Ja, de site mag op basis van mijn klikgedrag suggesties doen en voorkeuren onthouden. Meer over cookies.
Opslaan

Cyber graduate

You want to graduate at Deloitte Cyber Risk Services? Cool! Graduate at Deloitte to receive great support, and get introduced to Deloitte while getting paid.  

While writing your thesis, you are considered as a regular employee. This gives you access to our extracurricular activities. These are, amongst others:

  • Cyber Risk Services Ski-trip
  • LAN parties
  • Pizza-sessions
  • Training, such as Deloitte HackLabs.
  • Regular drinks @ Edge
  • Teambuilding activities (e.g. Boom-Boom-Baarlo event)
  • Conferences and seminars, hosted and/or organized by Deloitte

Of course every project could be tailored to your specific needs!

If you are at Deloitte for an internship while writing your thesis, you will receive compensation. Depending on the kind of internship and the number of days that you are with us, we offer compensation in line with the market. You will also be provided with a laptop during your internship period. Read more about our employment benefits.

List of thesis topics

Below you find a list of thesis topics we have available at the moment, devided into technical (Cyber Operations) and non-technical (Cyber Privacy Advisory) topics.

Cyber Operations (Technical)

Topic: Custom crypto in Redstar OS
Area of expertise: Cryptography
Abstract: During 32C3 conference, two researchers showed that Redstar OS - North Koreas OS - implements custom cryptography in the pilsung.ko kernel module. Reverse engineer this module. Understand what is different in the pilsung implementation of AES compared to normal AES. Is there some kind of backdoor or weakness in pilsung?.
Duration: 6 months

Topic: Deep & Dark Web
Area of expertise: Cyber Threat Intelligence
Abstract: Gathering information from Deep & Dark web social services and channels. IRC - Most of the communication within this hidden services are done via anonymous IRC services. IRC Bots could be used to log communication in public channels, and also keeping track of the users who are posting it. Those bots could analyze the conversations and record sensitive information like links, names, companies, security issues and also offensive discussions.
Duration: 6 months

Topic: Quantum Key Distribution
Area of expertise: Cryptography
Abstract: Quantum key distribution is technologically much easier to implement than a full quantum computer and the first commercial implementations are already available today. Yet many challenges remain in bringing quantum key distribution into practise. What are the practical applications of quantum key distribution?
Duration: 6 months       

Topic: ICS/SCADA monitoring system
Area of expertise: Hacking
Abstract:  Interconnected ICS/SCADA systems around the world are exposed to risk due to lack of security countermeasures or misconfiguration issues. This project aims to regularly perform online scanning on the country i.e. (Netherlands) to identify permanent or mistakenly interconnected ICS/SCADA systems by recognizing default ICS ports, vendors’ interfaces and online search engines’ results.
Duration: 1 month

Topic: Adding some new tests to our existing QuickScan vulnerability scanner.
Area of expertise: Development / Hacking.
Abstract: We are in the process of updating our existing QuickScan vulnerability scanner. It currently scans for issues such as improperly configured certificates, existence of admin interfaces, vulnerabilities such as Heartbleed, etc. We would like to add some tests, such as a check for Shellshock, HttPoxy, support for Perfect Forward Secrecy and Secure Renegotiation.
Duration: 1 month

Topic: Evaluating various executable packers (MS Windows) and understanding how A/V products behave
Area of expertise: Red Teaming Operations
Abstract:  An executable packer is a software that modifies the actual executable code while maintaining the files behavior. Commonly used to reduce the file size of large executables for added portability or most commonly to obfuscate them and make reverse engineering an complicated and costly or intensive process. There are multiple legitimate and underground software packers. The purpose of this research is to identify the most common of them and evaluate them against a number of common Antivirus (A/V) products in order to understand the particularities between different A/V products, signature based detection and heuristic algorithms.
Duration: 1 month

Topic: Building an A/V assessment platform
Area of expertise: Red Teaming Operations
Abstract:  Using common tools such as Puppet, Docker or other mass-deployment solutions create a Windows and Linux blended solution that enables the automatic creation of a virtualized test lab for the evaluation of a potential malware across multiple Antivirus (A/V) products concurrently and securely. This does not involve analysis of the potential malware in a sandbox such as Cuckoo sandbox but the evaluation of an executable across multiple free and commercial A/V products.
Duration: 1 month

Topic: Building an IDS/IPS solution for inline usage during Red Teaming
Area of expertise: Red Teaming Operations
Abstract:  Customize an existing IDS sensor device in a way that can be used as an IDS/IPS during Red Teaming Operations inline between the attackers (red team) and the client's network (defensive team), that will pre-emptively alert and block known attack patterns used by the RTO. Additionally the device should monitor potential scans performed by the defensive team and targeting the attacker (red team) systems, for example to fingerprint the attackers (red team). Signatures that you should think of are ones to detect man-in-the-middle attacks, port scans and commonly used attacks such as PSEXEC/WMIEXEC with(out) pass-the-hash.
Duration: 1 month

Topic: How to remain undetected in an environment with Microsoft Advanced Threat Analytics (ATA)
Area of expertise: Red Teaming Operations
Abstract: In 2015 Microsoft launched an on-premises platform that protects Microsoft-driven environments from advanced targeted attacks by automatically analyzing, learning and identifying normal and abnormal behavior of users, devices and resources. This platform can detect a number of attacks commonly used during Red Teaming  engagements such as Pass-the-Hash and abnormal usage of the Kerberos Golden Ticket within a domain. The purpose of this research is to figure out how to identify one or more of the following items; the usage of ATA within a network, the location of the "beacons" that can be used to detect an attack and to investigate what specific Windows events, network signatures or other events (could) trigger an alert.
Duration: 1 month

Topic: Privacy
Area of expertise: Privacy & Data Protection
Abstract: Have a technical background? We have open research topics in privacy architecture and design patterns; effective tracking of privacy obligations and data provenance; pseudonymisation and statistics; and privacy-centered data flow modelling & threat modelling methodologies.
Duration: 6 months 

Topic: researching possibilities for individual labels assets (barcodes, rfid, etc) and implement them in to a new planning tool.
Area of expertise: software development, maybe some hardware skills depending on the output of the research.
Abstract: We are looking for an automated way for people to pick up and return assets.  They need to register them via a website, but we want to explore methods to make the (return)process better.  We are thinking about a unique identifier per asset so people can scan them, and when returned it will be marked as available again on the website.
Duration: 1-3 months

Topic: Robot security
Area of expertise: technical security.
Abstract: Robots will play a pivotal role in our future society for health care or in the area of security. Organizations will make use of robots to lower their costs and to make the execution of certain tasks more reliable.  Next to the ease of use and cost reduction robots will bring, it will inevitably also carries certain risks. Together with professionals from Deloitte and Robot Security Systems (RSS) you will develop a framework that can be used to map the security risks of robots in order to better secure these robots in the future. Consequently, you will test your framework on a real robot from RSS.
Duration: 6 months

Topic: creation of various CTF challenges in our online Hackazon portal
Area of expertise: technical security: hacking, reverse engineering, red teaming, blue teaming
Abstract: We have developed an online Capture the Flag (CTF) platform “Hackazon” to train our professionals, our clients, and host CTF events world-wide. We are constantly updating the platform’s content with new challenges and are looking for students that would like to contribute new challenges under the supervision of our senior security specialists.
Duration: 1-6 months

 

Cyber Privacy Advisory (non-technical)

Topic: Identity & Access Management Issues
Area of expertise: Identity and Data Protection
Abstract: Identifying who is who online becomes the basis for digital business. Both externally, towards customers and partners, as well as internally, towards employees and guests. How their identities are established and how they can be used will enable or disable digital business. What are the most common problems in specific sectors with regards to identities and access? By interviewing different stakeholders you will identify and analyze the most common issues. Are there any differences per sector? The goal is to give specific sector related solutions for the identified problems.
Duration: 3-6 months          

Topic: The Passwordless World
Area of expertise: Identity and Data Protection
Abstract: The password is considered more and more as one of the main weak points in the security of data. What are the drivers, main solutions and their handicap? Knowing this, what is the way forward to transition a company to this nirvana?
Duration: 3-6 months

Topic: The connection of incident management and crisis management
Area of expertise: Crisis Management & Resilience
Abstract: What are the critical success factors on process, organizational and human level to effectively link the incident management and crisis management process? By doing desk research, interviewing stakeholders you will identify the success factors for an effective link between incident and crisis management. The objective is to have clear indicators / best practices on a process, organizational and human level on the connection of incident and crisis management.
Duration: 6 months

Topic: The effect of crisis management exercises
Area of expertise: Crisis Management & Resilience
Abstract: What is the effect of a crisis management exercise or training schedule on the participants and the organization as a whole? By doing desk research, interviewing stakeholders and observing actual crisis management trainings you will identify the success factors for a good crisis management training. The objective is to connect methods of training to personal and organizational needs.
Duration: 6 months

Topic: Cyber Crisis Management bij Gemeenten (NL)
Area of expertise: Crisis Management & Resilience                                                                 
Abstract: Dit onderzoek focust zich op de inrichting van de gemeentelijke crisisbeheersingsorganisatie bij cybercrises. We weten dat gemeenten momenteel veel maatregelen (zowel voorbereiding, respons en nafase) nemen ten aanzien van ‘traditionele crises’. Samen met de crisispartners, zoals Veiligheidsregio, politie, brandweer en geneeskundige hulpverlening, worden OTO-trajecten (Opleiden, Trainen, Oefenen) opgezet. Ook worden geregelmatig evaluaties ingesteld om te leren van daadwerkelijke crises, waarna ‘lessons learned’ worden geïmplementeerd in de gemeentelijke crisisbeheersingsorganisatie. Hoewel gemeenten veel maatregelen treffen, is echter nog onduidelijk in hoeverre cyber crisis management binnen gemeenten georganiseerd is. Middels dit onderzoek willen wij dan ook meer te weten komen hoe gemeentelijke crisisbeheersingsorganisaties (voorbereiding, respons en nafase) ingericht zijn op het omgaan met cybercrises. In hoeverre zijn de huidige gemeentelijke crisisbeheersingsorganisaties toegerust op de voorbereiding, respons en nafase van cybercrises?
Duration: 6 maanden

Topic: Privacy
Area of expertise: Privacy & Data Protection
Abstract: Have a business background? We have open research topics in privacy awareness & internal communications; privacy governance and business process design and customer/privacy-centric incentive models. How would we motivate you to think hard about privacy as a strategic topic for organizations?
Duration: 6 months 

Topic: IBM Watson
Area of expertise: Strategy & Transformations
Abstract: Cognitive computing is still in its infancy. However, it’s not too soon to imagine businesses and industries could be positively disrupted by this new technology. The question is to what extent this new technology can be used for cyber security purposes. By gaining insight in the pro’s and con’s of using cognitive computing you will unravel this question.
Duration: 6 months

Topic: The role of cyber risk in M&A
Area of expertise: Cyber Risk Quantification
Abstract: Cyber security and cyber risks have so far rarely been part of M&A due diligence. Potential M&A targets might be riddled with vulnerabilities. Mitigating these risks will cost a lot of money which should have been part of the initial purchasing deal. Your goal is to develop insight into these risks by examining M&A deals from the past.
Duration: 3-6 months

Topic: Dealing with probability and uncertainty in cyber risk
Area of expertise: Cyber Risk Quantification
Abstract: How big are cyber risks exactly for any given organization and how are they built up? When is an organization’s security sufficient and how much added value may security provide? Despite a scarcity of data, quantitative methods are proving to be valuable in dealing with these questions. You will be working with our team to further develop our state-of-the-art cyber risk quantification methodology, focusing on the properties of probability and uncertainty for cyber risk. The research includes both analytic methods for dealing with unknown probability distributions, and simulation methods based on known distributions. Some of the concepts you will encounter are Bayesian statistics, imprecise probability, Markov processes, Monte Carlo simulation and expert elicitation.
Duration: 6 months

Topic: Understanding and simulating adversarial risk
Area of expertise: Cyber Risk Quantification
Abstract: Compared to the risk associated to natural disasters, cyber risk is special because it is caused by intelligent adversaries who can strategize and learn about their opponents and decide to adapt their strategies and actions. To make cyber security proactive, the cyber attack cat-and-mouse game between hackers and defending parties needs to be better understood. You will use methods such as game theory and agent-based modeling to develop these insights.
Duration: 6 months

Other cool ideas? Let us know! You are always welcome to present your topic to us.

Naar boven