@Research Institute CODE, Universität der Bundeswehr München, Neubiberg, Germany
Besides lecturing I supervise students in their trainings and final theses. For details click here (Status Dec 30, 2022).
- Ph.D.: 2 (externals) running, 2 concluded
- Master: 6 running, 7 concluded
- Bachelor: 20 running, 22 concluded
- Competence Trainings: 9 concluded
Own Created Courses
Lecture Crime Scene Internet
- Autumn terms: 2021 - 2023
- Description: This course builds on the basic knowledge gained in the lecture "Introduction to the Internet of Things", but can also be taken without this knowledge if the student takes the initiative. Due to the connection of several kinds of devices and using them in every days life, the consumers produce a big data footprint. This information helps us to improve but at the same time is interesting for attackers and may be misused. Thus, this course deals with the dangers posed by networking and shows various potential attacks. The lecture part is designed theoretically and is supplemented by practical tasks in the exercise. After successful completion of the course, the participants will have an understanding of the subject matter itself, an understanding of weaknesses in the Internet system, a sense of attack vectors and intentions, and an understanding of the process of selected attacks.
Lecture Introduction to the Internet of Things
- Winter terms: 2021 - 2024
- Description: Digitalization is changing our lives. There are more and more digital, networked, intelligent products, services or business models. Fitness trackers, smart homes, self-propelled cars, robots, predictive maintenance are just a few examples. The Internet of Things (IoT) connects the physical world with the digital world. IoT is increasingly becoming an integral part of the business or for consumers. Devices are no longer controlled only by users, but devices communicate directly to automate tasks or processes. This produces a flood of data that offers enormous opportunities but also harbors risks. To be able to assess this, this lecture introduces the topic and presents basics regarding architecture and requirements, used communication and routing protocols and looks at some applications.
Lecture Secure Mobile Systems
- Spring terms: 2020 - 2023
- Description: The use of mobile devices has penetrated our lives in almost all areas. Making phone calls as the original and primary use of these devices is today only one of a multitude of functionalities that a mobile device provides. Since the introduction of the operating systems iOS and Android, the number of mobile devices using these operating systems has increased enormously every year. At the same time, the number of attacks on information systems and networks, e.g. via malware and denial of service attacks, is increasing, which underlines the importance of securing systems and networks with appropriate security measures. The lecture builds on the course "Mobile Communication Systems". There the most common standards and systems were discussed, but security aspects were neglected. Therefore, this course "Secure Mobile Systems" is dedicated to this topic and considers selected technologies among others: WLAN and IEEE 802.11, Bluetooth, sensor networks (IEEE 802.15.4, ZigBee, 6LoWPAN, LoRa), hardware solutions (Trusted Computing (TPM) and physically non-clonable functions (PUF)), Smartcards, and mobile payment. The aim is to gain a basic understanding of the technologies we use every day and rely on their security. What is behind them and are they really as secure as we think?
Lecture Introduction to Database Systems
- Spring terms: 2023
- Description: This lecture is the classic introduction to the exciting field of database systems. The central topic is relational database systems, in which data is modeled, stored, and queried in tabular form. This strictly tabular view of data is elegant, intuitive yet formal, and can be implemented efficiently by database systems, but it also raises interesting questions that we will address in this lecture: Exactly what services can a database system actually provide? How do you put data into tabular form in a meaningful way, even if data is initially in the form of objects, trees, etc.? What characteristics of tables can we exploit to store and extract data efficiently and without redundancy? Which languages are suitable for accessing masses of table data? The aim is to establish awareness of databases and database systems, but at the same time to point out problems and challenges.
Seminar Secure Air/Ground Communication Systems
- B.Sc., M.Sc.
- Spring term: 2022
- Description: Digitalization is increasing more and more, so that more and more systems are networked with each other and continuously exchange (sometimes sensitive) data. This data exchange can take place via LAN or wireless connections. Depending on the chosen communication path, this takes place directly or indirectly via several hops. Depending on how much control you have over the infrastructure and which application you are in, the call for secure data exchange, validation of data and access control becomes more and more important. Therefore, this seminar deals with the various options that today's communication standards and their infrastructure provide. We will look at the interfaces and protocols, but also at the corresponding physical properties of the communication path as well as the security options and attack vectors.
Other Courses (e.g., lecturer substitute or organizer)
Lecture Introduction to Computer Networks
- Spring terms: 2018 - 2020
- Lecturer substitute and exercise organizer; invited lecturer (teaching assignment) in 2019 on behalf of Prof. Dreo Rodosek (on sabbatical)
- Description: The course teaches the basic knowledge of computer networks and communication protocols. Many sections use the Internet and its communication protocols as practical examples. The essential and fundamental concepts of computer networks are introduced and relevant standards are presented, including services and reference models for communication. The basic concepts then include the discussion of network building blocks, point-to-point connections, resource allocation/multi-use, and error detection and correction procedures. Using the example of Ethernet, an important local media access procedure is described. In addition to packet and line switching including the necessary protocols on the network layer, Internetworking is also covered, which includes the various coupling elements such as repeaters, switches and routers including the routing methods. Furthermore, transport protocols are discussed and associated protocol mechanisms are discussed for control purposes. On the application layer the Domain Name System, the E-Mail System and the WWW are sketched and their essential functions are described.
Lecture Computer Networks 2
- Winter term: 2020
- Lecturer substitute
- Description: The course is an extension of the "Introduction to Computer Networks" and deals with further questions in the field of communication systems. The convergence of voice and data results in new requirements for computer networks. Ensuring the quality of service for applications such as Voice over IP (VoIP) is one of the most important challenges. The module therefore focuses on: Quality of service mechanisms in IP networks, QoS possibilities with different network technologies, Internet support protocols for multimedia applications (Multicast, RTP, IntServ, DiffServ, MPLS, RTSP), digital voice and video on the Internet (H.323, SIP, MPEG, VoIP), and virtual private networks (technology, application possibilities with IPSec and MPLS, case studies).
Lecture Mobile Communication Systems
- Autumn terms: 2018-2019
- Lecturer substitute and exercise organizer
- Description: The lecture provides in-depth insights into the technical basics and concepts of mobile communication systems. Furthermore mobile and wireless telecommunication systems (e.g. GSM, UMTS, LTE), satellite systems, broadcasting systems and in detail wireless LANs and PANs (e.g. WLAN, Bluetooth) are discussed. In order to make these technological alternatives usable in an integrated network landscape, the network protocol properties will be discussed using the example of Mobile IP as well as the transport protocol properties, which will then be supplemented by mobility support.
Lecture Security in Information Technology
- Winter term: 2020
- Spring terms: 2020 and 2019
- Lecturer substitute and special lecture on "Applied Cryptography - Hardware-based Trust"
- Description: The course covers classic methods of technical and organizational information security, including threats and risk analysis, BSI IT-Grundschutz, basics of applied cryptography, security engineering, security models and mechanisms and their implementation in distributed, systems and computer networks, and mobile device security.
- B.Sc., M.Sc.
- Winter terms: 2019 - 2021
- Organizer and supervisor of various topics; teaching assignment since 2020
- Description: In 2016 the first large-scale attack on IoT devices took place: "Friday October 21, 2016, after 11:10 UTC. If you typed the URL of some well-known US Internet service providers into your browser there was no response, and no online services available. The reason: the Mirai botnet had hacked millions of mainly Linux-based Internet-Of-Things devices and collectively performed a Denial-Of-Service attack on the Domain-Name-Service provider DYN with the result that the IP-addresses of hundreds of company services could not be accessed anymore. It was like removing the telephone number of these organizations in a way that customers could not contact them.” SmartHome devices conquer our households in 2018. Everything will be "smart": smart airports, smart hospitals, smart cars, smart cities, etc. In this seminar we want to deal with different aspects of IT security starting with IoT Devices up to complex "smart" infrastructures. The aim is to gain an understanding of the current situation, the associated challenges and consequences of using IoT devices. For this purpose, various aspects are considered grouped into IT-Security and IoT related areas.
- Topics advised:
- Funkstandards in der Aeronautik
- Congnitive Radio for Air-to-Air Communication
- LoRa Communication for UAV Networks
- UAV mit Mobilfunkanbindung
- Threat Modelling Frameworks
- Certificateless Cryptography in IoT
- IoT PKI for Device Security
- Blockchain in IoT
- Distribute Ledger Technology (DTL)
- IoT API Security
- Fly and Collect Data
- Access Concepts
- Cloud Computing Services
- Interconnecting Smart Objects (MQTT, AMQP, COAP)
- Intelligent IoT
- Security Risks and Defence Strategies in CPS
- Indoor-Lokalisierungsmethoden und ihre Sicherheitslücken
- Sicherheitsanalyse von Services zur Darstellung und Aufbereitung von Sensordaten
- Privatsphäre- und Vertrauensansprüche an Drittanbieter-Services und ihre Umsetzung
- Benutzer-Authentifizierungsmöglichkeiten für Zugriff auf Daten in Sensornetzen
- Software/Hardware-basierter Trust-Support in Ressourcen-beschränkten Netzen
Seminar Cyber Defense
- B.Sc., M.Sc.
- Autumn terms: 2019 - 2021
- Organizer and supervisor of various topics
- Description: Due to the digitalization and continuous networking of various systems, the network today is a complex infrastructure. Various technologies, protocols and standards are used, which are preferred depending on the field of application and the hardware used. Since we are always on the move digitally, more and more information is on the move digitally, which can be invaluable for attackers. In other words, digitalization and networking not only bring advantages but also disadvantages! "If attackers have enough motive and method, no system is invulnerable. Even if the chance is almost zero, a combination of motive and method can still be too high to withstand an attack. The US-Israeli violation of Iran's nuclear program was an example, as the documentary Zero Hours 2016 showed. Insider agents with physical access to Iranian systems were needed to ensure their high security. Despite the small chances, the attackers had a sophisticated methodology and the overriding motive to prevent Iran from developing nuclear weapons." (https://citysecuritymagazine.com/cyber-security/advice-cyber-security/, accessed 10.09.19) Therefore, in this seminar we want to deal with the most different aspects in the area of Cyber Defence, which run through different research areas (e.g. Moving Target Defence, IoT, Machine Learning, IoT, Social Networks and Bots). The aim is to get a current picture of the Cyber Security situation!
- Topics advised:
- Threat Modelling Frameworks
- AI Support for Cybersecurity
- Methoden um Social Bot Aktivitäten zu identifizieren
- BA/MA Market Place in June 2021
- BA/MA Market Place in June and December 2019
- "Von der Idee zum Programm", Technische Universität München Ferienprogramm - Mädchen machen Technik, summer 2019
Visiting researcher in the period 2014-2018 during employment in Zurich.
Former Teaching Activities
- Department of Mathematics and Informatics, University of Basel, Switzerland (2015-2017)
- Communication Systems Group, Department of Informatics, University of Zurich, Switzerland (2013-2018)
- Chair for Network Architectures and Services, Department of Computer Science, Technische Universität München, Germany (2008-2013)
- Chair for Technical Informatics, Eberhard-Karls University, Tübingen, Germany (2001-2005)