News
Next On-Site Seminar on 14.01.2026, CISPA C0, Room 0.01
Written on 07.01.2026 21:26 by Xinyi Xu
Dear All,
The next seminar(s) will take place on 14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken) - C0 Room 0.01. Presenters and their advisors are encouraged to present in person. We especially encourage other students and teachers to attend and present in person as well.
For presenters,
1. We would book the room half an hour in advance, so you are encouraged to arrive a few minutes early to set up your own poster.
2. For this session, you need to print the poster on your own. The size of the poster should be 116x86cm or 86x116cm. You can use the poster printing service of Saarland University (https://www.uni-saarland.de/en/page/uds-card/functions/printing.html -> Posterdruck A0).
3. You need to present your poster in a much smaller group, but you are encouraged to roam around and ask questions about other posters.
4. We encourage you to bring your laptop to present your demo; there will be small tables in the room where you can put your laptop.
Presenters: Marius Schuh, Mete Keltek, Amir Farahani Khoajseth, Piyush Pant, Niclas Dauster, Joris Hülsmann
14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken)
Presenter: Marius Schuh
Type of Poster: Bachelor Intro
Advisor: Lorenz Hetterich
Title: Reverse-Engineering Obfuscated Virtual Machine-Based Architectures
Research Area: RA4: Threat Detection and Defenses
Abstract: Left in by accident for debugging or as backdoors installed with malicious intent, undocumented instructions can pose a significant security risk. There are Virtual Machines (VMs) implementing custom, undocumented instruction set architectures (ISAs). Malware such as FinFisher obfuscates itself by running critical code in a VM that implements a custom, undocumented ISA, hindering antivirus detection. Commercial software protection solutions like VMProtect promise software publishers robustness against cracking, reverse engineering, and debuggers for the sake of protecting intellectual property. However, this also means users cannot analyze a program’s behavior before executing it. These problems have in common the absence of publicly accessible ISA documentation. InstrSem is a novel tool that derives the semantics and encodings of unknown instructions by observing their behavior and clustering executions under different inputs. This work investigates the feasibility of integrating InstrSem into a VM to reverse-engineer its ISA.
14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken)
Presenter: Mete Keltek
Type of Poster: Master Intro
Advisor: Nils Ole Tippenhauer
Title: Leveraging Agentic AI for OT Asset Discovery
Research Area: RA5: Secure Mobile and Autonomous Systems
Abstract: In the current political and economic landscape, it is more important than ever to secure critical infrastructure against external threats. One such threat is a network-based attack, in which an attacker gains access to an industrial plant’s internal network and eavesdrops on traffic. Because network traffic is increasingly complex and often proprietary, attackers still face many challenges and cannot easily understand the environment. To learn about the infrastructure and identify assets of interest, they may analyze traffic to extract useful information and discover vulnerabilities. They may also leverage AI to detect patterns, thereby making the detection of OT assets and their flaws more efficient. To prepare for such attacks, industries must analyze their infrastructure for any weaknesses in the configuration of IT and OT devices. Using OT Asset Discovery software may be helpful in identifying and analyzing assets on the network. One such method used for OT asset discovery is active scanning, where the scanner actively probes the network to identify new assets. This method carries significant risk due to the potential for disrupting sensitive OT networks or devices and must be applied with caution. Using an Agentic-AI system to carry out this active scanning offers the benefit of adaptive decision-making compared to traditional rule-based scanners, but it also carries the danger of hallucinations or misinterpretations by the AI system leading to the disruption of the OT network and therefore the OT services. In our work, we aim to investigate how we can leverage an Agentic-AI system in a safe way to discover OT assets by actively scanning industrial networks. Therefore, we provide a framework that restricts the Agentic-AI system to scan only within specifically defined and allowed boundaries, which it cannot exceed, ensuring that active scans can be performed safely within the OT environment. This approach expands the capabilities of traditional active scanning in OT systems with adaptive decision-making, which ultimately results in the discovery of assets that are not discoverable with traditional methods, while also ensuring the safety of the system by preventing the Agentic-AI from sending disruptive or unwanted network requests. Beyond asset discovery, we optionally investigate whether the Agentic-AI can leverage its adaptive capabilities to identify security misconfigurations that would remain undetected by traditional rule-based scanning approaches.
14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken)
Presenter: Amir Farahani Khoajseth
Type of Poster: Master Intro
Advisor: Sven Bugiel
Title: Capability-Enforced Secure Networking Architecture for Trusted Execution Environments
Research Area: RA5: Secure Mobile and Autonomous Systems
Abstract: This proposal presents a secure communication architecture enabling a Trusted Execution Environment (TEE) to directly interact with network hardware while remaining isolated from a potentially compromised Rich Execution Environment (REE). The goal of the system is to ensure the integrity, confidentiality, and availability of network communication, even under full REE compromise. To achieve this, the design introduces a Capability Enforcement Module (CEM) — a hardware-based enforcement layer between the execution environments, system memory, and the network interface. The CEM verifies access capabilities in hardware, ensuring that only authorized entities can initiate network communication. In this architecture, the Trusted Firmware (TF) manages capability tokens that define the access rights of each entity, while the CAM performs on-chip verification of these capabilities for every network access request. To eliminate dependency on the untrusted REE software stack, core networking functions such as TCP/UDP are implemented directly in hardware. Once validated, the CEM retrieves the corresponding DMA descriptors and initiates secure, zero-copy data transfers between trusted memory and the network hardware. The capability system specifically targets unprivileged trusted applications, enabling them to access hardware resources directly while maintaining strict isolation from the untrusted REE. Control operations, such as capability management, occur infrequently and can be handled through (slower) hypercalls, whereas the data path allows direct, memory-mapped access between trusted applications and the hardware for low-latency performance.
14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken)
Presenter: Piyush Pant
Type of Poster: Master Intro
Advisor: Xiao Zhang
Title: Stealthy Emotion-Targeted Subpopulation Attacks in RLHF
Research Area: RA2: Trustworthy Information Processing
Abstract: Reinforcement learning from human feedback (RLHF) has become the backbone of LLM alignment, yet it remains vulnerable to data poisoning and backdoor attacks. Prior methods rely on either appending an artificial backdoor trigger or heuristic clustering on a separately curated set of triggers, which limits their stealthiness and leads to non-optimal generalizability. This project aims to develop an emotion-targeted attack framework that intentionally shifts the internal representations of RLHF-aligned models by strategically contaminating a small proportion of the training data. The goal is to create natural, stealthy, and highly generalizable subpopulation attacks that more accurately reflect real-world vulnerabilities in RLHF. Through benchmarking this approach against existing baselines, we aim to provide a more principled understanding of how subtle emotion manipulations can undermine RLHF-aligned systems.
14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken)
Presenter: Niclas Dauster
Type of Poster: Master Intro
Advisor: Ali Abbasi
Title: Bringing the Internet to Space: High-Performance IP over CCSDS
Research Area: RA5: Secure Mobile and Autonomous Systems
Abstract: Modern satellite missions increasingly require flexible, interoperable, and high-performance communication architectures that integrate seamlessly with terrestrial network infrastructure. Implementing Internet Protocol (IP) communication over CCSDS space links offers the potential to reuse mature transport protocols, security mechanisms, and existing software ecosystems. However, space links fundamentally differ from terrestrial networks, exhibiting high and variable latency, intermittent connectivity, non-congestive bit errors, and strong uplink–downlink asymmetry, which challenge conventional IP-based transport protocols. This project aims to design and implement a standards-compliant IP-over-CCSDS communication stack for Raccoon OS, an open-source satellite operating system. The goal is to provide a transparent IP interface using CCSDS encapsulation mechanisms while maintaining compatibility with existing ground systems and space standards. A central focus of the project is the investigation of performance optimization techniques suitable for high-latency and asymmetric space links, including Performance-Enhancing Proxies (PEP/QPEP), the CCSDS Space Communications Protocol Standards Transport Protocol (SCPS-TP), and the Bundle Protocol for delay- and disruption-tolerant communication. Building on this foundation, the project follows a structured design-driven approach. An initial design phase surveys existing operational solutions, CCSDS standards, and relevant scientific literature in the areas of space-optimized transport protocols, proxy-based architectures, and delay- and disruption-tolerant networking. Based on this analysis,an architectural design is derived that balances performance, complexity, and operational constraints for IP-based communication over CCSDS links. The selected design is subsequently implemented and evaluated under emulated and mission-like space-link conditions. The evaluation focuses on key performance indicators such as throughput, latency, and reliability in the presence of high round-trip times, link asymmetry, and packet loss. The results are intended to validate the design choices and provide practical guidance for deploying high-performance IP communication in future satellite missions.
14.01.2026, 14:00 - 16:00, CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbrücken)
Presenter: Joris Hülsmann
Type of Poster: Master Intro
Advisor: Wouter Lueks, Sylvain Chatel
Title: Privacy-by-Design Usage Analytics Architecture for the Deutschlandticket
Research Area: RA2: Trustworthy Information Processing
Abstract: The introduction of the Deutschlandticket established a nationwide flat fare for public transport in Germany, fundamentally changing revenue allocation among hundreds of transport operators. Existing revenue-sharing mechanisms for the Deutschlandticket rely on metrics such as ticket point of sale or residence-based allocation, which inadequately reflect actual usage and have led to persistent distributional disputes. A transition toward usage-based revenue sharing requires detailed usage statistics, yet conventional data collection approaches, such as continuous location tracking, pose significant privacy and security risks. This thesis presents the design and analysis of a privacy-by-design usage analytics architecture that enables the computation of passenger-kilometers per transit line for revenue sharing, without exposing individual travel behavior.