Goals of SecLab Internships ("Praktika") and Theses

1. Impact
2. Security publication at an international conference
3. Fun, fame and profit :-)

What We Can Offer You

We are a small, distributed lab that is interested in state-of-the-art practical security research. We are constantly publishing the results of our research in top, high-impact international security conferences such as the IEEE Security and Privacy, USENIX Security Symposium, and the World Wide Web Conference. We have good contacts to well-known security labs around the world. We are also working closely with Symantec Research Europe.

As a student, you will be involved in state-of-the art security research and will work on finding solutions to important security problems. You will learn how to write a technical paper and will get a chance to present the results of your work on an international conference once your paper has been accepted (of course, we will send you to the conference no matter where it is).

If you are master's student, we will provide you with hardware of your choice and you will get a place in the lab. Once you start delivering good results, we can also start paying you from our projects.

The kind of work you do with us is ideal if you would like to work in a research lab or do a Ph.D. later on.

Becoming a Lab Member

Just like the challenges in InetSec / SecProg 1 and InetSec / SecProg 2, becoming a member of the lab is a sort of a challenge. We have certain requirements for candidates who would like to carry out security research with us:

1. We expect you to be motivated and ready to learn new things.
2. We work on interesting, but open problems. Thus, we expect you to also contribute to the research and come up with ideas and solutions.
3. We expect excellent programming knowledge. Furthermore, you should not only be a Java "softie", but should also feel confident with lower-level languages such as C and C++. Linux is not necessarily a major requirement, but if you are solely a Windows user, chances are not good that you will fit in well into our security group. We also do a lot of Windows security research (e.g., spyware), but we prefer our members to be OS- independent. Typically, business informatics students struggle because they do not always have the necessary technical background.
4. If you would like to do a praktikum / project, you should have done the Internet Security or Secure Programming 1 course offered by us. A grade of 1 (sometimes, a close 2) impresses us. Anything else makes us think "He/she wasn't interested enough". If you do not have a good grade in Internet Security or Secure Programming, you do not fit well into the group so there is only a very slim chance that your application for a praktikum or a master's theses will be accepted.
5. If you wish to do a master's thesis, it is useful if you have done InetSec / SecProg 2. This course will give you a chance to personally get to know us and our interests. Note that if you do not get a good grade in this course, we are not impressed. Getting a good grade is not impossible, it just requires you to take the course seriously and spend some time on it. If you do not have done InetSec / SecProg 2, then you need to explain why you think you are good enough to be a member of the lab.

If you do not fulfill any of these requirements, you are still welcome to contact us. We do make exceptions sometimes... however, there have to be justified reasons.

If you think you are fit for the job, then please contact us. We would be very happy to meet you and see you become a member of our lab!

Open Topics for Internships / Theses

We always have new security research topics in the security lab that are waiting to be solved by motivated students. Even though we provide on this page a short list of possible topics, there are usually many more that simply were not entered here yet. Thus, if you are interested in security research but do not love the topics listed below, don't hesitate to contact us for further ideas. Also, students who bring their own ideas into the lab are especially welcome.

Visualization of Cybercrime

To allow law enforcement and researchers to quickly identify interesting information in the underground economy, it is necessary to provide tools that are easy to use but that can manipulate data (from a database) and display it to the users. In this Praktikum, the student will write such a tool.

Main tasks:

• conduct literature research and find existing methods for visualizing similar data
• find new, "interesting" relationships between data (sources) and security incidents
• create a GUI (Java, Python, Web) that allows users to easily navigate, filter, and visualize data
• enrich geographic information and visualize it on a map (over time)

Contact: Gilbert Wondracek

Automating Business Initiation Talks in the Underground Economy

Reliable information about business practices in the underground economy is hard to get and typically involves significant human interaction. Therefore, it would be beneficial to employ automated systems that are able to mimic simple human conversation and find out more about the criminals modus operandi. Comparable systems already exist, but are typically specifically tailored to other problem domains. In this Praktikum / Diploma thesis, the student will implement such a system with regard to the underground economy and perform real-world experiments.

Main tasks:

• find existing (open source) chatbot systems and adapt them for our purpose
• manually analyze underground marketplaces to identify the most common business situations
• create a system that can ask/answer meaningful questions
• perform an experimental evaluation

Contact: Gilbert Wondracek

Extraction of Economic Information from Underground Marketplaces

In this Praktikum / Diploma thesis, the student will work on a system that is capable of extracting information on offered goods and services, as well as pricing information from underground marketplaces. Additionally, a simple visualization or data representation with basic statistics should be implemented.

Main tasks:

• extract accurate information from underground advertisements
• correlate similar information from different data sources
• perform an experimental evaluation

Contact: Gilbert Wondracek

Extensions / Improvements of our analysis system Anubis

Anubis is our system for analyzing unknown, possibly malicious binaries. As the malware currently found in the wild changes, our analysis system has to adapt to new trends, act upon new ways of detecting/circumenting the system, or improve other properties of the system.

The main tasks vary from project to project, ranging from low-level improvents to the system emulator to rather high-level changes in the web-interface.

Contact: Paolo Milani / Clemens Kolbitsch