We are pleased that you are interested in writing your thesis with us. We cover theoretical and practical fields as well as any combination thereof. Similar approaches, organizational regulations, and framework conditions apply to each thesis.

First of all, you should consider which subject areas you are most interested in or which suite you best. Then, you should select at least two topics that you would consider as a thesis topic. An irregularly updated and incomplete list of topics can be found below. Nonetheless, we can also discuss your own idea for a topic. Feel free to contact a chair member by e-mail anytime.

You should send us an e-mail with your preferred topics and shortly state your interest in these topics, which is further strengthened by highlighting your experience in the respective field. We would then discuss the potential topic with you, preferably during a (virtual) personal meeting, to make sure the topic is appropriate for the pursued degree and in line with our area of expertise.

  • Open Topics

    Physical Guards

    AI-based analysis and use of physical signal parameters to secure smart home systems

    The project concept “AI-based analysis and utilization of physical signal parameters for securing smart home systems” involves researching and prototypically developing the so-called “Physical-Guards” approach. This contributes to the research area of “Physical Layer Security” by adapting and further developing the state of science and technology from the fields of IT security and data science/machine learning. The foundation for the research approach is the exploitation of physical parameters (e.g., local signal strength) of wireless communication in smart homes to a) detect attacks on the smart home infrastructure, b) secure the integrity of signals, and c) ensure the confidentiality of security-critical information. Compared to or in conjunction with other IT security measures, Physical-Guards technology promises the following advantages: the physical properties of communication signals are subject to laws of nature. Considering these properties through security infrastructure makes many attack strategies impossible or significantly more difficult. Additionally, security concepts based on the physical layer have the advantage that in smart homes, the large heterogeneity of standards and communication protocols at higher layers does not limit the deployability of security technology due to technical incompatibilities with IoT devices. The project consortium consisting of the University of Mannheim (specifically the two research groups Dependable Systems Engineering (IT security) and Institute for Enterprise Systems (AI/Machine Learning)) as well as the medium-sized industrial technology partners M2M Germany and osapiens.

    Goals or topics of a possible thesis could be:

    1. detect attacks on the smart home infrastructure,
    2. secure the integrity of signals, and/or
    3. ensure the confidentiality of security-critical information.

    As these areas are rather broad, a potential thesis topic will be a subset of the above stated.

    For further details, questions and/or proposals of your own ideas connected with the descripted project, please feel free to contact Yves T. Staudenmaier.

    Analyzing The IoT Or IoT Devices

    This is a more or less generic topic open to anyone who wants to void some warranties of their Internet of Things (IoT) Device(s) to either simply see how things work under the hood or even trying to get IoT Device(s) to do things not designed for in the first place.

    If you already have an IoT Device, bring it, or maybe you have a favorite IoT Device you would like to analyze. Either way, contact Christian Müller to discuss the details.

    Implementations for CrypTool 2

    CrypTool 2 is an open-source program that allows you to try out various cryptographic methods. CrypTool 2 provides a visual programming interface which easily can be used to integrate and manipulate cryptographic functions into workflows. More specifically, the individual cryptographic methods are implemented by so-called plug-ins, which are represented by individual graphical objects. These can be combined with drag & drop on the graphical user interface. This approach makes it easy to visualise complex processes and thus to understand them better.

    Several existing cryptographic methods are to be implemented so that they can be officially recorded in CrypTool 2. This also includes the creation of documentation, the clean structuring and commenting of the source code, etc. The exact selection of the topics to be implemented is discussed with the student and the CrypTool 2 team.

    Contact person: Frederik Armknecht

    Graph Matching Attacks on Match Key based PPRL techniques

    Privacy-Preserving Record-Linkage (PPRL) techniques have been developed to link persons  without violating their privacy. However, a recently proposed graph matching attack on PPRL based on graph similarities seems to allow individuals' re-identification from encoded database. Therefore, the graph matching attack is widely considered a serious threat to many PPRL-approaches.
    A match-key is created by putting together pieces of information to create unique keys that are then hashed and used for automated matching, with the intention of eliminating some of the errors that might otherwise prevent an automated match (in cases where there is a discrepancy in one or more of the matching variables). For example, a match-key might be constructed from the first three characters of an individual’s forename and surname, combined with their date of birth, sex and postcode district. The match-key based PPRL techniques are widely used in practice, usage of such techniques including but not limited to the Office for National Statistics (ONS) of the UK and the Federal Statistical Office of Germany. However, the potential vulnerabilities of the match-key based PPRL techniques have not been exposed. Specifically, the impact of graph matching attacks on match-key based PPRL techniques are not fully researched.
    A variant of match-key approach called Derive and Conquer method was devised by the ONS and used in practice. The goal is to first implement PPRL using Derive and Conquer method, and then
    implement the graph matching attack on such scheme using real/synthetic databases.

    Contact person: Youzhe Heng

  • Registration

    After agreeing on a topic, we discuss the expected content and agree on a preliminary structure, usually in the form of a table of contents. This may serve you as a guide while writing your thesis.

    Before you can start working on your thesis, we need additional information for the official thesis registration. The required information consists of

    • Your full name
    • Your matriculation number
    • Your address
    • Your pursued degree
    • Your study program
    • The language of writing (i.e. English or German)

    The deadline for submitting your thesis is set with registration and depends on the type of thesis and your examination regulations – usually, you have three months for working on a Bachelor's thesis and six months for a Master's thesis.

    Unlike other assessments, a thesis can be started flexibly during a semester irrespective of lecture or examination periods.

  • Form

    In general, we are much more interested in content than in form. You should be able to write down the content in a precise but detailed way and use a scientific writing style. You are free to write your thesis using LaTeX, Word, or any other program. However, we recommend the use of LaTeX.

    Font, font size, line spacing, margins and the like should be reasonable. As a rough guideline, we expect 30 pages for a Bachelor's thesis and 60 pages for a Master's thesis, however, this is not definitive. Depending on the topic, including screenshots, graphics, and source code (snippets) can be beneficial, possibly resulting in a higher total number of pages.

  • Supervision

    It is your responsibility to organize and manage the time available for writing your thesis. Formally, you are not required to keep your supervisor(s) up to date. However, we recommend contacting your supervisor(s) regularly as it helps you to stay on track and to tackle potentially emerging problems early on. Discuss your preferred style of supervision with your supervisor(s).

  • Submission

    You have to submit your thesis no later than the deadline as defined by the registration. As per most examination regulations, you are required to hand in two printed copies including a signed affidavit (cf. your examination regulation for the exact wording), and a digital copy, preferably as a PDF file. You should send the digital version directly to your supervisor(s). Consider using duplex printing for the two hard copies with a binding of your choice.

  • Talk

    Depending on your examination regulations, you may have to present your thesis in form of a talk. However, even if you are not obliged to, we encourage everyone to seize this opportunity as you can strengthen your presentation skills, especially when presenting scientific work to an academic and diverse audience. Such a talk should take about 30 minutes and include five minutes for questions from the audience. Please note that any voluntarily given talk will not be graded.