Fabian Schwarz

Fabian Schwarz

Dr.-Ing., Cybersecurity researcher with focus on TEE-based system and network security architectures

Supervised Projects

Security analysis of LoRaWAN in ‘The Things Network’ implementation with device virtualization

Bachelor Thesis, TU Dortmund University, CISPA Helmholtz Center for Information Security, 2022

Bachelor thesis by Marcel Leuering at TU Dortmund University. The goal of the project was a security analysis of the LoRaWAN protocol as implemented in ‘The Things Network’ (TTN). The student investigated the LoRaWAN protocol and TTN implementation to identify potential vulnerabilities, and implemented a virtual end device and gateway to test attack vectors in a private setup based on the ‘The Things Stack’. The thesis concludes with an analysis of potential attacks and recommendations for the adoption of mitigation strategies.

Deploying and extending a RISC-V CPU

Bachelor Cybersecurity Project, Saarland University, 2021

Cybersecurity bachelor project by Leon Trampert. The goals were to explore existing open-source RISC-V CPU (and SoC) designs, their deployment requirements, and the possibility to implement own CPU extension. In particular, Leon has explored the Rocket Chip and lowRISC projects and successfully deployed them on a Nexys A7 FPGA development board. In addition, he explored how to extend a Rocket Core CPU with custom coprocessor instructions.

App-grained Netfilter Policies (SENG-Netfilter)

Student Assistant, Saarland University, CISPA Helmholtz Center for Information Security, 2020

Project by student assistant Leon Trampert. The goal was to implement a Linux Netfilter extension for our SENG research project, which enables the specification and enforcement of per-application firewall policies.

VMI-based behaviour monitoring of malware

Student Assistant, Saarland University, CISPA Helmholtz Center for Information Security, 2018

Project by student assistant Patrick Schmelzeisen. The goals was to extend our dynamic malware analysis sandbox (Sandnet) with capabilities to identify and hook dynamic libraries of user space malware via virtual machine introspection (VMI) techniques. In particular, we aimed at using the Drakvuf project for the Xen hypervisor to hook SSL/TLS libraries used by malware in order to monitor their unencrypted network traffic.

DroidSand - A modular dynamic analysis platform for Android

Bachelor Cybersecurity Project, Saarland University, CISPA Helmholtz Center for Information Security, 2017

Cybersecurity Bachelor project by Tobias Kirsch and Jannik Pfeifer. The goal was to design a dynamic analysis system to monitor the system calls and service calls (intents) of Android applications within an emulator. The motivation was to augment our dynamic malware analysis sandbox (Sandnet) with support for system behaviour traces of malicious Android apps.