In this section, we will provide rules that HAVE TO be followed in order to smoothly do your thesis with us. Overlooking these rules may jeopardize your thesis.
The ONLY WAY to ask a thesis to us is by writing an email to the mailing list: netsecresearch [at] live.unibo.it
. Emailing single components of the group or asking in person will not be considered an official request of thesis.
You should ask for a thesis only if you are on time with the exams or have less then two exams left.
In your request email you need to specify:
After accepting your thesis, we will assign you a github repository with a template that must be completed as specified in the README.
First of all, we want you to communicate with us: for this reason, it is mandatory to send an email EVERY TWO WEEKS to report
your progress. The periodical email can report either news regarding the thesis or an update on your situation (for example if you are studying for exams).
Each email has to be sent to the mailing list: netsecresearch [at] live.unibo.it
, so each component of our research group is updated.
After 3 UNRECEIVED PERIODICAL EMAILS (6 weeks) your thesis title will be allotted to a new student.
The compilative theses are meant to be low effort for you and us. You are supposed to be responsible to develop your thesis and we will correct you final draft. However, MANDATORY RULES still apply (remember to send periodical emails). The maximum length should be around 10000 words, without counting the title page, the abstract, the index, and the bibliography.
For UniBo students: if you choose to do a compilative thesis, you should expect a 0 + rounding additional points.
Read carefully the instructions at the course page. The information you need in order to complete the self-application procedure are the following (in italian):
It is mandatory to register the internship before the graduation requirements end date.
Type | Description | References |
---|---|---|
Research | Trying out new emulation P4 targets. This thesis wants to analyse virtualised tools to containerize the P4 control and data plane by trying out P4Runtime in a state-of-the-art networking production product: stratum. The thesis aims on installing the solution in a real-world networking device that supports stratum. | Stratum github |
Compilative/Research | Analysis of the paper "Cerberus: Enabling Efficient and Effective In-Network Monitoring on Programmable Switches", analysis of the code in the repository, and execution of some simple tests. | Cerberus Paper, Github Repo |
Compilative/Research | Analysis of the paper "SABRE: Protecting Bitcoin against Routing Attacks". If feasible, re-implement part of the work in a simple P4 PoC. | SABRE Paper page |
Compilative/Research | Analysis of the paper "A Robust Counting Sketch for Data Plane Intrusion Detection". If feasible, re-implement part of the work in a simple P4 PoC. | NDSS Paper page |
Type | Description | References |
---|---|---|
Compilative | Study of Virtualization Technologies for Industrial Device/Components, e.g. PLC. | Github Example |
Compilative | Analysis and description of the New Machinery Regulation (“Nuovo Regolamento Macchine”), Italian legislation relating to safety in an industrial environment. | Regulation |
Research | Analysis and test of the Open Source Cyber Range KYPO. | KYPO |
Research | Study and simulation of the main types of attacks on the ModBus industrial protocol. | ModBusSploit |
Research | Study of the security of industrial protocol XXX and execution of attacks or security tests. | List Of Industrial Protocols |
Research | Advanced Lab of Intrusion Detection System Rules for XXX, with Suricata. | Suricata Official Doc. Page |
Research | Implementation of a virtualized RTU unit simulator in our Kathara Cyber Range, plus implementation of the necessary GUI components for adding it in a network scenario. The implementation is described in the linked Github repository. | Github |
Compilative/Research | Analysis of the paper "A Tale of Two Industroyers: It was the Season of Darkness" and testing of the proposed sandbox. | Article, Github repo |
Compilative/Research | Analysis of the paper "EmuFlex: A Flexible OT Testbed for Security Experiments with OPC UA" and porting of the OT security testbed to the Kathara framework. | Article, Github repo |
Compilative/Research | Analysis of the paper "From Standard to Practice: Towards ISA/IEC 62443-Conform Public Key Infrastructures" and implementation of the proposed guidelines in OPC UA. | Article |
Compilative/Research | Analysis of the paper "Covert Timing Channel Attack on OPC UA-based Industrial Control Systems" and porting of the proposed javascript implementation to python asyncua or to the OPC UA OT testbed. | Article, Github repo |
Compilative/Research | Analysis of the paper "Information Hiding in Industrial Control Systems: An OPC UA based Supply Chain Attack and its Detection" and implementation of the attack in an OT testbed based on OpenPLC. | Article, OT Testbed |
Compilative/Research | Analysis of the paper "ICS-Sniper: A Targeted Blackhole Attack on Encrypted ICS Traffic", re-implementation of the virtualized testbed described in the paper, and execution of some simple tests. | ICS-Sniper paper |
Compilative/Research | Analysis of the paper "By the Numbers: Towards Standard Evaluation Metrics for Programmable Logic Controllers’ Defenses" and implementation of the proposed security metrics in OpenPLC. | Paper |
Compilative/Research | Analysis of the paper "Towards PLC-Specific Binary Analysis Tools: An Investigation of Codesys-Compiled PLC Software Applications". Based on what it is described on the paper, then try to reverse engineer some binaries using the ICSREF tool. | Paper, ICSREF github |
Compilative/Research | Analysis of the paper "ICSPatch: Automated Vulnerability Localization and Non-Intrusive Hotpatching in Industrial Control Systems using Data Dependence Graphs", analysis of the code in the repository, and execution of some simple tests. | ICSPatch Paper, Github repo |
Compilative/Research | Analysis of the paper "Control Logic Attack Detection and Forensics Through Reverse-Engineering and Verifying PLC Control Applications" and execution of some simple tests based on what is written on the paper. | Paper |
Compilative/Research | Analysis of the paper "From Control Application to Control Logic: PLC Decompile Framework for Industrial Control System" and execution of some simple tests based on what is written on the paper. | Paper |
Compilative/Research | Analysis of the paper "Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware". Based on what it is described on the paper, then try to implement an attack PoC based on OpenPLC. | Paper |
Compilative/Research | LLMs for PLCs control logic. Analysis of the paper "LLM4PLC: Harnessing Large Language Models for Verifiable Programming of PLCs in Industrial Control Systems", analysis of the code in the repository, and execution of some simple tests. | Paper, Github Repo |
Compilative/Research | LLMs for PLCs control logic. Analysis of the paper "LLM-based and Retrieval-Augmented Control Code Generation", analysis of the code in the repository, and execution of some simple tests. | Paper, Github Repo |
Compilative/Research | Analysis of the paper "ICSML: Industrial Control Systems ML Framework for native inference using IEC 61131-3 code", analysis of the code in the repository, and execution of some simple tests. | Paper, Github Repo |
Type | Description | References |
---|---|---|
Compilative | Smart Contracts in Industry 4.0. This thesis aims to review state-of-the-art applications of Smart Contracts in the domain of Industry 4.0. | Smart Contracts for Industry 4.0 |
Type | Description | References |
---|---|---|
Compilative | State-of-the-art of Choreographic Languages for Distributed Network System/SDN. | Choreographic Languages |
Type | Description | References |
---|---|---|
Research | Instantiate an UNMANNED UNDERWATER AUTONOMOUS VEHICLES simulator that it is able to perform easy task. In the literature there are several open source projects, the most promising one is DAVE Project Link. Goal of this thesis is to deploy a version of a simulator. | Other reference |
Follow us on: