Main Research Areas for Bachelor / Master Theses and Practical Projects

In the following you will find the main research areas for which we offer bachelor and master theses as well as practical projects (individual / group projects) and seminars. For a specific topic and questions about the research areas, please contact the appropriate contact person.

Social Engineering

Cybercrime currently causes global economic damage amounting to several trillion euros (Germany 2018: approx. 100 billion euros). According to expert analyses, in up to 90% of cases this damage is a direct or indirect result of attacks that focus on humans. Here, attackers exploit authority, fear, curiosity or helpfulness with the aim of manipulating their victims to obtain sensitive data. Examples include phone calls to obtain user credentials, emails containing attachments with malware to gain access to protected networks, or deep fakes to fake an identity.

Theses in this area address a variety of questions:

  • How do people behave during social engineering attacks?
  • How can social engineering attacks be detected?
  • Which context factors favor social engineering attacks?
  • How can user interfaces be developed to protect against social engineering attacks?

 

Recommended Skills and Interests

  • Interest in human-centered attacks
  • Knowledge in qualitative and/or quantitative research methods
  • Interest in conducting a thorough literature review

 

Readings

 

Contact

Dr. Verena Distler

Felix Dietz

Security and Privacy in Mixed Reality

Mixed Reality devices quickly find their way into users’ daily life, in particular in the form of head-mounted displays. Users can emerge into virtual worlds or augment the virtual world with physical content, supporting a wide range of application areas, including but not limited to entertainment, work, training, and wellbeing. While these technologies allow an ever-increasing number of exciting features to be built for the aforementioned areas, they also pose challenges and create opportunities for security and privacy.

Theses in this area will broadly deal with two questions: (1) How can Mixed Reality address existing privacy and security challenges? (2) Which challenges regarding privacy and security emerge in the context of Mixed Reality and how can these be mitigated?

 

Recommended Skills and Interests

  • Interest in VR/AR technology
  • Knowledge in qualitative and/or quantitative research methods
  • Interest in conducting a thorough literature review
  • Interest in learning, e.g Unity

 

Readings | Literatur

 

Contact

Oliver Hein

Felix Dietz

Behavioral Biometrics

The use of biometric mechanisms – that is authentication that is based on unique features of a user's physique or behaviour – is a convenient and fast alternative to classical token- or knowledge-based authentication. Popular representatives are e.g. fingerprint, face recognition or keystroke biometrics. However, those systems are usually based on machine learning algorithms and thus decisions are both hard to comprehend and influence for users.

 

In this research area we explore novel approaches to empower users to understand and influence the outcome of (black box) biometric systems and build nove approaches with the user in mind.

Some of the questions guiding this work are:

  • How can users explore and understand influences on the decision making process of biometric systems
  • How can user interfaces for biometric systems be designed to more clearly communicate robustness and accuracy of predictions
  • How can users influence how they are recognized, i.e. by changing their behaviour
  • How can users be nudged to show more unique behaviour
  • How can biometric authentication be embedded in natural interaction

Specific research approaches include but are not limited to investigations of (real-world) user behavior (for example, using observations, interviews, surveys) as well as design, implementation and evaluation of novel security and privacy concepts.

 

Recommended Skills and Interests

  • General interest in biometrics, authentication and machine learning
  • Knowledge in qualitative and/or quantitative research methods
  • Solid programming skills (e.g. Python or Android)

 

Readings

 

Sample Thesis

Reauthentication Concepts for Biometric Authentication Systems on Mobile Devices

 

Contact

Lukas Mecke

Gaze for Security Applications

Eye trackers are increasingly becoming more accurate, affordable, and are already integrated into some consumer devices. The use of gaze behavioural data can reveal many information about the user. It can also be used as a biometric to enhance user’s security and enable novel authentication concepts.

 

In this research area we explore the use of gaze to enhance security systems/mechanisms. This work tries to answer -and not limited to - the following research questions:

  • What are the characteristics of users’ gaze in security-related contexts? 
  • How can existing security mechanisms be enhanced by means of gaze data?
  • How can gaze data be leveraged to design novel security mechanisms?
  • How can gaze-aware secure systems protect users’ privacy?
 

Recommended Skills and Interests

  • Interest in Security/privacy
  • Interest to learn about eye tracking and machine learning
  • Knowledge in qualitative and / or quantitative research methods
  • Interest in research in the field
  • Good programming skills

 

Readings

 

Contact

Yasmeen Abdrabou

Usable Security in Smart Homes

Smart devices are increasingly finding their way into users’ everyday life, in particular in their homes. While many of these devices collect, share, or provide access to sensitive data (e.g., a smart fridge or light switch monitoring usage, a digital assistant collecting audio data, a smart TV or vacuum cleaner recording video data), there is currently a lack of appropriate security and privacy mechanisms.

In this research area we explore novel approaches to protect sensitive data. The work is guided by the following questions, among others:

  • How do people use smart devices and which concerns do they have?
  • How can we design mechanisms that cater to the needs and concerns of different stakeholders (e.g., owners, primary users, visitors)?
  • What are users’ views towards smart technologies?
  • How can users be provided control over smart devices and the data they collect?

Specific research approaches include but are not limited to investigations of (real-world) user behavior (for example, using observations, interviews, surveys) as well as design, implementation and evaluation of novel security and privacy concepts.

 

Recommended Skills and Interests

  • Interest in intelligent environments / IoT
  • Knowledge in qualitative and / or quantitative research methods
  • Interest in research in the field
  • Good programming skills
  • Independent thinking and creative problem solving
 

Readings

 

Sample Thesis

Privacy Mental Models of Smart Homes

 

Contact

Virtual Reality

The advent of Virtual Reality (VR) devices provides an opportunity to transfer parts of the research until now being conducted in the field to the lab. The reason is that virtual reality allows for creating realistic experiences that elicit behavior comparable to the real world. The objective of this thesis is to investigate, which research questions are particularly suitable for investigation in VR. In particular, the task of the student is to review previous work that investigated VR as a research tool. Subsequently, one application area should be investigated in more detail. The work will be complemented by a discussion of the strengths and weaknesses of the approach and how it can be expected to generalize to other application areas.

 

Recommended Skills and Interests

  • Interest in VR/AR technology
  • Knowledge in qualitative and/or quantitative research methods
  • Interest in conducting a thorough literature review
  • Interest in learning, e.g Unity
 
Contact

Oliver Hein

Tangible Secure User Interfaces

In the era of ubiquitous computing, users’ security and privacy is at risk at almost all times. Security and privacy assistants support their users in becoming aware of these risks and taking the appropriate measures to protect their data. However, they often suffer from being too complex, not intuitive and non-engaging. Hence, in order to truly enable less tech-savvy or inexperienced persons to use security and privacy assistants, we argue that such mechanisms must become tangible.

 

Recommended Skills and Interests

  • Interest in Usable Security
  • Knowledge in the area of human-computer interaction & qualitative and/or quantitative research methods
  • Independent thinking and creative problem solving
  • For some projects: interest in Fabrication (e.g. 3D modeling/printing, electronics, soldering)

 

Readings

 

Contact

Sarah Delgado Rodriguez

Further recently offered topics

You can find the recently offered topics for bachelor and master theses, term papers and practical projects above. If you are interested in any topic and want to discuss more detailed questions please don't hesitate to contact us.
 

Title

Supervisor

 

BA/MA Offline (Quantum) Key Distribution II - Security Analysis: Perceived vs. Real Security

Imagine Bob’s office is connected via a (quantum-)encrypted connection to a server. How could Bob access this server from his home office if he does not have the necessary hardware at home? Well, he could get keys in his office and save them on his personal key-safe token. He could subsequently use the token at home and connect to the server.

The topic of offline distribution of cryptographic keys is interesting for researchers and practitioners alike, even outside the QKD context. Your thesis would evolve around the evaluation of already existing consumer devices that could be used to store and transport QKD keys (or symmetric cryptographic keys in general).

Please refer to this PDF for more detailed information on this thesis topic.

Sarah Delgado Rodriguez

 

BA/MA: Usable Security in VR/AR

 

Usable security for virtual and augmented reality systems (VR/AR) is an area that is relatively underexplored. This thesis aims to investigate the feasibility of authentication mechanisms for VR/AR, while considering the usability and security aspects, specifically potential attacks.

Tasks

  • Get familiar with VR/AR hardware and software
  • Get familiar with authentication techniques
  • Find and study related literature
  • Develop\reuse software tracking the body motion and model it in VR
  • Design a user study
  • Conduct a user study
  • Do a statistical evaluation
  • Write all down in a thesis

 

Preferred (but not necessary) qualification

  • Knowledge in the area of human computer interaction
  • Independent thinking and creative problem solving
  • Experience in programming with Unity a plus
Dr. Yomna Abdelrahman  
BA/MA: Self Perception in VR
 
Rendering the user's body in virtual reality increases immersion and presence the illusion of being there. Recent technology enables determining the pose and position of the body to render them accordingly while interacting within the virtual environment. However, it is unclear how users perceive different avatar styles. Additionally, how any manipulation in the avatars representation would influence the users' states. In this thesis, we aim to explore the influencing factors of avatar perception.
 
Tasks
  • Get familiar with VR and OptiTracker hardware and software
  • Find and study related literature
  • Develop / reuse software tracking the body motion and model it in VR
  • Design a user study
  • Conduct a user study
  • Do a statistical evaluation
  • Write all down in a thesis
 
Preferred (but not necessary) qualification
  • Knowledge in the area of human computer interaction
  • Independent thinking and creative problem solving
  • Experience in programming with Unity a plus
Dr. Yomna Abdelrahman  

BA/MA: Unobtrusive Stress Detection in Virtual Reality

In the 21st Century, mental health disorders like stress, anxiety and depression have become a part of our daily lives. Current digital systems are largely blind to users'stress states. Systems that adapt to users' states show great potential for creating novel user experiences. However, most approaches for sensing stress, involve obtrusive technologies, such as physiological sensors attached to users' bodies and not yet adapted to VR/AR. In this thesis, we aim to explore unobtrusive sensors for detecting stress, while considering VR/AR setups.

 

Tasks
  • Get familiar with VR/AR hardware and software
  • Get familiar with stress and affective computing
  • Find and study related literature
  • Develop\reuse software tracking the body motion and model it in VR
  • Design a user study
  • Conduct a user study
  • Do a statistical evaluation
  • Write all down in a thesis
 
Preferred (but not necessary) qualification
  • Knowledge in the area of human computer interaction
  • Independent thinking and creative problem solving
  • Experience in programming with Unity a plus
Dr. Yomna Abdelrahman  
BA/MA: Stress-aware User Interfaces in Virtual Reality
 
In the 21st Century, mental health disorders like stress, anxiety and depression have become a part of our daily lives. Current digital systems are largely blind to users' stress states. Systems that adapt to users' states show great potential for creating novel user experiences. In this thesis, we aim to explore unobtrusive sensors for detecting stress and approaches of stress management in VR/AR setups.
 
Tasks
  • Get familiar with VR/AR hardware and software
  • Get familiar with stress and affective computing
  • Find and study related literature
  • Develop\reuse software tracking the body motion and model it in VR
  • Design a user study
  • Conduct a user study
  • Do a statistical evaluation
  • Write all down in a thesis
 
Preferred (but not necessary) qualification
  • Knowledge in the area of human computer interaction
  • Independent thinking and creative problem solving
  • Experience in programming with Unity a plus
Dr. Yomna Abdelrahman  
     

General Information

Master or Bachelor Thesis at the UniBW

A thesis has to be registered at the axamination office after agreeing on a topic. After the registration a bachelor thesis has to be submitted in 3 months and a master thesis in five months. In addition to the submission of the written thesis, an oral presentation is required, too. Find the relevant regulations in ABaMaPO, FPO §5 and in the module manual.
 

 

Our Groups Special Requirements

 The "Usable Security and Privacy" group emphasizes collaboration and exchange of ideas and thus, requires a regular participation in their monthly lab-meetings. An accurate preparation of this meetings is required, too, as the students should prepare a short presentation of their progress in their projects based on some slides.

Please remember to include codes, questionnaires, datasets etc. in the final submission by adding an CD or USB-Stick. We also expect the students to include a short video which presents their project and sums the most important results up (3 to 5 minutes). In general, a documantation of the project with fotos or videos is desired.
 
You can find interesting templates and informations about students' thesis on our downloads page.
 

Examples - Finished thesis

You can find here some examples of finished theses, which can be used as an inspiration for your own thesis:

 

Reauthentication Concepts for Biometric Authentication Systems on Mobile Devices

Bachelors Thesis, Author: Sarah Delgado Rodriguez, LMU Munich, Date of submission 04.10.2018

 

Time-constrained access control for mobile devices

Masters Thesis, Author: Fabian Hartmann, LMU Munich,  Date of submission: 03.08.2015