KIT Career ServiceStudierendeAbschlussarbeiten

Creation of realistic benign behavior for cyber range VM clients with ML methods

Forschungsthema/Bereich
Agentic AI, Security
Typ der Abschlussarbeit
Bachelor / Master
Startzeitpunkt
08.12.2025
Bewerbungsschluss
01.01.2027
Dauer der Arbeit
4-6 Months

Beschreibung

To detect attacks from advanced persistent threats (APT), researchers require data of such attacks to analyse them and subsequently develop detection methods. The mulation and recording of realistic APT attacks requires a flexible infrastructure to accommodate for the changing needs of different APT attack scenarios.

Our cyber range, working title attack range open stack (AROS), is such a flexible infrastructure. Using Ansible, Terraform and OpenStack, we are able to provision and setup code-defined infrastructures in an automated and repeatable manner. With our cyber range, we implement and recreate known APT attacks to create datasets and research APT attacks and detection approaches. For this, we create a target infrastructure and execute a real cyber attack, which is then recorded thoroughly.

What we need is a method to automatically generate realistic, normal / benign behavior for all our hosts. The generated behavior has to feature a significant variance, so learning algorithms cannot easily detect our benign behavior as a repeating pattern. It has to manifest in network communication and OS logs and system calls. This can be usual office PC uses, web browsing, etc.

See https://www.iai.kit.edu/english/973_5561.php for the full thesis announcement including figures.

Main Tasks:
• Evaluate different methods to create benign behavior
• Evaluate the use of ML and AI agents
• Create working prototype to generate live benign behavior in VMs with a given profile and time constraint or until stopped
• Ensure the prototype works with our cyber range
• Evaluate your work against other solutions

What we offer:
• Possibility of contributing to scientific publications
• Close supervision
• Thesis in English or German possible
• Opportunity to work with machine learning models and research data
• Student assistant position or familiarisation period possible

Voraussetzung

Voraussetzungen an Studierende
  • Studies in Computer Science or adjacent
  • Basic understanding of machine learning
  • Basic knowledge of operating systems, system calls and network traffic

Studiengangsbereiche
  • Ingenieurwissenschaften
    Informatik


Betreuung

Titel, Vorname, Name
Richard Rudolph
Organisationseinheit
Institut für Automation und angewandte Informatik (IAI)
E-Mail Adresse
richard.rudolph@kit.edu
Link zur eigenen Homepage/Personenseite
Website

Bewerbung per E-Mail

Bewerbungsunterlagen
  • Anschreiben
  • Lebenslauf
  • Notenauszug

E-Mail Adresse für die Bewerbung
Senden Sie die oben genannten Bewerbungsunterlagen bitte per Mail an richard.rudolph@kit.edu


Zurück