Our Empirical Information Security (EIS) group is part of the Institute of Practical Computer Science and offers thesis supervision for (computer science) students of the Leibniz University Hannover.
Logo, Empirical Information Security

We are interested in topics concerning IT security and privacy with an emphasis on human factors and empirical approaches. For more general security topics, you might want to contact the IT-Security group first.

Feel free to take a look at our recent publications for an overview over the institute's research direction.

Thesis Contact

We do not offer a pre-compiled list of thesis topics, but prefer to find an individual thesis topic based on your interest and skills.

As a foundation for discussing possible thesis topics matching your skills and interests, please include the following information in your email:

  • Your experiences in IT security with relevance for a thesis such as attended lectures, previous (programming) projects, or private hobbies related to IT security.
    • Please do not include a transcript of your grades for privacy reasons.
  • Your programming background (Programming languages you could comfortably use in your thesis).
  • Your general idea of your thesis direction, e.g., more theory focused such as a review of existing literature, more study focused such as a tool comparison, or more programming focused such as a software implementation.
Contact: You can contact us via email at

  • The LUH requires us to only accept emails from your LUH address (, see “Verkündungsblatt 10|2021”).
  • We do accept theses (and emails) in English or German.

Please note: It might take some time to hear back from us, as we receive a large amount of thesis-related emails. If you really want to write a thesis with us, feel free to send a reminder email after a week or so to bump your request back to the top of our stack.

Completed Theses


Timo Balke (BSc)
Improving Malware Detection: Utilizing Deep Learning, Function Call Graphs, Instruction Sequence Similarity and Binary Data Visualization
Nils Langius (BSc)
A Security Analysis of Mobile Car Apps for Android
Christoph Becker (BSc)
Framework zur Sicherheitsanalyse von mobilen MQTT-Applikationen
Simon Stork (MSc)
An Android App Developer Study on the Use of Privacy-Enhancing Technologies
Alexander Krause (MSc)
Helping Researchers Conduct Developer Studies during COVID-19 - A Usable API and Interface for Remote Study Tooling
Florian Liermann (BSc)
Right to Access: Designing and Piloting a Survey on the Usability of GDPR Data Requests
Tim Hollmann (BSc)
Investigation of Security and Misconfiguration for Linux Container Engines
Noah Kornelius Wöhler (MSc)
An ACME Broker for Automated Certificate Acquisition in University Environments
Alexander Haenel (BSc)
Praktische Evaluierung der verhaltensbasierten Benutzerauthentifizierung anhand von Tastaturinteraktionen
Till Deeke (BSc)
Sichere Paketverwaltung mit Composer? - Eine Analyse der Abhängigkeit populärer PHP-Anwendungen auf GitHub
Jakob Kühl (BSc)
Comparison of Tools for Docker Security


Kai Leßmeiser (BSc)
Analysing Github Commits Based on Security Benchmarks
Dominik Langhorst (BSc)
Konzeption und Evaluation eines automatisierten Abgabesystems im Rahmen der universitären Lehre
Jan Knittel (BSc)
BrokenWrt: Vulnerable Router Firmware for Practical Network Attacks
Florian Langenhagen (BSc)
CookieBANner: Implementierung und Evaluation einer Browsererweiterung für automatisierte Cookie-Banner-Interaktion
Nadine Sinner (BSc)
Privacy and Web Server Logs: An Interview Study on Web Server Log Configurations under Consideration of the GDPR
Jan Klemmer (MSc)
The Effect of PSD2 on the German Android Banking App Ecosystem
Arwin Mavaji (BSc)
Examining the Privacy and Security of Online Meme Generators: A Parameterized Website Analysis
Mindy Tran (BSc)
Zur Sicherheit und Benutzerfreundlichkeit von Zwei-Faktor-Authentifizierung bei bildbasierten One-Time Authentifizierungscides auf mobilen Endgeräten
Hannah Deters (BSc)
SSID Snooper: Ein Framework zum Identifizieren datenschutzbezogener Informationen in SSIDs
Jasper Houben (BSc)
Analyse des Einsatzes von Anti Ad-Block Ansätzen mittels bildbasierter Verfahren
Jan Krägenbring (BSc)
CTFronted: Management Interface for CTF-Challenges in Security Teaching
Miriam Schierding (BSc)
An Examination of Security Software Developers’ Usability Decisions
Simon Stork (BSc)
Design einer Nutzerstudie zur DSGVO-Compliance von Websites
Christian Thoms (MSc)
Virtualisation-based Infrastructe for Practical IT-Security Exercises


Alexander Krause (BSc)
wh173 h47 h4ck1n6: Eine disziplinübergreifende CTF-Challenge zu Lehrzwecken
Jannik Meinecke (BSc)
Automatisches Framework zur Unterstützung von Forschern bei der Durchführung von Mturk Studien
Florian Gruhlke (BSc)
A Feasibility Study of Classifying Security Advice for Developers
Fabian Johannsen (BSc)
An Empirical Study of Alexa Skills Metadata in the Amazon Store
Jascha Schütte (BSc)
Plattform zur Visualisierung von TLS Parametern
Konstantin Fischer (MSc @RUB)
'So I found your Password in this breach...' - Towards Measuring the Effectiveness of Data Driven Password Nudges
Anna Lena Rothaler (BSc @RUB)
An Interview Study to Identify Challenges on Operating Platforms for Investigative Journalism


David Wischnjak (BSc)
Eine Sicherheitsanalyse mobiler Krankenkassenapplikationen
Marcel Jahnke (BSc)
Stärkung mentaler Modelle mit Animationen: Eine Fallstudie für Secure Messaging
Daniel Klamt (BSc)
Traffic Analysis in Home Networks for Botnet Detection
Gerald Wiese (BSc)
Erkennen von Botnet-Infektionen im Kontext von Local Area Networks
Michael Gunder (BSc)
Integration von Zertifikaten für Sicherheitskritische Web-Entwicklung
Bjoern Noetel (BSc)
Crypto-Bot: Anwendungsfall getriebene Generierung sicherer und gut benutzbarer Kryptografischer Code Snippets
Philip Ostendorf (BSc)
Identifying Insecure Internet of Things Devices in a Local Area Network
Niklas Busch (MSc)
Design, Implementierung und Evaluation eines Werkzeuges zur benutzerfreundlichen Systemhärtung