This page lists the internship projects currently available in the Center for Cybersecurity of Fondazione Bruno Kessler (FBK).
Procedure
- Application: submit your application for the internship project you are interested in using the designated online form and providing the required information. Make sure to apply before the specified deadline. You are advised not to apply to more than two projects at the same time.
- Selection: project supervisors will review the applications and choose the most suitable candidate. If needed, they may request an oral interview during the selection process. Each project is evaluated independently.
- Results: once the selection process is complete, all applicants (both selected and not selected) will be notified of the outcome for the specific project.
For general inquiries, you can email internships-cs@fbk.eu. If you have specific questions about a project, please reach out to the project supervisor directly.
Please note that applications sent via email will not be considered.
Projects are listed starting with those that have the earliest submission deadlines.
AI-Powered Threat Modeling ST
ID: p-2025-st-2
Published on: Wednesday, 22 January 2025
Deadline for Applications: Friday, 7 February 2025 at 23:59
Description:
As modern systems become increasingly complex, ensuring their security, privacy and resilience requires more advanced approaches to threat modeling. Artificial Intelligence (AI) has emerged as a powerful enabler to automate, enhance, and refine manual security and privacy assessments. By leveraging AI-driven techniques, organizations can identify the threats, vulnerabilities, potential attack vectors and mitigations more efficiently and with higher accuracy. However, the trustworthiness of AI-based threat modeling solutions must also be ensured—both to validate their findings and to mitigate any risks introduced by the AI systems themselves. This internship focuses on developing and evaluating AI-powered methodologies for automated threat modeling in cutting-edge systems such as Digital Identity Wallet and e-voting.
Type: Internship + Thesis
Levels: BSc, MSc
Supervisors: Umberto Morelli (umorelli@fbk.eu), Giada Sciarretta (g.sciarretta@fbk.eu), Amir Sharif (asharif@fbk.eu)
Prerequisites:
- Basic Cybersecurity Knowledge: A foundational understanding of security and privacy principles, threats, and common vulnerabilities.
- Familiarity with Threat Modeling: Prior knowledge of frameworks like STRIDE or LINDDUN is advantageous.
- AI/ML Background: Basic understanding of machine learning or data analysis methods; prior experience with ML libraries (e.g., TensorFlow, PyTorch) is a plus.
- Programming Skills: Comfort with at least one programming language (e.g., Python, Java) for AI model development or integration.
Objectives:
The main objectives of this internship project are as follows:
-
Extend Traditional Threat Modeling
- Investigate how AI can augment well-known frameworks (e.g., STRIDE, LINDDUN) by automatically discovering threats, analyzing complex data, and flagging potential vulnerabilities.
- Investigate and propose mechanisms to mitigate potential biases or errors introduced by the AI in identifying threats.
-
Implementation and Tooling
- Investigate available AI-based security tools and evaluate their performance in realistic scenarios.
- Integrate or prototype new AI modules, focusing on trustworthiness, accuracy, and usability in real-world environments.
Topics: Threat Modeling, LLMs, STRIDE, LINDDUN
Packet stream analysis for TLS compliance ST
ID: p-2025-st-1
Published on: Monday, 20 January 2025
Deadline for Applications: Thursday, 20 February 2025 at 23:59
Description:
Since its first version was published as an RFC in 1999, Transport Layer Security (TLS) has rapidly become the de facto standard for providing confidentiality and integrity to communications exchanged in an unsecured environment. While there exist multiple implementations (e.g., OpenSSL, GnuTLS, rusttls) that allow system administrators to easily deploy a webserver, there does not exist a practical way to verify their compliance with the RFCs they are based on.
To ensure that a TLS deployment is configured correctly, (inter)national cybersecurity agencies such as US’ NIST and Italian’s AgID/ACN periodically issue technical guidelines that describe a set of requirements able to mitigate known vulnerabilities and ensure an adequate security level. These guidelines presume that security issues are only due to an incorrect configuration while, in reality, problems may also arise from an incorrectly developed TLS libraries that generate messages which do not comply with the related RFCs.
The primary objective of this internship is to perform a technical review of the available software able to analyze raw network packets, validate their content and which structure is used by the protocol. The results will be employed in a process that aims to develop a new tool that can verify, analyze, and execute TLS connections. This tool will be used to assess the compliance of TLS libraries and related deployments.
Type: Internship + Thesis
Levels: BSc, MSc
Supervisors: Salvatore Manfredi (smanfredi@fbk.eu), Riccardo Germenia (rgermenia@fbk.eu)
Prerequisites:
- Basic knowledge of the TLS protocol
- Basic knowledge of network analysis tools (e.g., Wireshark)
- Basic knowledge of design patterns and software engineering
- Basic experience with JavaScript
- Experience with Python 3 development
- Experience with formal grammars
Objectives:
- Study of the TLS protocol and its inner workings
- Perform a literature review on the state-of-the-art in terms of tools, listing their features, applicability and scope
- Creation of a CFG (context-free grammar) for TLS 1.3
Topics: Research tool, Compliance analysis, Packet analysis, TLS misconfiguration
Notes: The project's scope will be adjusted to accommodate the number of available credits, making it suitable for both bachelor and master students. However, due to the need for future-proof and reusable results, access to the thesis period is dependent on an assessment performed on (and during) the internship period.
References: