Past Projects


Privacy-Preserving Bartering

Bartering is defined as the cashless act of trading goods and services in exchange for other goods and services. Bartering has been practiced since the early days of humanity and still plays a crucial role in the global economy. Today, a majority of bartering transactions is carried out via online platforms which allow their users to find potential trade partners in a convenient way. An inherent requirement of these platforms is that a user has to disclose their trading capabilities to the operator and typically also to all other users. As a consequence, private information on the personal preferences of a user is leaked which can undermine their bargaining position.

Within our research project (in cooperation with Professor Wetzel of the Stevens Institute of Technology), we designed decentralized cryptographic protocols that allow multiple users to determine potential trade partners and to barter offered goods and services while keeping their trade capabilities private. More precisely, a user only learns what they get and what they have to give away, but no more information about what their trade partners do in return and no information about the trade capabilities and activities of other users.

Ongoing work deals with bringing theoretical solutions into practice by designing a privacy-preserving bartering system which is capable of handling a large number of users and guaranteing the correctness and fairness of the computed trade while preserving the privacy of its users.

The project was funded by the german research organisation DFG (Deutsche Forschungsgemeinschaft) under the project number ME 3704/4-1.


Privacy-Preserving Applications

Today, applications collect and analyze a vast quantity of (digital) information to optimize performance and availability. Rarely, the privacy concerns of users concerning confidential information is respected. Within our research we try to improve certain applications by developing new privacy-preserving protocols which have the same functionality but consider the privacy concerns of users.

A common problem is the collaboration between organizations. Each party defines their own set of rules under which they are willing to collaborate, e.g., interact, share and exchange resources or information with others. Typically, these individual policies differ for different parties. Thus, collaboration requires the resolving of differences and reaching a consensus. This process is generally referred to as policy reconciliation. Current solutions for policy reconciliation do not take into account the privacy concerns of reconciliating parties. Within our research we've developed new protocols that meet the privacy requirements of the organizations and allow parties to find a common policy rule which optimizes their individual preferences.

A following challenging task is the secure information exchange between organizations respecting their privacy concerns. The participating parties have an interest in the availability as well as in the confidentiality of information. A solution should respect the privacy concerns and maximize the availability of information. A possible approach to solve this problem is pseudonymization. Within our research we've constructed new privacy-preserving protocols based on restricted linkable pseudonyms solving the conflict between availability and confidentiality of information.


Mobile Malware

In the last decade mobile devices gained popularity and due to their functionality comparable to recent computers users tend to store their sensitive information on mobile devices rendering them an attractive target for mobile malware writers. As a consequence, mobile malware population increases every single year.

The first area of our research studies the ability of host-based anomaly detection systems to detect mobile malware using low level features such as system calls. Our second focus aims to identify sensor placements in current 3G and 4G backbone networks and detect traffic initiated by mobile malware directly in mobile operators' networks.


Security in Wireless Mesh Networks

In contrast to infrastructure wireless networking, wireless mesh networks employ multi-hop communication. This fact and the different use cases of multi and single provider setup impose new security challenges. Keeping the dynamic nature of these networks in mind, bootstrapping security associations onto the nodes, as well as detection and mitigating malicious behavior is the current focus of our study.



ASMONIA (Attack analysis and Security concepts for MObile Network infrastructures, supported by collaborative Information exchAnge) is a projected funded by the German Federal Ministry of Education and Research. ASMONIA aims to improve the resilience and reliability of current and future mobile networks and their backbone infrastructure.

Recent cyberwar incidents and the iPhone worm demonstrate the need for protection and collaborative early warning concepts tailored to the telecommunication sector. Additionally, threats to mobile networks will increase with the growing use of untrusted and malicious applications on modern mobile devices. Simultaneously, the utilization of mobile networks becomes more multifaceted (e.g., public/private use), and the technical heterogeneity (3G, 4G, non-3G and future generations) and complexity (roaming, interworking) of the overall system grows due to its interconnectedness. This trend will likely continue well into the future, due to the growing number of heterogeneous (e.g., wireless) interfaces on end devices and the increasing use of applications whose integrity cannot be guaranteed a priori.

The overall goal of ASMONIA is the development of a holistic security concept for mobile network infrastructures that satisfies the diverse requirements of modern networks. Integrity protection and attack detection solutions that exploit characteristics of resilient and flexible systems like cloud computing will therefore be integrated. The additional integration of collaborative information exchange mechanisms will improve the security level of modern communication networks.

In this project we work together with: Cassidian Systems, ERNW GmbH, Fraunhofer SIT, Hochschule Augsburg, Nokia Siemens Network (as well as associated partners DTAG, BSI, and BDBOS).


Security and Privacy in WLAN Roaming

Currently, roaming in Wi-Fi networks is cumbersome, or outright impossible. While there are WLAN networks in many locations, these are either not accessible without manual configuration effort, or insecure, or must be run be the same party the user already has an account with. A proper roaming protocol would help to solve these problems. We have developed a novel protocol suite for roaming WLAN devices that supports authentication, key agreement, and secure payment between roaming devices and network operators.


Malware Collection and Botnet Monitoring

The threat that malware imposes on computer networks has grown in past years. A big portion of malware samples includes "botnet" functionality and can thus be controlled by its author. Within our research we try to improve current and develop new methods of acquiring and analysing malware. From the malware samples we extract command & control information and are thus able to monitor the botnet's activity. The overall goal of this research is a more secure and less malicious Internet environment.