System Security

Welcome

on the website of the “System Security” group.

About Us

The group at RuhrSec ’25 in Bochum.
from left to right Nico Heitmann, Sven Hebrok, Jost Rossel, Maximilian Radoy, Niklas Niere, Felix Lange, and Juraj Somorovsky

Our research and teaching focuses on system security, network security, applied cryptography, and censorship. Our expertise has contributed to the discovery of critical security vulnerabilities such as DROWN, ROBOT, Efail, ALPACA, and Raccoon. We systematically analyse such vulnerabilities and develop test tools to identify and fix them. One example is a tool for flexibly analysing TLS libraries: TLS-Attacker.

the team

News

04.04.2025

[blog] China Extended its SNI Censorship to QUIC

20.02.2025

Censorship Analyses of the Iranian HTTP and DNS Censor at Virtual FOCI 2025

18.02.2025

[blog] Automated Bibliography Management in Overleaf with Zotero and a Custom Proxy

19.11.2024

[blog] Censors Ignore Unencrypted HTTP/2 Traffic

15.07.2024

Censorship Circumvention with HTTP Request Smuggling in Bristol

23.10.2023

3D Printing Security in Hong Kong

10.10.2023

Three Theses Awarded “CAST Förderpreis IT-Sicherheit 2023”

27.06.2023

[blog] Circumventing the GFW with TLS Record Fragmentation

19.04.2023

[blog] We Really Need to Talk About Session Tickets

06.04.2023

Frühlings-Uni

06.03.2023

[blog] Bachelor's Thesis: Web Key Directory and Other Key Exchange Methods for OpenPGP

02.12.2022

[blog] Usage Statistics of 3D Printing File Formats

11.10.2022

Two of Our Students are Awarded “CAST Förderpreis IT-Sicherheit 2022”

11.08.2022

Our study on e-mail signature spoofing attacks presented at SOUPS

11.08.2022

TLS-Anvil presented at USENIX Security

19.04.2022

Two open PhD positions for our NERD2 projects

14.10.2021

Herbstuni

01.09.2021

ESORICS Tutorial on TLS 1.3

10.08.2021

TLS-Attacker developers

10.08.2021

Two papers presented at USENIX Security this week

09.06.2021

ALPACA Attack

25.05.2021

IT Security "Stammtisch"

04.03.2021

Open position: CTF developer

26.02.2021

IT-Sicherheit an der Uni Paderborn

24.09.2020

Raccoon Attack

24.09.2020

Our paper on Securing E-Mail encryption accepted at ACM CCS 2020

25.05.2020

Open positions in the area of IT security

25.05.2020

Our paper on Analysis of DTLS Implementations Using Protocol State Fuzzing got accepted to USENIX Security 2020

15.03.2020

3 Questions for... Prof. Dr. Juraj Somorovsky

More news

Overview

Research

Our research focuses on system security, network security, file format security, applied cryptography, and analyses of internet censorship. More information about our research.

learn more

Publications

All scientific publications from our group.

all publications

Lecture in building L of Paderborn University.

Teaching

Our group offers IT Security, Web Security, and Real World Crypto Engineering lectures. You can deepen your know-how in these areas with a seminar thesis, project group, or Bachelor/Master thesis. You can find news about our courses, theses, and other teaching-related topics here.

learn more