Security and Privacy Group

The research vision of the Security and Privacy Group at COMSYS is the analysis, design, and evaluation of secure and privacy-preserving communication systems.

To realize this vision, we most notably craft novel security and privacy architectures, paradigms, and mechanisms as well as improve upon existing approaches to security and privacy. We consider all types of systems and networks, e.g. ranging from highly resource-constrained IoT networks to distributed (peer-to-peer) applications and networks and large-scale Cloud deployments.

Our used and developed technologies range from soft privacy solutions such as semantic annotations and behavioral nudges to applied cryptography for strong and provable security and privacy guarantees.

The close cooperation with the other research groups at COMSYS allows us to work closely with domain experts from various types of communication systems.

Currently, we pursue this research vision by tackling the following research topics:

  1. Security and Privacy in the Industrial Internet of Things (IIoT)
    • Enabling privacy-sensitive dataflows between different (mistrusting) stakeholders
    • Protocol design with existing building blocks (e.g., Bloom filter, HE, PSI, OT, ...) to offer novel use cases
    • Detecting, analyzing, and restricting network flows in the IIoT to improve the network security
    • Secure integration of legacy industrial devices into communication over the Internet
  2. Network Security for the IP-based Internet of Things
    • Secure end-to-end communication of highly resource-constrained devices
    • Delegation of security tasks to less resource-constrained gateways
  3. Privacy Enhancing Techniques (PETs)
    • Studying and improving popular anonymization networks (e.g., Website Fingerprinting in Tor)
    • Quantitative modeling of privacy protection and risk (e.g., Differential Privacy)
    • Privacy in distributed scenarios (e.g., Participatory Sensing)
    • Reconciling PETs and user perception of privacy (e.g., empirical user studies)
    • Application of Secure Two-Party and Multi-Party Computation
  4. Blockchain Technology
    • Analysis of the applicability and usability of blockchain systems
    • Improving existing blockchain systems (e.g., Bitcoin security and privacy, scalability)
    • Resolving trust issues in real-world use cases using public or private blockchains
    • Novel privacy-enhancing technologies backed by blockchains
  5. Security and Privacy in Cloud-based Systems
    • Alternatives to traditional cloud computing
    • Awareness of the usage of cloud services
    • Cloud operations that respect data handling requirements
    • Scalable and secure infrastructures for cloud operations
    • Secure and privacy-preserving outsourcing of sensitive data to the cloud


Current Projects

  • IoP: Internet of Prodution for enabling a new level of cross-domain collaboration for production (DFG EXC, 2019-2025+)
  • VeN2uS: VerNetzte NetzschUtzSysteme / Networked Grid Protection Systems – Adaptive and Networked (BMWK, 2021-2024)

Selected Past Projects

  • CONSENT: Conformance-driven and Auto-configured Security for Home and Industrial Networks (NERD.NRW, 2018-2021)
  • CONNECT: Innovative Smart Components, Modules and Appliances for a Truly Connected, Efficient and Secure Smart Grid (ECSEL Joint Undertaking, 2017-2021)
  • Digital Campus (BMBF, DAAD, 2020-2021)
  • IPACS: Intelligent Privacy-aware Cloud-based Services (DFG EI, 2013-2016)
  • Mobile ACcess: Mobility and City-wide Communication Environment for Secure Internet Services (IKT.NRW, 2009-2012)
  • myneData: Self-determined Utilization of Personal Data with Inherent Protection of Privacy and Data (BMBF, 2016-2019)
  • PREserv: Privacy Enhanced Sensing, Encoding, Relaying & Visualization (IKT.NRW, 2013-2016)
  • SensorCloud: Trustworthy Management and Analysis of Sensor Data in a Cloud Infrastructure (BMWi, 2012-2014)
  • SSICLOPS: Scalable and Secure Infrastructures for Cloud Operations (EU H2020, 2015-2018)
  • TRINICS: Transparent Information on the Individual Usage of Cloud Services (BMBF, 2016-2018)

Available Theses

The Security and Privacy Group typically has thesis topics available for motivated and talented students. An excerpt of available theses can be seen from inside the RWTH University network. If you have specific interests, you may contact any group member individually.

Selected Recent Publications

Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (ASIACCS '22), May 30-June 3, 2022, Nagasaki, Japan, page 252-266.
Publisher: ACM,
May 2022
ISBN: 978-1-4503-9140-5/22/05
Jan Pennekamp, Erik Buchholz, Yannik Lockner, Markus Dahlmanns, Tiandong Xi, Marcel Fey, Christian Brecher, Christian Hopmann, and Klaus Wehrle
Proceedings of the 36th Annual Computer Security Applications Conference (ACSAC '20), December 7-11, 2020, Austin, TX, USA, page 510-525.
Publisher: ACM,
December 2020
ISBN: 978-1-4503-8858-0/20/12
Jens Hiller, Johanna Amann, and Oliver Hohlfeld
Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (CCS ’20), November 9–13, 2020, Virtual Event, USA., page 1289-1306.
Publisher: ACM, New York, NY, USA
November 2020
Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA, page 101-110.
Publisher: ACM,
October 2020
ISBN: 978-1-4503-8138-3/20/10
Proceedings of the 27th IEEE International Conference on Network Protocols (ICNP '19), October 7-10, 2019, Chicago, IL, USA
Publisher: IEEE,
October 2019
ISBN: 978-1-7281-2700-2
Proceedings of the 22nd International Conference on Financial Cryptography and Data Security (FC), Nieuwpoort, Curaçao
Publisher: Springer,
February 2018
Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (CODASPY 2017), Scottsdale, AZ, USA, page 83-94.
Publisher: ACM,
March 2017
ISBN: 978-1-4503-4523-1
Proceedings of the 15th Workshop on Privacy in the Electronic Society (WPES), co-located with the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, page 99-110.
Publisher: ACM,
October 2016
ISBN: 978-1-4503-4569-9
Andriy Panchenko, Fabian Lanze, Andreas Zinnen, Martin Henze, Jan Pennekamp, Klaus Wehrle, and Thomas Engel
Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS '16), February 21-24, 2016, San Diego, CA, USA
Publisher: Internet Society,
February 2016
ISBN: 978-1-891562-41-9
- Impressum | Datenschutz -