Bachelor- and Master Seminar CISPA Staff

Dear All,

The next seminar(s) take place on 25.05. at 14:00 respectively 14:30.

Session A: (RA4,5) (14:00-15:00)
Norman Ziebel - Florian B.

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

Session B: (RA 5)(14:30-15:30)
Paul Frerichs - Raphael Maser

https://cispa-de.zoom.us/j/99025989421?pwd=cWJIM29LYktsbStxTXlKUStZRi9MUT09

Meeting-ID: 990 2598 9421
Kenncode: 3mZyE$

Session A:

14:00-14:30 

Speaker: Norman Ziebal
Type of talk: Bachelor Intro
Advisor: Prof. Andreas Zeller, Dr. Dominic Steinhoefel, Dr. Rafael Dutra
Title: Grammar meets Binary Template - Bidirectional conversion between context free grammars and binary templates
Research Area: RA4,5

Abstract:
Most programs expect highly structured inputs, which makes black-box fuzzing rather inefficient because inputs get rejected very early in the program flow.
Grammar-based fuzzing is a common technique to provide much better inputs to programs based on a specification.
FormatFuzzer is a generator for format-specific fuzzers. It takes a Binary Template as input, a format specification for a binary format,
and produces a highly efficient and fast parser and generator, which is conform to the provided specification.

Hundreds of Binary Templates already exist for various formats, but they can not be utilized by other grammar-based fuzzing tools,
due to Binary Templates being written in an imperative C-Style.
Grammar-based fuzzing tools commonly rely on a more declarative type of specification, like context-free grammars.
Context-free grammars are widely used when it comes to grammar-based fuzzing. They are easy to read and write for humans and have proven to be a good way of specifying a format.
Therefore many grammar-based fuzzing tools work well with context-free grammars as input.

This work aims to combine the benefits of context-free grammars and Binary Templates for fuzzing.
We will implement a framework for bidirectional conversion between context-free grammars and binary templates.
With this framework, we will, on one hand, be able to leverage the vast quantity of existing binary templates with already existing fuzzing tools and techniques
and on the other hand, combine the simplicity of context-free grammars with the speed and efficiency of FormatFuzzer.

 

14:30-15:00

Speaker: Florian B.
Type of talk: Bachelor Final
Advisor: Dr. Dominic Steinhöfel, Prof. Andreas Zeller
Title: Bidirectional Converter Between ANTLR, BGF and a Pivot Language
Research Area: RA5

Abstract:
Grammar-based fuzzing is a common technique to make fuzzers more program-specific. On the one hand, there are different fuzzers with different grammar formats as input and on the other hand, there are large grammar collections like the Grammar Zoo with its BGF format or repositories with many grammars in ANTLR format. The ability to convert different grammar formats into each other would allow to use existing grammar collections, and thus thousands of grammars without requiring additional work for each grammar.
Bidirectional conversion between these different formats is easiest accomplished using a pivot language.
This pivot language can then be used to convert ANTLR to BGF and vice versa, or to convert to any new format by simply developing a new converter for a different format while using he same pivot language.
In this thesis, a converter will be developed to convert ANTLR and BGF into a pivot language and vice versa.

 

15:00-15:30

no talk this week
 

Session B:

14:00-14:30

No talk this week

 

14:30-15:00

15:00-15:30

Speaker: Raphael Maser
Type of talk: Bachelor Intro
Advisor: Prof. Mario Fritz, Dr. Andreas Husch (Uni Luxemburg)
Title: Confounding in Machine Learning Models
Research Area: RA1

Abstract:
Machine Learning has seen a lot of progress during the last decade and gained even more attention during the enduring COVID-19 epidemic. Despite this progress, the clinical relevance of ML in the medical domain is still rather low, mainly because models exhibiting good performance in the test environment fail when deployed in the real world. This is mainly caused by a gap between training data and real-world data, where bias and (hidden) confounders in training prevent the models trained from them to capture clinically relevant settings.
Working towards more robust models by utilizing domain adaptation techniques, we aim to reliably assess different de-confounding techniques. To achieve this a simple framework for the creation of synthetic confounded data and injection of confounders in real datasets will be written.

 

Dear All,

The next seminar(s) take place on 11.05. at 14:00.

Session A: (RA4,5)
Philipp Dewald - Ole Heydt - Birk Blechschmidt

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

Session A:

14:00-14:30 

Speaker: Philipp Dewald
Type of talk: Bachelor Intro
Advisor: Dr. Katharina Krombholz
Title: End User Privacy Concerns about the Corona-Warn App
Research Area: RA5

Abstract: When the Corona-Warn App was launched on the 16th of June in 2020, the expectations and hopes were quite high. Helge Braun, then Chancellery Minister and Federal Minister for Special Tasks, stated he is "quite convinced that it is the best [corona app]" and then Chancellor Angela Merkel declared it will be "a milestone in the fight against Corona." However, it turned out that was not the case. The lack of broad participation was one of the main reasons for the app's ineffectiveness.
Related work has shown that the most common reason for people not using the app was privacy concerns. In this upcoming Bachelor Thesis, we want to have a look at these and find out what they look like and where they came from.

 

14:30-15:00

Speaker: Ole Heydt
Type of talk: Bachelor Intro
Advisor: Nils Ole Tippenhauer, Alessandro Erba, John Henry Alvarado
Title: Systematic Evaluation of Stealthy Attacks against Quadcopter Drones
Research Area: RA4

Abstract:
Drones, rovers or more generally Robotic Vehicles (RVs) have long since ceased to be science-fiction. The usability of cyber-physical
systems in customer industry or the military is widely known. Take for example the advances of Amazon with their "Prime Air" project
where the aim is to create a drone delivery system for customers that could potentially massively impact the delivery market as a whole.

With both the commercial but also political impact that RVs can potentially hold, one needs to develop security mechanisms which are
elaborate enough to defend against - on one hand commercial loss (e.g. delivery services), on the other the endangerment of human life (e.g. military drone missions).
The corruption of cyber-physical systems holds much power as past attacks like Stuxnet prove.

The main challenges of cyber-physical-system security originate from the generally complicated nature of such, as e.g. drones or rovers
operate on both cyber (software) and physical (robotics) layers. Previous work shows that there already exist various possible attacks
on RVs like GPS spoofing or acoustic attacks on e.g. gyroscopes that can significantly deviate the vehicles from their programmed paths
or even lead to crashes. Advances in physics as well as software development and maths are required to develop security mechanisms for RVs.
In our work we want to discuss and and evaluate attacks against drones (more specifically quad-copters) that were introduced in recent research efforts.
Additionally we aim to find and create a systematic way of testing and evaluating countermeasures against such attacks.

 

15:00-15:30

Speaker: Birk Blechschmidt
Type of talk: Master Intro
Advisor: Dr.-Ing. Ben Stock
Title: Extended Hell: A Study on the Current Support of Email Confidentiality and Integrity
Research Area: RA5

Abstract: The core specifications of electronic mail as used today date back as early as the 1970s. At that time, security did not play a major role in the development of communication protocols. These shortcomings still manifest itself today in the prevalence of phishing and the reliance on opportunistic encryption. Besides STARTTLS, various mechanisms such as SPF, DKIM, DMARC, DANE and MTA-STS have been proposed. However, related work has shown that they are not supported by all providers or that misconfiguration is common.

This thesis aims to provide an overview on the current state of email confidentiality and integrity measures and the effectiveness of their deployment. In particular, we are going to investigate the support of security mechanisms by popular email providers, thereby validating and extending previous work. Since MTA-STS has not yet been widely studied, we contribute an overview on the outbound support of MTA-STS. Furthermore, we try to find a lower bound of domains supporting DANE bindings for OpenPGP as well as DNSSEC-associated S/MIME certificates and measure their key strength.

Dear students,

To accomodate for a specific case of circumstances, we will have one of the sessions on 8.6. at 14-15:30 as regular and one session at 15-16:30.
I appologize for your inconvenience. The dates for the later session can be booked on https://calendly.com/bamaseminar2

Of course, if you can not attend the session after 15:30, you will not have to change plans, we are aware this might collide with lectures.
Please visit the earlier seminar in that case (=if you don't have time later), even if your research area talks are in the later slots.

Best regards, Stella

Dear All,

The next seminar takes place on 27.04. at 14:30.

Session A: (RA1,5)
Nils Olze - Erfan Balazadeh

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

 

Session A:

14:00-14:30 

No talk this week.

 

14:30-15:00

Speaker: Nils Olze
Type of talk: Master Intro
Advisor: Sven Bugiel
Title: Is Your Password On Your Hard Drive? Impact of File System Access on Credential Access
Research Area: 5

Abstract: Passwords are an aging but still the most wide-spread way of user authentication. With the ever growing amount of online services, users are burdened to manage more and more credentials, often leading to insecure password management behavior. Password Reuse puts all accounts of a user at risk, once a single pair credentials is known to an attacker. While Password Managers offer a solution to this problem, they are still lacking adoption by users, especially less tech-savy ones. Simpler methods like Password Notebooks in physical or digital form are adopted instead. Physical notebooks on the one hand, the are often recommended as a valid strategy, but unsecured digital ones put credentials at risk to anyone who has access to the file.

In this work, we consider an attacker with access to the file system of a victim. Our goal is threefold. First, we seek to empirically validate the results of prior work concerning password management of users. Second, we determine whether it is feasible for an attacker to automatically detect credentials saved in unprotected text files in a file system. Lastly, we try to measure the impact of the available data on a tailored password cracking attempt.

 

15:00-15:30

Speaker: Erfan Balazadeh
Type of talk: Bachelor Intro
Advisor: Dr. Lucjan Hanzlik
Title: Timed-Release Cryptography using Proof-of-Stake Blockchain
Research Area: 1

Abstract: Imagine a scenario where you want to encrypt a message, but you don't want it to be able to be decrypted by the receiving party right away.
The concept of "encrypting a message to the future" is not new and has been around for many years. The proposed solutions so far, like time-lock puzzles or verifiable delay functions for instance,
are not perfect however. They require a lot of computing power and the speed can vary drastically depending on the hardware being used.

This thesis' goal is to implement a new encryption scheme, which is efficiently computable and which gets rid of the previously mentioned solutions' weaknesses, inside of a real world setting.
The idea is to make use of the existing Proof-of-Stake architecture in the Ethereum 2.0 consensus protocol, where so called committees vote on new blocks by using an aggregatable signature scheme named BLS. One of the implementation tasks of the thesis is to see if it is possible to listen to the unaggregated BLS signatures and the signed message, which are necessary for the encryption scheme. Once we have accumulated enough of these unaggregated signatures, we can go on to decrypt the message. Basically, a receiving party can only decrypt the message once certain conditions are met that the encrypter knows will happen in a desired amount of time in the future.

Dear All,

Update 2022-04-09: Added Priyasha Chatterjee's talk information, which was missing due to technical difficulties. Sorry!

The next seminar(s) take place on 13.04. at 14:00.

Session A: (RA3,4)
Joshua Steffensky - Priyasha Chatterjee - Tom Baumeister

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

 

Session A:

14:00-14:30 

Speaker: Joshua Steffensky
Type of talk: Master Intro
Advisor: Dr. Sven Bugiel
Title: FIDO2 inside - Unifying digital and physical authentication
Research Area: 4

Abstract:
The FIDO2 authentication scheme was released by the FIDO Alliance[1] in 2019 as the successor
of their Universal 2nd Factor (U2F) scheme. FIDO2 improves on U2F by providing a usable, secure and open
authentication scheme for both hardware backed two-factor authentication, as well as complete passwordless
authentication. While FIDO2 was, as the name ”Fast IDentity Online” suggests, designed for web authentic-
ation, its use of an asymmetric challenge-response scheme and the specification of an interface for movable
cryptographic security devices makes it amenable to being used in other authentication contexts. This thesis
aims to investigate the possibility of using FIDO2 authentication in the physical authentication context.

 

14:30-15:00

Speaker: Priyasha Chatterjee
Type of talk: Master Final
Advisor: Dr. Katharina Krombholz
Title: User-centric Privacy Design for Smart Speakers
Research Area: RA5

Abstract: As ubiquitous computing becomes more widespread, so does the market for voice-controlled smart devices which afford convenience like never before. Smart home systems allow smart devices to connect to a hub, such as Amazon's Alexa, or Google Nest, which are smart speakers allowing users to control them by voice. However, while users find that these systems offer great convenience, they also find that they need to settle on a trade-off between privacy and security, and convenience. There have been reports of many privacy incidents in recent years, and in 2019, 41% of all smart home users were found to have been apprehensive about privacy around their smart speakers.
While there already exist a few designs for privacy protecting solutions, to the best of my knowledge, none of these have taken a user-centric approach to the design problem. My thesis thus proposes to identify one or more effective designs for privacy enhancement solutions for smart speakers, designed with the users in mind.
This is achieved by conducting a brief mixed-methods study with smart speaker users. The study comprises a questionnaire, a semi-structured interview, and prototype evaluation, allowing for the collection of detailed and meaningful insights into users’ perceptions, requirements and preferences. Through this study, I observe patterns in user intentions and behaviours around their smart speakers, and elicit design preferences. Finally, I establish user-centric designs and present recommendations for the design and development of future privacy enhancement solutions.

 

15:00-15:30

Speaker: Tom Baumeister
Type of talk: Master Intro
Advisor: PD Dr.Swen Jacobs
Title: Parameterized Repair of Disjunctive Systems for Liveness Properties
Research Area: RA2 (Reliable Security Guarantees)

Abstract: Concurrent systems that are composed of an arbitrary number n of processes, are hard to get correct. For these systems, parameterized model checking can provide correctness guarantees that hold regardless of n. However, model checking gives the designer no information about a possible repair when detecting an incorrect behaviour. The parameterized repair problem is, for a given implementation, to find a deadlock-free refinement such that a given property is satisfied by the resulting parameterized system. We present a repair algorithm that uses a parameterized model checker to determine correctness of generated candidate repairs. By updating a constraint system, when detecting a violation, the algorithm returns a repair iff one exists. For general safety properties, this algorithm can be applied on classes of systems which can be represented as well-structured transition systems (WSTS), including disjunctive systems, pairwise rendezvous systems and broadcast protocols. However, the existing approach cannot guarantee correctness for liveness properties, like termination or the absence of undesired loops. Since verifying liveness properties for parameterized systems quickly leads to undecidability, we want to study the parameterized repair problem for disjunctive systems and general liveness properties.