In collaboration with CeTI: in the paper we investigate how identifying (recorded) gait actually is, and how difficult it will be to effectively anonymize, or protect this data in any other sensible way. Congrats to Evelyn and Simon!Preprint
Thorsten Strufe: 'The preprint of our PETS paper on Facebook collecting data from (all sorts of!) third parties and its ineffective consent procedure is online, thanks Patricia Arias Cabarcos!'
Find the link to the paper below.About the paper
50 years ago, the first faculty for computer science at a German university was established in Karlsruhe. Time for celebration! The faculty is organizing a ceremony on Thursday, October 20, starting at 11 a.m. in the Tullahörsaal, which will be celebrated by exciting lectures and a panel discussion. Please find the program and the link to the registration below.About the jubilee
We are currently performing a survey on the evaluation of face anonymization methods and are looking for participants. The survey is in english and takes about 15 minutes. We would appreciate it, if you would participate using the link below!Survey page
Thorsten Strufe will give a tutorial on 'Privacy of Behavioral Data' at this year's EMBEDDED SYSTEMS WEEK on October 9.
ESWEEK will take place in Shanghai and hybrid.
More about ESWEEK
On July 18, Dr. Antitza Dantcheva (INRIA) will give a talk entitled 'Generation and Detection of Deepfakes'. The talk will take place at KIT in building 50.34, room 236 at 15:45.
Pre-registration is requested, and we also welcome participants to wear a medical mask.
The talk will also be streamed via BBB. An access code will be provided upon registration if needed.
While highly intriguing, video generation has thrusted upon us the imminent danger of deepfakes, which can offer unprecedented levels of increasingly realistic manipulated videos. Deepfakes pose an imminent security threat to us all, and to date, deepfakes are able to mislead face recognition systems, as well as humans. Therefore, we design generation and detection methods in parallel.
On June 30, Thorsten Strufe will give a talk at the OpenS3 Lab's workshop 'Emerging Challenges in Cybersecurity and Privacy' entitled 'You better act normal! Ubiquitous electronic observation: Threats and Attempted Solutions.' More information about the program can be found via the link below.
With this presentation he is also represented at the Honda Research Colloquium on Security and Privacy in Frankfurt (June 15) and the Heinz Nixdorf Symposium in Paderborn (Sept. 15).opens3-lab.com/events
Simon Hanisch is looking for a student assistant to conduct studies.
Here you can find the job advertisement (in german).
In view of the war in Ukraine, the BSI is calling for increased vigilance and readiness to react on the Internet. Dangers in this context are phishing e-mails relating to offers of help and fake news. Therefore, the research groups SECUSO (Security-Usability-Society) and PS (Practical IT-Security) offer an online course for citizens.
The course is in german, online via Zoom on 5/5/2022, 7-8pm.More about this course and praticipation
The paper 'Ray-tracing based Inference Attacks on Physical Layer Security' by Paul Walther, Markus Richter and Thorsten Strufe was awarded with the Best Paper Award of NetSys 2021!Link to article
Congratulations to Christiane Kuhn and Martin Byrenheid on passing their (respective) doctoral examination!
The Paper "Side-channel attacks on query-based data anonymization" was published on this years CCS. Authors are: Franziska Boenisch (Fraunhofer AISEC); Reinhard Munz (Max Planck Institute for Software Systems (MPI-SWS)); Marcel Tiepelt (Karlsruhe Institute of Technology); Simon Hanisch and Christiane Kuhn (Karlsruhe Institute of Technology); Paul Francis (Max Planck Institute for Software Systems (MPI-SWS)).
We offer four fully funded positions to do a PhD or Post-Doc (co-supervision of PhD students, in case of interest) on 6G security and privacy (location privacy, availability, security architectures, practical quantum key generation) at KIT/KASTEL and Excellence Cluster CeTI.
Contact: Thorsten StrufeOur job page
The paper "Is the Buzz on? - A Buzz Detection System for Viral Posts in Social Media" was published. Here, Facebook posts were examined to develop a buzz detection system. For more details, see the paper linked below.
Authors: Thorsten Strufe, Clemens Deusser, Nora Jansen and Oliver Hinz.paper online
Soon you will find short interviews of our staff members on this homepage.
"Get to know..." is an audio feature that portrays our scientific staff in three time periods:
Past: How did they come to start their work at the Institute for Practical IT Security?
Present: What is the researcher currently working on?
Future: What are the goals they are pursuing with their research?
Look forward to insights into our institute!
On Friday 21st., Aurélien Francillon (associate professor, System and Software
Security (S3) EURECOM) will give a talk on "An overview of telephony fraud and abuse".
The lecture will be held via BBB, timespan 10:00-11:30.
On November 15, Paul Walther will defend his dissertation titled
"Towards Practical and Secure Channel Impulse Response based Physical
Layer Key Generation". We wish him good luck!
We have a fully funded position to pursue a PhD (or join us as a postdoc) as part of our French-German project Propolis (on Smart City Privacy), in a consortium with Eurecom, SAP, and The Urban Institute. We will primarily work on publishing location trajectories with DP guarantees and differentially private ML on location data (for instance for traffic management, public security, and risk management in smart cities).Our job page
We're happy to have Prof. Christopher Kruegel (University of California) as our guest at KASTEL Distinguished Lectures. On Friday, November 12, 10am, he will give a talk on "Finding Vulnerabilities in Embedded Software". The venue is room HS 101 in building 50.34 at KIT Campus South.for more information on the lecture
Christoph Coijanovic won 1st place of the Academic Award of the CYBERSECURITY CONFERENCE 2021, which was awarded to him on Oktober 22 for his master thesis "Privacy Analysis of Anonymous Communication Networks at Example of Vuvuzela" (supervised by Christiane Kuhn). Congratulations!
Wouter Lueks (post-doctoral researcher at EPFL) will present "CrowdNotifier: Decentralized Privacy-Preserving Presence Tracing" on November 3rd at 12:30.
There is growing evidence that SARS-CoV-2 can be transmitted beyond close proximity contacts, in particular in closed and crowded environments with insufficient ventilation. To help mitigation efforts, contact tracers need a way to notify those who were present in such environments at the same time as infected individuals. Neither traditional human-based contact tracing powered by handwritten or electronic lists, nor Bluetooth-enabled proximity tracing can handle this problem efficiently. In this talk, I introduce CrowdNotifier, a protocol that can complement manual contact tracing by efficiently notifying visitors of venues and events with SARS-CoV-2-positive attendees. We prove that CrowdNotifier provides strong privacy and abuse-resistance, and show that it can scale to handle notification at a national scale.
Thorsten Strufe gives a talk about ProMACs on September 28 at 10:30 am. For further information check the link below.centre inria
Amr Osman and Jeannine Born (TU Dresden) won Telekom Challenge 2021, receiving the first prize of 150,000 euros for their idea on "automatic network isolation of IoT devices". Congratulations!
more information from TU Dresden (german article)
Thorsten Strufe has been interviewed by Märkische Allgemeine Zeitung (Newspaper).
Topic: "Why the EU's General Data Protection Regulation (DSGVO) unjustly enjoys a bad reputation".
You can find the article online (link below).(german) article on maz-online.de
From September 21 to 23, CeTI will be offering an exciting on- and offline program on the topic of "smart textiles and wearables". The offer ranges from lectures to workshops, for which you can register online. You can find the link below.registration and programme of CeTI Summer School
Thorsten Strufe was interviewed by spiegel.de.
It is about innovations to the messenger service Whatsapp.
You can find the link to the interview below.
(german) interview with Spiegel Netzwelt
Florian Thie received the TU Dresden award for his thesis "Analysis of complex anonymization networks at the case study of Aqua".
He was supervised by Christiane Kuhn and Simon Hanisch, the first examiner was Thorsten Strufe.
The paper entitled "2PPS - Publish/Subscribe with Provable Privacy" by Sarah Abdelwahab Gaballah and Max Mühlhäuser (both TU Darmstadt), Christoph Coijanovic and Thorsten Strufe has been accepted for the SRDS 2021 conference (September 20.-23.).
The paper is about publish/subscribe systems (such as Twitter) that provide strong and provable privacy protections for both publishers of messages and subscribers.more about the conference
As part of the KIT Open Day under the motto "7 Days - 7 Questions - 7 Formats", Thorsten Strufe was a discussion guest on the topic "Electron Brains & Cyborgs" - Artificial Intelligence revolutionizes the world. You can find the link to the video below.recording of discussion (german)
The video of our opening panel at 'Bonner Tage der Demokratie' is online. Thanks for a very nice discussion (in German) with Lorena Jaume-Palasí, Katharina Mosene, Rebekka Weiß, Ulrich Kelber, and Jan Schallaböck - moderated very professional by Ute Lange - about giving up fundamental rights to use online services. - Prof. Strufevideo link
We have an immediate opening for a HiWi position as a Research Assistant.
For more information, please see the attached document.
Prof. Strufe will give a talk on "ProMACs: Leveraging the Streaming Paradigm to Improve Integrity without Transmission Cost" at a colloquium at the University of Hamburg on Monday, May 31, 21.
The event will take place via zoom, starting at 17:15.registration (Informatik Uni Hamburg)
Our paper “Inexpensive Brainwave Authentication: New Techniques and Insights on User Acceptance” has been accepted for presentation at the 30th USENIX Security Symposium. In this research, we explore and evaluate different brain biometric techniques to authenticate users with consumer BCI tools and investigate user perceptions towards accepting such technologies. Our results show that it is feasible to recognize users based on brain responses to images. With regard to adoption, users call for simpler devices, faster authentication, and better privacy.
Thorsten Strufe is a discussion guest at the 'Bonner Tage der Demokratie' (engl. Bonn Days of Democracy).
On May 4, starting at 7 p.m., he will speak in the opening panel about fundamental rights in relation to social media.
"Tactile Internet" is on the shelves of your (online) bookstore since March 22! Thanks to our co-authors!
We are proud to announce the opening talk for our “Distinguished Lecture Series in Cybersecurity” on June 11th! Prof. Johannes Buchmann will speak about Sustainable Cybersecurity and Privacy. #KASTEL
We offer 2 PhD positions in the field of privacy and machine learning to start in May 2021. The positions are based at our lab in Karlsruhe and UPC (Barcelona). Funded by BMBF (Project Propolis, with EURECOM, SAP and Urban Institue) and FundlaCaixa.
Prof. Strufe commented on Google's move away from conventional marketing to data collection via FLoC.
You can find the article on heise.de linked below.
Furthermore, Deutschlandfunk also talked to Prof. Strufe about this topic.german article on heise.de
Prof. Dr. Thorsten Strufe will give a talk titled ProMACs: Leveraging the Streaming Paradigm to Improve Integrity without Transmission Cost at the Ifl Colloquium at the University of Zurich on May 27th this year.
The program of the colloquium can be found here.
Our article "Browsing Unicity: On the Limits of Anonymizing Web Tracking Data" (Clemens Deusser, Steffen Passmann and Thorsten Strufe) has been accepted for presentation at the IEEE S&P ("Oakland")! In the paper we examine the "anonymizing methods" commonly used by industry and show that they are largely ineffective even when applied to an extent that essentially destroys all utility of web tracking data. Using the example of a data set of a large European audience measurement provider, we show that the claim that "coarsening" leads to de-identified data sets is nonsense, since even in extreme cases anonymity is not achieved. Clemens Deusser will present the article at the IEEE S&P in May 2020, congratulations Clemens and Steffen!
Our article "Breaking and (Partially) Fixing Provably Secure Onion Routing" (Christiane Kuhn, Martin Beck and Thorsten Strufe) has been accepted for presentation at IEEE S&P ("Oakland")! In the paper we identify a vulnerability in a lightweight anonymization system ("HORNET") which was previously considered to be proven secure. We then find a vulnerability in the underlying packet format SPHINX, which is also used for other anonymization services. Finally, we find that the evidence framework of Camenish and Lysyanskaya used in both cases is flawed and fix the found bugs to share. Christiane Kuhn presents the article at the IEEE S&P in May 2020. Congrats, Christiane and Martin!
Thorsten Strufe is giving an invited lecture at TU Graz on the topic "On the Limits of 'Anonymizing' Web Tracking Data by Generalization" on December, 18th.Abstract
Thorsten Strufe is giving an invited lecture at the University of Kiel on the topic "On Privacy Notions in Anonymous Communications" on December 13.
Thorsten Strufe is giving an invited lecture, entitled "On the Limits of 'Anonymizing' Web Tracking Data by Generalization" at UC Irvine, on Dec. 9th.
Thorsten Strufe is holding an invited talk at the final ENCASE Workshop “Cybersafety: Threats and Intelligent Parental Advice Tools for Protection in Social Networks”, entitled "On the Limits of 'Anonymizing' Web Tracking Data by Generalization" on October 18th.
Patricia Cabarcos is presenting our paper "'I don’t see why I would ever want to use it': Analyzing the Usability of Popular Smartphone Password Managers" at ACM CCS in London, on Sept. 14th!
On February 3, Thorsten Strufe will give his inaugural lecture, entitled "Privacy and freedom or surveillance and censorship in web and mobile apps? (Thorsten Strufe -- from Hamburg to Karlsruhe, with small detours)" in the context of the semester colloquium of the Faculty of Informatics at KIT.
Everybody is cordially envited! :-)
Update: The slides of the lecture can be found here.
Thorsten Strufe is giving the keynote on "Security, the Elusive Goal of Privacy, and the Surprising Difficulties around Corona Tracing" at this year's ARES conference!ARES on twitter
Our research at work -- the system we designed and published in 2017 is now going live, at the German ABC! Congrats to Steffen Passmann, who was the driving force behind our collaboration, too!
article digital inside
Thorsten Strufe is giving an invited lecture on the tactile Internet at the New Year's Reception at the University of Jena on January 8.