Research Topics

At the Chair for Systems Security, we work on the following topics:

Our recent publications provide an overview of the current work, source code and data sets for most of our research projects are available at https://github.com/RUB-SysSec. If you have questions, please reach out to Prof. Thorsten Holz or the other members of the research group.

Program / Binary Analysis

Program analysis describes the process of automated extraction or inference of program properties that allow an analyst to make statements about the program's behavior, design, or security/safety properties. Amongst others, these techniques are commonly employed in tools such as compilers to facilitate efficient code generation. Furthermore, such techniques also find their application in the backwards process as well – if no source code is available, the binary representation of a program can be (manually or automatically) reverse engineered in order to obtain a higher-level representation again. We apply such techniques to either find and exploit vulnerabilities (e.g., via techniques such as fuzz testing or code-reuse attacks) or to develop defenses (e.g., techniques such as control-flow integrity or randomization). The techniques developed by us can typically be applied on the binary level such that no access to source code is needed. In our research, we cover the following topics:

- Reverse Engineering
- Binary Analysis
- Compilers
- Code Obfuscation
- Abstract Interpretation
- Fuzzing

- Program Synthesis
- Model Checking (MC)
- Symbolic Execution (SE)
- Satisfiability Modulo Theories (SMT)
- Firmware Re-Hosting / Emulation
- Control-Flow Integrity or Randomization

Selected Publications

If you are interested in working on these topics, feel free to contact:

Intelligent Security Systems

Systems based on machine learning (ML) are increasingly used in security and safety critical domains such as autonomous driving and threat detection. The underlying algorithms, however, were not developed with security in mind and are vulnerable to targeted attacks. In this research area, we investigate the offensive and defensive aspects of these attacks and strive to improve the robustness of machine learning in adversarial settings. Moreover, machine learning has created impressive results in areas such as natural language processing, image processing or playing games (such as Chess, Go, and Dota). Surprisingly, this has not (yet) been replicated for security. Machine learning provides new tools that allow us to rethink existing approaches and target previously unattainable tasks. These advancements require an integration of security and machine learning. We envision this interplay to take the form of a two-pronged approach. On the one hand, we need to adapt machine learning techniques to cooperate with existing tools, with the goal to make predictions based on their produced data. On the other hand, existing tools need to be augmented by machine learning techniques to interact with human experts, in order to accelerate manual processes and provide automatic decisions. Our research covers the following topics:

- Data Poisoning Attacks
- Evasion Attacks with Adversarial Examples
- Model Stealing Attacks

- Explainability and Transparency of ML Algorithms
- Generative Adversarial Networks (GANs)
- Machine Learning for Security

Selected Publications

If you are interested in working on these topics, feel free to contact:

Web Privacy

Websites, apps, IoT devices, and business in general today heavily rely on personal data to tailor their services to the user’s preferences, integrate social media sharing, or make money through targeted advertising. Due to the complexity of the data processing ecosystem - which often involves various parties and multiple jurisdictions - it is often hard for users to understand and control what personal data is collected by whom and why. This has led regulators across the world to create new privacy laws restricting certain practices, making others more transparent, and provide “data subjects” with new rights regarding their personal data. We study various aspects of data collection practices, their mechanisms to meet the legal requirements, and how users perceive both these tracking systems and compliance mechanisms. We cover the following topics:

- Web tracking
- Profiling
- Compliance with legal requirements (e.g., GDPR)
- Privacy policies

- Consent mechanisms (e.g., “cookie banners”)
- Privacy by design and privacy by default
- ... and many other aspects of usable privacy, data protection, and surveillance.

Selected Publications

If you are interested in working on these topics, feel free to contact:

Network Security

In this research area, we measure network security aspects of large-scale datasets like the detection of phishing-relevant domains in newly registered domains, distributed denial-of-service attacks on the Internet, and similar events. For that purpose, we often collect data to analyze previously overlooked issues, e.g., measuring the network time synchronization ecosystem or analyzing wrongly configured devices connected to the Internet. We are in particular interested in Social Network Analysis (e.g., Facebook), the analysis of infrastructure protocols of the Internet (e.g., the Domain Name System), and the analysis of attack vectors like phishing and scamming. Amongst other topics, we work in the following areas:

- Social Network Security and Privacy aspects
- Infrastructure Protocols (e.g., DNS, NTP, IP)
- Threat Landscapes (APTs, OSINT, Blacklists, etc.)

- Domain names
- Honeypots

Selected Publications

If you are interested in working on these topics, feel free to contact:

Mobile Network Security

If you are watching videos, browsing Instagram, or chatting with your friends — mobile networks connect you to the Internet nearly everywhere. They are quite different from your home WiFi: the large infrastructure with thousands of base stations, SIM cards, international roaming, and billing all bring their own unique challenges. You might think that such a critical infrastructure is well tested, but in fact, many of todays tools for software testing will not work with telecom networks yet. If you are interested in changing this, work with us and

- bring pentesting to telco networks,
- find bugs in nation-wide infrastructure, and

- exploit over-the-air vulnerabilities in smartphones.

Selected Publications

If you are interested in working on these topics, feel free to contact: