News
Next On-Site Seminar on 09.04.2025, CISPA C0
Written on 02.04.2025 17:40 by Xinyi Xu
Dear All,
The next seminar(s) will take place on 09.04.2025, 14:00-16:00, CISPA C0 - CISPA C0 Room 0.02, Stuhlsatzenhaus 5, 66123 Saarbrücken. Presenters and their advisors are encouraged to present in person. We especially encourage other students and teachers to attend and present in person as well.
For presenters,1. We would book the room half an hour in advance, so you are encouraged to arrive a few minutes early to set up your own poster.
2. For this session, you need to print the poster on your own. The size of the poster should be 116x86cm or 86x116cm.
3. You need to present your poster in a much smaller group, but you are encouraged to roam around and ask questions about other posters.
4. We encourage you to bring your laptop to present your demo; there will be small tables in the room where you can put your laptop.
Presenters: Tim Speicher, Yamini Supriya Velaga, Tim Scheckenbach, Timo Treitz, Maximilian Löffler, Moustafa Said, Léonie Muller, Luc Seyler
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Tim Speicher
Type of Poster: Master Intro
Advisor: Andreas Zeller, José Antonio Zamudio Amaya
Title: Fuzzing JSON-based REST services with JSON Schema & Fandango
Research Area: RA3: Threat Detection and Defenses
Abstract: In today's digital era, web services have become critical components of the technological infrastructure. This thesis presents a framework for efficiently testing JSON-based REST services by utilizing the capabilities of JSON Schemas. The framework automates the generation of JSON Schemas to define the input space of a service, enabling a systematic and effective generation of input files using the Fandango fuzzer. Beyond identifying bugs, the proposed framework also provides capabilities for analyzing the inputs responsible for triggering these bugs, offering deeper insights into the underlying issues. These insights are further utilized within a feedback loop to refine the framework’s testing strategy, encouraging the discovery of unexplored bugs.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Yamini Supriya Velaga
Type of Poster: Master Intro
Advisor: Rayna Dimitrova
Title: Abstraction- Based Compositional Analysis of Systems with Machine Learning Components
Research Area: RA2: Reliable Security Guarantees
Abstract: Verifying safety-critical systems that rely on Deep Neural Networks (DNNs) is challenging due to their complexity and lack of transparency. Traditional verification methods often fail to scale to these systems, yet ensuring their safety is essential. This thesis proposes a method to simplify DNN components through abstraction, enabling more efficient compositional verification of complex systems. To achieve this, the approach leverages explanations to identify features driving DNN decisions, guiding the abstraction process to focus on critical components while simplifying irrelevant ones. The VERIfied eXplainability (VERIX) algorithm analyzes input-output relationships. It eliminates unnecessary neurons or merges those with similar behavior. The resulting abstracted model approximates the original DNN’s output within a formally bounded error. This bounded approximation ensures that essential properties, such as classification decisions, remain consistent under specified conditions. By simplifying DNNs, the method facilitates independent analysis of system components, enhancing the scalability of safety verification processes.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Tim Scheckenbach
Type of Poster: Master Intro
Advisor: Andreas Zeller, José Antonio Zamudio Amaya
Title: Evolutionary Language-Based Fuzzing of X.509 Certificates
Research Area: RA5: Empirical and Behavioural Security
Abstract: X.509 certificates are widely used in different internet protocols, including TLS/SSL, to ensure secure web browsing. Moreover, they are used to digitally sign messages, to guarantee authenticity. Ensuring proper validation of those certificates is critical to protect security guarantees. With a standard as complex as the X.509 certificate standard, it is infeasible to test according implementations without automatic techniques like fuzzing. In my thesis I will present an approach, that produces semantically and syntactically valid X.509 certificates from scratch. I built my approach on top of the Fandango fuzzer, an evolutionary language-based fuzzer. Given a context-free grammar, and a set of constraints, expressed as python code, it can produce a diverse test suite, to uncover discrepancies in SSL/TLS implementations using differential testing.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Timo Treitz
Type of Poster: Bachelor Intro
Advisor: Robert Künnemann
Title: Automated Analysis of Certificate Transparency
Research Area: RA2: Reliable Security Guarantees
Abstract: Certificate Transparency (CT) is enforced in all major browsers today. The protocol aims to reduce the trust required in Certificate Authorities (CAs) within the TLS certificate ecosystem. By introducing a public ledger and compliance checking, misbehaving parties can be held accountable for their actions. This setup forces a malicious CA to carefully decide whether to issue rogue certificates at the risk of exposure. Existing analyses have either been heavily simplified or rely on a cryptographic model making them error-prone and tedious. We apply automated analysis to CT using the Tamarin Prover, capture auditable logs, differences in client-side validation and formulate its properties to prove them. We are particularly interested in the accountability guarantees that CT provides.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Maximilian Löffler
Type of Poster: Master Intro
Advisor: Maximilian Golla
Title: From Trust to Truth - A Quantitative Evaluation of Compromised Credential Checking
Research Area: RA6: Others
Abstract: Passwords have been the predominant mechanism for computer authentication for more than five decades. Research agrees: The online nature of passwords makes them susceptible to various critical threats. The growing number of services users authenticate to and ever-changing password guidelines place significant pressure on users, often leading to undercomplex and guessable passwords and password reuse. Moreover, weakly-protected password stores get compromised and published regularly, endangering all affected users simultaneously. Compromised credential checking (C3) is a mechanism designed to address the risks associated with breached passwords. C3 service providers, such as ""Have I been pwnd?"" (HIBP), allow users to check whether their credentials have been exposed through known breaches. Although popular web browsers, password managers, and operating systems now integrate C3 services directly into their platforms, research on the quality and effectiveness of these services is limited. In this thesis, we provide insight into a selected set of commercial and non-commercial C3 services.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Moustafa Said
Type of Poster: Bachelor Intro
Advisor: Robert Künnemann
Title: Runtime Monitoring of the Signal Protocol in WhatsApp and Signal
Research Area: RA2: Reliable Security Guarantees
Abstract: WhatsApp is the most widely used messaging app globally, and Signal is trusted for sensitive communications, including between U.S. government officials. Both rely on the Signal Protocol, which provides strong formal security guarantees. However, a gap remains between these guarantees and the protocol's actual behavior at runtime. In this work, we bridge that gap by applying SpecMon, a recently proposed runtime monitor, to enforce the protocol’s formal guarantees during execution. We instrument Signal’s source code and WhatsApp’s obfuscated binary to extract relevant events. These events are processed by the monitor and checked against the Sesame model, written in multiset rewriting rules, the language of the Tamarin prover.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Léonie Muller
Type of Poster: Master Intro
Advisor: Franziska Boenisch
Title: White-box Membership Inference Attacks against Self-Supervised Vision Encoders
Research Area: RA1: Trustworthy Information Processing
Abstract: Machine learning (ML) has seen rapid advancements in recent years, becoming essential to various applications. However, these models are trained on vast amounts of human-generated data, often containing sensitive information, making them vulnerable to privacy threats. One such threat is the Membership Inference Attack (MIA), which aims to determine whether a particular data point was part of a model's training set. This poses significant risks, particularly in sensitive domains such as healthcare, where inferring training membership could reveal private information. While most prior research on MIAs has focused on black-box settings, where the attacker has only query access to the model, the risks associated with white-box attacks, where the attacker has full access to model parameters, are less explored. White-box access may allow attackers to exploit model memorization, which recent studies suggest is localized to specific neurons or channels rather than entire layers. However, it remains unclear whether this phenomenon can be exploited to build successful MIAs. This study investigates the effectiveness of white-box MIAs against self-supervised vision encoders. By analyzing localized memorization—measuring how individual units retain specific training data—we aim to improve membership inference accuracy.
09.04.2025, 14:00-16:00, CISPA C0
Presenter: Luc Seyler
Type of Poster: Master Intro
Advisor: Sylvain Chatel, Wouter Lueks
Title: ""Need to Consent"": Privacy Analysis of Humanitarian Aid Apps?
Research Area: RA1: Trustworthy Information Processing
Abstract: Humanitarian organizations provide services to people affected by extreme circumstances such as conflicts or natural disasters. They focus on protecting lives, upholding rights, and relieving the suffering of people.? Nowadays, humanitarian response increasingly relies on digital means, in an effort to make humanitarian action more efficient and to better reach affected populations. This includes the deployment of apps to deliver services, information and goods.? However, humanitarian organizations deal with vulnerable populations. These apps might put their users at risk by processing highly sensitive data, such as location, religious belief, or ethnicity. By making services exclusively available through an app, beneficiaries ""have to"" accept these risks. Therefore, we aim to assess which apps are being used, and potential risks of such apps. Further, we want to examine how we can evaluate these apps, and if they are designed in a privacy-preserving manner.?