Information Security | ZHAW Institute of Applied Information Technology InIT

We Secure Information Technology

The Information Security (IS) research group deals with novel and innovative approaches to secure data and IT systems and to protect them against various cyber-attacks. The research and development projects are usually carried out in cooperation with partners from the private sector and the group has extensive experience in both national (e.g. Innosuisse) and international (e.g. EU) projects.

The knowledge gained from applied research and development is passed on to students of computer science courses in modules such as IT security (focusing on IT security fundamentals), Software and System Security 1 (focusing on secure software development), Software and System Security 2 (focus on IT infrastructure security) and IT security (the latter in the Master's programme).

Research Topics

Secure Applications and Systems

The Secure Applications and Systems topic deals with the development of secure software and services. We investigate, develop and extend methods and tools to safely design and implement software and services and we develop novel security mechanisms and protocols. We are also involved in automated security testing of software and services in order to significantly improve the quality, efficiency and reproducibility of such tests.

Information Infrastructure Protection

The Information Infrastructure Protection topic deals with the protection of classic and cloud-based IT infrastructures. The aim is the early detection of possible attacks or the detection of attacks that have already occurred, e.g. by means of system and network monitoring, open source intelligence, new honeypot approaches or those based on machine learning. In addition, we deal with tools in the area of security training and testing of IT infrastructures, primarily with a focus on malware issues.

Continuing Education

Our CAS Applied IT Security (German only) offers the opportunity to computer scientists, practitioners and career changers the opportunity to build and enhance their foundation in IT Security, one of the most important growth markets in IT. Participants will be introducted into security architecture and management, cryptology and network security as well as software and systems security. They will be given the opportunity to apply their new skills in extensive and practice oriented labs.

Projects

All Projects of InIT

Publications

Kushnir, Malte; Favre, Olivier; Rennhard, Marc; Esposito, Damiano; Zahnd, Valentin,

2021.

Automated black box detection of HTTP GET request-based access control vulnerabilities in web applications [paper].

In:

Proceedings of the 7th International Conference on Information Systems Security and Privacy.

ICISSP 2021, online, 11-13 February 2021.

SciTePress.

pp.204-216.

Available from: https://doi.org/10.5220/0010300102040216
Gür, Gürkan; Porambage, Pawani; Liyanage, Madhusanka,

2020.

Convergence of ICN and MEC for 5G : opportunities and challenges.

IEEE Communications Standards Magazine.

4(4),

pp.64-71.

Available from: https://doi.org/10.1109/MCOMSTD.011.1900045
Gür, Gürkan,

2020.

Expansive networks : exploiting spectrum sharing for capacity boost and 6G vision.

Journal of Communications and Networks.

,

pp.444-454.

Available from: https://doi.org/10.21256/zhaw-21644
Siriwardhana, Yushan; Gür, Gürkan; Ylianttila, Mika; Liyanage, Madhusanka,

2020.

The role of 5G for digital healthcare against COVID-19 pandemic : opportunities and challenges.

ICT Express.

Available from: https://doi.org/10.1016/j.icte.2020.10.002
Gür, Gürkan,

2020.

What happens next? : beyond security with liability in future networks.

In:

The 6th International Conference on Mobile, Secure and Programmable Networking (MSPN 2020), Paris (France), virtual, 28-29 October 2020.

All Publications of InIT