Anne Borcherding, M.Sc.

Research Interests

Anne Borcherding, M.Sc. studied computer science at the Karlsruhe Institute of Technology and is a research associate in the research group Industrial Cyber Security. She is working in the domain of IT security of industrial automation components. Her research focuses on fuzzing, penetration testing, and web security.

Fuzzing aims to find vulnerabilities by inputting random/mutated values to the system under test. In order to find vulnerabilities as early as possible and thus reduce the time required for such an investigation, the inputs should be selected as intelligently as possible. Current work by Anne Borcherding is concerned with this research field. In particular, model-based and data-driven methods are considered. With this, the overall model of the system under investigation can be represented and fuzzing can be guided by this model.

Through manual penetration testing of automation components, new vulnerabilities in the components can be found. The knowledge from these vulnerabilities can in turn be incorporated into automated procedures. For this reason, Anne Borcherding performs tool-based and manual penetration testing of automation components. Industrial automation components often include a web server, which facilitates configuration but also can be a potential starting point for an attacker.

For this reason, web security is also an important topic in the domain of industrial automation. The transfer of existing concepts from classical web security to the domain of industrial automation involves some challenges that are part of current research.

 

Student assistant-positions and theses

Various student assistant-positions und theses are offered in the topics mentioned above. The theses can usually be credited within the KASTEL certificate. If you do not find a suitable position among the advertised positions, but are still interested in the topics, please contact me by mail (see box on the right).

 

Contact

If you are interested in scientific exchange, a student assistant position, or a thesis, please get in touch using the contact options in the box on the right. You can also find more information at:

LinkedIn

ResearchGate

Publications

Jahr
Year
Titel/Autor:in
Title/Author
Publikationstyp
Publication Type
2024 Fuzz Wars: The Voltage Awakens - Voltage-Guided Blackbox Fuzzing on FPGAs
Su, Kai; Giraud, Mark Leon; Borcherding, Anne; Krautter, Jonas; Nenninger, Philipp; Tahoori, Mehdi
Konferenzbeitrag
Conference Paper
2023 Eine Testanordnung und ein Verfahren zum Testen eines Testobjekts, und ein Computerprogramm zur Durchführung des Verfahrens
Borcherding, Anne; Pfrang, Steffen; Haas, Christian
Patent
2023 SWaTEval: An Evaluation Framework for Stateful Web Application Testing
Borcherding, Anne; Penkov, Nikolay; Giraud, Mark Leon; Beyerer, Jürgen
Konferenzbeitrag
Conference Paper
2023 The Bandit’s States: Modeling State Selection for Stateful Network Fuzzing as Multi-armed Bandit Problem
Borcherding, Anne; Giraud, Mark Leon; Fitzgerald, Ian; Beyerer, Jürgen
Konferenzbeitrag
Conference Paper
2023 Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models
Borcherding, Anne; Morawetz, Martin; Pfrang, Steffen
Zeitschriftenaufsatz
Journal Article
2022 Towards a Better Understanding of Machine Learning based Network Intrusion Detection Systems in Industrial Networks
Borcherding, Anne; Feldmann, Lukas; Karch, Markus; Meshram, Ankush; Beyerer, Jürgen
Konferenzbeitrag
Conference Paper
2022 Cluster Crash: Learning from Recent Vulnerabilities in Communication Stacks
Borcherding, Anne; Takacs, Philipp; Beyerer, Jürgen
Konferenzbeitrag
Conference Paper
2021 Security in Industrial Environments
Borcherding, Anne
Vortrag
Presentation
2020 Helper-in-the-Middle: Supporting Web Application Scanners Targeting Industrial Control Systems
Borcherding, Anne; Pfrang, Steffen; Haas, Christian; Weiche, Albrecht; Beyerer, Jürgen
Konferenzbeitrag
Conference Paper
2019 Security Testing für industrielle Automatisierungskomponenten: Ein Framework, sein Einsatz und Ergebnisse am Beispiel von Profinet-Buskopplern
Pfrang, Steffen; Borcherding, Anne
Konferenzbeitrag
Conference Paper
2019 Automated security testing for web applications on industrial automation and control systems
Pfrang, Steffen; Borcherding, Anne; Meier, David; Beyerer, Jürgen
Zeitschriftenaufsatz
Journal Article
2019 Design of an Example Network Protocol for Security Tests Targeting Industrial Automation Systems
Pfrang, Steffen; Giraud, M.; Borcherding, Anne; Meier, David; Beyerer, Jürgen
Konferenzbeitrag
Conference Paper
2018 Security-Testing für Webserver auf industriellen Automatisierungskomponenten
Borcherding, Anne
Master Thesis
Diese Liste ist ein Auszug aus der Publikationsplattform Fraunhofer-Publica

This list has been generated from the publication platform Fraunhofer-Publica