Static and Dynamic Analysis of Embedded TCP/IP Stack


Supervision: Ali Abbasi

Start date: as soon as possible

Duration: 6 Month

More details:


From critical infrastructure to consumer electronics, embedded systems are all around us and underpin the technological fabric of everyday life. Just like any computer, these devices contain vulnerabilities that can be exploited by attackers.

In this thesis, initially, you are going to statically analyse the source code of a major COTS TCP/IP stack of embedded systems. Once completed, you move on to the second part which is using fuzzing technique to fuzz the existing TCP/IP stack of embedded systems.


The student is expected to have a background on vulnerability analysis, triaging, or at least passed the Schwachstellenanalyse and Programmanalyze at the Chair of System Security. The student is expected to be comfortable in reading ARM/x86 assembly code as well as programming in a language suited for the task (e. g., C/C++, Python). Knowledge of AFL and IDA Pro/Ghidra is a plus.