The relevance of CISPA's research activities is reflected in a large number of externally funded projects in which our scientists explore specific questions of information security. CISPA operates in a network of excellent national and international partners, which forms the basis for interdisciplinary innovation projects. Our global cooperations also focus on the mobility of researchers of all career levels. The researchers are actively and directly involved in current projects during their guest stays.
Part of CISPA's research is covered by third-party funding. Our researchers recruit these funds in competitive procedures - alone or in cooperation with other applicants.
Traditionally, cybersecurity has been viewed as a technical problem, for which software and hardware solutions were key. However, in recent years, the focus has moved from the technical to the human aspect of cyber security. People are more and more considered ‘the weakest link’, or light-heartedly referred to as PEBCAK (problem exists between chair and keyboard). With human error and cyber-attacks aimed at individuals rather than machines becoming every-day occurrences, there is a strong need to solve cybersecurity issues on this level. Coming from a programming background, computer scientists usually aim to solve these weaknesses in the architecture of software. However, a piece of software can ask for a strong password, but if the employee who needs to create the strong password, writes it down on a post-it that is left on his desk, the ‘improved’ software security is easily becoming obsolete. Instead of trying to solve human problems with technological solutions, or reinventing the wheel, a better solution is to look at existing scientific knowledge and work with experts on human behaviour. Knowledge in the field of psychology can create more effective awareness campaigns, improve compliance with security policies through tried and tested behavioural change interventions, and train people in detecting social cyber-attacks through the use of existing knowledge in the cognitive psychology domain. These collaborations lead to improved individual cybersecurity, safer organisations, and a better functioning (international) society. To achieve this, working with psychologists is key as they are trained to describe, understand and solve human behaviour issues. By bringing psychologists into the cybersecurity field, they can apply existing psychological theories and best practices to cybersecurity problems, as well as develop new psychological theories on the specifics of cyberattacks and cyber resilience.
Management
Founded
2020
Duration
01.09.2020-31.08.2023
Funding Code
ID: 2020-1-DE01-KA203-005726
The Internet has evolved from a mere communication network used by tens of millions of people two decades ago, to a global multimedia platform for communication, social networking, entertainment, education, trade and political activism with more than two billion users. This transformation has brought tremendous benefits to society, but has also created entirely new threats to privacy, safety, law enforcement, freedom of information and freedom of speech. In today’s Internet, principals are amorphous, identities can be fluid, users participate and exchange information as peers, and data is processed on global third-party platforms. Existing models and techniques for security and privacy, which assume trusted infrastructure and well-defined policies, principals and roles, fail to fully address this challenge.
The imPACT project addresses the challenge of providing privacy, accountability, compliance and trust (PACT) in tomorrow’s Internet, using a cross-disciplinary and synergistic approach to understanding and mastering the different roles, interactions and relationships of users and their joint effect on the four PACT properties. The focus is on principles and methodologies that are relevant to the needs of individual Internet users, have a strong potential to lead to practical solutions and address the funda-mental long-term needs of the future Internet. We take on this challenge with a team of researchers from relevant subdisciplines within computer science, and with input from outside experts in law, so-cial sciences, economics and business. The team of PIs consists of international leaders in privacy and security, experimental distributed systems, formal methods, program analysis and verification, and database systems. By teaming up and committing ourselves to this joint research, we are in a unique position to meet the grand challenge of unifying the PACT properties and laying a new foundation for their holistic treatment.
Management
Duration
01.02.2015-31.01.2021
Funding Code
Grant agreement ID: 610150
Research Area
CISPA's research topics contain an enormous potential for technology transfer into industrial application. CISPA has already been in active exchange with partners from industry and business for several years. Under the assumption that utilization in newly founded companies is the most direct form of knowledge and technology transfer, the expansion of the start-up incubator provides the opportunity to expand specialized structures for the explicit support of spin-offs.
The aim of the project is therefore to expand these initiatives conceptually and anchor them structurally in order to create a highly creative environment in the immediate vicinity of CISPA and in the vicinity of the Saarland Informatics Campus.
The BMBF's funding of measures primarily provides for the following areas: Raising awareness, project initiation, project funding, scaling and the overall management of the incubator.
Reactive synthesis has the potential to revolutionize the development of distributed embedded systems. From a given logical specification, the synthesis algorithm automatically constructs an implementation that is correct-by-design. The vision is that a designer analyzes the design objectives with a synthesis tool, automatically identifies competing or contradictory requirements and obtains an error-free prototype implementation. Coding and testing, the most expensive stages of development, are eliminated from the development process. Recent case studies from robotic control and from hardware design, such as the automatic synthesis of the AMBA AHB bus controller, demonstrate that this vision is in principle feasible. So far, however, synthesis does not scale to large systems. Even if successful, it produces code that is much larger and much more complicated than the code produced by human programmers for the same specification. Our goal is to address both of these fundamental shortcomings at the same time. We will develop output-sensitive synthesis algorithms, i.e. algorithms that, in addition to optimal performance in the size of the specification, also perform optimally in the size and structural complexity of the implementation. Target applications for our algorithms come from both the classic areas of reactive synthesis, such as hardware circuits, and from new and much more challenging application areas such as the distributed control and coordination of autonomous vehicles and manufacturing robots, which are far beyond the reach of the currently available synthesis algorithms.
The focus of the project is the development of a monitoring system for the highly critical VTOL operation. Advances in electromobility and automation technology enable the commercial use of highly automated aircraft with distributed electric propulsion systems.
Safety is an important success factor for such aircraft. To achieve this, the inherent complexity of the overall system must be identified in the form of precise requirements and consistently monitored during operation. In addition, development, operating and maintenance costs must be kept low in order to ensure economical operation of increasingly automated aircraft. The aim of the project is the automatic monitoring of parameters that are important for the safe commercial operation of an autonomous system. To increase the confidence in safety monitoring, the executable monitor is automatically generated from a formal specification of the desired behavior. The resulting transparency promises advantages for certification and economical operation. Analysis of the feedback for certification by secure, independent monitoring components is an essential topic.
The formal specification is separate from the control code and easier to understand, thus saving development and maintenance costs. Furthermore, conventional centralized monitoring procedures require the availability of all relevant data. In highly distributed avionics like that of the Volocopter it is necessary to execute the monitoring process at different system nodes, for which algorithms for monitoring have to be developed. In the project, the system monitoring approach is integrated on the basis of a formal specification for a Volocopter. This promises substantial improvements both in terms of security and from an economic point of view.
Genetic data is highly privacy sensitive information and therefore is protected under stringent legal regulations, making them burdensome to share. However, leveraging genetic information bears great potential in diagnosis and treatment of diseases and is essential for personalized medicine to become a reality. While privacy preserving mechanisms have been introduced, they either pose significant overheads or fail to fully protect the privacy of sensitive patient data. This reduces the ability to share data with the research community which hinders scientific discovery as well as reproducibility of results. Hence, we propose a different approach using synthetic data sets that share the properties of patient data sets while respecting the privacy. We achieve this by leveraging the latest advances in generative modeling to synthesize virtual cohorts. Such synthetic data can be analyzed with established tool chains, repeated access does not affect the privacy budget and can even be shared openly with the research community. While generative modeling of high dimensional data like genetic data has been prohibitive, latest developments in deep generative models have shown a series of success stories on a wide range of domains. The project will provide tools for generative modeling of genetic data as well as insights into the long-term perspective of this technology to address open domain problems. The approaches will be validated against existing analysis that are not privacy preserving. We will closely collaborate with the scientific community and propose guidelines how to deploy and experiment with approaches that are practical in the overall process of scientific discovery. This unique project will be the first to allow the generation of synthetic high-dimensional genomic information to boost privacy compliant data sharing in the medical community.
Management
Duration
1.8.2020-31.07.2023
Members
Funding Code
ZT-1-PF-5-23
Website
To solve future grand challenges, data, computational power and analytics expertise need to be brought together at unprecedented scale. The need for data has become even larger in the context of recent advances in machine learning. Therefore, data-centric digital systems commonly exhibit a strong tendency towards centralized structures. While data centralization can greatly facilitate analy-sis, it also comes with several intrinsic disadvantages and threats not only from a technical but more importantly also from a legal, political and ethical perspective. Rooting in sophisticated security or trust requirements, overcoming these issues is cumbersome and time consuming. As a consequence, many research projects are substantially hindered, fail or are simply not addressed. In this interdisci-plinary project we aim at facilitating the implementation of decentralized, cooperative data analytics architectures within and beyond Helmholtz by addressing the most relevant issues in such scenarios.
Trustworthy Federated Data Analytics (TFDA) will facilitate bringing the algorithms to the data in a trustworthy and regulatory compliant way instead of going a data-centric way. TFDA will address the technical, methodical and legal aspects when ensuring trustworthiness of analysis and transparency regarding the analysis in- and outputs without violating privacy constraints. To demonstrate applica-bility and to ensure the adaptability of the methodological concepts, we will validate our develop-ments in the use case “Federated radiation therapy study” (Health) before disseminating the results.
Management
Duration
01.12.2019–30.11.2022
Members
Funding Code
ZT-I-0014
Research Area
Cryptology is a foundation of information security in the digital world. Today's internet is protected by a form of cryptography based on complexity theoretic hardness assumptions. Ideally, they should be strong to ensure security and versatile to offer a wide range of functionalities and allow efficient implementations. However, these assumptions are largely untested and internet security could be built on sand. The main ambition of Almacrypt is to remedy this issue by challenging the assumptions through an advanced algorithmic analysis.
In particular, this proposal questions the two pillars of public-key encryption: factoring and discrete logarithms. Recently, the PI contributed to show that in some cases, the discrete logarithm problem is considerably weaker than previously assumed. A main objective is to ponder the security of other cases of the discrete logarithm problem, including elliptic curves, and of factoring. We will study the generalization of the recent techniques and search for new algorithmic options with comparable or better efficiency. We will also study hardness assumptions based on codes and subset-sum, two candidates for post-quantum cryptography. We will consider the applicability of recent algorithmic and mathematical techniques to the resolution of the corresponding putative hard problems, refine the analysis of the algorithms and design new algorithm tools. Cryptology is not limited to the above assumptions: other hard problems have been proposed to aim at post-quantum security and/or to offer extra functionalities. Should the security of these other assumptions become critical, they would be added to Almacrypt's scope. They could also serve to demonstrate other applications of our algorithmic progress. In addition to its scientific goal, Almacrypt also aims at seeding a strengthened research community dedicated to algorithmic and mathematical cryptology.
Management
Duration
01/01/2016-31/21/2021
Funding Code
ERC Advanced Grants 669891
Research Area
The goal of the SYSTEMATICGRAPH project is to put the search for tractable algorithmic graph prob-lems into a systematic and methodological framework: instead of focusing on specific sporadic prob-lems, we intend to obtain a unified algorithmic understanding by mapping the entire complexity landscape of a particular problem domain. A dichotomy theorem is a complete classification result that characterizes the complexity of each member of a family of problems: it identifies all the cases that admit efficient algorithms and proves that all the other cases are computationally hard. The pro-ject will demonstrate that such a complete classification is feasible for a wide range of graph prob-lems coming from areas such as finding patterns, routing, and survivable network design, and novel algorithmic results and new levels of algorithmic understanding can be achieved even for classic and well-studied problems.
Management
Duration
01.07.2017-30.06.2022
Funding Code
Grant agreement ID: 725978
Research Area
Kamaeleon deals with the adaptation of light electric vehicles through software, so that the vehicles are able to adapt automatically to different areas driven over or to means of transport. Different requirements of the currently still firmly prescribed admission requirements have to be fulfilled by adaptation. The safety is primarily ensured by the speed driven in relation to the respective traffic area, but also due to the proximity to other road users. However, the maximum speed and continuous output is also a criterion for the approval of vehicles for a specific place of use (e.g. pedelec sidewalk, e-bike street). Technically, the maximum speed that can be driven is regulated first and foremost. This will create a completely new class of vehicles that are not defined by fixed characteristics, such as performance, maximum speed, equipment, etc., but whose functions are controllable by software.
Management
Founded
2019
Duration
01.04.2019 – 31.03.2022
Members
Funding Code
16SV8210
What exactly makes a program malicious? In this project, the hypothesis that a “malicious” program is one that does not work as advertised is investigated. The idea is to make use of large collections of programs, especially apps in app stores, and to learn associations between advertised and implemented behavior from them. As advertised behavior, use of natural language descriptions as presented in user interface elements is made; as implemented behavior, the functionality triggered by these UI elements is checked.
The result is a model of actions and reactions that characterizes “normal” behavior. Given a new app, its model is automatically checked on whether the observed actions and reactions are “normal” or not. The problems related to security can thus be highlighted (the implementation does not work as adver-tised) as well as usability (the description does not match the implementation). During execution, a sandbox detects “abnormal” and explicitly disallowed sequences, and blocks the associated resource accesses and UI elements: “The ‘Download’ button is greyed out because it sends your address book to a server in Bezerkistan”.
The project brings together expertise in program analysis, test generation, natural language processing, model inference, and model checking. It makes significant contributions in all these fields to achieve its overall goal of detecting and preventing abnormal behavior in reactive systems.
Management
Duration
01.01.2019 – 31.10.2021
Members
Funding Code
DFG ZE 509/9-1
Research Area
Fuzzing – testing software through randomly generated inputs – is one of the premier methods to discover software vulnerabilities. Fuzzing is easy to deploy; once set up, it can be left running for days and weeks, continuously testing the system with one input after another. Fuzzing also has no false positives: any input that crashes the program triggers a real vulnerability that can be exploited by attackers, if only for a denial of service attack.
Fuzzing is slow, though. The overwhelming majority of randomly generated inputs is invalid and will thus be rejected by the program under test. This can still detect errors, notably in the routines for parsing and rejecting inputs. In order to reach deeper functionality after input processing, though, it is necessary to have inputs that are syntactically valid.
The traditional means to produce valid inputs is to formally specify the input language using formal languages such as regular expressions and grammars – well-established and well-understood formal-isms with a sound and detailed theoretical foundation and plenty of applications in practice. Specifying an input language, however, is a huge manual effort, ranging from days for simple data formats to months for complex input languages.
In the past years, the group of PI Zeller has developed a number of techniques that can automatically extract grammars from a given program and a set of sample inputs and shown how to construct extremely efficient fuzzers from these grammars. These techniques are so mature they are even avail-able as open source in a recently published textbook. Yet, the grammar learners still depend on a comprehensive set of samples that cover every feature of the input space.
Therefore the aim of the project is to create test generators that specifically target input processors – that is, lexers (tools that compose input characters into words) as well as parsers (tools that compose sequences of words into syntactical structures, such as sentences in natural language). His approach is to feed some trivial invalid input (say, the string “x”) into a program and then to dynamically track the comparisons this program undertakes before rejecting the input as invalid.
Management
Duration
01.06.2019 – 30.11.2021
Members
Research Area
Our 13-trillion dollar digital economy runs on open-source software written by ambitious developers often in their spare time. Many software systems expect their inputs to arrive in a specific order and in a well-structured manner. The order is specified by a protocol while the structure is specified by a grammar. For instance, most websites are available via the SSL protocol (https) which requires a sequence of 13 distinct messages only to establish a secure connection.
Each message starts with a 5-byte header specifying message type, version, and length. This makes it very difficult to automatically test such critical systems, to identify security flaws at scale.
The objective of this project is to develop automated techniques that infer input protocols and gram-mars automatically. The inferred artifacts will then be used to test the software system more effectively, in turn. The project will use lightweight program analysis and instrumentation for inference at runtime. It is further envisioned a unification of protocol and grammar into a single representation of both, structure and sequence.
The exchange seeks to strengthen the existing collaboration, and to synthesize recent independent works across both teams on greybox fuzzing and grammar mining.
Management
Duration
01.01.2020 – 31.12.2021
Members
Funding Code
57511650
Research Area
Researchers at CISPA contribute their knowledge and resources to alliances and networks with national and international partners in order to achieve mutual goals with shared resources. In these long-term partnerships CISPA often engages in a coordinating role.
Helmholtz Medical Security, Privacy, and AI Research Center (HMSP)
The Helmholtz Medical Security, Privacy and AI Research Center (HMSP) constitutes a joint initiative of six Helmholtz Centers – CISPA, DZNE, DKFZ, HMGU, HZI, and MDC – that brings together leading experts from the field of IT-security, privacy and AI/machine learning as well as the medical domain to enable secure and privacy-preserving processing of medical data using next-generation technologies. It aims for scientific breakthroughs at the intersection of security, privacy and AI/machine learning with medicine, and it aims to develop enabling technology that provides new forms of efficient medical analytics while offering trustworthy security and privacy guarantees to patients as well as compliance with today’s and future legislative regulations.
Management
Founded
2019
Members
Research Area
Website
The CISPA-Stanford Center for Cybersecurity is a joint center for cybersecurity research between CISPA Helmholtz Center for Information Security and Stanford University which recognizes the high potential of a mutually beneficial cooperation between CISPA and Stanford in the field of cybersecurity and follows from the desire of the scientists of the parties to conduct joint research.
The collaboration has the following two intertwined goals:
To achieve these goals, CISPA and Stanford University established this collaboration to form the CISPA-Stanford Center for Cybersecurity, with corresponding research activities at CISPA and at Stanford University. The center addresses the particular career-development needs of young German scientists in cyber-security. It fosters the professional development of a small number of selected, outstanding individuals by providing them with the opportunity to work at Stanford University as Visiting Assistant Professors in the area of cybersecurity for two years and to then return to Germany to continue their research as a senior researcher at the CISPA and ultimately as a professor at a German university or a research leader in industry.
Website
This initiative is aimed to combine the strengths of the two largest and the most renowned institu-tions:CISPA Helmholtz Center for Information Security and the INRIA/Loria in Nancy will jointly strengthen cyber security research and corresponding transfer and innovation activities between Franceand Germany.Along the strong Franco-German axis, the center will enable focused-research on disruptive innovations for digital sovereignty. The central topics include self-determination in Data Profiling, European Internet and Cryptography Standards, Operating Systems developed and thor-oughly evaluated in Europe to secure critical infrastructures, the protection of privacy and security guarantees in automated AI processes, and Secure Networking in Industry 4.0 and autonomous sys-tems.The center will establish bilateral Franco-German research groups. In addition to transnational cooperation, the promotion of young researchers will be a core element. Young scientists will be given the opportunity to advance their research interests independently early in their academic ca-reer through individual mentoring.
Management
Founded
2019
Members
CISPA, KAIST and KIST Europe MoU aim to initiate joint research projects in the fields of cyber security technologies. The partners support scientific collaboration and the exchange between the academic members of the institutions. The main fields of collaboration are: System Security, Web Security, and Cryptography.
The partners already acquired third party funding in order to be able to focus on specific research topics of joint interests. In annual meetings, the researchers from Germany and Korea discuss ongoing projects among each other and with researchers form other German or Korean institutions.
With the signing of the Letter of Intent in October 2018, Dcypher and CISPA identified the need for joint research projects and for creating synergies, particularly in the field of:
System and service security by design
Defense of newly developed and legacy systems
Decision making in socio-economic environments
Protection against misuse and abuse of personal data
With the discontinuation of DCYPHER in October 2020, the cooperation with the Netherlands will be continued in a different format.
Management
Founded
2018
Duration
October 2018 – October 2020
Members
CISPA Helmholtz Center for Information Security (CISPA) and Leibniz University Hannover joined forces to advance research in the areas of cybersecurity and privacy. The initiative with an initial fo-cus on Usable Security, Privacy, and Industrial Security is financially supported by the state of Lower Saxony. The cooperation includes the joint appointment of a professor by CISPA and LUH, the estab-lishment of a junior research group as well as of a dependent CISPA research branch in Hannover. To further develop the collaboration, the partners founded a committee with representatives of Lower Saxony’ Ministry of Science and the Ministry of Economics. In addition to research, the transfer of research findings, e.g. through industry cooperations, as well as the formation of future cybersecurity experts take on a key role in the cooperation.