Skip to end of metadata
Go to start of metadata

This page lists the research topics that are currently available in the Secure Systems group or with our industry partners. Each topic can be structured either as a special assignment or as an MSc thesis depending on the interests, background and experience of the students. If you are interested in a particular topic, send e-mail to the contact person (as well as the responsible ssupervisor: N. Asokan, Tuomas Aura, Lachlan Gunn or Janne Lindqvist) listed explaining your background and interests.

All topics have one or more of the following keywords: 

PLATSEC Platform Security

NETSEC Network Security

ML & SEC Machine learning and Security/Privacy

USABLE Usable security

OTHER Other security research themes



Available research topics for students in the Secure Systems Group


PLATSEC  Private outsourced computation with Blinded Memory

Outsourcing computational tasks to cloud services can be cheap and convenient, but requires a lot of trust in the provider.  How do we know that the cloud provider won't suffer a data breach, or sell our private data?

Blinded Memory (BliMe) aims to modify a CPU so that it can make a convincing promise to its clients that it will not reveal sensitive data outside the system, whether by malware, software vulnerabilities, or even side-channel attacks (such as measuring execution times, or with more advanced attacks like the well-known Meltdown and Spectre).  It does this by using special hardware to import data from outside, then applying a taint-tracking policy to make sure that the data is not revealed, except to the original client.  If the program tries to leak sensitive data, then it will crash.  Achieving this involves several main tasks:

  • Modifying a CPU (Like the open-source Boom core) to import/export data and enforce the taint-tracking policy
  • Modifying the OS to manage all of the above
  • Modifying a compiler (in our case, Clang/LLVM) to produce code that does not inadvertently try to leak data, without too much work by the user
  • Designing protocols for clients to communicate with the new hardware with as few changes as possible
  • Applying this to realistic workloads, such as processing data using machine learning models
  • Validating that the whole design is secure, using both formal and informal methods

As you can see, this is a quite varied project, and there are plenty of ways for people of different backgrounds to get involved.  In general, C or C++ programming skills and a basic information security background will be useful for this project, but this is a big project with a wide variety of tasks, so if any of the above sounds interesting to you, then please get in contact and we can see whether you will be able to fit in somewhere.

For more information, please contact: Lachlan Gunn, email lachlan.gunn@aalto.fi

Further reading:


PLATSEC  Application isolation using SELinux

The Linux feature SELinux enforces a class of access control policy known as type enforcement.  These policies are built up of rules like "web servers can read website files" and "web applications can open connections to a PostgreSQL database server".  In practice, real systems are complex enough that it is difficult to write these rules by hand without giving applications more privileges than they need.

In this project, you will look at ways to automatically modify policies in order to reduce the privileges of applications without breaking the system.  In particular, your goal will be to identify a set of policy changes that will isolate an application from the rest of the system, except for some listed set of interactions that can be audited.

Useful knowledge:

  • Programming skills in Python
  • A general information security background (e.g. as provided by the course Information Security)
  • Experience with the Linux operating system

For more information, please contact: Lachlan Gunn, email lachlan.gunn@aalto.fi


Research topics with our industry partners


Huawei: Hardware-assisted WASM interpreter (internship)

11 Nov

WebAssembly is a virtual hardware ISA, which originates from the browser engines, but can also be used stand-alone e.g. as a runtime for IoT or alternatively as a portable runtime for secure enclaves as is relevant for this work. Recent research shows that although WASM interpreters are designed to maximize memory safety, they are still vulnerable to memory attacks, especially if the code compiled for the ISA is done with an unsafe language such as C.

In this project we will attempt to provide remedy to the WASM interpretation (alt. JIT compilation) by leveraging hardware assisted tagging (ARM MTE), available in recent processor architectures. By adding to the WASM compilation, we should be able to use the MTE primitive for memory isolation either during testing or runtime, e.g. within the virtual memory (memory buffer) WASM reserves for C-programs when they are compiled. For JIT compilation, e.g. localized (function-based) references could be separated from each other to minimize cross-compilation unit information leakage and attack surface.

You will be working with experienced security experts in the Helsinki System Security Labs, and conduct independent studies under their guidance. The scope of this work starts from a design and prototype, but may have potential to evolve into a more solid research direction. The outcome of the work can be a M.Sc thesis, but also may include technical reports, research publications and system implementation. If this is a M.Sc work, we will conduct the project under open IP so that the thesis result can be published in its entirety.

We are looking for:

  • Students who have completed most of their M.Sc. Courses (CS/E.Eng), or higher,
    preferably with some background in security and operating systems architecture.
  • Experience with compilers is considered a plus.
  • A good foundation in computer science is useful
  • Sufficient skills to work and interact in English
  • Good team-working skills
  • Students with an interest to do research and explore new challenges.

We will start interviews immediately when suitable candidates are found, so do not hesitate too long to send in your application and CV at https://huaweifinlandrnd.teamtailor.com


Ericsson: Thesis students and summer interns

2 Nov

Please see the list of open student positions: Student AND Finland - Ericsson Jobs


Huawei: Hardware-assisted Control-Flow integrity (Internship / M.Sc. position 2022 or spring 2023)

28 Oct

Control flow integrity refers to the security property of software where only intended execution paths are followed. It is a very challenging problem to protect control flow integrity of software against advanced attacks, such as return oriented programming (ROP) or jump oriented programming (JOP), and it has drawn increasing interests from both the academia and the industry. Traditional defense techniques include stack canaries, shadow call stack, data execution prevention (DEP), and address space layout randomization (ASLR). These defense mechanisms usually suffer from high performance overhead and/or insufficient protection coverage. A recent trend in the industry is hardware-assisted control flow integrity. For example, ARM provides security extensions such as pointer authentication (PA) and branch target identification (BTI) in their latest instruction set architectures (ISA), which would greatly reduce the risks of control flow attacks when protection instrumentations are implemented properly in the software to be protected, either manually or by compilers and interpreters. However, such features are currently missing or insufficiently studied in other computer architectures.

In this project, you will explore the theory and practices of the design and implementation of hardware-assisted control flow integrity schemes for RISC-V. The theoretical part of the project involves rigorous analysis of latest technologies from both the academia and the industry, and proving, or validating the proofs of, the security properties of such technologies mathematically, and improve the existing schemes or design new schemes. The practical part of the project involves the implementation of these technologies on simulators and FPGA with innovative software/hardware engineering, the verification of their effectiveness, and the analysis and benchmarking of the performance.

You will be working with experienced security experts in the Helsinki System Security Labs, and conduct independent studies under their guidance. The scope of the work can be purely theoretical, partly theoretical and partly practical, or only practical, depending on the background and the interests of the applicant. The outcome of the work can be a M.Sc thesis, but also may include technical reports, research publications, system implementation.

We are looking for:

  • Students who have completed most of their M.Sc. Courses (CS/E.Eng), or higher,
    preferably with some background in security and operating systems architecture.
  • Embedded development experience (C, ASM), FPGA programming(HDLs) considered a plus
  • A good foundation in mathematics is useful, if work focuses on the theoretical aspects.
  • Sufficient skills to work and interact in English
  • Good team-working skills
  • Students with an interest to do research and explore new challenges.

If you feel this is the work for you, please initiate your application and CV at https://huaweifinlandrnd.teamtailor.com/ - these postings / internships will appear there during November 2022. We will start interviews immediately when suitable candidates are found, so do not hesitate too long to send in your application!


Huawei: EUDI Wallet analysis and demonstrator (Internship / M.Sc. position 2022)

28 Oct

EU is embarking in a European Digital Identity (EUDI) Wallet standardization and prototyping phase with the new eIDAS regulation, and the Innovation Lab of FIRC is engaged with this work. Innovation Lab connects together experts from different companies and organization in Finance and Security area. This work has dimensions in security, privacy, payment services, banking, and terminal software. The main work in this internship will be to implement a mobile terminal prototype of some selected part of the Wallet functionality. The internship may also include specification or review work, e.g. to explore viability of mobile wallet technology on Huawei devices.  

The first version of eIDAS regulation came into for in 2014.  It is aim was to enable cross-border usage of digital identity and security services with EU.  Unfortunately, this has not been successful mainly due to its voluntary basis for Member States to use, and heterogeneity and maturity level of the eID systems in different countries. In 2021, the European Commission kicked off the work for the second version of eIDAS, where the citizen would be equipped with an European Digital Identity (EUDI) Wallet, which supports four main use case categories: Identification and authentication, Electronic signatures and seals, Payments, and Attribute sharing.  Both the regulation work by the European Commission, and technological work by the eIDAS Expert Group is currently ongoing and first EUDI Wallets are expected to hit the market in 2H 2024, and they should fully deployed to each Member State in EU by end of 2025. 

In the work, the intern to HSSL will work with our experts to further evolve our work in area of Innovation Lab and mobile wallet / payment. The primary target for such a technology demonstrator developed by HSSL, is to study emerging standards in EU, specifically to further the aspirations for the unification of mobile payment functionalities in EU (in the context of Innovation Lab). 

We are looking for:

  • Students who have completed most of their M.Sc. Courses (CS/E.Eng), or higher,
    preferably with some background in Security & Privacy
  • Understanding of Mobile Device Security features
  • Understanding of OpenID specification family
  • Mobile coding experience (Java, Kotlin), terminal software experience
  • Full-Stack development experience is considered as a plus
  • Sufficient skills to work and interact in English
  • Good team-working skills
  • Students with an interest to do research and explore new challenges.

If you feel this is the work for you, please initiate your application and CV at https://huaweifinlandrnd.teamtailor.com/ - these postings / internships will appear there during February 2022. We will start interviews immediately when suitable candidates are found, so do not hesitate too long to send in your application!


Huawei: Pointer boundary protections using memory coloring (Internship / M.Sc. position 2022 or spring 2023)

28 Oct

A sizable proportion of security vulnerabilities afflicting computer programs stem from memory corruption vulnerabilities such as buffer overflow and object boundary violation that can be exhibited through “unsafe” programming languages such as C and C++. Recent years have seen various technologies attempting to remediate these issues in existing program through instrumentation and run-time checks, with varying success and cost.

After falling out of favor in the 1970’s, the technique of memory coloring has recently come back in some popular instruction sets such ARM (Memory Tagging extension) or SPARC (Application Data Integrity). HSSL researchers has in recent years innovated and developed a few compiler-based solutions for ARM MTE memory safety, and in this work we want to extend this direction, and look at a specific detail in the range of protections than can be achieved using memory tagging: We plan explore and implement methods leveraging memory coloring on ARMv8 chipsets to enforce boundaries of in-memory objects for applications in C (or C++), through customization of the compiler, the Linux kernel and/or the system C run-time libraries.

As part of the internship, the intern will take part in proposing a new design and developing a prototype demonstrating the feasibility and potential limitations of memory coloring for enforcement of pointer boundaries. This work is quite suitable as a Master’s thesis work in the field of platform security and computer science, since we believe the work will combine some measure of novelty with development, prototyping and testing.

We are looking for:

  • Students who have completed most of their M.Sc. courses, in the field of CS/E.Eng
  • System / embedded coding experience in C
  • An understanding of low-level (system / OS) architecture
  • Prior engagement with compiler modification or compiler theory considered a plus.
  • Sufficient skills to work and interact in English
  • Good team-working skills
  • Students with interest to do research and explore new challenges.

If you feel this is the work for you, please initiate your application and CV at https://huaweifinlandrnd.teamtailor.com/ - these postings / internships will appear there during November 2022. We will start interviews immediately when suitable candidates are found, so do not hesitate too long to send in your application!


WithSecure: Trainee to join Security Research and Technologies department 

Posted in Aug 3, updated in Sep 26

WithSecure’s (https://www.withsecure.com/en/home) Security Research and Technologies department is looking for an intern, possibly part-time, to work on cyberattack investigation tools in the scope of a Horizon 2020 research project (CC-DRIVER: https://www.ccdriver-h2020.com/). A Master thesis writer position can be discussed as well. The focus is generally on analysis and visualization of data of certain types extracted from relevant logs and caches. Good coding skills are important (Python, in particular), some background in data analysis and visualization will be helpful but isn’t a hard requirement.

For more information, please contact: Alexey Kirichenko, email alki@withsecure.com


Reserved research topics



  • No labels