Disclaimer

CISPA is currently in the founding process to join the German Helmholtz Association as a new member. It is consequently undergoing significant organizational changes, which are not yet reflected on this webpage.

For further information on the above mentioned founding process, please refer to the official press release by the State Chancellery of Saarland.

Recent News on the Transformation Process

24.10.2017

The location of the first construction phase has been agreed upon. For further information, please refer to the official press release .

Security & privacy assessment and protection

Mission

header/research_header_column.jpg

The research area focuses on the assessment of security and privacy in nowadays IT systems, and on the development of corresponding protection.

Whenever a system that contains components from potentially untrusted vendors or sources, which is virtually always the case nowadays, security analysis constitutes the indispensable tool to assess their security guarantees. Ascertaining the security of such systems in a credible manner requires the development of comprehensive analytical methodologies and tools for analyzing and assessing the security of existing IT systems in a modular and automated manner. Similarly, the degree of an individual’s privacy when interacting with IT systems and services are being assessed, and corresponding protection technologies are being invented. Methodologicaly, the area ranges form foundational research, to the invention of reusable techonologies, to the development of prototypical systems.

Recent research in the area has focused on assessing privacy in large-scale systems such as online social networks, privacy-preserving Web analytics and advertising, Web browser security, security against run-time attacks, anonymity networks, formal analysis and verification of security-critical systems, as well as security- and privacy-enhancing techniques for mobile devices.

Publications

Die Blockchain im Spannungsfeld der Grundsätze der Datenschutzgrundverordnung

Does #like4like Indeed Provoke More Likes?

Reconciling Privacy and Utility in Continuous-Time Diffusion Networks

Quantifying Location Sociality

Tatobjekt und Vortaten der Datenhehlerei (§ 202 d StGB)

Identifying Personal DNA Methylation Profiles by Genotype Inference

DeepCity: A Feature Learning Framework for Mining Location Check-ins

Efficient and Flexible Discovery of PHP Application Vulnerabilities

A Novel Approach for Reasoning about Liveness in Cryptographic Protocols and its Application to Fair Exchange

Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code

Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying

P2P Mixing and Unlinkable Bitcoin Transactions

SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks

A Broad View of the Ecosystem of Socially Engineered Exploit Documents

Thread modularity at many levels: a pearl in compositional verification

RedQueen: An Online Algorithm for Smart Broadcasting in Social Networks

"My friend Cayla" - eine nach § 90 TKG verbotene Sendeanlage?

Datenschutz für Minderjährige nach der Europäischen Datenschutz-Grundverordnung (DSGVO) vom 27. April 2016

Richterliche Unabhängigkeit und Bring Your Own Device (BYOD) – Weg in die Zukunft oder unvertretbares Sicherheitsrisiko?

Mit Schirm, Charme und Kamera – Verbotene Sendeanlagen i.S.d. § 90 TKG

Mail vom Rechtsanwalt? Herausforderungen sicherer Mandantenkommunikation

Exploiting saliency for object segmentation from image level labels

How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security

On the (Statistical) Detection of Adversarial Examples

Towards a Visual Privacy Advisor: Understanding and Predicting Privacy Risks in Images

Predicting the Category and Attributes of Visual Search Targets Using Deep Gaze Pooling

Membership Privacy in MicroRNA-based Studies

Profile Linkability despite Anonymity in Social Media Systems

A Survey on Routing in Anonymous Communication Protocols

Ransomware als moderne Piraterie: Erpressung in Zeiten digitaler Kriminalität

On Statistically Secure Obfuscation with Approximate Correctness

An Empirical Study of Textual Key-Fingerprint Representations

Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles

Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification

Smart-Home-Systeme in Zeiten digitaler Kriminalität

R-Susceptibility: An IR-Centric Approach to Assessing Privacy Risks for Users in Online Communities

Mining Apps for Anomalies

Kizzle: A Signature Compiler for Detecting Exploit Kits

Mining Sandboxes

Anonymisierung, Pseudonymisierung und Transparenz für Big Data. Technische Herausforderungen und Regelung in der Datenschutz-Grundverordnung

Implementation-level Analysis of the JavaScript Helios Voting Client

The Impact of Tangled Code Changes on Defect Prediction Models

On Testing Embedded Software

Smart Mobility für das Saarland: Identifikation von Chancen und Handlungsempfehlungen für eine digital vernetzte Mobilität

Soziale Netzwerke im Fokus von Phishing-Angriffen - Eine Analyse aus technischer und rechtlicher Sicht -