System Security Group

System security covers all aspects of IT security in modern information systems, including the application layer, operating system kernel and hardware level. The goal of our research group is to develop and analyze system components that are used to run user applications in a secure environment. The field of system security does not provide any end-user applications by itself but rather acts as an abstract layer of security for many interdisciplinary scenarios.

In the past, our research comprised user mode code, OS kernel patches, hypervisor code, compiler-level and runtime extensions, as well as the hardware design of embedded and IoT devices. A special focus was put on Android devices, disk encryption, reverse engineering and software protection – such as obfuscation – as well as trusted computing.

Besides the development of defense mechanisms, we regularly look at systems from an attacker’s point of view to analyze their security. Above attention in the academic community, some of our offensive research results gained attention in media, particularly our results on disk encryption, smartphone security and two-factor authentication.

For a list of current group members, please visit our staff site. Former group members who graduated with a PhD are:

  • 2013 – Apr. 2017: Dr.-Ing. Mykolai Protsenko
    “Securing the Android App Ecosystem: Obfuscation, Tamperproofing, and Malware Detection”
  • 2014 – Dec. 2017: Dr.-Ing. Johannes Götzfried
    “Trusted Systems in Untrusted Environments: Protecting against Strong Attackers”
  • 2016 – Jul. 2019: Dr.-Ing. Vincent Haupert
    “Sicherheit mobiler Bankgeschäfte zwischen Innovation und Regulierung”
  • 2016 – Jul. 2020: Dr.-Ing. Anatoli Kaylsch
    “Android Application Hardening: Attack Surface Reduction and IP Protection Mechanisms”
  • 2016 – Okt. 2020: Dr.-Ing. Marcel Busch
    “On the Security of ARM TrustZone-based Trusted Execution Environments”

(Last updated on Sep. 2021)

On the following pages, you find an archive of our open-source projects, media files, and pentesting results. Please note that we do not update research projects once they are finished.