"My main research area is language-based software security, especially through information flow control. In other words, I find out where confidential data go in a system and whether – in apps, for example – data that merit protection can become accessible to the public. My team and I have developed possibilities to warn users in such cases. Apart from this, we are trying to find ways to identify attacks more quickly using machine learning methods and to ward off such attacks using processor features that have become standard fare in all processors.
At the University of Passau, the interdisciplinary approach in cooperation with legal experts is helpful: While we focus on the technical side of things, we resort to the assessments of legal scholars when having to establish what is allowed and what is not allowed in terms of privacy."