Center for Cybersecurity

Internships

Archive Year 2025

AI-Powered Threat Modeling ST

ID: p-2025-st-2

Published on: Wednesday, 22 January 2025

Deadline for Applications: Friday, 7 February 2025 at 23:59 Friday, 14 March 2025 at 23:59 (extended)

Description:

As modern systems become increasingly complex, ensuring their security, privacy and resilience requires more advanced approaches to threat modeling. Artificial Intelligence (AI) has emerged as a powerful enabler to automate, enhance, and refine manual security and privacy assessments. By leveraging AI-driven techniques, organizations can identify the threats, vulnerabilities, potential attack vectors and mitigations more efficiently and with higher accuracy. However, the trustworthiness of AI-based threat modeling solutions must also be ensured—both to validate their findings and to mitigate any risks introduced by the AI systems themselves. This internship focuses on developing and evaluating AI-powered methodologies for automated threat modeling in cutting-edge systems such as Digital Identity Wallet and e-voting.

Type: Internship + Thesis

Levels: BSc, MSc

Supervisors: Umberto Morelli (umorelli@fbk.eu), Giada Sciarretta (g.sciarretta@fbk.eu), Amir Sharif (asharif@fbk.eu)

Prerequisites:

  • Basic Cybersecurity Knowledge: A foundational understanding of security and privacy principles, threats, and common vulnerabilities.
  • Familiarity with Threat Modeling: Prior knowledge of frameworks like STRIDE or LINDDUN is advantageous.
  • Programming Skills: Comfort with Python programming language for AI model development or integration.

Objectives:

The main objectives of this internship project are as follows:

  • Extend Traditional Threat Modeling
    • Investigate how AI can augment well-known frameworks (e.g., STRIDE, LINDDUN) by automatically discovering threats, analyzing complex data, and flagging potential vulnerabilities.
    • Investigate and propose mechanisms to mitigate potential biases or errors introduced by the AI in identifying threats.
  • Implementation and Tooling
    • Investigate available AI-based security tools and evaluate their performance in realistic scenarios.
    • Integrate or prototype new AI modules, focusing on trustworthiness, accuracy, and usability in real-world environments.

Topics: Threat Modeling, LLMs, STRIDE, LINDDUN

Context-free grammar for TLS validation ST

ID: p-2025-st-4

Published on: Wednesday, 12 March 2025

Deadline for Applications: Wednesday, 26 March 2025 at 23:59

Description:

Since its first version was published as an RFC in 1999, Transport Layer Security (TLS) has rapidly become the de facto standard for providing confidentiality and integrity to communications exchanged in an unsecured environment. While there exist multiple implementations (e.g., OpenSSL, GnuTLS, rusttls) that allow system administrators to easily deploy a webserver, there does not exist a practical way to verify their compliance with the RFCs they are based on. The primary objective of this internship is to write a context-free grammar able to parse TLS messages and check if they comply with the expected structure.

Type: Internship + Thesis

Levels: BSc, MSc

Supervisors: Salvatore Manfredi (smanfredi@fbk.eu), Riccardo Germenia (rgermenia@fbk.eu)

Prerequisites:

  • Experience with formal grammars (e.g. LFC course)
  • Basic knowledge of the TLS protocol (e.g. Intro2CNS or Networking course)

Objectives: Creation of a CFG (context-free grammar) for TLS 1.3

Topics: Research tool, Context-free grammar, Packet analysis, TLS vulnerabilities

Notes: The project's scope will be adjusted to accommodate the number of available credits, making it suitable for both bachelor and master students. However, due to the need for future-proof and reusable results, access to the thesis period is dependent on an assessment performed on (and during) the internship period.

LLM-powered Privacy Threat Modeling ST

ID: p-2025-st-3

Published on: Thursday, 20 February 2025

Deadline for Applications: Thursday, 20 March 2025 at 23:59

Description:

The rapid evolution of Large Language Models (LLMs) has unlocked new possibilities for applying artificial intelligence across a wide range of fields, including privacy engineering. As modern applications increasingly handle sensitive user data, safeguarding privacy has become more critical than ever. To ensure robust data protection, potential threats must be identified and addressed early in the development process. Privacy threat modeling frameworks like LINDDUN offer structured approaches for uncovering these risks, yet they often require significant manual effort, expert knowledge, and detailed system information—making the process time-intensive and reliant on thorough analysis. To address these challenges, at Security and Trust unit of the Center for Cybersecurity, we introduced and developed PILLAR (Privacy risk Identification with LINDDUN and LLM Analysis Report), a new tool that implements and automates the LINDDUN framework through LLM integration to streamline and enhance privacy threat modeling. PILLAR automates key parts of the LINDDUN process, such as generating DFDs from unstructured textual inputs (e.g. system descriptions), eliciting privacy threats, and risk-based threat prioritization.
The primary objective of this internship is to conduct state-of-the-art research on privacy threat modeling, in particular, LLM-based approaches emphasizing how LLMs can be leveraged to automate and enhance these processes. The results will be employed to integrate AI agent concepts into PILLAR.

Type: Internship + Thesis

Levels: BSc, MSc

Supervisor: Majid Mollaeefar (mmollaeefar@fbk.eu)

Time frame: Preferably from April

Prerequisites:

  • Cybersecurity knowledge
  • Basic knowledge of Large Language Models and Agentic AI
  • Experience with Python
  • English Language

Objectives:

  • Extending PILLAR's capabilities
  • Integrating AI Agent concept within the threat modeling process
  • Add new features to PILLAR

Topics: Threat Modeling, Privacy Engineering, Large Language Models, AI Agents

References:

  • [1] PILLAR's repository • Link
  • [2] STRIDE GPT tool • Link
  • [3] LINDDUN • Link

Packet stream analysis for TLS compliance ST

ID: p-2025-st-1

Published on: Monday, 20 January 2025

Deadline for Applications: Thursday, 20 February 2025 at 23:59 Friday, 28 February 2025 at 23:59 (extended)

Description:

Since its first version was published as an RFC in 1999, Transport Layer Security (TLS) has rapidly become the de facto standard for providing confidentiality and integrity to communications exchanged in an unsecured environment. While there exist multiple implementations (e.g., OpenSSL, GnuTLS, rusttls) that allow system administrators to easily deploy a webserver, there does not exist a practical way to verify their compliance with the RFCs they are based on.
To ensure that a TLS deployment is configured correctly, (inter)national cybersecurity agencies such as US’ NIST and Italian’s AgID/ACN periodically issue technical guidelines that describe a set of requirements able to mitigate known vulnerabilities and ensure an adequate security level. These guidelines presume that security issues are only due to an incorrect configuration while, in reality, problems may also arise from an incorrectly developed TLS libraries that generate messages which do not comply with the related RFCs.
The primary objective of this internship is to perform a technical review of the available software able to analyze raw network packets, validate their content and which structure is used by the protocol. The results will be employed in a process that aims to develop a new tool that can verify, analyze, and execute TLS connections. This tool will be used to assess the compliance of TLS libraries and related deployments.

Type: Internship + Thesis

Levels: BSc, MSc

Supervisors: Salvatore Manfredi (smanfredi@fbk.eu), Riccardo Germenia (rgermenia@fbk.eu)

Prerequisites:

  • Basic knowledge of the TLS protocol
  • Basic knowledge of network analysis tools (e.g., Wireshark)
  • Basic knowledge of design patterns and software engineering
  • Basic experience with JavaScript
  • Experience with Python 3 development
  • Experience with formal grammars

Objectives:

  • Study of the TLS protocol and its inner workings
  • Perform a literature review on the state-of-the-art in terms of tools, listing their features, applicability and scope
  • Creation of a CFG (context-free grammar) for TLS 1.3

Topics: Research tool, Compliance analysis, Packet analysis, TLS misconfiguration

Notes: The project's scope will be adjusted to accommodate the number of available credits, making it suitable for both bachelor and master students. However, due to the need for future-proof and reusable results, access to the thesis period is dependent on an assessment performed on (and during) the internship period.

References:

  • [1] https://github.com/tlsfuzzer/tlslite-ng • Link
  • [2] https://www.wireshark.org/ • Link
  • [3] https://lapo.it/asn1js • Link
  • [4] https://github.com/tls-attacker/TLS-Attacker • Link