Master & Semester Projects

Master Thesis
All of the projects/theses on this page are for a single student in Computer Science and/or Communication Systems

Kernel bypass network or storage stacks

Kernel bypassing is a technique used to avoid system overheads coming from the generality of the operating systems’ kernel. Mechanisms that were traditionally implemented within the kernel, e.g. TCP stack, can now be implemented in user space, specifically tailored to the needs of certain applications, e.g. very low latency.

If you are interested in working on kernel bypassing we are open to suggestions. If you don’t have a specific suggestion, but still interested in the area we can discuss and identify a related interesting problem.

Related info:

Marios Kogias

Microseconds that matter (semester project)

In the era of low-latency I/O devices a lot of effort has been put into optimizing different parts of software stack and different hardware components inside a datacenter, as well as transport and application protocols.

The semester project would include implementing and evaluating a number of optimization techniques (TBD) and determining which ones make a difference for which workload. The starting point would be either an ns2 application, or an existing framework for scale-out applications, depending on what you will evaluate.

Familiarity with C++ would be helpful.

For any questions do not hesitate to send me an email.

Mia Primorac

Semester Projects

Webserver benchmarking (Bachelor or Master)

Measuring throughput and latency of a webserver under realistic conditions that reflect the targeted deployment environment is a challenging task. Existing tools only implement closed loop experiments that are are usually not representative of real deployment scenarios. In this project you will implement the http(s) protocol as part of a distributed load generator and measuring tool we develop in the lab. The end goal of this project is to create tool that can be used in benchmarking public facing webservers that are part of the EPFL infrastructure.

Requirements: C programming, basic knowledge of statistics

Marios Kogias

Introduction to eBPF

extended Berkeley Packet Filter is an in-kernel virtual machine with an independent 64-bit instruction set architecture that allows securely downloading user code in the kernel[1]. It can be used for many things such as network performance, firewalls, security, tracing, etc. eBPF does to Linux what JavaScript does to HTML[2].

This is an introductory project to eBPF and the goal for the student is to initially understand and use the toolchain, and eventually build simple tools on eBPF, e.g. tools that perform basic packet transformations and reason about their performance overheads.

[1] Exokernel: An Operating System Architecture for Application-Level Resource Management

[2] Learn eBPF tracing by Brendan Gregg

Marios Kogias

Restricting untrusted code modules (Bachelor or Master)

Real-life project import various untrusted code modules that might have embedded backdoors.
Such modules could leak sensitive private information to an attacker or cause your application to misbehave.
Sadly, static analysis tools are unable to detect all possible attacks or ensure that these modules will behave properly at runtime.

In this project, the student will explore a solution where code modules are distributed along a “whitelist” list of allowed system calls.
This list will define the runtime behaviour of the module, blacklisting certain functionalities from being used.
The language runtime will then be responsible for flagging misbehaving code and filtering system calls according to the whitelist lists.
This will be implemented in Google’s Go Programming Language and leverage the ‘go get’ dependency manager to retrieve and explore whitelists.

keywords: system call filtering, compilers, Golang, sandboxing.


  •  Knowing Golang is a plus, but a solid background in C/C++ and the motivation to learn a cool language are enough.
  •  A good understanding of Unix Operating Systems and system calls.
  •  Linux (you will be modifying the Go compiler for linux x86 platforms and hence need to run linux).
  •  Good dev practices (git, continuous integration tools etc.)

Useful link:


Adrien Ghosn