Stephan Kleber

Stephan Kleber schloss sein Informatikstudium an der Universität Ulm im Jahr 2011 mit dem Master of Science ab. Bis 2012 arbeitete er im Rechenzentrum des Universitätsklinikums Ulm (ZIK). In dieser Zeit betreute er auch Lehrveranstaltungen und Abschlußarbeiten im Institut für Medieninformatik im Bereich IT-Security und Privacy. 2012/2013 arbeitete er in einer Kooperation zwischen dem Institut für Organisation und Management von Informationssystemen und dem Institut für Verteilte Systeme als akademischer Mitarbeiter am bwGRiD-Portalprojekt mit.

Er ist seit 2013 akademischer Mitarbeiter im Institut für Verteilte Systeme.

Forschung

Ich interessiere mich generell für Security und Privacy in IT-Systemen.

Meine Schwerpunkte liegen in den Bereichen:

  • Analyse von Netzwerkprotokollen und Protocol Reverse Engineering
  • Einsatz von Physisch(en) Unkopierbaren Funktionen - Physical(ly) Unclonable Functions (PUFs)
  • Sicherheit drahtloser Kommunikation, insbesondere bei Implantierbaren Medizingeräten (Implantable Medical Devices, IMDs)

Daneben bin ich auch interessiert an den Bereichen:

  • Security und Forensik von Mobilen Geräten
  • Privacyimplikationen bei der Nutzung Mobiler Geräte
  • Malware Analyse
  • Penetration Testing
  • Sicherheit von Web-Technologien

Seit 2008 nehme ich regelmäßig am iCTF der UCSB im Team Ulm Security Sparrows der Universität Ulm teil.

Publikationen


Kleber, Stephan; Unterstein, Florian; Matousek, Matthias; Kargl, Frank; Slomka, Frank; Hiller, Matthias
Design of the Secure Execution PUF-based Processor (SEPP)
Workshop on Trustworthy Manufacturing and Utilization of Secure Devices, TRUDEVICE 2015
September 2015

Zusammenfassung: A persistent problem with program execution is its vulnerability to code injection attacks. Equally unsolved is the susceptibility of software to reverse engineering, which undermines code confidentiality. We propose an approach that solves both kinds of security problems by employing instruction-level code encryption combined with the use of a physical unclonable function (PUF). Our Secure Execution PUF-based Processor (SEPP) architecture is designed to minimize the attack surface, as well as the performance impact, and requires no significant changes to the software development process. Our approach supports distributed systems, as the secure execution environment needs not be physically available to the developer.

Kleber, Stephan; Unterstein, Florian; Matousek, Matthias; Kargl, Frank; Slomka, Frank; Hiller, Matthias
Secure Execution Architecture based on PUF-driven Instruction Level Code Encryption
IACR,
Juli 2015

Zusammenfassung: A persistent problem with program execution, despite numerous mitigation attempts, is its inherent vulnerability to the injection of malicious code. Equally unsolved is the susceptibility of firmware to reverse engineering, which undermines the manufacturer's code confidentiality. We propose an approach that solves both kinds of security problems employing instruction-level code encryption combined with the use of a physical unclonable function (PUF). Our novel Secure Execution PUF-based Processor (SEPP) architecture is designed to minimize the attack surface, as well as performance impact, and requires no significant changes to the development process. This is possible based on a tight integration of a PUF directly into the processor's instruction pipeline. Furthermore, cloud scenarios and distributed embedded systems alike inherently depend on remote execution; our approach supports this, as the secure execution environment needs not to be locally available at the developers site. We implemented an FPGA-based prototype based on the OpenRISC Reference Platform. To assess our results, we performed a security analysis of the processor and evaluated the performance impact of the encryption. We show that the attack surface is significantly reduced compared to previous approaches while the performance penalty is at a reasonable factor of about 1.5.

Kleber, Stephan; van der Heijden, Rens W.; Kopp, Henning; Kargl, Frank
Terrorist fraud resistance of distance bounding protocols employing physical unclonable functions
Networked Systems (NetSys), 2015 International Conference and Workshops on , Seite 1-8.
Herausgeber: IEEE,
März 2015

Zusammenfassung: Distance bounding protocols (DBPs) are security protocols that aim to limit the maximum possible distance between two partners in a wireless communication. This enables to ensure locality of interaction between two devices. Despite numerous proposed protocols, recent analyses of DBPs have shown the majority of them to be susceptible to attacks. Most prominent among the unsolved security problems of DBPs is terrorist fraud. This type of attack involves collaboration with a legitimate device, after which the attacker can successfully execute the protocol. We show how terrorist fraud can be prevented by replacing shared secrets - commonly used in classical DBPs - with physical unclonable functions (PUFs). Our new approach can be integrated in all current DBPs with minor modifications. We offer two alternate designs: One utilizing challenge-response PUFs and another using so-called SIMPL systems, a PUF-analogue to public-key cryptography. We use a security model proposed by previous work to demonstrate security of our scheme.

Patzlaff, Heiko; Kleber, Stephan
Working Groups Report: Cyberforensics
In Marc Dacier and Frank Kargl and Hartmut König and Alfonso Valdes, Editor, Network Attack Detection and Defense: Securing Industrial Control Systems for Critical Infrastructures Band 14292 aus Report from Dagstuhl Seminar
Kapitel 5.4, Seite 75--77.
Herausgeber: Dagstuhl Publishing, Germany,
2014

Lehre

Betreuung von Abschlussarbeiten

Gerne übernehme ich die Betreuung von Bachelor-, Master- und Diplomarbeiten aus dem Themenfeld meiner Forschungsinteressen. Themenvorschläge finden sich unter Abschlußarbeiten. Eigene Vorschläge sind herzlich willkommen.

Übungen zu Vorlesungen

(Pro-)Seminare, Praktika und Projektmodule

Sprechzeiten

Vereinbart bitte per Email einen Termin mit mir