Research
All publications can be found on ORCID: 0000-0002-5597-3913.
We address a varity of topics in the Security Analytics research groups.
My research in Digital Vehicle Forensics investigates how data from modern and legacy vehicles can be acquired, interpreted, and used as reliable digital evidence. Vehicles increasingly act as complex cyber-physical data sources, containing traces from infotainment systems, ECUs, sensors, communication interfaces, and connected services. I focus on forensic acquisition methods, evidential reliability, interpretation challenges, and the impact that forensic procedures may have on vehicle systems and stored data.
In Embedded Forensics & Security, I study the security and forensic analysis of embedded systems used in constrained, heterogeneous, and safety-critical environments. This includes firmware analysis, hardware interfaces, memory acquisition, secure system design, and the forensic reconstruction of events on devices with limited transparency and resources. A central goal is to develop methods that make embedded evidence more understandable, reproducible, and trustworthy while accounting for the technical limitations of real-world devices.
My work in Security Analytics focuses on detecting, explaining, and investigating security-relevant behavior in complex IT, OT, and cyber-physical infrastructures. I combine log analysis, anomaly detection, threat detection, system monitoring, and forensic reasoning to support both operational security and post-incident investigations. A particular focus lies on methods that are not only effective, but also interpretable and useful for analysts who must understand why a system behavior is suspicious.
Ongoing projects/topics
Research topics
- The Sortitute: Embedded edge device running a pruned and quantized model to detect different types of material to sort trash
- TinyBrains: Embedded edge device to help deaf people in ASL and GSL live translation. The installed model is pruned and quantized
- ClickBait: Pruned and quantized model running on an embedded edge device that can detect different key’s pressed based on their sound pattern
- Security and Forensic Analysis of the Abrites MODI Applications
- Development of a resilient security concept for networked medical devices
Final theses
-
Formalizing Interpretability and Understandability for AI Systems in Digital Forensics: An Extension of the ExF Framework (MA)
-
Security of Apple CarPlay (MA)
-
Security implications of extracting microservices from a .NET Modulithe (MA)
-
Investigation of Various Approaches to Non-Destructive Digital Forensic Data Acquisition from a Vehicle Infotainment System (MA)
-
Security Analysis of the Communication Layer of Android Auto (BA)
-
Adaptive Bias Control for RF GaN Power Ampliers Using On-Device TinyML Inference (BA)
-
Design and Evaluation of a Snapshot-Based Method for Detecting Web Defacment Attacks (BA)
-
Real-Time In-Vehicle Cyberthreat Detection for Vehicle Fleets (BA)
-
Evaluating the Impact of Structural Pruning and Low-Bit Quantization on the Safety Alignment of SLMs (BA)
-
Automated detection of Web-Defacement-Attacks (BA)
PhD projects
- Vehicle Security Operations Center
- Threat Modeling for Automotive Systems