News
Next On-Site Seminar on 11.02.2026, CISPA D1, Room 0.15
Written on 04.02.2026 13:57 by Xinyi Xu
Dear All,
The next seminar(s) will take place on 11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany) - D1_Room_0.15. Presenters and their advisors are encouraged to present in person. We especially encourage other students and teachers to attend and present in person as well.
For presenters,
1. We would book the room half an hour in advance, so you are encouraged to arrive a few minutes early to set up your own poster.
2. For this session, you need to print the poster on your own. The size of the poster should be 116x86cm or 86x116cm. You can use the poster printing service of Saarland University (https://www.uni-saarland.de/en/page/uds-card/functions/printing.html -> Posterdruck A0).
3. You need to present your poster in a much smaller group, but you are encouraged to roam around and ask questions about other posters.
4. We encourage you to bring your laptop to present your demo; there will be small tables in the room where you can put your laptop.
Presenters: Arthur Sanin, Megha Maria Akash, Finn Martin Haderstorfer, Muhammad Azeem Lodhi, Sara-Elena Vatavu, Gunnar Heide, Niklas Beierl, Davide Bombelli, Christian Boseck
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Arthur Sanin
Type of Poster: Master Intro
Advisor: Markus Bläser
Title: Implementation and Empirical Evaluation of Reasoning with c-Representations for Weakly Consistent Belief Bases
Research Area: RA7: Others
Abstract: Nonmonotonic reasoning extends classical logic by defeasible statements of the form ""if A then usually B"", so-called conditionals. A finite set of these conditionals is called a belief base. Nonmonotonic reasoning is about assigning an inductive inference operator to such belief bases. A prominent inductive inference operator is the skeptical c-inference, which takes into account all c-representations of the belief base. Current implementations are limited by the fact that all interpretations must be somewhat plausible, satisfying a notion called 'strong consistency'. We extend the current state-of-the-research implementation by reasoning with c-inference on 'weakly consistent' belief bases, which allow some worlds to be strictly infeasible, thus allowing to not only express plausible beliefs, but also allowing to express facts.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Megha Maria Akash
Type of Poster: Master Intro
Advisor: Mario Fritz, Tejumade Afonja
Title: Activation Steering for Constraint-Faithful Synthetic Tabular Data Generation
Research Area: RA2: Trustworthy Information Processing
Abstract: Synthetic tabular data enables privacy-preserving data sharing in sensitive domains such as healthcare and finance, but existing generative methods based on diffusion models, GANs, and large language models (LLMs) often violate basic constraints such as column types, valid ranges, and relationships between attributes (e.g., generating Age = 5 with Employed = True), which undermines data utility. Although post-processing can filter invalid records, it frequently disrupts the correlations that make synthetic data useful. Motivated by recent advances in activation steering, which show that steering internal model activations along interpretable directions can improve instruction following without retraining, this thesis investigates whether activation steering can improve constraint-following in LLM-based synthetic tabular data generation. The study aims to identify internal activation directions associated with constraint adherence and evaluate whether steering along these directions produces more schema-consistent data while preserving learned distributions.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Finn Martin Haderstorfer
Type of Poster: Bachelor Intro
Advisor: Michael Schwarz
Title: Badram on SO-DIMM
Research Area: RA7: Others
Abstract: The growing adoption of cloud computing raises pressing concerns about trust and data privacy. Trusted Execution Environments (TEEs) have been proposed as promising solutions that implement strong access control and transparent memory encryption within the CPU. While initial TEEs, like Intel SGX, were constrained to small isolated memory regions, the trend is now to protect full virtual machines, e.g., with AMD SEV-SNP, Intel TDX, and Arm CCA. In this paper, we challenge the trust assumptions underlying scaled-up memory encryption and show that an attacker with brief physical access to the embedded SPD chip can cause aliasing in the physical address space, circumventing CPU access control mechanisms. We devise a practical, low-cost setup to create aliases in DDR4 and DDR5 memory modules, breaking the newly introduced integrity guarantees of AMD SEV-SNP. In conclusion, our findings dismantle security guarantees in the SEV-SNP ecosystem, necessitating AMD firmware patches, and nuance DRAM trust assumptions for scalable TEE designs.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Muhammad Azeem Lodhi
Type of Poster: Master Intro
Advisor: Rebekka Burkholz
Title: Decoupling Model Depth from Memory Cost: Efficient LLM Fine-Tuning via Block-wise Sparsity
Research Area: RA2: Trustworthy Information Processing
Abstract: Full-parameter fine-tuning of Large Language Models (LLMs) is traditionally limited by the massive memory required to store optimizer states, which dominate the memory consumption during training. This work presents a training framework that addresses this bottleneck by combining two complementary techniques. First, Rotational Block Training updates model layers in sequential groups. This reduces the number of active parameters at any one time and enables efficient backpropagation, where the gradient calculation stops early at the active block to significantly increase training speed. Second, Sparse Optimization compresses the memory footprint of the currently active layers by storing optimizer states only for the most critical weight updates. By pairing this block-wise approach with the systematic removal of unused states for frozen layers, the framework allows for high-performance fine-tuning on memory-constrained hardware with a fraction of the VRAM required by standard methods.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Sara-Elena Vatavu
Type of Poster: Master Intro
Advisor: Michael Schwarz, Leon Trampert
Title: MaliciousFont: Exploit Font Hinting to Dynamically Change Text Content
Research Area: RA4: Threat Detection and Defenses
Abstract: Even though font rendering is ubiquitous, most people are not aware of the complexity of this process. In addition to parsing and actually drawing, characters are dynamically improved using the so-called process of hinting: the font renderer makes sure that the vector-graphic characters fit in the best possible way onto the pixel grid. To achieve that, every character can have a custom assembly-like script that adjusts the outlines. Not all formats and not all operating systems make use of hinting, but most Windows applications do. While hinting is only meant to slightly change the outline of the character to make it look as good as possible, nothing prevents an attacker from exploiting hinting to change the entire shape of a character. With that, documents that show different text depending on where they are viewed (e.g., print vs. screen) can be crafted, simply by including custom fonts. This work establishes fonts and hinting as an overlooked security vector through the systematic evaluation of hinting usage, development of a framework through which hinting instructions that visually transform one character into a different one can be generated, controlled proof-of-concept attacks and the analysis of possible mitigations.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Gunnar Heide
Type of Poster: Master Intro
Advisor: Lucjan Hanzlik
Title: VRID - A privacy-preserving digital passport for the metaverse
Research Area: RA1: Algorithmic Foundations and Cryptography
Abstract: This work aims to create a privacy-preserving system, that allows creating a verified and EUDI-Wallet compatible digital ID from any standard passport. Using a smartphone to read the passport and a web service leveraging a trusted execution environment, the system creates a SD-JWT of the passports data that allows selective disclosure during presentation from a EUDI compatible wallet. The trusted execution environment enforces that the sensitive personal data of the passport is not visible to the operator of the web service, while the passport is still verified and the created SD-JWT is signed to attest this verification. Lastly a wallet client for the Apple Vision Pro is to be created, that explores using privacy preserving credentials in AR and VR settings, while still maintaining a high level of security through hardware key binding.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Niklas Beierl
Type of Poster: Master Intro
Advisor: Ben Stock, Florian Hantke
Title: A Qualitative Look Into Ethics Boards' Assessments of Security and Privacy Research
Research Area: RA6: Empirical and Behavioural Security
Abstract: As information technology is becoming more embedded in daily life, security and privacy research is more likely to have an ethical dimension. Major publication venues are acknowledging this by increasingly requiring that authors include reflections on ethics in their work, explicitly including ethics in their review process, or requiring that submissions are approved or exempted by ethics review board or similar. There were however, several high-profile controversies about the ethical soundness of submitted works in recent years. Simultaneously, prior work has shown that ethics review is sometimes perceived as yet another bureaucratic hurdle for research projects. All in all, prior works describe the status quo as unsatisfactory. This qualitative study aims to explore the existing resources and structures that research institutions are offering to help security and privacy researchers design ethically sound research. Specifically, it will contain insights from interviews with review board members and a desk review of other resources.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Davide Bombelli
Type of Poster: Master Intro
Advisor: Abdullah Alhamdan, Alexi Turcotte, Andreas Zeller
Title: I don't understand your dialect: scalable method for compatibility study
Research Area: RA4: Threat Detection and Defenses
Abstract: The software landscape is constantly evolving, with new languages, runtimes, and libraries that promise to be in some sense compatible with existing technologies. Developers have to find a way to adapt their solutions to work on multiple interfaces. This is meant to spur adoption and migration to new technologies, but true 100% compatibility is a difficult prospect. They often rely on legacy software, and any friction can at best impede users, at worst lead to security risks if developers are not careful. In this sense, a compatibility issue can take the form of a missing property, a not exported object, an uncallable API, or simply a code misimplementation. Despite the importance of the issue, little has been done to address the problem. Compatibility studies are mainly narrowly scoped, or tied to specific platforms, making them unsuitable to solve the problem in a generalized way. In this thesis, we explore the feasibility of a new generalized approach to compatibility studies. Specifically, we take a runtime environment as ground truth, we recursively traverse all the properties of all the objects in its standard library, and try to import and call them from the second runtime environment under test. Our new method is then capable of capturing bugs both at compile time and at run time. Moreover, it does not need any external tool or software, beyond what the systems already offer in themselves. This enables compatibility analysis along multiple dimensions, including cross-runtime execution, cross-version evolution, and interoperability. We will evaluate our approach through a series of case studies that span multiple runtimes, multiple versions of the same platform, and interoperability scenarios involving different programming languages. The idea is to uncover compatibility discrepancies, including previously undocumented ones. Our preliminary results show that wrong implementation and missing properties can in practice lead to disruption of users' workflow, as well as security vulnerabilities. One of the tests we conducted has in fact found a critical vulnerability, for which we got awarded a CVE. Our results so far demonstrate the need for a unified compatibility study methodology, as it can reveal insights that are missed by conventional testing and existing tools.
11.02.2026, 14:00 - 16:00, CISPA D1 (Kaiserstraße 21 66386 St. Ingbert, Germany)
Presenter: Christian Boseck
Type of Poster: Bachelor Intro
Advisor: Ulysse Planta
Title: Development of an Experimentation Platform for RACCOON OS
Research Area: RA5: Secure Mobile and Autonomous Systems
Abstract: As the number of satellites in orbit continues to grow, the importance of secure and reliable operating systems for these satellites increases as well. RACCOON is a project that addresses this challenge by developing a satellite system with security as a core design principle. In the context of a Capture-The-Flag (CTF) scenario, there is a strong interest in understanding how users interact with such a system and how many users attempt to establish connections to satellite-like services. However, allowing direct experimentation on the operational system is not feasible due to safety and reliability concerns. The goal of this bachelor thesis is therefore to design and implement a safe experimentation playground that allows users to connect to RACCOON-like services without affecting the operational satellite system, while still enabling the integration of monitoring and analysis mechanisms.