Technische Universität Braunschweig
  • Study & Teaching
    • Beginning your Studies
      • Prospective Students
      • Degree Programmes
      • Application
      • Fit4TU
    • During your Studies
      • Freshmen-Hub
      • Term Dates
      • Courses
      • Information for Freshmen
      • Practical Information
      • Beratungsnavi
      • Additional Qualifications
      • Financing and Costs
      • Special Circumstances
      • Campus life
    • At the End of your Studies
      • Discontinuation and Credentials Certification
      • After graduation
      • Alumni
    • For Teaching Staff
      • Strategy, Offers and Information
      • Learning Management System Stud.IP
      • Team Teaching and Media Education
    • Contact
      • Student Advice Centre
      • Academic Advice Service
      • Admissions Office
  • Research
    • Research Profile
      • Core Research Areas
      • Clusters of Excellence
      • Research Projects
      • Research Centres
      • Professors‘ Research Profiles
    • Early Stage Researchers
      • Promotion of early career scientists
      • PhD-Students
      • Postdocs
      • Junior research group leaders
      • Junior Professorship and Tenure-Track
      • Habilitation
      • Service Offers for Scientists
    • Research Data & Transparency
      • Transparency in Research
      • Research Data
      • Open Access Strategy
      • Digital Research Announcement
    • Research Funding
      • Research Funding Network
      • Research funding
    • Contact
      • Research Services
      • Academy for Graduates
  • International
    • International Students
      • Why Braunschweig?
      • International Student Support
      • Degree seeking students
      • Exchange Studies
      • Refugees
      • TU Braunschweig Summer School
    • Scientists
      • International Postdocs and Professors
      • International PhD Scholars
      • Service for host institutes
      • Research Services and European Office
      • Research Funding Network
    • Language and intercultural competence training
      • Learning German
      • Learning Foreign Languages
      • Intercultural Communication
    • International Profile
      • Internationalisation
      • International Cooperation
    • International House & Research Services
      • Information for first semester students
      • Contact
      • News and Events
      • International Newsletter
      • Advisory Services
      • Location
      • About us
      • Job advertisements
    • Support for Ukraine
      • We care for Ukraine
      • Support for refugees
  • TU Braunschweig
    • Our Profile
      • Aims & Values
      • Regulations and Guidelines
      • Alliances & Partners
      • The University Development Initiative 2030
      • Facts & Figures
      • Our History
    • Career
      • Working at TU Braunschweig
      • Vacancies
    • Economy & Business
      • Knowledge and Technology Transfer
      • Entrepreneurship
    • General Public
      • Access to the University Library
    • Media Services
      • Communications and Press Service
      • Services for media
      • Film and photo permits
      • Advices for scientists
      • Topics and stories
    • Contact
      • General Contact
      • Getting here
  • Organisation
    • Presidency & Administration
      • Governance Board
      • Designated Offices
      • Administration
      • Committees
    • Faculties
      • Carl-Friedrich-Gauß-Fakultät
      • Faculty of Life Sciences
      • Architecture, Civil Engineering and Environmental Sciences
      • Faculty of Mechanical Engineering
      • Faculty of Electrical Engineering, Information Technology, Physics
      • Faculty of Humanities and Education
    • Institutes
      • Institutes from A to Z
    • Facilities
      • University Library
      • Gauß-IT-Zentrum
      • International House
      • Sports Centre
      • Facilities from A to Z
    • Equal Opportunity Office
      • Equal Opportunity Office
      • Family
      • Diversity for Students
  • Search
  • Quicklinks
    • People Search
    • Webmail Exchange
    • Webmail
    • Campus map
    • CloudStorage
    • Messenger
    • Cafeteria
    • Courses
    • Stud.IP
    • Library Catalogue
    • IT Self-Service
    • Information Portal (employees)
    • Link Collection
    • DE
    • EN
    • Facebook
    • Twitter
    • Instagram
    • YouTube
    • LinkedIn
Menu
  • Technische Universität Braunschweig
  • Organisation
  • Faculties
  • Carl-Friedrich-Gauß-Fakultät
  • Institutes
  • Institute for Application Security
  • Team
  • Alexandra Dirksen
Logo Institut für Anwendungssicherheit der TU Braunschweig
  • Team
    • Prof. Dr. Martin Johns
    • Alexandra Dirksen
    • Jannik Hartung
    • Manuel Karl
    • Robin Kirchner
    • David Klein
    • Simon Koch
    • Marius Musch
    • Robert Michael
    • Malte Wessels

Alexandra Dirksen

Alexandra Dirksen

Alexandra Dirksen is a PhD Candidate since May 2018 and is currently working in the field of Web Security & Privacy, Web PKI and Large Scale Adversaries.
Her further interests are different topics of Applied Cryptography and Ethics in Computer Science.

She is currently part of the KIWI Project, where she works on mechanisms to detect security issues in OAuth protocol flows at runtime.

Room IZ 209A

a.dirksen[at]tu-braunschweig.de

@z4lem

+49 531/391-2270

 

STUDENT PROJECTS

If you're interested in one of my project calls or any of my research fields in general, feel free to contact me.
You can find my Lego specific project calls on the LegoLab's website.

(BA Thesis) Anycast - detection & visualization

Anycast is a method for addressing and routing within the network in which incoming requests can be routed to a variety of different locations. 
The goal of this thesis is to investigate existing Anycast detection techniques and to build a map visualization tool for Anycast requests. The choice of the language/tools is up to the student.

Upon successful completion of the Thesis, further employment in this area as a student assistant during the following master's programme would be desirable.

PUBLICATIONS

LogPicker: Strengthening Certificate Transparency Against Covert Adversaries.
Alexandra Dirksen, David Klein, Robert Michael, Tilman Stehr, Konrad Rieck and Martin Johns.
Proceedings on Privacy Enhancing Technologies (PETS'21)

Towards Enabling Secure Web-based Cloud Services using Client-side Encryption
Martin Johns, Alexandra Dirksen
Proceedings of ACM Workshop on Cloud Computing Security (CCSW’20) [BIB]

TALKS

LogPicker: Strengthening Certificate Transparency against Covert Adversaries
- PETS'21, Gather.town (virtual)

Towards enabling Secure Web-Based Cloud Services using Client-Side Encryption 
- CCSW'21, Gather.town (virtual) [Slides]

A Blockchain Picture Book [Video]
- 35C3, 29.12.2018, Leipzig, Germany
- DMZ Europe, 08.11.2018, Stuttgart, Germany

SUPERVISED THESES

LogPicker: Byzantine Fault Tolerant Log Selection for Certificate Transparency

Master's Thesis by Tilman Stehr

Certificate Transparency (CT) is an extension to the web’s PKI that allows insight into the issuance of
TLS certificates by introducing public append-only logs, in which all certificates must be included.
Currently, CT can be circumvented by an attacker controlling a CA and several CT logs. We present
an attacker model for this attacker and derive security goals from it. Additionally, we derive design
goals from a review of related work.
We introduce LogPicker, which improves CT’s security by involving multiple logs in the logging of a
certificate. The logs use a distributed randomness protocol to unpredictably chose the log that is to
include the certificate. They generate proof of LogPicker’s execution with an aggregate signature
scheme.
An analysis LogPicker and related protocols to determine the probability of correctness depending
on the number of logs and the trust in each log is presented. The analysis shows that LogPicker can
significantly improve trust in the web’s PKI. Tests with a prototype implementation indicate that
LogPicker has reasonable performance, scalability, and failure tolerance.
We conclude that LogPicker constitutes a useful addition to CT that can be realistically implemented.
Further research into LogPicker is recommended, we suggest formal verification of the protocol
and expansion of the prototype implementation.

Practical evaluation of client-side encryption using CryptoMembranes

Bachelor's Thesis by Minela Becirovic

In recent years, data privacy and the usage of privacy-conscious applications have gained significant importance. With the implementation of security features like end-to-end encryption, applications like "Signal" offer strong security guarantees for their end-users.
In contrast to desktop or mobile applications, web-based applications are struggling to adopt client-side encryption due to various limitations. The risk of a data breach is increased when the web application uses JavaScript. This usage enables the execution of malicious JS code on the client-side where confidential data of the user resides unencrypted. This way an active JS attacker can access the user’s data without the user’s knowledge or consent.
One approach to deal with this issue is the idea of CryptoMembranes (CM). With the concept of CM, a new type of DOM element that enables native encryption on the client-side is introduced. By maintaining an encrypted and decrypted representation of confidential data on the client-side, the concept aims to provide strong protection against active JS attacks. As a result, only the user has access to the decrypted representation of the confidential data.
In this thesis, we will implement the CM concept as an extension for the Firefox browser. This way we practically evaluate to what extent the theoretical concept of the paper meets the defined privacy & security goals if implemented as a browser extension for legacy browsers.

TEACHING ASSISTANT

Year Semester Name
2022 SS Anwendungssicherheit (Seminar)
21/22 WS Programmieren 1 (Seminar)
Anwendungssicherheit(Seminar)
2021 SS Anwendungssicherheit (Seminar)
20/21 WS Anwendungssicherheit (Seminar)
TEAM: MTG Scanner, Lego@Space²
2020 SS Anwendungssicherheit (Seminar)
SEP: IAS_CONTENT0
19/20 WS Anwendungssicherheit (Seminar)
Projektarbeit: Lego@Space
18/19 WS Anwendungssicherheit (Seminar)
     
     

FURTHER RESPONSIBILITY

Furthermore I am also responsible for the LegoLab.

Photo credits of this page

For All Visitors

Vacancies of TU Braunschweig
Career Service' Job Exchange 
Merchandising

For Students

Term Dates
Courses
Degree Programmes
Information for Freshman
TUCard

Internal Tools

Glossary (GER-EN)
Change your Personal Data

Contact

Technische Universität Braunschweig
Universitätsplatz 2
38106 Braunschweig

P. O. Box: 38092 Braunschweig
GERMANY

Phone: +49 (0) 531 391-0

Getting here

© Technische Universität Braunschweig
Imprint Privacy Accessibility

TU Braunschweig uses the software Matomo for anonymised web analysis. The data serve to optimise the web offer.
You can find more information in our data protection declaration.