Modern Web Development

The Internet, which is often used as a synonym for the World Wide Web, has become ubiquitous in our everyday lives and with the rise of Progressive and Hybrid Web Apps the technology is even used in offline applications on phones and desktop PC's. Therefore it's crucial to know the current used techniques and potential pitfalls in terms of privacy and security. In the lecture we will look at the most popular frameworks and address common security issues. You will work on a real open source...

Read more

[Master] Ransomware Detection

Ransomware attacks – in contrast to other cyber attacks – must not be detected and especially not blocked or recovered on first sight. This relaxation is supported by the rareness of ransomware attacks. Certainly, the uprising of ransomware families, which are able to circumvent the detection mechanism, integrated into the local machine, prevents the approaches from taking advantage of the relaxation. Justified by the attack isolation, the move to the personal cloud storage is the reasonable way...

Read more

[Doctor] Efficient Privacy-Preserving Configurationless Service Discovery Supporting Multi-Link Networks

Data is the pollution problem of the information age, and protecting privacy is the environmental challenge — this quotation from Bruce Schneier laconically illustrates the importance of protecting privacy. Protecting privacy — as well as protecting our planet — is fundamental for humankind. Privacy is a basic human right, stated in the 12th article of the United Nations’ Universal Declaration of Human Rights. The necessity to protect human rights is unquestionable.

Read more

Secure and Private Collaboration through DNS

The mDNS-SD Privacy Extension replaces many multicast packets by unicast packets sent to pre-paired devices only, thus not only distributing less privacy-sensitive data in the network, but also reducing the amount of broadcast traffic that uses a considerable amount of resources on modern wireless networks.

Read more

[Master] Design and Analysis of a secure multi-party communication protocol

In the past years digital communication became an important aspect in every day life. Everything is shared and discussed in groups of friends, family or business part- ners without a proper way to protect that information. This master thesis introduces the first secure robust multi-party communication protocol which mimics a physical conversation with the help of a Diffie-Hellman key tree and social behaviours. Robust- ness against offline group members is reached by taking advantage of...

Read more

Securing Legacy Applications

TLS Interposter allows current SSL vulnerabilities to be fixed in legacy software that cannot be configured properly by replacing unsafe SSL parameters before any call to the SSL library is made.

Read more

SARA: Software Archiving of Research Artefacts

The SARA project (Software Archiving of Research Artefacts) aims to develop a new scientific service that allows long-term access and publishing of research data and scientific software. Its main focus is on software tools that support the processing and analysis of research data. In biological research, for example, measured data is collected and processed with the support of computers. Within Computer Science and Electrical Engineering, the different versions of newly developed software need...

Read more

WISEchat

Chat — instant messaging, audio and video calls — have come to form an integral part of our daily life. Most people use closed systems for these needs, which is acceptable for private use, but fail the privacy requirements for official use in a research or teaching environment. However, this does not have to be the case: WISEchat offers the security, comfort and availability demanded by a modern university based on the open, federated Extensible Messaging and Presence Protocols (XMPP).

This...

Read more

[Bachelor] Mapping different datatypes ensuring secure cloud storage

In this thesis two generic approaches on how to store different datatypes to a cloud storage are proposed, thereby utilizing Treetank. As part of this thesis implementations for the proposed approaches have been implemented to evaluate their practicability and search out strengths as well as weaknesses. Current cloud storage systems, security concerns towards privacy, stability and integrity of data shared with “the Cloud” is discussed. An overview of Treetank, that originally was designed to be...

Read more