Prof. Dr. Claudia Eckert
Chair
| Address: |
Technische Universität München
Chair for IT Security (I20)
Boltzmannstraße 3
85748 Garching (near Munich)
Germany
|
| Phone: |
+49 (0)89 289-18577 |
| Fax: |
+49 (0)89 289-18579 |
| E-Mail: |
Claudia Eckert |
| Room: |
01.08.054 |
Prof. Dr. Claudia Eckert ist Leiterin des Fraunhofer-Instituts für Angewandte und Integrierte Sicherheit AISEC in Garching und Professorin der Technischen Universität München, wo sie den Lehrstuhl für Sicherheit in der Informatik an der Fakultät für Informatik innehat. Zu ihren Forschungsschwerpunkten zählen die Entwicklung von Technologien zur Erhöhung der System- und Anwendungssicherheit, die Sicherheit eingebetteter Systeme und die Erforschung neuer Techniken zur Erhöhung der Resilienz und Robustheit von Systemen gegen Angriffe. Ihre Forschungsergebnisse wurden in über 160 begutachteten Fachbeiträgen veröffentlicht.
Seit 1.1.2018 ist sie die Sprecherin des Fraunhofer Clusters of Excellence Cognitive Internet Technologies CCIT, in dem die Expertisen von über 20 Fraunhofer-Instituten gebündelt werden, um neue kognitive Lösungen vom Sensor über Edge-Devices bis in die Cloud-Plattformen für die Digitalisierung insbesondere im industriellen Umfeld zu entwickeln und umzusetzen.
Als Mitglied verschiedener nationaler und internationaler industrieller Beiräte und wissenschaftlicher Gremien berät sie Unternehmen, Wirtschaftsverbände sowie die öffentliche Hand in allen Fragen der IT-Sicherheit. In Fachgremien wirkt sie mit an der Gestaltung der technischen und wissenschaftlichen Rahmenbedingungen in Deutschland sowie an der Ausgestaltung von wissenschaftlichen Förderprogrammen auf EU-Ebene.
Office Hours
Please contact our secretary to arrange individual appointments.
Anerkennung von Lehrveranstaltungen
Anerkennungen von Auslandssemestern, Gutachten und Empfehlungsschreiben durch Frau Prof. Eckert können nur nach einem persönlichen Gespräch erfolgen. Wir bitten Sie daher, über das Sekretariat einen Termin zu vereinbaren.
Kurzlebenslauf
| 2001 - 2008 |
Professur für IT-Sicherheit an der Technischen Universität Darmstadt |
| 2001 - 2011 |
Leitung des Fraunhofer-Instituts für Sichere Informationstechnologie
SIT, Darmstadt |
| seit 2008 |
Professur für IT-Sicherheit an der Technischen Universität München und
Leitung des Fraunhofer-Instituts für Angewandte und Integrierte
Sicherheit AISEC |
| seit 2018 |
Sprecherin des Fraunhofer Clusters of Excellence Cognitive Internet
Technologies CCIT |
Contact to the Fraunhofer Institute AISEC
| Address: |
Fraunhofer Institute for Applied and Integrated Security (AISEC)
Parkring 4
85748 Garching (near Munich) |
| Phone: |
+49 (0)89 3229986-292 |
| Fax: |
+49 (0)89 3229986-299 |
| E-Mail: |
claudia.eckert@aisec.fraunhofer.de |
Publications
| 2021 |
|
Hybroid: Toward Android Malware Detectionand Categorization with Program Code and Network Traffic |
| |
|
Falcon: Malware Detection and Categorization with Network Traffic Images |
| |
|
HawkEye: Cross-Platform Malware Detection with Representation Learning on Graphs |
| |
|
iTOP: Automating Counterfeit Object-Oriented Programming Attacks |
| 2020 |
|
ρFEM: Efficient Backward-edge Protection Using Reversed Forward-edge Mappings |
| |
|
Detecting and Categorizing Android Malware with Graph Neural Networks |
| |
|
IntRepair: Informed Repairing of Integer Overflows |
| 2019 |
|
Analyzing Control Flow Integrity with LLVM-CFI |
| |
|
IntRepair: Informed Repairing of Integer Overflows |
| |
|
MANIS: Evading Malware Detection System on Graph Structure |
| 2018 |
|
Learning on a Budget for User Authentication on Mobile Devices |
| |
|
Hiding in the Shadows: Empowering ARM for Stealthy Virtual Machine Introspection |
| |
|
τCFI: Type-Assisted Control Flow Integrity for x86-64 Binaries. |
| |
|
CastSan: Efficient Detection of Polymorphic {C++} Object Type Confusions with {LLVM} |
| |
|
Attack Graph-Based Assessment of Exploitability Risks in Automotive On-Board Networks |
| 2017 |
|
Cyber-Sicherheit in Industrie 4.0 |
| |
|
Cybersicherheit beyond 2020!: Herausforderungen für die IT-Sicherheitsforschung |
| |
|
Dynamic Loader Oriented Programming on Linux |
| |
|
Finding the Needle: A Study of the PE32 Rich Header and Respective Malware Triage |
| |
|
Empowering Convolutional Networks for Malware Classification and Analysis |
| |
|
Combating Control Flow Linearization |
| 2016 |
|
CoKey: Fast token-based cooperative cryptography |
| |
|
Deep Learning for Classification of Malware System Call Sequences |
| |
|
POSTER: vTableShield: Precise Protecting of Virtual Function Dispatches in C++ Programs |
| |
|
Novel weaknesses in IEC 62351 protected Smart Grid control systems |
| |
|
Policy-based implicit attestation for microkernel-based virtualized systems |
| |
|
SKALD: A Scalable Architecture for Feature Extraction, Multi-User Analysis, and Real-Time Information Sharing |
| |
|
DeepFuzz: Triggering vulnerabilities deeply hidden in binaries |
| |
|
Adaptive Semantics-Aware Malware Classification |
| |
|
Interactive Function Identification Decreasing the Effort of Reverse Engineering |
| 2015 |
|
Neural Network-Based User-Independent Physical Activity Recognition for Mobile Devices |
| |
|
iDeFEND: Intrusion Detection Framework for Encrypted Network Data |
| |
|
iDeFEND: Intrusion Detection Framework for Encrypted Network Data |
| |
|
Counteracting Data-Only Malware with Code Pointer Examination |
| |
|
POSTER: Automated Generation of Buffer Overflow Quick Fixes using Symbolic Execution and SMT |
| |
|
Automated Generation of Buffer Overflows Quick Fixes using Symbolic Execution and SMT |
| |
|
Virtual Machine Introspection with Xen on ARM |
| |
|
Automated Detection of Information Flow Vulnerabilities in UML State Charts and C Code |
| |
|
Attack Surface and Vulnerability Assessment of Automotive Electronic Control Units |
| |
|
Is Feature Selection Secure against Training Data Poisoning? |
| |
|
POSTER: Automated Generation of Buffer Overflow Quick Fixes using Symbolic Execution and SMT |
| |
|
Retrospective Protection utilizing Binary Rewriting |
| |
|
User Identity Verification Based on Touchscreen Interaction Analysis in Web Contexts |
| |
|
Detecting Fingerprinted Data in TLS Traffic |
| |
|
Industrie 4.0 meets IT-Sicherheit: eine Herausforderung! |
| |
|
Blind Format String Attacks |
| 2014 |
|
SobiTra – A Software-based Trust-Anchor for ARM Cortex Application Processors |
| |
|
IT-Sicherheit und Cloud Computing |
| |
|
Efficient Attack Forest Construction for Automotive On-board Networks |
| |
|
Code Validation for Modern OS Kernels |
| |
|
Context-sensitive Detection of Information Exposure Bugs with Symbolic Execution |
| |
|
Multi-tiered Security Architecture for ARM via the Virtualization and Security Extensions |
| |
|
Support Vector Machines under Adversarial Label Contamination |
| |
|
Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data |
| |
|
Persistent Data-only Malware: Function Hooks without Code |
| 2013 |
|
Identities for Embedded Systems Enabled by Physical Unclonable Functions |
| |
|
Security Issues of Multi-Core Architectures—The Automotive Case |
| |
|
Middleware-based Security for Hyperconnected Applications in Future In-Car Networks |
| |
|
Practical Information-Flow Aware Middleware for In-Car Communication |
| |
|
Leveraging In-Car Security by Combining Information Flow Monitoring Techniques |
| |
|
Automotive Proxy-based Security Architecture for CE Device Integration |
| |
|
Improving Mobile Device Security with Operating System-level Virtualization |
| |
|
Online Lazy Gaussian Process Committee and its Application in Real-Time Trajectory Prediction |
| |
|
Efficient Online Sequence Prediction with Side Information |
| |
|
Active File Integrity Monitoring using Paravirtualized Filesystems. |
| |
|
Indicative Support Vector Clustering with its Application on Anomaly Detection |
| |
|
Verifiable Trust between Electronic Control Units based on a single Trust Anchor |
| |
|
Lightweight Attestation & Secure Code Update for Multiple Separated Microkernel Tasks |
| |
|
Lazy Gaussian Process Committee for Real-Time Online Regression |
| |
|
Leveraging String Kernels for Malware Detection |
| |
|
X-TIER: Kernel Module Injection |
| |
|
Learning from Multiple Observers with Unknown Expertise |
| |
|
OPARS: Objective Photo Aesthetics Ranking System |
| 2012 |
|
Smart Mobile Apps -- Mit Business-Apps ins Zeitalter mobiler Geschäftsprozesse |
| |
|
Actively Learning Probabilistic Subsequential Transducers |
| |
|
Automotive Proxy-based Security Architecture for CE Device Integration |
| |
|
Towards Secure Fieldbus Communication |
| |
|
Flash: Efficient, Stable and Optimal K-Anonymity |
| |
|
Adversarial Label Flips Attack on Support Vector Machines |
| |
|
Highly Efficient Optimal K-Anonymity For Biomedical Datasets |
| |
|
Evasion Attack of Multi-Class Linear Classifiers |
| |
|
Using Hardware Performance Events for Instruction-Level Monitoring on the x86 Architecture |
| |
|
Bridging the Semantic Gap Through Static Code Analysis |
| 2011 |
|
Sicherheit im Smart Grid - Herausforderungen und Handlungsempfehlungen |
| |
|
Innovative Sicherheitstechnologien: sine-qua-non für safety-kritische Systeme? |
| |
|
Nitro: Hardware-based System Call Tracing for Virtual Machines |
| |
|
A Universal Semantic Bridge for Virtual Machine Introspection |
| |
|
T-CUP: A TPM-based Code Update Protocol Enabling Attestations for Sensor Networks |
| 2010 |
|
Grammatical Inference Algorithms in MATLAB |
| |
|
PSMA: A Parallel Algorithm for Learning Regular Languages |
| |
|
Improving the Quality of Ring Oscillator PUFs on FPGAs |
| |
|
Konzept für ein deutschlandweites Krankheitsnetz am Beispiel von mitoREGISTER |
| |
|
Datenschutz und Datensicherheit in intelligenten Energienetzen |
| |
|
Exploiting the x86 Architecture to Derive Virtual Machine State Information |
| |
|
Digitale Daten in Geräten und Systemen |
| 2009 |
|
PDoS-Resilient Push Protocols for Sensor Networks |
| |
|
On Multi-Authority Ciphertext-Policy Attribute-Based Encryption |
| |
|
A Formal Model for Virtual Machine Introspection |
| |
|
On Controlled Sharing of Virtual Goods |
| |
|
ITK-Kompendium 2010 |
| |
|
Enhancing Control of Service Compositions in Service-Oriented Architectures |
| 2008 |
|
Ways to Track Your Lover |
| |
|
Measuring Unlinkability Revisited |
| |
|
Defending against False-Endorsement-Based DoS Attacks in Wireless Sensor Networks |
| |
|
An Enhanced Scheme to Defend against False-Endorsement-Based DoS Attacks in WSNs |
| |
|
On Handling Insider Attacks in Wireless Sensor Networks |
| |
|
Distributed Attribute-Based Encryption |
| |
|
Towards Secure E-Commerce Based on Virtualization and Attestation Techniques |
| |
|
A Reputation System for Electronic Negotiations |
| |
|
Improving the Scalability of Platform Attestation |
| |
|
Distributed Attribute-Based Encryption |
| |
|
Enhancing Trusted Platform Modules with Hardware-Based Virtualization Techniques |
| |
|
Measuring Unlinkability Revisited |
| 2007 |
|
Situation-based Policy Enforcement |
| |
|
Detecting Node Compromise in Hybrid Wireless Sensor Networks Using Attestation Techniques |
| |
|
Detecting Node Compromise in Hybrid Wireless Sensor Networks Using Attestation Techniques |
| |
|
A Secure Ticket-Based En-route Filtering Scheme for Wireless Sensor Networks |
| |
|
Ambient Intelligence: Neue Herausforderungen fuer die IT-Sicherheit |
| 2006 |
|
Artificial Immune Systems for IT-Security |
| |
|
On the Use of Hyperspheres in Artificial Immune Systems as Antibody Recognition Regions |
| |
|
On Permutation Masks in Hamming Negative Selection |
| |
|
Hades - Hardware Assisted Document Security |
| |
|
A Robust Integrity Reporting Protocol for Remote Attestation |
| |
|
History-based Access Control and Information Flow Control for Structured Documents |
| |
|
Experimental Performance Evaluation of Secure, Mobile IP-based, 3G-WLAN Handover. |
| |
|
Secure Mobility in Beyond 3G |
| |
|
The Link between r-contiguous Detectors and k-CNF Satisfiability |
| |
|
Generalization Regions in Hamming Negative Selection |
| |
|
Interworking von UMTS und WLAN: Nutzen und Sicherheitsaspekte |
| 2005 |
|
Secure mobile business solutions for real-time enterprises |
| |
|
Security Issues of Mobile Devices |
| |
|
RBAC Policy Engineering with Patterns |
| |
|
Is Negative Selection Appropriate for Anomaly Detection ? |
| |
|
A Comparative Study of Real-Valued Negative Selection to Statistical Anomaly Detection Techniques |
| |
|
Mobile Kommunikation: Technik und Sicherheitsprobleme |
| |
|
Kundenbindung durch ein anonymes Rabattsystem |
| |
|
Mobile Technologien -- Chancen und neue IT-Sicherheitsrisiken |
| |
|
Ubiquitäre Sicherheit für dynamische, mobile Systeme – eine Herausforderung für die IT-Sicherheit |
| |
|
Identification of Security Requirements in WLAN-WLAN Inter-Domain Handovers based on Threat And Risk Analysis |
| |
|
On the Appropriateness of Negative Selection defined over Hamming Shape-Space as a Network Intrusion Detection System |
| 2004 |
|
An Investigation of R-Chunk Detector Generation on Higher Alphabets |
| |
|
Protected Transmission of Biometric Authentication Data for Oncard-Matching |
| |
|
NGN, AII-IP, B3G: Enabler für das Future Net?! Üerblick über Entwicklungen im Bereich zukünftiger Netze |
| |
|
Interworking von UMTS und WLAN: eine sicherheitstechnische Betrachtung |
| |
|
Technologie-Entwicklungen und Probleme auf dem Weg zum Future Net |
| |
|
SIMS - eine Simulationsumgebung zur Analyse von Klassen von Angriffen |
| |
|
IT-Sicherheit: Probleme, Lösungen und einige neue Herausforderungen |
| 2003 |
|
Sicheres mobiles Arbeiten - Zwischen Wunsch und Wirklichkeit |
| |
|
Mobil, aber sicher! |
| |
|
Schwerpunkt "IT-Sicherheit" Mobiles Arbeiten, sind Sie sicher? |
| |
|
Sicherheit und E-Learning |
| |
|
Die Technik in der IT-Sicherheit |
| |
|
Schutz biometrischer Daten bei Authentisierung auf Smartcards |
| |
|
Sicherheit -- Bremse oder Schrittmacher? |
| 2002 |
|
Pseudonymes Einkaufen physischer Güter für Internet-Shops ohne Zwischenhändler |
| |
|
IT-Sicherheit - Schrittmacher oder Bremser der Innovationen |
| |
|
IT-Sicherheit: Innovationen für die Informations- und Wissensgesellschaft |
| |
|
Ein Vergleich moderner Linux-Sicherheitsmechanismen |
| 2001 |
|
Anonym im Internet? Probleme und Lösungen |
| |
|
Internet Anonymity: Problems and Solutions |
| |
|
Zur Sicherheit mobiler persönlicher Endgeräte - eine Bestandsaufnahme |
| 2000 |
|
Mobile Devices In eBusiness - New Opportunities And New Risks |
| |
|
Trust and Confidence in Open Systems: Does Security Harmonize with Mobility? |
| |
|
GSFS - a New Group-Aware Cryptographic File System |
| |
|
Flexible, Distributed and Adaptive Ressource Managament in MoDIS |
| |
|
GSFS - ein gruppenfähiges, verschlüsselndes Dateisystem |
| 1999 |
|
Improving Resource Management in Distributed Systems using Language-level Structuring Concepts |
| 1998 |
|
Mobil und anonym im Netz mit dem Mixed Mobile Internet Protocol |
| |
|
Sichere, verteilte Systeme – Konzepte, Modelle und Systemarchitekturen |
