E-mail senden E-Mail Adresse kopieren

E-Mail

Adresse

Stuhlsatzenhaus 5
66123 Saarbrücken (Germany)

Awards

Winter Term 2018/2019: Busy Beaver Teaching Award "Foundations of Cybersecurity 1", Universität des Saarlandes

Summer Term 2018: Busy Beaver Teaching Award "Web Security", Universität des Saarlandes

2015/2016: Finalist for Best Dissertation Award (CAST e.V.)

2009/2010: Best German Bachelor Thesis (CAST e.V.)

Kurzbiografie

I am a tenure-track faculty at the CISPA Helmholtz Center for Information Security. Prior to that, I was a research group leader and previously postdoctoral researcher at the Center for IT-Security, Privacy and Accountability at Saarland University in the group of Michael Backes. Before joining CISPA, I was a PhD student and research fellow at the Security Research Group of the University Erlangen-Nuremberg, supervised by Felix Freiling. During that time, I was fortunate enough to join Ben Livshits and Ben Zorn at Microsoft Research in Redmond for an internship.

My research interests lie within Web Security, Network Security, Reverse Engineering, and Vulnerability Notifications. In addition, I enjoy the challenges provided in Capture the Flag competitions and am always trying to get more students involved in them (especially in our local team saarsec).

CV: Letzte vier Stationen

Since January 2022
Tenured Faculty at the CISPA Helmholtz Center for Information Security
July 2018 to December 2021
Tenure-Track Faculty at the CISPA Helmholtz Center for Information Security
June 2017 to June 2018
Research Group Leader at CISPA
October 2015 to May 2017
Postdoctoral Researcher at CISPA

Veröffentlichungen von Ben Stock

Jahr 2019

Konferenz / Medium

CCS
ACM Conference on Computer and Communications Security (CCS 2019)

Jahr 2018

Konferenz / Medium

Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA '18)

Konferenz / Medium

NDSS
Proceedings of the 25th Annual Symposium on Network and Distributed System Security (NDSS '18).

Jahr 2017

Konferenz / Medium

EuroS&P
Proceedings of the 2nd IEEE European Symposium on Security and Privacy (Euro S&P '17)

Konferenz / Medium

USENIX-Security
Proceedings of the 26th USENIX Security Symposium (USENIX Security '17)

Jahr 2016

Konferenz / Medium

RAID
RAID 2016, 19th International Symposium on Research in Attacks, Intrusions and Defenses

Konferenz / Medium

USENIX-Security
Proceedings of the 25th USENIX Security Symposium (USENIX Security '16)

Lehre von Ben Stock

Winter 2021/22

Joint Advances in Web Security

For registration, please apply for this seminar through the central seminar assignment system.

 

In this seminar, students will learn to present, discuss, and summarize papers in different areas of Web security. The seminar is taught as a combination of a reading group with weekly meetings and a regular seminar, where you have to write a seminar paper. Specifically, each student will get a single topic assigned to them, consisting of two papers (a lead and follow-up paper).

For the weekly meetings, all students have to have read the lead paper and must state at least three questions before the meeting. In the meeting, the assigned student will present the follow-up paper (20 minute presentation + 10 minute Q/A). Afterward, the entire group will discuss both papers.

Moreover, each student will write a seminar paper on the topic assigned to them, for which the two papers on the topic serve as the starting point.

Important Dates

  • Kickoff: Monday, October 25, 10am, in person in CISPA 0.02
  • Regular seminar starts Monday, November 8, ends Monday, February 7
  • By Sunday night, 23:59, submit three questions (if you are not presenting the follow-up paper)
  • Mandatory feedback round/practice talk on Thursday before the presentation (arrange exact time with supervisor)
  • Attendance in all meetings and submission of three questions for each topic is mandatory. For exceptional cases, contact the teaching staff.

Seminar Paper Details

Each seminar paper is meant to provide a summary/categorization of research papers in the associated area. Depending on the topic, the paper should be structured in a logical fashion. For example, assume the topic of Service Workers. One might classify the seminar paper based on security considerations for Service Workers, attacks against Service Workers, and attacks enabled through Service Workers. Each section should demonstrate the state of the art in the area. Finally, the paper should, where possible, discuss limitations and open issues given the previously conducted work.

All seminar papers are due on February 11, 2022. Based on your submission, you will receive feedback within one week and have until March 4, 2022 to improve your paper. The paper grading will be on the final version. Note that the first submission must already be sufficient to pass. If you submit a half-baked version of the paper, you will flunk the course.

Each paper must use the provided template. It must not be longer than 8 pages, not counting references and appendices. Note that appendices are not meant to provide information that is absolutely necessary to understand the paper, but rather to provide auxiliary material. Papers can be shorter, but in general the provided page limit is a good indicator of how long a paper should be.

List of Topics and Papers

The list of topics, papers, and dates for the respective meetings can be found here.

Winter 2021/22

Seminar: Joint Advances in Web Security

In this seminar, students will learn to present, discuss, and summarize papers in different areas of Web security. The seminar is taught as a combination of a reading group with weekly meetings and a regular seminar, where you have to write a seminar paper. Specifically, each student will get a single topic assigned to them, consisting of two papers (a lead and follow-up paper).

Winter 2021/22

Foundations of Cybersecurity 1

Students learn foundational security principles, basics of cryptography, network and network security, as well as privacy-preserving mechanisms. They learn to define security goals and are familiarized with the most common attack scenarios.

The lecture happens every Monday 12-14 in GHH. The tentative schedule is as follows: 

  • 18.10.2021 - Organization, Information Security Goals, Legal Aspects in Germany
  • 22.10.2021: Howto Python
  • 25.10.2021 - Basic of Crypography 1: Historic Ciphers and Symmetric Cryptography
  • 1.11.2021 - No lecture, public holiday
  • 8.11.2021 - Basic of Crypography 2: Hashes and MACs, Asymmetric Cryptography (Diffie-Hellman, Elgamal)
  • 15.11.2021 - Basic of Crypography 3: Asymmetric Cryptography (RSA), Public Key Infrastructure
  • 22.11.2021 - Authentication
  • 29.11.2021 - Network Security 1: LAN, WLAN, ARP, and DHCP
  • 6.12.2021 - Network Security 2: IPv4, IPv6, Routing
  • 13.12.2021 - Network Security 3: UDP, TCP, and Firewalls
  • 3.1.2022 - Network Security 4: DNS and DNSSEC
  • 10.1.2022 - Network Security 5: TLS, HTTPS, and Certificate Management
  • 17.1.2022  - No lecture
  • 24.1.2022 - Network Security 6: Denial of Service and Anonymous Communication; Database Privacy
  • 31.1.2022 - Web Security
  • 7.2.2022 - Exam Preparation
Summer 2021

Foundations of Web Security

This lecture covers the fundamental security problems that are prevalent on the Web as well as security mechanisms to mitigate them. A particular focus lies on the offensive side of Web security, whereas defense mechanisms merely need to be added to stop the attacks.

Summer 2021

Proseminar: (p)SADWeb: (Pro)Seminar on Attacks & Defense on the Web

(P)SADWeb provides students an overview over recent papers in the broader area of Web security. As the primary purpose of a proseminar is to familiarize yourself with a topic and learn presentation skills, the seminar will feature two presentations from each student.