| Year | Student | Title |
|---|---|---|
| 2018 | Jonas Cirotzki | A new graph-based approach to SELinux policy evaluation |
| Jannik Pfeifer | Analysis and Classification of Android Runtime Permission Requests | |
| 2019 | Antoine Scheffold | Evaluating distributed application programming on Android |
| Christian Thiel | Studying the acceptance of WebAuthn on mobile devices | |
| Johannes Wocker | Trusted Platform Module Software Stack Implementation in Android | |
| 2020 | Julian Groher | Developer-User contracts by enhancing Android’s permission dialogues |
| Marvin Moog | Evaluating Adoption and Obstacles of NSC in Android | |
| David Schäfer | System Support for Attesting Apps to Services | |
| 2021 | Nicolas Müller | App Piracy in Android |
| Florian Nawrath | Already logged in or still looking for your password? Quantitative testing of the users FIDO2 client support | |
| Marco Schichtel | Biometric Authentication in FIDO2 with TPM Authenticators | |
| John Schmitt | Implementing Certificate Transparency Inside Android Open Source Project | |
| 2022 | Mirko Meinerzag | Hardening Android’s Task Management to Prevent Phishing |
| Christoph Steuer | Seamless installation of trustlets with third-party applications in Android | |
| 2023 | Abdulla Imad Malallah | Exploring API behavior in Android applications using Word2Vec |
| 2024 | Andreas Knobel | Using Program Forward Slices for Indexing Code Snippets |
| Parthipan Ramesh | Autoomated Identification of Protected Resources in Android System Services | |
| Justus Sparenberg | Detecting, Categorizing & Evaluating App Permission Rationales | |
| Luk Stamann | Message-o-matic: A Decision Support Tool for Secure Messaging Applications | |
| Christina Subedi | Network Security in Android Applications: URL-based Measurement Study | |
| Robin Wiesen | Selective Permissions for Android’s SDK Runtime | |
| 2025 | Tobias Gaul | Context switching instructions for RISC-V |
| Year | Student | Title |
|---|---|---|
| 2017 | Yusra Elbitar | Allow or Deny? A Usability Study on Android’s Permission Dialogs |
| 2018 | Muhammad Hammad Akhtar | Open Portable Trusted Execution Environment in Android |
| Wadah Sharaf Al-Hamadi | Extending LibScout for better obfuscation resilience and accuracy | |
| Patrick Bender | Detecting Semantic Code Changes in Java Bytecode with Grey-box Fuzzing | |
| Abdallah Dawoud | OS Support for Capabilities in Android | |
| Turbat Ganbold | Chatbot based information security risk assessment platform | |
| Lukas Löhle | The password experience across devices: A comparative study | |
| Vincent Ogwara | GDPR Compliance: Data Protection by Design and by Default | |
| 2019 | Ali Raees | CTAP Wrapper for Mobile TPM |
| 2020 | Aftab Alam | Studying and Improving WebAuthn Usability |
| Felix Felten | Privileging Isolated Services on Android | |
| 2022 | Jonas Cirotzki | Fuchsia – What is it capable of? |
| Joshua Steffensky | FIDO2 inside: Unifying digital and physical authentication | |
| 2023 | Noah Mauthe | Are you confused Fuchsia? Detecting deputies in Google’s Fuchsia OS |
| Nils Olze | Finding the Needle in the Haystack: Password Recovery in a Forensic Setting | |
| 2025 | Muhammad Abdul Mueed | Systematic Analysis of Web Content Display Mechanisms: WebView, CustomTabs, and Trusted Web Activity |
| Jonas Birtel | Detection of Deprecated & Insecure StackOverflow Code Snippets in Leading Android Applications | |
| Florian Nawrath | Pushed, Guided, or Left Alone: Investigating the Influence of Passkey Enrollment Strategies on Acceptance |