For our research work, we are engaged with highly relevant research questions from all areas of cybersecurity. The Goal of our work are publications at international top conferences and journals in line with our guiding principle Science with Impact.
Highlights
Distinguished Paper Award at ACM CCS 2024
The research paper The Harder You Try, The Harder You Fail: The KeyTrap Denial-of-Service Algorithmic Complexity Attacks on DNSSEC has won a a Distinguished Paper Award at ACM CCS 2024 in Salt Lake City, USA.
Topics
Routing Security
Routing protocols are subject to many different attacks, like hijacks or blackholing. We research the current threat landscape and the development of modern solutions to prevent future attacks.
Measurements and Fingerprinting
To protect against attacks, an in-depth understanding of the real world is required. We develop and employ measurement tools to collect information on what services run on the internet. This involves collecting large amounts of data from highly automized frameworks and performing longitudinal studies. Fingerprinting identifies unique characteristics devices and software. While one minor nuance in the behaviour of a system may not reveal much information, collecting, correlating and aggregating behavioural data through passive observation and active probing grants highly accurate views of what exact systems run where. Combined, this enables the mapping of the internet, the discovery of new threats and tracking the deployment of security measures.
Analysis of Internet Standards
Internet protocols and architectures form the basis of almost all communication in the digital space. The specifications of these Internet standards have evolved over decades and harbor various systemic risks. We research the specification landscape and develop methods to identify issues before they can be exploited.
Security and Privacy in Smart Home
The omnipresence of smart devices in public and private domains has given rise to new security challenges. We research in combination with teaching vulnerabilities of smart infrastructures.
Darknet
Unlike the surface web, Darknet sites are not indexed by standard search engines and are intentionally concealed to preserve anonymity and privacy. It is used for a range of purposes, from legitimate activities like whistleblowing and privacy advocacy to illicit ones such as black markets, illegal trade, and monetization of cybercrime. We monitor activities on the Darknet as part of our analysis of the threat landscape.
Critical Infrastructures
Critical infrastructures, such as the energy sector, are fundamental to the functioning of any modern society. Successful attacks on energy infrastructure can bring an economy to a standstill and cause enormous damage. We are working to improve the cybersecurity of critical infrastructures as part of our research.
Shadow & Legacy IT
Outdated and informal systems pose a risk that is difficult to calculate in the IT landscapes of companies, government agencies, universities, and other organizations. We are working on methods to identify and mitigate these risks.
Applications of Machine Learning und Artificial Intelligence
The steady advancement of new methods of Machine Learning and the growing availability of advanced Artificial Intelligence and Large Language Lodels have greatly accelerated developments in cybersecurity. While they enable new approaches to detecting attacks or identifying security risks, they are also being misused to intensify existing adverserial methods and develop completely new types of attacks. We integrate ML and AI into our research and investigate ongoing changes in the threat landscape.
Public Key Infrastructures and RPKI
Public Key Infrastructures (PKI) form a basis of trust for secure communication on the Internet. Certificates provide verifiable proof of the authenticity of asymmetric key pairs used for signing and encryption. The Resource Public Key Infrastructure (RPKI) is tailored to routing security and secures the usage rights of Internet resources to prevent attacks on Internet routing.