Forschungsschwerpunkte
- Sicherheit von Nutzer*innensystemen
- Privatheit von Daten
- Datensicherheit
- Systemsicherheit
- Maschinelles Lernen für IT-Sicherheit
- Sicherheit von KI-Systemen
- Authentifizierung
- User & Device Tracking
- Ubiquitäre Sicherheit
Weitere Zugehörigkeit an der Universität Münster
Vita
Akademische Ausbildung
- Doktor-Ingenieur (IT-Sicherheit)
- Master of Science (IT-Sicherheit)
- Dipl.-Wirt.-Inf. (FH)
Rufe
- Juniorprofessur für IT-Security
WWU Münster, IT-Security (W1) – angenommenCyber Securityangenommen
Lehre
Seminar
- Doktorandenseminar: ERCIS - Lunchtime Seminar [046025]
(zusammen mit Prof. Dr. Fabian Gieseke, Prof. Dr. Stefan Klein, Prof. Dr. Heike Trautmann, Prof. Dr. Tobias Brandt, Prof. Dr. Bernd Hellingrath, Prof. Dr. Gottfried Vossen, apl. Prof. Christian Grimme, Prof. Dr. Jörg Becker, Dr. Rainer Böhme, Prof. Dr. Herbert Kuchen, Jun.-Prof. Benedikt Berger)
Sonstige Lehrveranstaltung
- Information Security [046020]
(zusammen mit Dr. Henry Hosseini)
Vorlesung
- Vorlesung: Einführung in die Wirtschaftsinformatik [044000]
(zusammen mit Dr. Armin Stein, Prof. Dr. Jan vom Brocke, Prof. Dr. Fabian Gieseke, Prof. Dr. Stefan Klein, Prof. Dr. Tobias Brandt, apl. Prof. Christian Grimme, Prof. Dr. Bernd Hellingrath, Dr. Bettina Distel, Prof. Dr. Herbert Kuchen, Jun.-Prof. Benedikt Berger, Dr. Katrin Bergener, Prof. Dr. Jörg Becker, apl. Prof. Rolf Teubner)
Seminare
- Seminar: Anleitungen zum wissenschaftlichen Arbeiten
- Doktorandenseminar: ERCIS - Lunchtime Seminar
(zusammen mit Dr. Stephan Meisel, Prof. Dr. Stefan Klein, Prof. Dr. Fabian Gieseke, Prof. Dr. Heike Trautmann, Prof. Dr. Herbert Kuchen, Prof. Dr. Gottfried Vossen, Prof. Dr. Bernd Hellingrath, Dr. Rainer Böhme, Prof. Dr. Jörg Becker)
Sonstige Lehrveranstaltung
- Vertiefung: VM Inf: Game Hacking: Einführung in Dynamische Analyse [044067]
(zusammen mit Lukas Schmidt)
Seminare
- Seminar: Anleitungen zum wissenschaftlichen Arbeiten [042063]
- Doktorandenseminar: ERCIS - Lunchtime Seminar [042050]
(zusammen mit Prof. Dr. Fabian Gieseke, Prof. Dr. Stefan Klein, Dr. Stephan Meisel, Prof. Dr. Herbert Kuchen, Prof. Dr. Heike Trautmann, Prof. Dr. Bernd Hellingrath, Prof. Dr. Gottfried Vossen, Prof. Dr. Jörg Becker, Dr. Rainer Böhme)
Sonstige Lehrveranstaltungen
- Vertiefung: BA-VM-Inf: Game Hacking: Einführung in Dynamische Analyse [042070]
(zusammen mit Lukas Schmidt) - Information Security [042045]
(zusammen mit Dr. Henry Hosseini)
- Doktorandenseminar: ERCIS - Lunchtime Seminar [046025]
Projekte
- FOR 5393: Die digitale Mittelstadt der Zukunft - Teilprojekt: Vertrauensmanagement in der Digitalen Mittelstadt ( – )
Teilprojekt in DFG-Verbund koordiniert an der Universität Münster: DFG - Forschungsgruppe | Förderkennzeichen: DI 2760/1-1 - Standortübergreifendes Graduiertenkolleg: „North Rhine-Westphalian Experts on Research in Digitalization“ (NERD) - Tandempromotion: "MedMax: Preparing Hospital Environments for Future Cyber lncidents"
( – )
participations in other joint project: MKW - Förderlinie „Digitale Sicherheit“ - Standortübergreifendes Graduiertenkolleg | Förderkennzeichen: 005-2201-0014 - FOR 5393: Die digitale Mittelstadt der Zukunft - Teilprojekt: IT-Sicherheit: Security Orchestration, Automation and Response als Sicherheitsstrategie der mittelstädtischen Digitalisierung ( – )
Teilprojekt in DFG-Verbund koordiniert an der Universität Münster: DFG - Forschungsgruppe | Förderkennzeichen: HU 3005/2-1 - FOR 5393: Die digitale Mittelstadt der Zukunft ( – )
DFG-Hauptprojekt koordiniert an der Universität Münster: DFG - Forschungsgruppe - IIP – Intelligenter lntermodaler Pendlerverkehr ( – )
participations in bmbf-joint project: Bundesministerium für Bildung und Forschung | Förderkennzeichen: 16KISA121
- FOR 5393: Die digitale Mittelstadt der Zukunft - Teilprojekt: Vertrauensmanagement in der Digitalen Mittelstadt ( – )
Publikationen
- . . ‘A Bilingual Longitudinal Analysis of Privacy Policies Measuring the Impacts of the GDPR and the CCPA/CPRA.’ Proceedings on Privacy Enhancing Technologies 2024, Nr. 2: 434–463. doi: 10.56553/popets-2024-0058.
- . . ‘Improving Trace Synthesis by Utilizing Computer Vision for User Action Emulation.’ In Proceedings of the Digital Forensics Research Conference USA (DFRWS USA) 2023. doi: 10.1016/j.fsidi.2023.301557.
- . . ‘Assessing the Security and Privacy of Baby Monitor Apps.’ Journal of Cybersecurity and Privacy 3, Nr. 3. doi: 10.3390/jcp3030016.
- . . Die digitale Mittelstadt der Zukunft verstehen: Ein transdisziplinärer Forschungsrahmen Working Papers, Forschungsgruppe Digitale Mittelstadt der Zukunft (FOR 5393), Nr. 01. N/A: Selbstverlag / Eigenverlag, . doi: 10.17879/86988482729.
- . . ‘Utilizing Blockchains in Opportunistic Networks for Integrity and Confidentiality.’ Blockchain: Research and Applications 100167.
- . . ‘A Tale of Two Regulatory Regimes: Creation and Analysis of a Bilingual Privacy Policy Corpus.’ In Proceedings of the 13th Conference on Language Resources and Evaluation, edited by , 5460–5472. France: European Language Resources Association.
- . . ‘Automated Search for Leaked Private Keys on the Internet: Has Your Private Key Been Pwned?’ In Proceedings of the 17th International Conference on Software Technologies, edited by , 649–656. Setúbal: SciTePress. doi: 10.5220/0011308000003266.
- . . ‘Discovering Vulnerabilities and Patches for Open Source Security.’ In Proceedings of the 17th International Conference on Software Technologies, edited by . Setúbal: SciTePress.
- . . ‘Improving the Performance of Opportunistic Networks in Real World Applications Using Machine Learning Techniques.’ Journal of Sensor and Actuator Networks 11 (4): 61–90. doi: 10.3390/jsan11040061.
- . . ‘Blossom: Cluster-Based Routing for Preserving Privacy in Opportunistic Networks.’ Journal of Sensor and Actuator Networks 11, Nr. 4: 75. doi: 10.3390/jsan11040075.
- . . ‘Secure and privacy preserving structure in Opportunistic Networks.’ Computers and Security 103.
- . . Challenges and Potentials of Digitalisation for Small and Mid-sized Towns: Proposition of a Transdisciplinary Research Agenda Working Papers, Nr. 36. Münster: European Research Center for Information Systems, .
- . . ‘Unifying Privacy Policy Detection.’ Proceedings on Privacy Enhancing Technologies 2021, Nr. 4: 480–499. doi: 10.2478/popets-2021-0081.
- . . ‘On the Usefulness of User Nudging and Strength Indication concerning Unlock Pattern Security.’ Contributed to the IEEE International Conference On Trust, Security And Privacy In Computing And Communications, Guangzhou.
- . . ‘Opportunistic Tracking in Cyber-Physical Systems.’ Contributed to the IEEE International Conference On Trust, Security And Privacy In Computing And Communications, Guangzhou.
- . . ‘A Secure and Reliable Structure in Opportunistic Networks.’ Journal of Information System Security 2020.
- . . ‘HeadPrint: Detecting Anomalous Communications through Header-based Application Fingerprinting.’ Contributed to the ACM Symposium on Applied Computing, Brno, Czech Republic.
- . . ‘An Empirical Study on Online Price Differentiation.’ Contributed to the ACM Conference on Data and Applications Security and Privacy (CODASPY 2018), Tempe, Arizona, USA.
- . . On the feasibility and impact of digital fingerprinting for system recognition Dissertationsschrift, Ruhr-Universität Bochum, Germany.
- . . ‘May the Force Be with You: The Future of Force-Sensitive Authentication.’ IEEE Internet Computing 21, Nr. 3: 64–69. doi: 10.1109/MIC.2017.78.
- . . ‘An Empirical Study on Price Differentiation Based on System Fingerprints.’ arXiv preprint arXiv:1712.03031 2017.
- . . ‘Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness.’ Contributed to the 9th International Conference on Trust & Trustworthy Computing (TRUST), Vienna, Austria. doi: 10.1007/978-3-319-45572-3_3.
- . . ‘Use the force: Evaluating force-sensitive authentication for mobile devices.’ Contributed to the welfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA.
- . . ‘Leveraging Sensor Fingerprinting for Mobile Device Authentication.’ In DIMVA 2016: Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, edited by , 377–396. Heidelberg: Springer. doi: 10.1007/978-3-319-40667-1_19.
- . . ‘On the robustness of mobile device fingerprinting: Can mobile users escape modern web-tracking mechanisms?’ Contributed to the 31th Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA.
- . . ‘Going wild: Large-scale classification of open DNS resolvers.’ Contributed to the 15th ACM Internet Measurement Conference (IMC), Tokyo, Japan.
- . . Mobile Device Fingerprinting.
- . . ‘On the Effectiveness of Fingerprinting Mobile Devices Investigating Modern Web-Tracking Mechanisms.’ Horst Görtz Institut für IT-Sicherheit (HGI) 2015.
- . . ‘Tactile One-Time Pad: Leakage-Resilient Authentication for Smartphones.’ Contributed to the Financial Cryptography and Data Security, San Juan, Puerto Rico. doi: 10.1007/978-3-662-47854-7_15.
- . . Tactile one-time pad: smartphone authentication resilient against shoulder surfing , Nr. HGI-2014–003. N/A: Selbstverlag / Eigenverlag, .
- . . ‘Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks.’ Contributed to the 8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, California, USA.
- . . ‘Exit from Hell? Reducing the Impact of Amplification DDoS Attacks.’ Contributed to the 23rd USENIX Security Symposium, San Diego, California, USA.
- . . Amplification DDoS Attacks.
- . . ‘Flexible patient-controlled security for electronic health records.’ Contributed to the ACM SIGHIT International Symposium on Health Informatics (IHI), Miami, Florida, USA.
Prof. Dr.-Ing. Thomas Hupperich
Juniorprofessur für IT-Sicherheit (Prof. Hupperich)