Mentoring & Supervision
A list of supervised theses and projects at various universities.
I am actively involved in teaching and student supervision at the Zurich University of Applied Sciences (ZHAW), the University of Bern (UniBe) and other institutions. Below is a consolidated table of supervised theses and seminar projects.
If you are a student interested in supervision or project work, please contact me by email with a short proposal and CV. I welcome project ideas in the areas of mobile security, automated testing, and software engineering.
2026
| University | Student(s) | Level | Project / Notes |
|---|---|---|---|
| University of Bern (UniBe) | Rahel Baumann | Bachelor Thesis | Automated Runtime Analysis of Android Adware: Correlating Network Exfiltration with User Location Data Sales |
| University of Bern (UniBe) | Tim Frederick Jordi | Bachelor Thesis | Building a Ground-Truth Dataset of Android Hybrid Applications and Their Third-Party Libraries |
| Zurich University of Applied Sciences (ZHAW) | Dominique Alonso Alguacil | Master Thesis | Digital Identity Under the Microscope – Security of the Swiss e-ID Wallet. CYD Master Thesis Fellowship |
2025
| University | Student(s) | Level | Project / Notes |
|---|---|---|---|
| University of Bern (UniBe) | Dario Kaufmann | Seminar + Master Thesis | Detecting Third-Party Libraries in Android Applications at Runtime; Feasibility of Runtime Detection of Third-Party Libraries |
| University of Bern (UniBe) | Yannik Stürmlin | Seminar + Bachelor Thesis | An Investigation Of Location Privacy In Mobile Applications |
| University of Bern (UniBe) | Rahel Baumann | Seminar | Automated Blackbox UI-Testing for Android Apps |
| University of Bern (UniBe) | Dominic Fabian Kronig | Seminar + Bachelor Thesis | Development of a Reference Application for the OWASP Mobile Application Security Testing Guide (MASTG) |
| University of Bern (UniBe) | Felix Merz | Seminar | Creating a Core Rule Set for Android Taint Analysis Tools |
| University of Bern (UniBe) | Clement Defossez | Seminar | Creating a Core Rule Set for Android Taint Analysis Tools |
| University of Bern (UniBe) | Sophie Maudonnet | Seminar | Third-Party Libraries Detection in Android Applications with Static Analysis Tools |
| University of Bern (UniBe) | Sinthuja Vijayananthan | Seminar | An Investigation Of Location Privacy In Mobile Applications |
| Zurich University of Applied Sciences (ZHAW) | Dominique Alonso Alguacil | Master (VT2) | Security Analysis of Mobile e-ID Wallet Applications: A Case Study on the SWIYU Wallet |
| ETH Zurich (ETHZ) | Philipp Scherer | Master Thesis | Development of a Fuzzing Interface for the Android Emulator |
2024
| University | Student(s) | Level | Project / Notes |
|---|---|---|---|
| Zurich University of Applied Sciences (ZHAW) | Dominique Alonso Alguacil | Master (VT1) | Overcoming Barriers in Automated App Testing: Mitigation Strategies for Dynamic Testing Agents |
| Zurich University of Applied Sciences (ZHAW) | Leu Tobias; James Leadbeater | Bachelor (PA1) | Penetration Test of a Web Application with Biological Human Information |
| University of Bern (UniBe) | Johannes Meier | Seminar / Bachelor Thesis | SBOM development for Android applications; Development of a Methodology and Tools for Runtime Identification of Software Components in Android Apps |
| University of Bern (UniBe) | Florin Luc Achermann | Seminar | SBOM development for Android applications |
| ETH Zurich (ETHZ) | Sarina Müller | Master Thesis | Android App Classification via Analysis of Network Traffic |
| ETH Zurich (ETHZ) | Yufei Zhang | Master Thesis | Analyzing and Mitigating Roadblocks in Dynamic Analysis of Mobile Applications |
| Eastern Switzerland University of Applied Sciences (OST) | Miles Strässle | Bachelor Thesis (External Expert) | Systematic Identification of Vulnerabilities in C and C++ Source Code through Fuzzing |
2023
| University | Student(s) | Level | Project / Notes |
|---|---|---|---|
| Zurich University of Applied Sciences (ZHAW) | Dario Haas; Timo Ning | Bachelor Thesis | Creating Capture The Flag Challenges: Web Cache Poisoning |
| Zurich University of Applied Sciences (ZHAW) | Marcel Scherrer; Aline Stutz | Bachelor Thesis | Creation and operation of Capture The Flag challenges |
| Zurich University of Applied Sciences (ZHAW) | Sandro von Ah; Nico Kalinowski | Bachelor Thesis | Analysing and exploiting SQL injection vulnerabilities in Capture the Flag challenges |