Thesis Proposals
This page outlines the rules that MUST be followed to successfully complete your thesis with us. Failure to comply may jeopardize your thesis progress.
Thesis Request
The only official way to request a thesis is by sending an email to the research group mailing list: netsecresearch [at] live.unibo.it. Requests made in person or sent to individual group members will NOT be considered.
You may only request a thesis if you are up to date with your exams or have no more than two remaining.
Your thesis request email must include the following information:
- Whether it is a Bachelor’s or Master’s thesis;
- The number of CFUs;
- The number of remaining exams;
- Your expected graduation date;
- The desired topic (e.g., P4).
Once your request is accepted, you will be assigned a repository on our Git forge containing a template. You are required to complete it according to the instructions provided in the README.
Rules for Thesis Work
Biweekly Progress Updates
All thesis students are required to provide updates every two weeks on their progress by sending an email to the research group mailing list (netsecresearch [at] live.unibo.it). These updates are essential to keep the entire team informed of your current status and ongoing work.
Your email should include any developments related to your thesis or, if applicable, a brief explanation of your current academic activities (e.g., exam preparation).
Important: If you fail to submit three consecutive biweekly updates (i.e., over a six-week period), your thesis title will be considered abandoned and may be reassigned to another student.
Deadlines
It is YOUR RESPONSIBILITY to keep track of all deadlines, including title submission, thesis upload, and others.
Thesis Writing Guidelines
To ensure consistency and quality, you should follow our official Thesis Writing Guidelines.
Note on Compilative Theses
Compilative theses are intended to require minimal effort from both the student and the supervisor. You are expected to take full responsibility for developing your thesis independently. We will only review and provide feedback on the final draft. However, all MANDATORY RULES still apply, including sending regular biweekly updates.
The maximum recommended length is approximately 10,000 words, excluding the title page, abstract, table of contents, and bibliography.
For UniBo students: if you choose a compilative thesis, you should expect to receive (0 + rounding) additional points.
Note on Theses with Internship
Please read carefully the instructions provided on the course page. To complete the self-application procedure, you will need the following information (in Italian):
- Tutor: Prof. Marco Prandini
- Indirizzo sede di svolgimento tirocinio: Viale del Risorgimento 2, Bologna (BO), Italia.
- Laboratorio/Ufficio: Ulisse Lab
- Data inizio/fine tirocinio: You are free to decide but the internship end date should be at least two weeks prior to the internship final assessment/exam.
- Orario: 8:00 - 18:00.
- Oggetto dell’offerta: Title of the internship project.
- Obiettivi in termini di capacità e conoscenze da acquisire durante il tirocinio ed attività previste per raggiungerli: Simple abstract of the internship project.
- Attività previste: List all the activities you foresee carrying out.
You MUST register (verbalizzare) the internship before the graduation requirements deadline.
Available Theses
P4 - Network Security
| Type | Description | References |
|---|---|---|
| Research | Analysis of the paper "Cerberus: Enabling Efficient and Effective In-Network Monitoring on Programmable Switches", analysis of the code in the repository, and execution of some simple tests. | Cerberus Paper, Github Repo |
| Research | Analysis of the paper "A Robust Counting Sketch for Data Plane Intrusion Detection". If feasible, re-implement part of the work in a simple P4 PoC. | NDSS Paper page |
5G Time Series Analysis
| Type | Description | References |
|---|---|---|
| Research | Analysis of the paper and models of Chronos-2 for probabilistic time series forecasting, and experimental evaluation of Chronos on 5G traffic time series from real or emulated mobile networks. | Chronos-2 Paper, Chronos GitHub |
| Research | Study of the catch22 feature set for time series, extraction of canonical features from 5G connection time series, and evaluation for clustering, characterization, and anomaly/usage pattern detection. | catch22 Paper, catch22 GitHub |
| Research | Analysis of the hctsa framework for highly comparative time series analysis, extraction of large feature spaces from 5G traffic time series, and study of their usefulness for profiling and anomaly detection. | hctsa Paper, hctsa GitHub |
| Research | In-depth study of the paper “Time Series Anomaly Detection using Diffusion-based Models” and implementation of its diffusion-based pipelines to detect anomalies in multivariate 5G traffic time series. | Diffusion-based AD Paper, DiffusionAE GitHub |
| Research | Analysis of the paper “NHITS: Neural Hierarchical Interpolation for Time Series Forecasting” and experimental evaluation of NHITS for long-horizon forecasting on 5G traffic and connection load time series. | NHITS Paper, NHITS GitHub |
| Research | Study of the GIFT-EVAL benchmark for general time series forecasting models and execution of selected benchmark models on 5G connection time series, comparing them with traditional domain-specific baselines. | GIFT-EVAL Paper, GIFT-EVAL GitHub |
| Research | Analysis of the Orion machine learning library for unsupervised time series anomaly detection and configuration of Orion pipelines to detect anomalies in 5G network metrics and connection time series. | Orion Thesis, Orion GitHub |
| Research | Study of the TFB benchmark “Towards Comprehensive and Fair Benchmarking of Time Series Forecasting Methods” and use of its framework to compare classical and deep models on 5G forecasting tasks. | TFB Paper, TFB GitHub |
| Research | Study of the TAB benchmark “Unified Benchmarking of Time Series Anomaly Detection Methods” and use of its framework to test models on 5G anomaly detection tasks. | TAB Paper, TAB GitHub |
| Research | Analysis of the paper “LightGTS: A Lightweight General Time Series Forecasting Model” and evaluation of this lightweight foundation model on 5G traffic time series under zero-shot and fine-tuned settings. | LightGTS Paper, LightGTS GitHub |
| Research | Study of the RobustSTL algorithm for seasonal-trend decomposition on long time series, and application of RobustSTL to 5G traffic data to separate trend, seasonality, and residual anomalies. | RobustSTL Paper, RobustSTL GitHub |
| Research | Analysis of the paper “Fast RobustSTL: Efficient and Robust Seasonal-Trend Decomposition for Time Series with Complex Patterns” and testing of its fast decomposition on high-frequency 5G traffic series. | Fast RobustSTL Paper, Fast RobustSTL GitHub |
| Research | Porting to Python of the STR (Seasonal-Trend decomposition using Regression) method implemented in the R package stR, and validation of the new implementation on synthetic and real 5G time series. | STR Paper, stR Package |
| Research | Porting to Python of the robust STR (RSTR) seasonal-trend decomposition method, and comparison of STR and RSTR robustness on noisy and anomaly-rich 5G traffic and connection time series. | RSTR Documentation, stR CRAN Package |
| Research | Study of trend–seasonal decomposition based on Singular Spectrum Analysis (SSA) and development of SSA-based pipelines to extract trend and periodic components from 5G traffic and connection time series. | SSA Decomposition Thesis, SSALib GitHub |
INDUSTRIAL SECURITY
| Type | Description | References |
|---|---|---|
| Compilative | Analysis and description of the New Machinery Regulation (“Nuovo Regolamento Macchine”), Italian legislation relating to safety in an industrial environment. | Regulation |
| Research | Analysis of the "Anomaly Detection Evaluation Framework for Industrial Control Systems" and execution of some test using available anomay detectors. | ADEF Github |
| Research | Analysis of the tool "Joern - The Bug Hunter's Workbench" for the creation of code property graphs (CPGs). Then, apply CPGs to the static analysis of binary PLC programs. | Joern Github |
| Research | Analysis of the tool "Triton", a dynamic binary analysis library for dynamic symbolic execution. Then, apply Triton to the dynamic analysis of binary PLC programs. | Triton Github |
| Research | Analysis of the paper "IFFSET: In-Field Fuzzing of Industrial Control Systems using System Emulation" and execution of fuzzing tests over the firmware image from a WAGO PLC. | Paper, Github repo |
| Research | Implementation of a virtualized RTU unit simulator in our Kathara Cyber Range, plus implementation of the necessary GUI components for adding it in a network scenario. The implementation is described in the linked Github repository. | Github |
| Research | Analysis of the paper "EmuFlex: A Flexible OT Testbed for Security Experiments with OPC UA" and porting of the OT security testbed to the Kathara framework. | Article, Github repo |
| Research | Analysis of the paper "From Standard to Practice: Towards ISA/IEC 62443-Conform Public Key Infrastructures" and implementation of the proposed guidelines in OPC UA. | Article |
| Research | Analysis of the paper "Information Hiding in Industrial Control Systems: An OPC UA based Supply Chain Attack and its Detection" and implementation of the attack in an OT testbed based on OpenPLC. | Article, OT Testbed |
| Research | Analysis of the paper "ICS-Sniper: A Targeted Blackhole Attack on Encrypted ICS Traffic", re-implementation of the virtualized testbed described in the paper, and execution of some simple tests. | ICS-Sniper paper |
| Research | Analysis of the paper "By the Numbers: Towards Standard Evaluation Metrics for Programmable Logic Controllers’ Defenses" and implementation of the proposed security metrics in OpenPLC. | Paper |
| Research | Analysis of the paper "Black Flag Breach: ROP Attacks on Software PLCs", analysis of the code in the repository, and execution of some simple tests involving the Modbus protocol. | Paper, Github |
| Research | Analysis of the paper "Towards PLC-Specific Binary Analysis Tools: An Investigation of Codesys-Compiled PLC Software Applications". Based on what it is described on the paper, then try to reverse engineer some binaries using the ICSREF tool. | Paper, ICSREF github |
| Research | Analysis of the paper "ICSPatch: Automated Vulnerability Localization and Non-Intrusive Hotpatching in Industrial Control Systems using Data Dependence Graphs", analysis of the code in the repository, and execution of some simple tests. | ICSPatch Paper, Github repo |
| Research | LLMs for PLCs control logic. Analysis of the paper "LLM4PLC: Harnessing Large Language Models for Verifiable Programming of PLCs in Industrial Control Systems", analysis of the code in the repository, and execution of some simple tests. | Paper, Github Repo |
| Research | LLMs for PLCs control logic. Analysis of the paper "LLM-based and Retrieval-Augmented Control Code Generation", analysis of the code in the repository, and execution of some simple tests. | Paper, Github Repo |
| Research | Analysis of the paper "ICSML: Industrial Control Systems ML Framework for native inference using IEC 61131-3 code", analysis of the code in the repository, and execution of some simple tests. | Paper, Github Repo |
| Research | Integration of the Modelica OPC UA Tool developed by Wolfram with an OPC UA testbed for Industrial Control Simulation and Hardware in the loop. | Tool, Testbed |
| Research | Experiments with the Industrial Control Systems Modelica Library for ICS real-time simulation. | Library |
INDUSTRIAL SECURITY x AI
| Type | Description | References |
|---|---|---|
| Research | Reconstruction-based Anomaly Detection for Industrial Control Systems. This thesis aims to implement a deep learning anomaly detector for industrial control systems. | Paper |
| Research | Explainable Anomaly Detection for Industrial Control Systems. This thesis aims to analyze and implement XAI methods for anomaly detection in industrial control systems. | Paper |
| Research | Adversarial attacks on machine learning cybersecurity defences in Industrial Control Systems. This thesis aims to analyze and implement adversarial attacks to Reconstruction-based Anomaly Detection for Industrial Control Systems. | Paper |
| Research | Adversarial purification based on Diffusion Models in Industrial Control Systems. This thesis aims to analyze and implement adversarial purification defenses based on Diffusion Models for Reconstruction-based Anomaly Detectors in Industrial Control Systems. | Paper |
| Research | Benchmarking LLM Time Series Foundation Models for Anomaly Detection in Industrial Control Systems. This thesis aims to analyze, implement and benchmark Anomaly Detectors in Industrial Control Systems based on LLM Time Series Foundation Models. | Chronos Paper, OpenTSLM |
| Research | Continual Learning for Anomaly Detection in Industrial Control Systems. This thesis aims to explore continual fine-tuning techniques for LLM Time Series Foundation Models targeted at Anomaly Detection. | Paper |
SECURITY OF UNMANNED UNDERWATER AUTONOMOUS VEHICLES
| Type | Description | References |
|---|---|---|
| Research | Instantiate an UNMANNED UNDERWATER AUTONOMOUS VEHICLES simulator that it is able to perform easy task. In the literature there are several open source projects, the most promising one is DAVE Project Link. Goal of this thesis is to deploy a version of a simulator. | Other reference |