Current Topics


Human Factors in IT-Security

SCOUT is a joint project with the Learning Technologies Research Group funded by the NERD.NRW postgraduate research training group investigating the security education needed for students in the 5th and 6th grade. The project aims to develop and evaluate Open Educational Resources that help the students to learn the necessary skills to be safe growing up in a more and more online world. more

Enable Risk-aware Behavior to Secure End-users (ERBSE) is a project funded by the NERD postgraduate research training group that promotes research into human-centered systems security. more



Kidney Donor Exchange

A kidney donor exchange enables a recipient in need of a kidney transplant who has a living donor that is not compatible with them to exchange the living donor with another recipient in the same situation. The goal of this project is to develop a distributed system that supports the finding and selecting of exchange structures between donors and recipients in an automated, privacy-preserving and fair fashion. more

Privacy-Preserving Algorithms

The Research Training Group UnRAVeL is composed of theoretical and applied computer scientists from different fields. The aim of this group is to develop new theories, algorithms and verification techniques in order to improve probabilistic modelling and analysis. more


Intrusion Detection


Sharing and Automation for Privacy Preserving Attack Neutralization (SAPPAN) is a project founded by the Horizon 2020 program of the European Union. The main objective of SAPPAN is to develop a cyber threat intelligence system that decreases the effort required by a security analyst today to come up with a suitable response to and a way to recover from an attack. more

DNS-based Software Fingerprinting

Internet connected devices make use of the Domain Name System (DNS) to translate human readable domain names into IP addresses. Since DNS is unencrypted, often outsourced, and used prior to most network connections, it is possible to fingerprint the software that initializes such connections, by passively monitoring DNS traffic. more

Domain Generation Algorithm Detection

Bots communicate with a Command & Control (C2) server in order to obtain instructions or to exfiltrate gathered data. Since connection attempts to a C2 server utilizing fixed IP addresses or fixed domain names are easy to block, botnets rely on Domain Generation Algorithms (DGAs). DGAs periodically generate a large number of algorithmically-generated domains (AGDs) which serve as rendezvous points with a C2 server. more