Systems

Mobile and System Security

Not only smartphones and tablets have become ubiquitous but also everyday household appliances and infrastructure have been computerized – or became ‘smart’. The endless possibilities of app stores have brought diversity and ingenuity to the way we interact with our world. However, the simplicity of developing and distributing apps together with their omnipresence has made it easy for attackers to gain access to our personal address books and photos under the pretext of being a helpful app. We conduct research as to how to protect user’s data and privacy on mobile devices, we analyse attacks and data breaches and we construct more secure operating systems.

Privacy

Privacy Enhancing Technologies

With the advent of Online Social Networks and other Online Services, users, often unknowingly, publicly disseminate tremendous amounts of personal information through their online interactions. All of this information is then readily available to data collectors which use it for personal gain or for malicious actions against the user. Protection of personal data is therefore of paramount importance in a day and age where data disseminated in the Internet is completely visible and available to anyone who wants to collect it. In our group we develop foundational methods for quantifying privacy and anonymity in the Internet. Our methods allow for the analysis of existing Privacy-Enhancing Technologies, but also for the development of novel, privacy-enhancing solutions. In particular, our goal is the development of a privacy adviser that guards information disseminated by end-users in the Internet.

Foundations of Secure System Design and Analysis

The common practice of exploitable software which becomes patched creates a cat-and-mouse game that cannot be tolerated in the presence of critical infrastructure or personal data. In order to mitigate this cat-and-mouse game, we need new technologies that revolutionize the way systems are build and maintained. Our research area tackles this problem by giving foundations for the system design that incorporate security-by-design and methods for the analysis of existing systems. For example, we developed methods for analyzing properties of protocol implementations and connected these methods to construct a tool that can turn protocols specified in a declarative language into a provably secure implementation of that protocol.

Cloud

Cloud Security

The obvious advantages of cloud computing, such as a flexible pay-as-you-go model and virtual unlimited scaling, are accompanied by loss of control as data and processes have been outsourced to a third party. Today, a serious cloud computing concern is the protection of clients’ data and computations against various attacks. Especially after the revelations about intelligence services, customers fear more than ever than their sensitive data might be subject to spying with the help of the cloud provider. Our research helps to strengthen the trust in outsourced data and computations by applying state-of-the-art data protection, by analysing and assessing the cloud infrastructure and by providing operating system hardening to be protected against cloud attacks.
All Publications

Recent Publications

Automated analysis of security protocols with global state

Computational Soundness of Dalvik Bytecode

Efficient Cryptographic Password Hardening Services From Partially Oblivious Commitments

Identifying the Scanners and Attack Infrastructure behind Amplification DDoS attacks

Membership Privacy in MicroRNA-based Studies

Selected Projects

Android Security Framework

Enabling Generic and Extensible Access Control on Android.

Anonymous Communication

Projects regarding Anonymous Communication.

AppGuard

Real-time policy enforcement for third-party applications.

Securing Systems against Run-Time Attacks

Runtime Attack Protection mechanisms like XnR.
All Theses

Recent Theses