Edgar R. Weippl

Office Hours

Thu 4pm; cancelled on:

• Jan 28
: Contact me by email for individual appointments

Seminar papers, Student Projects (Seminare, Praktika, etc.)

Master's Thesis - Organizational Information

You will need to take some courses in IT security (at TU) and at least one 'praktikum' with me before you can do a Master's thesis with me. Your thesis needs to be written in English.

Please prepare an abstract for the thesis that contains following items

• Problem statement
• Expected outcome / results
• Research methodology
• State-of-the art (including at least 4 references to relevant research)

• Please use http://slimtimer.com/ or an excel sheet to record your working hours. This will give you (and me) a better overview whether you work efficiently on your thesis...
• approx. 25000 words
• min. working hours 750 (30 ECTS)
• References. Please use ACM (http://www.acm.org/publications/latex_style/), IEEE (http://www2.computer.org/portal/web/cscps/formatting) or APA style (http://owl.english.purdue.edu/owl/resource/560/05/). Personally I prefer ACM but all three are fine.
• Please look at Prof. Werthner's checklist (http://ifs.tuwien.ac.at/ec/teaching/mastertheses)

• http://dl.dropbox.com/u/407569/Web/TU/ResearchMethodology.pdf
• http://dl.dropbox.com/u/407569/Web/TU/how_to_review_smith-advice.pdf
• http://dl.dropbox.com/u/407569/Web/TU/comparativeLiteratureReview.pdf
• http://dl.dropbox.com/u/407569/Web/TU/HowToReview.pdf

• http://www.informatik.tuwien.ac.at/studium/richtlinien/
• http://info.tuwien.ac.at/dekzent/
• http://info.tuwien.ac.at/dekzent/Formulare_Studenten.htm
• http://info.tuwien.ac.at/dekzent/2DP.html

• http://www.swoopo.de bidding strategies and fraud
• Recovery of distributed transactions from malicious attacks (internal note: review IFS-2009-0264)
• Information Integration Personal Computer + Cloud Systems (AC, Search, etc.)
• Database Forensics (Oracle Flashback Queries, System tables, Oracle Label Extensions)
• Database Security
• Truecrypt - Hidden Volumes - Coverstory
• Memory Forensics - DMA
• Studies / Questionnaires: e.g. E2E auditable e-voting protocols
• Virtualization: Security issues of memory separation
• Role Engineering / role mining
• Attacks on Social Networks, Privacy in Social Networks

Text books I like

• Matt Bishop, Computer Security: Art and Science (Do not by mistake get 'Introduction to Computer Security'). The most comprehensive book. Required Reading for PhD candidates. Unfortunately there are many errors in the book, making parts almost unreadable without the errata (http://nob.cs.ucdavis.edu/book/book-aands/index.html)
• William Stallings, Computer Security, Pearson International Edition. Very good book. Required reading for all serious master's students.
• Gary McGraw, Software Security: Building Security In. Excellent book for all software developers
• Dieter Gollmann, Computer Security. Short but good depth.
• Michael Howard, The Security Development Lifecycle. Excellent book. Get this one or Gary McGraw's.
• Julia Allen, Software Security Engineering. Nice if you have enough budget.
• Charles E. Pfleeger, Security in Computing. A classic and excellent textbook, many parts are very easy and should be general knowledge of CS students.

Reviews.com