Network Security

Network Security

In an era of hyperconnectivity, Network Security is no longer an optional safeguard, it is a core architectural principle. The Network Security Group investigates, develops, and evaluates advanced strategies to protect communication networks against evolving cyber threats.
Our focus is on proactive and intelligent security mechanisms that go beyond traditional perimeter defences. We combine theoretical modelling with applied research across three key pillars:
  • Network Fuzzing: Uncovering protocol vulnerabilities through intelligent fuzz testing to detect deep flaws before attackers do.
  • Intrusion Detection Systems: Leveraging AI and deep learning for anomaly-based detection of sophisticated cyberattacks.
  • Network Security Simulation: Creating safe, virtual environments to simulate and evaluate real-world threats targeting complex infrastructures, including smart grids and IoT systems.
We are also exploring emerging technologies such as LLM-based anomaly classifiers and cyber-physical security for critical infrastructure protection, with strong ties to current industrial and EU-level regulatory demands (e.g., CRA, NIS2, IEC 62443, MITRE ATT&CK).
Our aim is to anticipate, simulate, and defend, transforming resilience from a buzzword into a quantifiable, verifiable system property.


  • Test Patterns zur Erkennung von Softwareschwachstellen

    (Third Party Funds Group – Sub project)

    Overall project: Evaluierung von Verfahren zum Testen der Informationssicherheit in der nuklearen Leittechnik durch smarte Testfallgenerierung 2
    Term: 2020-07-01 - 2023-06-30
    Funding source: Bundesministerium für Wirtschaft und Energie (BMWE)
    Abstract
    Das Verbundvorhaben SMARTEST2 befasst sich mit Untersuchungen zur Verbesserung der IT-Sicherheit vernetzter software-basierter leittechnischer Systeme. Aufbauend auf den Forschungsergebnissen des Vorgängerprojekts SMARTEST sollen weitergehende securityrelevante Testverfahren zur Unterstützung der Erkennung von Schwachstellen in nuklearen Leittechniksystemen erarbeitet werden.Auf der Basis des Vorgängerteilvorhabens SMARTEST-FAU-SWE befasst sich das Teilvorhaben SMARTEST2-FAU-SWE mit der Entwicklung systematischer, angriffsspezifischer Testverfahren mittels sukzessiver Identifikation relevanter Schwachstellenklassen, statischer Verfahren zur Eingrenzung des Suchraums und zur Ermittlung der zu verfolgenden Testziele, sowie dynamischer Verfahren zur heuristischen Verfolgung der statisch identifizierten Testziele. Ein weiteres Ziel betrifft die Herleitung eines Leitfadens mittels Zuordnung der untersuchten Schwachstellenarten und der sich ergebenden Testmuster.

  • Model-based testing strategies

    (Third Party Funds Group – Sub project)

    Overall project: SMARTEST: Evaluierung von Verfahren zum Testen der Informationssicherheit in der nuklearen Leittechnik durch smarte Testfallgenerierung
    Term: 2015-07-01 - 2018-12-31
    Funding source: Bundesministerium für Wirtschaft und Energie (BMWE)
    Abstract
    Overall goal of the cooperative project SMARTEST is to increase the ability of detecting as far as possible IT vulnerabilities in automatic control software for nuclear power plants. By removing the vulnerabilities identified the chances of IT attacks and thus also the risk of critical events due to systematic IT attacks can be reduced. 
    Appropriate model notations are to be selected for the purpose of representing predefined attack scenarios at an adequate abstraction level. On the basis of the resulting models and scenarios, test targets are to be determined and formalised such that their achievement can provide evidence for existing system vulnerabilities. In case the testing targets are not achieved, appropriate metrics are to be provided allowing for a significant quantitative evaluation of the testing progress achieved so far. Such measurable test stopping criteria can finally be applied to control the automatic generation of optimal test data.

Type Title Status
MA thesis Al-Based Anomaly Detection to Enhance Cybersecurity in IoT Networks running
MA thesis Al-Driven Anomaly Detection of ICS Protocols in Smart Grids running
MA thesis Enhancing Cybersecurity for Cyber-Physical Systems: Integration of Preventive and Detective Controls Using Digital Twins running
MA thesis A Social-aware Software Stack for an Autonomous Driving Wheelchair finnished
MA thesis i7Fuzzer: An Intelligent Approach for Protocol Security Testing finnished