KIT Career ServiceStudierendeAbschlussarbeiten

Audit log data conversion and enhancement for DARPA TC Engagement CDM records

Forschungsthema/Bereich
Security, Data Science, KI/ML
Typ der Abschlussarbeit
Master
Startzeitpunkt
08.12.2025
Bewerbungsschluss
01.01.2027
Dauer der Arbeit
6 Monate

Beschreibung

The de-facto standard datasets for evaluating APT attack detection approaches are the DARPA Transparent Computing (TC) Engagement 3 and 5 datasets. Many attack detection approach implementations are evaluated using these datasets and thus feature parsers for this specific data format. To integrate the dataset from our cyber range, we want to convert the raw audit data to the DARPA CDM format.

For this, different methods of data conversion and enrichment shall be implemented and evaluated. DARPA provides an API for their existing Kafka-based code to generate CDM records, which can be used to implement a naive data mapping utility.

Also, MoCoRe by Gstür et al. shall be used for data conversion and its data enrichment capabilities. With MoCoRe, additional data can be extracted and visualisations like network and provenance graphs be created.

See https://www.iai.kit.edu/english/973_5479.php for the original thesis announcement including figures.


Main Tasks:
• Familiarization with the TC Engagement datasets and data format and auditing systems for Linux and Windows
• Evaluating the use and benefit of ML for data extraction, conversion and validation
• Implementation of a data conversion utility
• Implementation of data enrichment and visualisation
• Evaluating and validation of the data

What we offer:
• Possibility of contributing to scientific publications
• Close supervision
• Thesis in English or German possible
• Opportunity to work with machine learning models and research data
• Student assistant position or familiarisation period possible

Voraussetzung

Voraussetzungen an Studierende
  • Studies in Computer Science
  • Python, C++ or Java programming skills
  • Basic understanding of machine learning and data types
  • Basic knowledge of system calls and network traffic

Studiengangsbereiche
  • Ingenieurwissenschaften
    Informatik


Betreuung

Titel, Vorname, Name
Richard Rudolph, Moritz Gstür
Organisationseinheit
Institut für Automation und angewandte Informatik (IAI)
E-Mail Adresse
richard.rudolph@kit.edu
Link zur eigenen Homepage/Personenseite
Website

Bewerbung per E-Mail

Bewerbungsunterlagen
  • Anschreiben
  • Notenauszug

E-Mail Adresse für die Bewerbung
Senden Sie die oben genannten Bewerbungsunterlagen bitte per Mail an richard.rudolph@kit.edu


Zurück