Past BSc and MSc Theses in our Group

BSc Theses

Year Student Title
2018 Jonas Cirotzki A new graph-based approach to SELinux policy evaluation
Jannik Pfeifer Analysis and Classification of Android Runtime Permission Requests
2019 Antoine Scheffold Evaluating distributed application programming on Android
Christian Thiel Studying the acceptance of WebAuthn on mobile devices
Johannes Wocker Trusted Platform Module Software Stack Implementation in Android
2020 Julian Groher Developer-User contracts by enhancing Android’s permission dialogues
Marvin Moog Evaluating Adoption and Obstacles of NSC in Android
David Schäfer System Support for Attesting Apps to Services
2021 Nicolas Müller App Piracy in Android
Florian Nawrath Already logged in or still looking for your password? Quantitative testing of the users FIDO2 client support
Marco Schichtel Biometric Authentication in FIDO2 with TPM Authenticators
John Schmitt Implementing Certificate Transparency Inside Android Open Source Project
2022 Mirko Meinerzag Hardening Android’s Task Management to Prevent Phishing
Christoph Steuer Seamless installation of trustlets with third-party applications in Android
2023 Abdulla Imad Malallah Exploring API behavior in Android applications using Word2Vec
2024 Andreas Knobel Using Program Forward Slices for Indexing Code Snippets
Parthipan Ramesh Autoomated Identification of Protected Resources in Android System Services
Justus Sparenberg Detecting, Categorizing & Evaluating App Permission Rationales
Luk Stamann Message-o-matic: A Decision Support Tool for Secure Messaging Applications
Christina Subedi Network Security in Android Applications: URL-based Measurement Study
Robin Wiesen Selective Permissions for Android’s SDK Runtime
2025 Tobias Gaul Context switching instructions for RISC-V

MSc Theses

Year Student Title
2017 Yusra Elbitar Allow or Deny? A Usability Study on Android’s Permission Dialogs
2018 Muhammad Hammad Akhtar Open Portable Trusted Execution Environment in Android
Wadah Sharaf Al-Hamadi Extending LibScout for better obfuscation resilience and accuracy
Patrick Bender Detecting Semantic Code Changes in Java Bytecode with Grey-box Fuzzing
Abdallah Dawoud OS Support for Capabilities in Android
Turbat Ganbold Chatbot based information security risk assessment platform
Lukas Löhle The password experience across devices: A comparative study
Vincent Ogwara GDPR Compliance: Data Protection by Design and by Default
2019 Ali Raees CTAP Wrapper for Mobile TPM
2020 Aftab Alam Studying and Improving WebAuthn Usability
Felix Felten Privileging Isolated Services on Android
2022 Jonas Cirotzki Fuchsia – What is it capable of?
Joshua Steffensky FIDO2 inside: Unifying digital and physical authentication
2023 Noah Mauthe Are you confused Fuchsia? Detecting deputies in Google’s Fuchsia OS
Nils Olze Finding the Needle in the Haystack: Password Recovery in a Forensic Setting
2025 Muhammad Abdul Mueed Systematic Analysis of Web Content Display Mechanisms: WebView, CustomTabs, and Trusted Web Activity
Jonas Birtel Detection of Deprecated & Insecure StackOverflow Code Snippets in Leading Android Applications
Florian Nawrath Pushed, Guided, or Left Alone: Investigating the Influence of Passkey Enrollment Strategies on Acceptance