Students are welcome to join any of the research projects.
Office HoursPlease schedule an appointment with me by email prior to coming to my office hour.
NEW VENUE: Please come to my office at SBA Research (Floragasse 7, 5th floor)
Seminar papers, Student Projects (Seminare, Praktika, etc.)
Have a look at some of my students' great work.
PhD - Organizational Information
A very good overview of what PhD is, what the standards are, etc.: http://spaf.cerias.purdue.edu/grads.html
What is the difference between a master's degree and a Ph.D.? Please read:
Jason Hong. 2013. Ph.D. students must break away from undergraduate mentality. Commun. ACM 56, 7 (July 2013), 10-11. DOI=10.1145/2483852.2483857 (CACM Blog)
You and Your Research (transcript)
What a great PhD thesis should like:
- Bryan Parno, Trust Extension as a Mechanism for Secure Code Execution on Commodity Computers, Dissertation Carnegie Mellon University, 2010 (2010 Doctorial Dissertation Award for Security, ACM)
- Mathias J. Payer, Safe Loading and Efficient Runtime Confinement: A Foundation for Secure Execution, ETH Zurich 2012. (Abstract, PDF)
Old, but still valid. The Researcher's Bible by Alan Bundy, Ben du Boulay, Jim Howe and Gordon Plotkin from the University of Edinburgh.
Systemic Reviews for Software Engineering.Articles you should read:
- How to write your Ph.D. thesis
- How to Review (Smith)
- Comparative LiteratureReview
- Patricia Beatty, Ian Reay, Scott Dick, and James Miller. 2011. Consumer trust in e-commerce web sites: A meta-study. ACM Comput. Surv. 43, 3, Article 14 (April 2011), 46 pages. DOI=10.1145/1922649.1922651 http://doi.acm.org/10.1145/1922649.1922651
- Establishing Writing Groups and Norman Ramsey's Handbook
Master's Thesis - Organizational Information
You will need to take some courses in IT security (at TU) and at least one 'praktikum' with me before you can do a Master's thesis with me.
Your thesis needs to be written in English.
Please look at Purdue's Online Writing Lab. It is a great resource!'
Please prepare an abstract for the thesis that contains following items
- Problem statement and Goal of the work
- Expected outcome / results
- Research methodology
- Preliminary schedule and planned workpackages
- State-of-the art (including at least 4 references to relevant research)
- Please use http://slimtimer.com/ or an excel sheet to record your working hours. This will give you (and me) a better overview whether you work efficiently on your thesis...
- approx. 25000 words
- min. working hours 750 (30 ECTS)
- References. Please use ACM (http://www.acm.org/publications/latex_style/), IEEE (http://www2.computer.org/portal/web/cscps/formatting) or APA style (http://owl.english.purdue.edu/owl/resource/560/05/). Personally I prefer ACM but all three are fine.
- Please look at Prof. Werthner's checklist (http://www.ec.tuwien.ac.at/ec/teaching/master_topics/guide)
Open Research Topics
- Bidding strategies and fraud
- Cost calculation and risk analysis (break even, etc) for cloud storage, energy efficiency (encryption) (starting points http://dx.doi.org/10.1109/MC.2010.115 http://dx.doi.org/10.1109/MC.2010.98)
- e-commerce protocols in practice (fairness, ttp, ...)
- Database Forensics (Oracle Flashback Queries, System tables, Oracle Label Extensions)
- Studies / Questionnaires: e.g. E2E auditable e-voting protocols
- Compare vulnerabilities of different types of open source software (Moodle vs. Bulleting boards)
Text books I like
- William Stallings, Computer Security, Pearson International Edition. Very good book. Required reading for all serious master's students.
- Matt Bishop, Computer Security: Art and Science (Do not by mistake get 'Introduction to Computer Security'). The most comprehensive book. Required Reading for PhD candidates. Unfortunately there are many errors in the book, making parts almost unreadable without the errata (http://nob.cs.ucdavis.edu/book/book-aands/index.html)
- Gary McGraw, Software Security: Building Security In. Excellent book for all software developers
- Dieter Gollmann, Computer Security. Short but good depth.
- Michael Howard, The Security Development Lifecycle. Excellent book. Get this one or Gary McGraw's.
- Julia Allen, Software Security Engineering. Nice if you have enough budget.
- Charles E. Pfleeger, Security in Computing. A classic and excellent textbook, many parts are very easy and should be general knowledge of CS students.
Research Methods in Social Sciences
- Nicola Döring, Jürgen Bortz, Sandra Poschl, Forschungsmethoden und Evaluation: in den Sozial- und Humanwissenschaften, Springer, 2014.
- Uwe Flick, Qualitative Sozialforschung, rowohlts enzyklopädie, 2007 (3. Auflage 2010).
Conferences, Journals, Videos & other stuffthat can give you ideas on research topics
- Usenix Security
- ACM CCS
- IEEE S&P
- ACM TOPS (fromer TISSEC)
- Purdue University Security Seminar
- Elsevier Computers & Security
- Science Direct
- Ed Felton's reading list (dated 2013 but still nice)
- The best bibliography on blockchain and distributed ledgers. I have to admit my PhD students created it...
- Davide Balzarotti's System Security Circus v3.0
- Conference/Journal Rakings