Alexandra Dirksen

Alexandra Dirksen is a PhD Candidate since May 2018 and is currently working in the field of Web Security & Privacy, Web PKI and Large Scale Adversaries.
Her further interests are different topics of Applied Cryptography and Ethics in Computer Science.

She is currently part of the KIWI Project, where she works on mechanisms to detect security issues in OAuth protocol flows at runtime.

Room IZ 209A

a.dirksen[at]tu-braunschweig.de

@z4lem

+49 531/391-2270

STUDENT PROJECTS

If you're interested in one of my project calls or any of my research fields in general, feel free to contact me.
You can find my Lego specific project calls on the LegoLab's website.

Anycast is a method for addressing and routing within the network in which incoming requests can be routed to a variety of different locations.
The goal of this thesis is to investigate existing Anycast detection techniques and to build a map visualization tool for Anycast requests. The choice of the language/tools is up to the student.

Upon successful completion of the Thesis, further employment in this area as a student assistant during the following master's programme would be desirable.

PUBLICATIONS

LogPicker: Strengthening Certificate Transparency Against Covert Adversaries.
Alexandra Dirksen, David Klein, Robert Michael, Tilman Stehr, Konrad Rieck and Martin Johns.
Proceedings on Privacy Enhancing Technologies (PETS'21)

Towards Enabling Secure Web-based Cloud Services using Client-side Encryption
Martin Johns, Alexandra Dirksen
Proceedings of ACM Workshop on Cloud Computing Security (CCSW’20) [BIB]

TALKS

LogPicker: Strengthening Certificate Transparency against Covert Adversaries
- PETS'21, Gather.town (virtual)

Towards enabling Secure Web-Based Cloud Services using Client-Side Encryption
- CCSW'21, Gather.town (virtual) [Slides]

A Blockchain Picture Book [Video]
- 35C3, 29.12.2018, Leipzig, Germany
- DMZ Europe, 08.11.2018, Stuttgart, Germany

SUPERVISED THESES

Master's Thesis by Tilman Stehr

Certificate Transparency (CT) is an extension to the web’s PKI that allows insight into the issuance of
TLS certificates by introducing public append-only logs, in which all certificates must be included.
Currently, CT can be circumvented by an attacker controlling a CA and several CT logs. We present
an attacker model for this attacker and derive security goals from it. Additionally, we derive design
goals from a review of related work.
We introduce LogPicker, which improves CT’s security by involving multiple logs in the logging of a
certificate. The logs use a distributed randomness protocol to unpredictably chose the log that is to
include the certificate. They generate proof of LogPicker’s execution with an aggregate signature
scheme.
An analysis LogPicker and related protocols to determine the probability of correctness depending
on the number of logs and the trust in each log is presented. The analysis shows that LogPicker can
significantly improve trust in the web’s PKI. Tests with a prototype implementation indicate that
LogPicker has reasonable performance, scalability, and failure tolerance.
We conclude that LogPicker constitutes a useful addition to CT that can be realistically implemented.
Further research into LogPicker is recommended, we suggest formal verification of the protocol
and expansion of the prototype implementation.

Bachelor's Thesis by Minela Becirovic

In recent years, data privacy and the usage of privacy-conscious applications have gained significant importance. With the implementation of security features like end-to-end encryption, applications like "Signal" offer strong security guarantees for their end-users.
In contrast to desktop or mobile applications, web-based applications are struggling to adopt client-side encryption due to various limitations. The risk of a data breach is increased when the web application uses JavaScript. This usage enables the execution of malicious JS code on the client-side where confidential data of the user resides unencrypted. This way an active JS attacker can access the user’s data without the user’s knowledge or consent.
One approach to deal with this issue is the idea of CryptoMembranes (CM). With the concept of CM, a new type of DOM element that enables native encryption on the client-side is introduced. By maintaining an encrypted and decrypted representation of confidential data on the client-side, the concept aims to provide strong protection against active JS attacks. As a result, only the user has access to the decrypted representation of the confidential data.
In this thesis, we will implement the CM concept as an extension for the Firefox browser. This way we practically evaluate to what extent the theoretical concept of the paper meets the defined privacy & security goals if implemented as a browser extension for legacy browsers.

TEACHING ASSISTANT

Year	Semester	Name
2022	SS	Anwendungssicherheit (Seminar)
21/22	WS	Programmieren 1 (Seminar)
		Anwendungssicherheit(Seminar)
2021	SS	Anwendungssicherheit (Seminar)
20/21	WS	Anwendungssicherheit (Seminar)
		TEAM: MTG Scanner, Lego@Space²
2020	SS	Anwendungssicherheit (Seminar)
		SEP: IAS_CONTENT0
19/20	WS	Anwendungssicherheit (Seminar)
		Projektarbeit: Lego@Space
18/19	WS	Anwendungssicherheit (Seminar)

FURTHER RESPONSIBILITY

Furthermore I am also responsible for the LegoLab.

Alexandra Dirksen

STUDENT PROJECTS

PUBLICATIONS

TALKS

SUPERVISED THESES

Master's Thesis by Tilman Stehr

Bachelor's Thesis by Minela Becirovic

TEACHING ASSISTANT

FURTHER RESPONSIBILITY

For All Visitors

For Students

Internal Tools

Contact