About Sven

I am security researcher with focus on (mobile) operating system security and trusted computing. In the past, I was particularly looking into mandatory access control systems for the Android OS and integrating hardware security building blocks into mobile operating systems.

Since December 2021 I am a tenured faculty at the CISPA Helmholtz Center for Information Security in Saarbrücken, Germany, and heading the Trusted Systems Group. Between July 2018 and December 2021 I headed the same group at CISPA as tenure-track faculty and between June 2016 and July 2018 as a Research Group Leader.

I earned my Dr.-Ing. from Saarland University in 2016 with my thesis on ‘Establishing Mandatory Access Control on Android OS,’ which I wrote under supervision of Prof. Michael Backes. I finished my Master of Science in Engineering, Security and Mobile Computing on the KTH/DTU track of the NordSecMob Erasmus Mundus programme with my thesis “Using TCG/DRTM for application-specific credential storage and usage” in cooperation with Nokia Research Center, Helsinki, Finland.

You can download my CV here.

  • Mobile Platform Security
  • Trusted Computing
  • Usable Security
  • Ph.D. in Security in Information Technology, 2016

    Saarland University, Germany

  • Master of Science in Engineering, Security and Mobile Computing, 2010

    Royal Institute of Technology (KTH), Stockholm, Sweden / Technical University of Denmark (DTU), Copenhagen, Denmark

Academic Service

Program (Co-)Chair

Program Committee Member


  • FoPI (co-located with IEEE EuroSP): 2021
  • WAY (co-located with USENIX SOUPS): 2020
  • SysTEX (co-located with ACM CCS): 2016

Journal Reviewer

  • IEEE TDSC: 2021, 2016, 2014
  • IEEE TIFS: 2017
  • IEEE TDSCSI: 2014

Recent Publications

A11y and Privacy don't have to be mutually exclusive: Constraining Accessibility Service Misuse on Android. 31st USENIX Security Symposium (USENIX Security ‘21), 2021.
Bringing Balance to the Force: Dynamic Analysis of the Android Application Framework. 28th Annual Network & Distributed System Security Symposium (NDSS'21), 2021.
Explanation Beats Context: The Effect of Timing & Rationales on Users' Runtime Permission Decisions. 30th USENIX Security Symposium (USENIX Sec'21), 2021.
Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication. 41st IEEE Symposium on Security and Privacy (SP ‘20), 2020.
Up2Dep: Android Tool Support to Fix Insecure Code Dependencies. 36th Annual Computer Security Applications Conference (ACSAC'20), 2020.