Folien BA/MA Market Place Events
|
Bereich |
Titel |
Betreuung |
|
|
Logdatenanalyse Firewalls |
MA: Development and Evaluation of a Threat Analysis Tool for Bw Firewall Logs Schwerpunkte:
An den Netzübergängen der Bw Netze zum Internet werden täglich Millionen von Events detektiert. Während eine grundlegende Erkennung von Angriffsversuchen auf Basis von bspw. Signaturen oder Anomalien erfolgen kann, sind Angriffsvorbereitungen wie bspw. Portscans aufgrund des permanenten und hohen Hintergrundrauschens (Netzscans zu Forschungszwecken durch Universitäten, durch Firmen und Behörden im Sicherheitsbereich, etc.) im Internet deutlich schwieriger zu identifizieren. Da viele dieser Vorgänge automatisiert erfolgen, sind entsprechende Muster zu erwarten, so dass Abweichungen Indizien auf zielgerichtete Maßnahmen darstellen können. Schwerpunkt der Arbeit sind die Klassifizierung von Ereignissen von Interesse im Netzverkehr und Erstellung einer entsprechenden Taxonomie, sowie darauf basiere nd die Klassifizierung geeigneter Auswahlkriterien (geographische Zuordnung von Adressen, Zeitpunkte und räume von Scans, Aggressivität, etc.) zur Erkennung von relevanten (maliziösen) Datenströmen im Kontext der Angriffsvorbereitung. Als Machbarkeitsnach weis (PoC) ist als weiterer Schwerpunkt der Arbeit die Konzeptionierung und Implementierung eines entsprechenden Analysetools, sowie dessen Evaluierung anhand von realen Logdaten der Firewallsysteme Bw vorgesehen.
|
PD Dr. Robert Koch Robert.Koch@UniBw.de Tool-Evaluation in Zusammenarbeit mit KdoCIR/ZCSBw |
|
| Machine Learning, Temporal Graph Neural Networks, Intrusion Detection |
BA/MA: Efficient Implementation of Machine Learning based Anomaly Detection in 5G Networks within NWDAF The 3rd Generation Partnership Project introduced a service-based architecture in the 5G core network, enabling flexible communication through modular network functions and the separation of control and user planes. While the integration of machine learning based anomaly detection methods via the Network Data Analytics Function (NWDAF) has improved security, challenges persist with runtime efficiency of these methods. Therefore, in this thesis, you will analyze how performance improves when moving the anomaly detection from package-level to more abstract network features. |
||
| Machine Learning, Temporal Graph Neural Networks, Intrusion Detection |
BA/MA: Comparison of different Machine Learning Methods for Anomaly Detection in 5G Network traffic: The 3rd Generation Partnership Project introduced a service-based architecture in the 5G core network, enabling flexible communication through modular network functions and the separation of control and user planes. In this thesis, you will use our 5G simulation framework to compare different Machine Learning methods like Temporal Graph Neural Networks, Convolutional Neural networks, etc. with respect to their performance to detect attacks in the network traffic. |
||
| Machine Learning, Temporal Graph Neural Networks |
Detection of Ethereum Scam Tokens via Temporal Graph Learning: Blockchain networks require every transaction to be verified and recorded publicly. For example, the entire history of Bitcoin transactions—amounting to roughly 500GB of data—includes publicly available sender and receiver addresses, transaction amount and timestamp. This transparency enables modeling transactions as temporal graphs. Recently, Temporal Graph Neural Networks (TGNNs) have been developed for performing machine learning on such complex data structures. This thesis focuses on detecting Ethereum scam tokens (including rug pulls, honeypot schemes, and Ponzi tokens) using TGNNs. With crypto scams causing hundreds of millions in damages each year, the public availability of transaction data offers a promising avenue for forensic investigation and fraud detection. You will apply different TGNN methods to an existing Ethereum dataset. The objectives are to train a model to accurately identify scam tokens on this dataset and subsequently evaluate its performance on more recent Ethereum transactions.
|
||
| Machine Learning, Temporal Graph Neural Networks, Intrusion Detection |
BA/MA: Temporal Graph Neural Networks for Intrusion Detection
Computer Networks can be modeled as a graph that changes over time. The nodes are the PCs, servers, access points, … and the edges are connections/traffic between them. Graph Neural Networks can be used to detect anomalies in the network. The goal of this work is to classify existing approaches to detect attacks in computer networks and implement one aproach and evaluate its performance. |
||
| Machine Learning / LLM / Training Data / Prompt Engineering |
BA/MA: Lage Language Models for Training-Data-Generation
|
||
| Machine Learning / LLM / AI / Penetration Testing / Network Security |
BA/MA: Attack detection in computer networks with large language models Large language models show their strengths in many areas and have become very capable of solving tasks other than chatting. Therefore, in this thesis you will investigate if and how large language models are able to detect attacks in computer networks. |
||
| Machine Learning / AI / Penetration Testing / Network Security | BA/MA: Evaluation of Machine Learning Approaches for Anomaly Detection in Computer Networks
As the number of attacks on computer networks continues to increase lately, detection and defense must also keep pace. Therefore, this thesis will review and compare current approaches for detecting anomalies and attacks in computer networks. |
||
| Penetration Testing / Network Security |
BA/MA: Creation of a laboratory network representing a small company for the collection of measurement data In order to obtain data for the research of anomaly detection in networks, a network simulating a small to medium sized enterprise will be built. Not only the server infrastructure is to be created, but also the clients that generate the corresponding traffic. This will be done in a virtualization environment to produce reproducible results. |