In this section, we will provide rules that HAVE TO be followed in order to smoothly do your thesis with us. Overlooking these rules may jeopardize your thesis.
The ONLY WAY to ask a thesis to us is by writing an email to the mailing list: netsecresearch [at] live.unibo.it. Emailing single components of the group or asking in person will not be considered an official request of thesis.
You should ask for a thesis only if you are on time with the exams or have less then two exams left.
In your request email you need to specify:
After accepting your thesis, we will assign you a github repository with a template that must be completed as specified in the README.
First of all, we want you to communicate with us: for this reason, it is mandatory to send an email EVERY TWO WEEKS to report
your progress. The periodical email can report either news regarding the thesis or an update on your situation (for example if you are studying for exams).
Each email has to be sent to the mailing list: netsecresearch [at] live.unibo.it, so each component of our research group is updated.
After 3 UNRECEIVED PERIODICAL EMAILS (6 weeks) your thesis title will be allotted to a new student.
The compilative theses are meant to be low effort for you and us. You are supposed to be responsible to develop your thesis and we will correct you final draft. However, MANDATORY RULES still apply (remember to send periodical emails). The maximum length should be around 10000 words, without counting the title page, the abstract, the index, and the bibliography.
For UniBo students: if you choose to do a compilative thesis, you should expect a 0 + rounding additional points.
Read carefully the instructions at the course page. The information you need in order to complete the self-application procedure are the following (in italian):
It is mandatory to register the internship before the graduation requirements end date.
| Type | Description | References |
|---|---|---|
| Research | Trying out new emulation P4 targets. This thesis wants to analyse virtualised tools to containerize the P4 control and data plane by trying out P4Runtime in a state-of-the-art networking production product: stratum. The thesis aims on installing the solution in a real-world networking device that supports stratum. | Stratum github |
| Type | Description | References |
|---|---|---|
| Compilative | IEC-62443 for dummies. IEC 62443 is an international series of standards that address cybersecurity for operational technology in industrial control systems. The goal of the thesis is to analyze and then to sum up the main points of the standard in a way that is understandable by everyone. | On request |
| Compilative | Control injection attacks against Programmable Logic Controllers (PLC): this thesis aims to analyze the different types of control injection attacks and the state-of-the-art countermeasures to detect them. | Overshadow PLC, Review |
| Compilative | Machine Learning for intrusion detection in Industrial Control Systems: this thesis aims to analyze the different machine learning methods for intrusion and anomaly detection in Industrial Control Systems. | ML in ICS |
| Compilative | Firmware modification attacks against Programmable Logic Controllers (PLC): this thesis aims to analyze the different types of modification firmware attacks. | Review, Attack, Stealthy Attack |
| Compilative | Review on formal verification theory, methods and techniques applied to Industrial Control Systems security. | Review |
| Compilative | Review on Cyber-Physical Sistems Ransomware and Malware. This thesis aims to analyze real-world incidents in order to highlight attack patterns, vulnerabilities, and impacts of ransomware/malware campaigns against critical systems and facilities. | Review |
| Compilative | Study of Virtualization Technologies for Industrial Device/Components, e.g. PLC. | Github Example |
| Compilative | Study of the security of industrial protocol CAN (Controller Area Networks) and review of the state-of-the-art anomaly detection techniques applied to this protocol in automotive and industrial contexts. | CAN notes |
| Compilative | Study of the security of industrial protocol XXX. | List Of Industrial Protocols |
| Research | Advanced Lab of Intrusion Detection System Rules for XXX, with Suricata. | Suricata Official Doc. Page |
| Research | Creation with Kathara of a virtualized CPS topology which contains multiple PLCs and implementation of attacks against virtualized PLCs (e.g. remote injection attacks or Ladder Logic Bombs). | Kathara, Ladder Logic Bombs |
| Research | Implementation of an autoencoder to identify anomalies in Controller Area Networks (CANs) traffic and evaluate it on a set of simulated attacks applied over a real-world Automotive/Industrial dataset. | CANnolo |
| Compilative | Analysis, study and collection of all major Operational Technology Attacks. | Review Example |
| Research | Analysis, study and test of the latests Operational Technology Cyber Attacks. This thesis aim to provide a comprehensive report of vertical attacks on Industrial Environment | Report Example |
| Type | Description | References |
|---|---|---|
| Compilative | Blockchain applications in Industry 4.0. This thesis aims to review state-of-the-art applications of Blockchain in the context of Industry 4.0 and Industrial IoT, with a particular focus given to security applications. | Blockchain for Industry 4.0 |
| Compilative | Blockchain as CA. This thesis aims to review state-of-the-art applications of Blockchain for the implementation of a PKI, in which the blockchain is used as a Certification Authority. Part of the thesis must also focus on such aplications in the context of Industrial IoT. | Blockchain PKI for IoT |
| Compilative | Smart Contracts in Industry 4.0. This thesis aims to review state-of-the-art applications of Smart Contracts in the domain of Industry 4.0. | Smart Contracts for Industry 4.0 |
| Research | Developing an IOTA Smart Contract. The aim of this thesis is to gain knowledge about the IOTA blockchain and smart contracts to be able to develop a Smart Contract in IOTA and deploy the logic for the external interaction with it, exploring the possibilities of application in the security domain. | IOTA Smart Contracts |
| Type | Description | References |
|---|---|---|
| Compilative | State-of-the-art of Choreographic Languages for Distributed Network System/SDN. | Choreographic Languages |
| Compilative | State-of-the-art review of Trustworthiness on 6G Communications: not only data but physical and virtual objects will be controlled with 6G. This requires addressing trustworthiness of the system and its services at an unprecedented level. | On 6G and Trustworthiness |
| Compilative | Serverless Security on IoT applications. The thesis will deepen the possible security concerns and implication on the use of serverless technologies for IoT devices. | Serverless challenges |
| Research | Docker MITM Simulation Lab for and Intrusion Detection System. | Docker |
| Type | Description | References |
|---|---|---|
| Research | Instantiate an UNMANNED UNDERWATER AUTONOMOUS VEHICLES simulator that it is able to perform easy task. In the literature there are several open source projects, the most promising one is DAVE Project Link. Goal of this thesis is to deploy a version of a simulator. | Other reference |
Follow us on: