September 2022

European Conference for Technology Enhanced Learning

Integrating Podcasts into MOOCs:
Comparing Effects of Audio- and Video-Based Education for Secondary Content


Multimedia learning methods can enrich any online learning scenario. However, traditional Massive Open Online Courses (MOOCs) often put the learner into classroom-like situations without considerably varying presentation formats. By conducting a study and analysis of multimedia elements such as interviews and podcasts, we lay a foundation for future research in the field of multimedia learning. This research studies video-based and audio-based education methods for secondary learning content. We explore both the conscious and subconscious effects of the different formats. In our quantitative assessment of more than 900 learners, we did not observe any significant differences in quiz performance between learners of the two groups. Although our recurring learners are used to video-based learning methods, the audio-based teaching methods were accepted and rated "easy to follow" by more than 80% of our learners. However, we observe that the learners enjoy traditional podcasts with a single presenter the least. Our work adds to the field of multimedia online teaching and shows that enriching courses with audio-based education methods proves beneficial for asynchronous learning offers.

May 2022


No Future Threats: Attack Vectors against Users in the NTF Ecosystem


The Internet and the Web have impacted and influenced the world as we know it today. Currently, we are on the verge of new development in the web: Web3, to be interpreted as a decentralized, online ecosystem. Experiences from internet development in the past decades have taught us that IT security has to play a significant role in every new technological development. While the backbone technologies of web3 are underlying strict technical requirements, in the end, users have to use the system. The current first steps into web3, namely by exploring the use of Non-Fungible Tokens (NFTs), already show technical feasibility and explore user adoption. However, as plenty of prominent examples in the past months show, major cyber attacks also specifically target the web3 and NFT ecosystem. This work serves as a foundation for further research by providing a first adequate NFT ecosystem landscape. In this overview, we incorporate and highlight the connections between users, resources on the traditional internet, and Ethereum-based systems in the ecosystem. Building on that landscape overview, we present a first categorization of security threats, targets, and attack vectors against users we observed in the NFT space. Our analysis thereby shows starting points to allow future research to investigate and discuss solutions enabling a safe web3.

November 2021

World Engineering Education Forum

Consuming Security: Evaluating Podcasts to Promote Online Learning Integrated with Everyday Life


Traditional (online) teaching approaches put the student into a video-based, classroom-like situation. When asked to reproduce the content, the student can consciously remember what he learned and answer accordingly. Contrasting, knowledge of IT-security aspects requires sensitization for the topic throughout the daily life of a learner. We learned from interactions with former learners that they sometimes found themselves in situations where they --- despite knowing better --- still behaved in an undesired way. We thereby conclude that the classroom-based presentation of knowledge in Massive Open Online Courses (MOOCs) is not sufficient for the field of IT-Security Education. Therefore, this work presents an approach to a study to assess and analyze different audio-based methods of conveying knowledge, which can integrate into a learner's everyday life. In the spirit of Open Research, we therefore publish our research questions and chosen methods in order to discuss these within the community. Following, we will study the perception of the proposed education methods by learners and suggest possible improvements for subsequent research.

January 2021

International Conference on Cryptography and Privacy

Assessment of Remote Biometric Authentication Systems: Another Take on the Quest to Replace Passwords


Passwords are often criticized due to being prone to misuses such as bad password creation and management practices. Experts usually advise using other forms of authentication. While there are plenty of alternative authentication methods available, an overall assessment often proves to be challenging. This is because of aspects such as differences in security techniques, different applicability of the system, or varying difficulties of implementation. To tackle the issue of comparing different authentication systems, unified criteria are needed. Bonneau et al. proposed a framework for comparing authentication schemes in their ”The Quest to Replace Passwords”. We contribute to the quest by providing information and assessment on the previously unassessed Remote Biometric Authentication Systems, thus increasing the variety of analyzed systems. We achieve this by analyzing six exemplary implementations. To enable proper evaluation of the details of that new category of authentication schemes, this work furthermore expands the framework by the two aspects Resilient-to-Biometric-Loss and No-Trusted-Execution-Environments .

October 2019

Master‘s Thesis

Conception and Assessment of a System for Usage of Biometric Sensors in Smartphones to Authenticate against Remote Servers


The aim of this work is to conceptualize and assess a system which uses biometric sensors from smartphones to authenticate against remote systems. To achieve this target, initially, underlying technologies are introduced and explained. Further, an analysis of the functioning of other competitor systems is supposed to be performed. This assessment is to be performed especially with a focus on security-relevant aspects. Based on the evaluated criteria, a prototype is to be set-up and using that prototype the usability of the system shall be assessed. Further, an analysis of the different components shortcomings and possible enhancements or advancements shall be performed. Based on the results, first ideas for possible future scenarios to enable systems to move past the current limitations should be sparked.