Dipl.-Inform. Raphael Ernst

Researcher at Fraunhofer FKIE

Contact
Phone: +49 228 50212-562
Fax: +49 228 73-4571
Email: ernst@REMOVETHISPART.informatik.uni-bonn.de
Public key: 0x6C2DF2C5
   
Address
  Institute of Computer Science 4
Friedrich-Ebert-Allee 144
53113 Bonn
Germany
Room: Zanderstr. 5, 2.25
 

Publications

Publication overview

 


Open Topics for Seminars, Labs, Bachelor Project Groups

-- Extending the Malware Analysis and Storage System (MASS) (BaPG, Lab) --

The Malware Analysis and Storage System provides a distributed and scalable architecture to analyze malware samples. The MASS server contains a database of all submitted malware samples and all the gathered analysis data. Analysis systems are connected to the MASS server and automatically receive new samples in order to execute an analysis. Researchers can obtain the analysis results via the MASS web interface or the REST API.

The project goal is to create a flexible and reusable platform for malware analysis which empowers collaboration between malware researchers. MASS is free and open source software licensed under the terms of the MIT license.

Open topics are listed on the MASS homepage. Feel free to suggest your own ideas.

Open for

Bachelor Project Groups and Master Labs

-- Firmware Crawler (BaPG) --

Does your webcam have the newest firmware? Should you update your router? Android, Windows, and most Linux distributions come with automatic updates and/or centralized management tools for the installed software. Some IoT devices bring auto update features or can notify the users about updates. Most don't.

This project should evaluate and implement a tool to crawler a vendor page and list all available firmware version with version number, release date, and supported devices.

Open for

Bachelor Project Groups

-- Data Analysis on Public Forums (BaPG, Lab) --

Recent and past data leaks have been released on public channels like 4chan and pastebin. This project should evaluate ways to analyze the published data or develop tools making these forums easily accessible (e.g., develop a library to access individual contents).

This topic is open for your personal interest. You may develop tools to analyze the data, run some big data analysis on previously collected data, apply machine learning approaches etc.

Open for

Bachelor Project Grous, Labs

-- Malware Metastudy (Seminar) --

Mathematics have a long science tradition with high standards when research is reviewed. These review standards guarantee a high confidence in published results and allow other research „to stand on the shoulders of giants“. Although, computer science started as a close relative to mathematics with its high standards and common tools, it deviated, expanded, and changed a lot. Therefore, the computer science's community follow own rules and habits. Especially practial fields like „Network Research“ and „Malware Analysis“ have a strong engineering influence and follow less formal approaches. Kurkowski et al. published a paper discussing the credibility of recent MANET simulation studies [1]. They found common flaws in most papers rendering the results doubtful as they are not reproducible. Rossow et al. [2] showed a similar problem for malware experiments. Assuming that mathematicians allow their fellow researchers „to stand on the shoulders of giants“. What do computer scientists do? Do we stay on feets of clay?

The malware analysis community publishes on serveral conference. These conference are the
exchange places and must guarantee the quality of published work such that fellow researchers can
trust their results.

  • Analyze which conferences are important in the field of malware research. How do they guarantee the published paper quality? Which are top conferences? How are they ranked?
  • Discuss in your report general requirements for scientific work and dicuss how these requirements should be applied to malware research. Pick some papers from conferences and check the soundness of the results. Do you observe shortcomings in recent malware research papers?

The seminar must focus on the paper quality of malware research publications and criteria to assess the quality. Conference rankings should not become the most important part. The seminar topic is widespread and allows you to work in groups or alone.

References

  • [1] S. Kurkowski, T. Camp, M. Colagrosso: ''MANET simulation studies: the incredibles'', ACM SIGMOBILE Mobile Computing and Communications Review, Volume 9 Issue 4, October 2005
  • [2] C. Rossow et al.: ''Prudent Practices for Designing Malware Experiments: Status Quo and Outlook'', Proc. of IEEE Symposium on Security and Privacy (SP), 2012

Open for

Seminars