PhD thesis defenses are a public affair and open to anyone who is interested. Attending them is a great way to get to know the work going on by your peers in the various research groups. On this page you will find a list of upcoming and past defense talks.

Please go here for electronic access to most of the doctoral dissertations from Saarbrücken Computer Science going back to about 1990.

 

December

Giada STIVALA
Deceptive Attacks in Modern Web
(Advisor: Dr. Giancarlo Pellegrino)
Thursday, 18.12.25, 16:00, building E9 1, room 0.01

Deception on the Web remains a persistent threat, as attackers increasingly exploit not only psychological and visual manipulation but also the technological complexity of modern platforms. Despite growing attention to phishing and malware, there is limited understanding of how emerging technologies enable new, harder-to-detect forms of deception–posing challenges for both detection and remediation. In this thesis, we examine how recent web advancements, specifically browser capabilities and social platforms, can be exploited to mount deception-based attacks, and analyze the operational challenges in mitigating them.
We first study link previews on 20 social platforms, uncovering how inconsistencies in preview generation and a lack of safeguards allow attackers to craft and distribute benign-looking previews for malicious links. We then investigate Clickbait PDFs, documents mimicking web content and leading to web attacks. Analyzing 176,208 real-world samples, we find that attackers primarily rely on SEO abuse and that most files evade antivirus detection. To understand how attackers maintain such campaigns, we monitor 4,648,939 PDF links hosted on 177,835 domains, revealing systemic infrastructure abuse. Finally, interviews with 24 hosting providers show that abuse remediation is often deprioritized, not due to technical limits but to misaligned business responsibilities, cost considerations, and the perceived lack of risk posed by compromised customer instances.

Friedemann LIPPHARDT
Towards a better understanding of under-explored facets of Internet censorship
(Advisor: Prof. Anja Feldmann)
Thursday, 18.12.25, 14:00, building E1 5, room 0.29

The Internet has transformed how information is accessed and controlled, enabling both free expression and increasingly fine-grained systems of censorship and moderation. This dissertation examines two major forms of information control: network-level Internet censorship and content moderation in large language models (LLMs). It shows that LLM safety filters do not act uniformly but vary significantly by users’ location and language. Studying 15 LLMs from 12 global vantage points in 13 languages, the work finds moderation rate differences of up to 60% and clear behavioral gaps between Chinese and Western models, especially on political and religious topics, raising concerns about unequal and opaque access to information.
Beyond LLMs, the dissertation analyzes sophisticated censorship of voice communication services in Saudi Arabia and the UAE, uncovering middlebox systems that selectively block VoIP calls while leaving other app features intact through protocol fingerprinting and targeted interference. To study such practices at scale, it integrates over 36 million monthly censorship measurements into a knowledge graph that links events to network infrastructure and geopolitical context. Together, these findings show that modern information control operates across multiple technical layers with growing precision but limited transparency, with important implications for digital rights, fairness, and the design of more equitable information systems.

Maxx Richard RAHMAN
Anomaly Detection in Longitudinal Clinical Profile
(Advisor: Prof. Wolfgang Maaß)
Thursday, 18.12.25, 9:00, building D3 2, room -1.36 (VisRoom)

Detecting anomalies in longitudinal clinical profiles is challenging because real-world monitoring often depends on irregularly collected biological measurements whose dynamics evolve over time, making atypical patterns difficult to distinguish from natural physiological variability. These difficulties are compounded by heterogeneous sequence lengths, irregular sampling intervals, and the limited availability of confirmed abnormal cases. Despite these challenges, longitudinal analysis offers unique insights into how biological markers change over time, enabling the detection of subtle deviations that are not captured by cross-sectional assessments. This thesis presents a set of methods that learn individualized baselines and extract structural-temporal patterns from longitudinal data to identify irregularities with high sensitivity. To ensure that detected deviations are biologically meaningful rather than statistical artefacts, methods are developed that incorporate metabolic pathway structure directly into the learning process. By integrating known biochemical relationships, these methods enable anomalies to be reflected as disruptions in expected metabolic behaviour. Further, methods for interpretation are developed to provide reasoning grounded in metabolic pathways and to project temporal trajectories into representations that show shifts and outliers within an individual’s historical profile. The proposed methods are applied to the domain of anti-doping in sports, where they demonstrate strong practical utility and outperform existing approaches in detecting irregularities in athlete biological profiles.

Cristian MUNTEANU
Getting to the root of SSH Compromises: A Multi-Dimensional Characterization of the SSH Threat Landscape
(Advisors: Prof. Anja Feldmann and Dr. Tobias Fiebig)
Wednesday, 10.12.25, 13:00, building E1 5, room 0.29

The Internet has become a critical infrastructure, attracting a vast amount of activity, including malicious threats.The Secure Shell Protocol (SSH), the successor of Telnet – designed for secure machine-to-machine communication – is one of the most widely used protocols on the Internet. Due to its ubiquity, SSH has become a prime target for attackers. Over the years, SSH attacks have evolved, and their frequency has only increased. In this thesis, we investigate the nature of these attacks, including their origins, methods, and targets. We conduct a retrospective study and a longitudinal analysis using a large honeyfarm, as well as an active analysis to identify compromised SSH servers.
Through a global network of honeypots, we analyze approximately 750 million SSH sessions over a three-year period. The dataset, collected from 221 honeypots across 55 countries, reveals stark variations in activity – some honeypots observe millions of connections, while others record only a few thousand.
We also analyze attacker behavior, uncovering a shift toward more exploratory attacks and increased reconnaissance efforts. Additionally, attackers increasingly leverage recently registered Autonomous Systems (ASes) to store and distribute malicious files.Our findings suggest that attackers are becoming more aware of honeypot presence, with some actively seeking to evade detection. To extend our analysis, we propose a method to identify compromised SSH servers at scale. We exploit SSH’s authentication behavior, where a challenge is only issued if a public key is installed. This approach neither grants access to compromised systems (unlike testing known attacker passwords), nor requires privileged access for auditing. Applying this methodology to a comprehensive Internet scan, we identify over 21,700 compromised systems across 1,649 ASes in 144 countries. These include critical infrastructure where attackers have installed at least one of 52 veri-fied malicious SSH keys provided by a threat intelligence company. Our investigation also uncovers insights into malicious campaigns such as the „fritzfrog“ IoT botnet and threat actors like „teamtnt“. Moreover, we collaborate with a national CSIRT and the Shadowserver Foundation to notify affected entities and facilitate remediation efforts. We run our measurements continuously and automatically share notifications.

Corentin SALAÜN
Toward Improving Monte Carlo Estimator for Rendering and Machine Learning
(Advisors: Dr. Gurprit Singh and Prof. Hans-Peter Seidel)
Tuesday, 09.12.25, 08:00, building E1 4, room 0.24

Monte Carlo integration is a fundamental computational tool for estimating high-dimensional integrals that cannot be solved analytically. Its ability to handle complex domains and irregular functions makes it indispensable in computer graphics. One classical application is physically-based rendering that uses Monte Carlo integration to simulate the transport of light with photorealistic accuracy. Similar challenges arise in machine learning, where stochastic gradient estimation underpins the training of modern models and requires high-dimensional gradient estimation. In both domains, the accuracy and efficiency of Monte Carlo methods directly determine the quality of the final results.
This thesis introduces a set of new methods variance reduction techniques in both rendering and machine learning. It proposes adaptive control variates that automatically learn a control function from data, removing the need for hand-crafted designs while guaranteeing provable variance reduction. A scalable multi-class sampling framework is developed to generate a single set of samples that simultaneously satisfies multiple, potentially conflicting target distributions, and this framework is further extended to optimize perceptual image quality by incorporating models of human visual sensitivity. Finally, it presents efficient adaptive importance-sampling algorithms for stochastic gradient estimation, including a multi-distribution extension that combines several proposals with optimal weights to accelerate training. Together, these contributions advance the theoretical foundations of Monte Carlo integration and deliver practical algorithms that reduce error, improve efficiency, and enable new applications in photorealistic rendering and machine learning.

Emilia WEYULU
Towards a Robust and Reproducible Evaluation Framework for Congestion Control Algorithms
(Advisor: Prof. Anja Feldman)
Thursday, 04.12.25, 10:00, building E1 5, room 0.29

Network congestion, the state where systems such as switches or routers receive more data than they can handle, leads to packet losses, increased network delay, and reduced throughput for all data passing through such a congested system. Congestion control remains a key research problem in networking, with both industry and academia proposing solutions to improve network performance. Congestion control algorithms (CCAs) are designed to address network congestion, ensure fair resource allocation among users (or applications), and maintain good network performance. Despite the innovation and research effort that has been invested into designing new CCAs that cater to diverse network data, obtaining consensus on how to efficiently evaluate such algorithms has proven elusive within the networking community. Determining how any CCA falls short compared to the rest, and, most importantly, along what dimensions, remains difficult to answer. Even performing all the pairwise comparisons between the algorithms is hard, because each algorithm behaves differently depending on the underlying network environment.
In this thesis, we advocate for a fundamental rethinking of how we approach CCA evaluations. Rather than prescribing a standardized set of tests to be universally applied, we emphasize the importance of aligning evaluations with their underlying objectives. By shifting the focus in this way, the burden on designers to subject their CCAs to an exhaustive list of experiments can be avoided, while simultaneously addressing the reproducibility challenges that currently plague this field. To this end, we developed a rigorous and reproducible „recipe“ for evaluating CCAs. With this recipe, we were able to uncover fundamental issues in the design of Google’s new CCA, BBRv3–work which was recognized with a „Best Paper“ award at PAM’24. Furthermore, this research work has helped to highlight the critical network signals one needs to leverage in the design of network-assisted CCAs.

November

Xingchang HUANG
Understanding noise correlations in generative models for graphics content generation and editing
(Advisors: Prof. Hans-Peter Seidel and Dr. Gurprit Singh)
Monday, 24.11.25, 14:00, building E1 4, room 0.24

Graphics content plays an essential role in our daily lives, spanning diverse media forms such as images, videos, textures, point patterns, and 3D objects. Despite their ubiquity, limited research has investigated how the concept of noise correlation across these varied representations can have an impact on controllable graphics generation and editing aligned with user intent.
This thesis explores how noise correlations can inform and simplify the process of generating and editing visual content. We focus in particular on the synthesis and editing of point patterns, images, and stereo videos. Our primary contributions lie in developing novel pipelines that leverage noise correlations to improve both fidelity and controllability in these domains. Specifically, we propose: (1) a training-free holistic feature extraction pipeline inspired by noise correlation for point pattern synthesis, (2) a decoupled representation and correlation embedding space for user-friendly point pattern editing, (3) a new perspective on integrating blue noise correlations into the training and sampling of diffusion models, and (4) a unified pipeline with noisy degraded data augmentation for fine-tuning diffusion models to enable simultaneous stereo video generation and restoration.
Our methods demonstrate the capability of outperforming existing state-of-the-art techniques and highlight the untapped potential of noise structure as a guiding principle in visual synthesis. These findings open new avenues for controllable and high-quality graphics con-tent generation and editing.

October

Alfusainey Jallow
Impact of Knowledge-Sharing Platforms on Software Security and Academic Research
(Advisor: Dr. Sven Bugiel)
Friday, 24.10.25, 16:00, building E9 1, room 0.01

Stack Overflow is a widely used platform among software developers and researchers. Developers frequently rely on it as a source of functional, copy-ready code snippets, while researchers study its content to analyze trends, behaviors, and the implications of code reuse—particularly concerning security. However, code on Stack Overflow is not static; the community revises posted code snippets, sometimes addressing bugs and vulnerabilities, much like code in version-controlled repositories. This ongoing evolution raises important questions about its effect on software security and research methodology.
In this dissertation, we study the evolving nature of Stack Overflow code snippets and its impact on software security and research results. Developers often reuse snippets without tracking updates, leading to outdated and potentially vulnerable code in open-source projects. Our analysis of over 11,000 GitHub projects revealed thousands of such outdated snippets, including missed critical security fixes. This suggests the need to support developers with tools to help constantly monitor Stack Overflow for security warnings or code fixes.
Additionally, the evolving nature of Stack Overflow code snippets and its surrounding context impacts the replicability of cross-sectional research findings, with six studies that we replicated yielding significantly different results on a newer dataset version.
Accordingly, we recommend that researchers treat Stack Overflow data as a time series data source to provide better context for interpreting cross-sectional research findings.

Dawei Zhu
Understanding, Combating, and Leveraging Imperfect Data in Natural Language Processing
(Advisor: Prof. Dietrich Klakow)
Friday, 24.10.25, 13:00, building C7 4, room 1.17

Recent advances in deep neural networks (DNNs) have led to remarkable progress in natural language processing (NLP), largely driven by the increasing scale of both model parameters and training data. However, collecting large-scale data often introduces noise, particularly when relying on automated methods such as weak supervision to reduce annotation costs. This noise can cause DNNs to learn incorrect inductive biases and degrade their generalization ability. Therefore, a deep understanding of data noise and the development of robust learning strategies are essential for the effective deployment of DNNs in real-world NLP applications. In this thesis, we investigate how data noise affects model generalization and pro-pose methods to address it in practical machine-learning scenarios.

Christof Tinnes
Understanding and Supporting Software Model Evolution through Edit Operation Mining and AI-based Software Model Completion
(Advisor: Prof. Sven Apel)
Friday, 24.10.25, 10:00, building E1 1, room 407

The thesis aims to enhance Model-based Systems Engineering (MBSE) by providing a theoretical foundation and practical, automated approaches for software model evolution. It proposes using novel techniques like graph min-ing, large language models (LLMs), and graph neural networks (GNNs) to automatically define model transformations and complete models, leveraging historical data from version control systems.

Lea Eckhart
Machine Learning Strategies for Drug Sensitivity Prediction and Treatment Optimization in Cancer
(Advisor: Prof. Hans-Peter Lenhof)
Wednesday, 22.10.25, 14:00, building E2 1, room 001

The heterogeneity of cancer is a primary challenge for its treatment. Thus, analyzing large multiomics and drug-screening datasets of cancer cells with machine learning (ML) is promising to study how cellular properties impact drug response and to apply this knowledge for treatment optimization. In this thesis, we used cell line data to build accurate, reliable, and interpretable ML models for personalizing cancer treatment: We conducted the largest benchmarking to date for drug response prediction, investigating various ML and dimension reduction methods. With SAURON-RF, we developed a novel method that, compared to state-of-the-art approaches, strongly improves predictions for drug-sensitive samples, which are particularly relevant for treatment optimization. To enhance model reliability, we built a pipe-line that, for the first time, ensures that sensitivity predictions meet user-defined certainty levels for classification and regression. A major goal in treatment optimization is prioritizing treatment options based on their predicted effectiveness. To enable prioritization, we propose a novel sensitivity measure that is comparable across drugs and drug combinations, overcoming the limitations of existing measures. Additionally, we pioneer ML models predicting dose-specific responses to multi-drug therapies for cell lines unseen during model training. Lastly, we developed highly accurate models for predicting muscle invasion in bladder cancer to guide therapy decisions.

Verica Lazova
Editable Representations for 3D Reconstruction and Novel View Synthesis
(Advisor: Prof. Gerard Pons-Moll, now Tübingen)
Monday, 13.10.25, 16:00, building E1 4, room 0.07

Learning in 3D often requires a suitable representation of the three-dimensional world. We explore various 3D representations (UV-maps, 3D volumes, and feature-point clouds) and their application to three specific tasks: 3D reconstruction from a single image; novel view synthesis; and text-based 3D model generation. In this thesis, we propose three methods that enable flexible 3D modeling with editing capabilities such as reposing, reshaping, changing appearance or relative position. In the first part we predict full 3D human avatars from a single image, that can be reposed and animated; In the second part we propose combining feature volumes with Neural Radiance Fields for editable novel view synthesis; In the final part we leverage structural and symmetry priors for efficient text-to-3D generation of human-like characters.

Jesko Dujmović
Relating Space and Time in Cryptography
(Advisor: Dr. Nico Döttling)
Friday, 10.10.25, 17:00, building E9 1, room 0.05

This thesis studies the interplay between space and time in cryptography. It explores trade-offs between these two resources for honest parties and shows how fine-grained constraints on an adversary’s capabilities can unlock new cryptographic functionalities. Adopting this perspective, we present results in four subfields of cryptography:
2PC: We prove tight lower bounds on the cost of oblivious transfer protocols, a central primitive for two-party computation, revealing a fundamental trade-off between communication and public-key operations.
SNARG: We construct designated-verifier SNARGs with very short proofs, highlighting a novel trade-off between proof size and verifier efficiency.
Incompressible Encryption: We construct a new incompressible encryption scheme. Incompressible encryption remains secure even after key exposure, assuming adversaries had limited space when the ciphertext was transmitted. This offers a lightweight alternative to forward secrecy for long messages.
Space-Hard Functions: We define and construct verifiable space-hard functions and space-lock puzzles, space-based analogues of verifiable delay functions and time-lock puzzles. These enable new applications such as deniable proofs and leverage space limitations of the adversary.
Together, these results demonstrate how a careful study of space-time trade-offs yields both foundational insights and practical cryptographic tools.

September

Vassillen CHIZHOV
Methods for PDE-based Image Reconstruction
(Advisor: Prof. Joachim Weickert)
Monday, 29.09.25, 16:15, building E1 7, room 0.02

This defence talk addresses scattered data interpolation and image approximation, focusing on reconstructions via partial differential equations (PDEs). While classical methods like JPEG and JPEG2000 are widely used, PDE-based inpainting often yields better results for images with low to medium texture content. We extend PDE-based approaches by incorporating diverse features – colour values, derivatives, and local integrals – into the reconstruction process.
Experiments show that these features can reduce the mean squared error by more than 60 % without increasing the data budget. The framework also supports nonlinear operators and features. Since PDE-based methods are computationally demanding, we develop fast inpainting techniques using adaptive finite elements on the CPU, and multigrid solvers on the GPU. This enables real-time inpainting of 4K images.
Beyond efficiency, we tackle data selection for low-error reconstructions through spatial and tonal optimisation. We propose greedy algorithms for spatial selection and fast solvers for large-scale tonal optimisation problems.

Philipp SCHEPPER
Faster, Higher, Easier: Toward a Systematic Study of Parameterized Vertex and Edge Selection Problems
(Advisor: Prof. Dániel Marx)
Monday, 29.09.25, 14:00, building E1 4, room 0.24

We consider the decision and counting versions of the two problem families Λ-Factor and (σ,ρ)-DomSet which generalize Matching, Dominating Set, and Independent Set for suitable choices of sets Λ, σ, and ρ of non-negative integers.
For Λ-Factor, for a given graph G, the goal is to find a set of edges S ⊆ E(G) such that, for every vertex v, the number of incident edges from S is contained in Λ. For (σ,ρ)-DomSet, for a given graph G, the goal is to find a set of vertices S ⊆ V(G) such that, for every vertex in S, the number of adjacent vertices in S is contained in σ and, for every vertex not contained in S, the number of adjacent vertices in S is contained in ρ.
We restrict ourselves to the cases when Λ, σ, and ρ are finite or cofinite and prove efficient algorithms for the two problem families parameterized by treewidth. We complement these algorithmic results by conditional lower bounds, which are based on a variant of the Strong Exponential-Time Hypothesis, to prove that the algorithms are optimal in most cases. When the cofinite sets exclude only few degrees, we additionally parameterize by the number of forbidden values and provide improved algorithmic results.
We extend the general algorithms to the counting versions and provide matching lower bounds for this setting.

Roman HAAS
Test Suite Optimization for Human-in-the-loop Testing Processes in Industry: Addressing Slow Test Feedback and Risks from Untested Changes
(Advisor: Prof. Sven Apel)
Wednesday, 17.09.25, 13:00, building E1 1, room 2.06

In this dissertation, we seek to optimize human-in-the-loop testing processes in industrial practice by enhancing their efficiency and effectiveness. We target two optimization levers: (1) adopting automated test optimization techniques to improve manual testing; (2) supporting test management and quality assurance in the labor-intensive task of allocating test effort and assessing test completion. To accomplish the former, we explore optimization opportunities in manual testing, in particular, established optimization techniques from automated testing. To realize the latter, we prioritize untested code changes according to estimated risk. To achieve our objective, we have conducted a series of empirical studies on human-in-the-loop testing, using methods such as field experiments and sample studies with industry partners. Manual test suites offer great optimization oppor-tunities, since they often suffer from long run times—up to five person-months for our industry partners. Based on historical data and stakeholder interviews with our industry partners, we demonstrate the transferability and effectiveness of optimization techniques from automated to manual testing. Our results show that applying test case selection and prioritization to manual testing captures up to 81% of failures while reducing execution time by 43%. The second optimization lever addresses the labor-intensive code and test reviews which our industry partners conduct to mitigate the risks of untested code changes. We explore risk factors for code changes and propose a simple risk-based prioritization approach for untested code changes. In our evaluation using historical quality assurance documents from our industry partners, this approach was able to prioritize risky changes significantly higher than less risky changes. Our studies have demonstrated the suitability and effectiveness of the proposed solutions in practice, and after our studies, many subjects have been convinced to adopt our solutions by embedding them in their testing process.

Joscha CÜPPERS
Discovering Actionable Insights from Event Sequences
(Advisor: Prof. Jilles Vreeken)
Thursday, 11.09.25, 15:00, building E9 1, room 0.05

This thesis explores how to extract actionable insights from event sequences. Event sequences are fundamental across a wide range of domains, from diagnosing chains of failures to analyzing workflow traces in production systems. Instead of assuming that all events stem from a single underlying process, we allow for the possibility of multiple, potentially concurrent mechanisms – resulting in interleaved and complex structures. We aim to identify and represent these structures using sequential patterns that capture the temporal dependencies between events.
We develop methods that yield succinct and easy-to-understand summaries of event sequences. We start by proposing a method to discover predictive patterns that not only predict that a target event is imminent but also when it will occur. For example, which sequence of events predicts an upcoming failure. Next, we explore how to discover patterns characterized by consistent time delays between events. Furthermore, we study summarization of event sequences in terms of patterns that include generalized events – events that can match multiple observed events. To demonstrate the practical relevance of this line of work, we tackle a domain-specific challenge, modelling network flows and generating synthetic data from the learned model. Lastly, we investigate causal relationships between events by introducing a novel causal discovery method that infers a complete causal graph over all event types.

Joris NIEUWVELD
Algorithmic Problems for Linear Recurrence Sequences
(Advisor: Prof. Joël Ouaknine)
Friday, 05.09.25, 15:00, building E1 5, room 0.29

Linear recurrence sequences (LRS) are among the most fundamental and easily definable classes of number sequences, encompassing many classical sequences such as polynomials, powers of two, and the Fibonacci numbers. They also describe the dynamics of iterated linear maps and arise naturally in numerous contexts within computer science, mathematics, and other quantitive sciences. However, despite their simplicity, many easy-to-state decision problems for LRS have stubbornly remained open for decades despite considerable and sustained attention. Chief among these are the Skolem problem and the Positivity problem, which ask to determine, for a given LRS, whether it contains a zero term and whether it contains only positive terms, respectively. For both problems, decidability is currently open, i.e., whether they are algorithmically solvable.
In this thesis, we present the following results. For the Skolem problem, we introduce an algorithm for simple LRS whose correctness is unconditional but whose termination relies on two classical, widely-believed number-theoretic conjectures. This algorithm is implementable in practice, and we report on experimental results. For the Positivity problem, we introduce the notion of reversible LRS, which enables us to carve out a large decidable class of sequences. We also examine various expansions of classical logics by predicates obtained from LRS. In particular, we study expansions of monadic second-order logic of the natural numbers with order and present major advances over the seminal results of Büchi, Elgot, and Rabin from the early 1960s. Finally, we investigate fragments of Presburger arithmetic, where, among others, we establish the decidability of the existential fragment of Presburger arithmetic expanded with powers of 2 and 3.

August

Gereon FOX
Learning and exploiting temporal dependencies in the synthesis and analysis of video signals
(Advisor: Prof. Christian Theobalt)
Tuesday, 26.08.25, 15:30, building E1 4, room 0.24

The acquisition, reproduction, analysis and modification of visual information are important in all parts of human life – even more so since the advent of sufficiently capable computers. Especially the computational treatment of the temporal dimension is challenging, but also beneficial for many applications. This thesis explores the temporal dimension in three different contexts: For the detection of semantically relevant manipulations, it demonstrates that previous detection methods can be fooled by the same improvements to the manipulation technique that would fool human observers. New methods are presented to nevertheless achieve high detection accuracy, and especially temporal dependencies are shown to help generalise to unseen manipulation methods. For the synthesis of new video signals, previous work has constructed models that entangle spatial and temporal features. This thesis separates these features, reducing memory demand and computation time, as well as the amount of data necessary for training. For the reconstruction of video signals from event data, a data modality for which training data is scarce, the thesis presents a method to turn event data into watchable signals, without using any training data at all, but outperforming previous methods that do so. In each of these contexts, the thesis highlights the degree to which solutions depend on training sets of different sizes, and the impact this has on performance and computational cost.

Jianqiang WANG
Low-Level Software Memory Safety Analysis: Attack and Defense
(Advisor: Prof. Thorsten Holz, now Bochum)
Monday, 04.08.25, 14:00h, building E1 4, room 0.24

Low-level software, as the name suggests, is the kind of software that runs more closely with the hardware than normal applications. They usually undertake the responsibilities of initializing the hardware, setting up the execution environment, and directly interacting with the hardware functionalities. Due to the intrinsic features of the key role played by low-level software, it naturally requires and gains higher hardware privilege than other software to run, making it a promising target for system attackers. To conveniently manipulate the hardware, low-level software developers commonly adopt memory-unsafe programming languages such as C and CC. On the one hand, the direct memory access programming language makes the develop-ment process easier, on the other hand, however, it makes the low-level software prone to be compromised by memory corruption vulnerabilities.
In this thesis, we start with the causes and consequences of memory corruption vulnerability and then showcase that memory safety issue is a main threat to low-level software security. We discuss and analyze low-level software memory safety issues in terms of both their attack and defense sides. From the perspective of the attack scenario, we tackle the problems that still hinder the detection of memory corruption vulnerability detection. In particular, feeding random inputs to the software—a technique called fuzz testing—is used. Specifically, we designed and implemented tailored fuzzers to find the memory cor-ruption vulnerabilities in the low-level software, embedded system firmware, and boot-loader. For each, the fuzzers aim to explore as many parts of the low-level software as well as trigger more crashes as possible. In our experiments, 46 previously unknown vulnerabilities were found, and 11 CVEs were assigned to the findings. From the perspective of defense, providing an easy-to-use framework with rich features for high-level applications while maintaining the memory safety guarantees is the essential part. To solve this problem, we designed and implemented a trusted execution environment framework for RISC-V architecture by utilizing RISC-V hypervisor extension and an existing hardware memory isolation technique. The framework provides full backward compatibility and secure IO, which means an unmodified virtual machine can run directly on top of the framework and benefit from transparent, secure IO transmission. Our experiment showed that the framework achieved similar performance with AMD SEV extension and trivial overhead compared with native running.

July

Rebecca EIFLER
Explaining Goal Conflicts in Oversubscription Planning
(Advisor: Prof. Jörg Hoffmann)
Thursday, 24.07.25, 14:00h, building E1 1, room 407

Many real-world planning scenarios are characterized by oversubscription problems. As a result, not all goals within the given task can be satisfied. Conventional approaches assume global optimization objectives, but identifying such objectives is often difficult, and objectives frequently conflict with one another. An iterative planning approach is more suitable, wherein users consider sample plans and refine their preferences based on these plans. In such a setting, it is crucial to provide not only the plans themselves but also explanations elucidating the conflicts between goals, preferences, and objectives. This facilitates the user’s understanding and enables them to identify satisfactory trade-offs. To this end, we present an explanation framework based on minimal conflicts and demonstrate the usefulness of the explanations in a user study. Additionally, we address the follow-up question „Why is A in conflict with Q?“ by providing explanations based on the minimal relaxa-tions of constraints under which the conflict resolves. Finally, in order to provide valuable explanations, it is essential that explanations cover aspects of the plans in which the user is interested. However, users often find it difficult to formalize their preferences. Therefore, we explore the potential of learning preferences from example plans.

Hai DANG TRAN
Incorporating Knowledge about Entities in Conversational Search
(Advisor: Prof. Gerhard Weikum)
Friday, 18.07.25, 14:00h, building E1 4, room 0.24

Although trained on a vast amount of data, language models (LMs) struggle to fully capture information about entities. This issue is especially noticeable for tail entities, which are sparsely covered or entirely absent from knowledge bases. Modern information retrieval (IR) methods rely on language models. Therefore, they struggle to interpret tail entities and questions about them. To bridge this gap, we propose incorporating knowledge about entities into LM-based models in information retrieval. Our first IR method, EVA [1], addresses the challenge of leveraging knowledge about entities to understand questions. Our second method, CONSENT [2], tackles the challenges of contextualization and handling informal questions in conversational IR setting. This approach particularly focuses on the challenge of understanding questions about tail entities. We propose our third method, EECATS [3], to fight three challenges simultaneously: contextualizing questions, handling long-tail entities in conversational IR, and maintaining efficiency for interactive responses.

Frederic KERBER
Understanding and Supporting Same-Side Interaction with Wrist-Worn Devices
(Advisor: Prof. Antonio Krüger)
Wednesday, 16.07.25, 15:00h, building D3 2, DFKI, Reuse meeting room

Latest advancements in mobile and wearable computing, especially due to miniaturization of technical components, bring up more and more powerful wrist-worn devices with smart features such as touchscreens, advanced sensors or novel interaction possibilities. Despite their technical sophistication, the inherently small screen size generates new challenges, both, for input and output. The mobile nature of the devices results in varying application contexts, while the position on the wrist complicates perception of information as well as interaction with the device — especially with respect to touch input that always requires the involvement of both hands. In this thesis, we investigate same-side interactions only involving the hand that is wearing the device to overcome the aforementioned problems. We contribute to the field of wearable computing and human-computer interaction by investigating the following three directions: Exploration of state-of-the-art interactions concepts, investigation of novel interaction designs, and comparison of opposite and same-side interaction methods. Based on online questionnaires and user studies, insights into the underlying foundations are provided and guidelines for improving the interaction design of smart wrist-worn devices are offered. We further contribute to the dissemination of applications making use of data from wearable devices by providing advanced gesture detection and classification methods. Additionally, a tool is provided to help evaluating the perception of user interfaces for wrist-worn devices.

Alexander DAX
Advancing Security Protocol Verification: A Journey Along The Boundaries Of The Symbolic Model
(Advisor: Prof. Cas Cremers)
Thursday, 10.07.25, 10:00h, building E9 1, room 0.01

Cryptographic protocols underpin modern digital security, yet their formal verification remains a significant challenge. The symbolic model of cryptography addresses this, representing bitstrings as terms and cryptographic operations as semantics of function symbol applications. This approach allows a more abstract representation of protocols, improving scalability and automation during analysis. However, this high level of abstraction can overlook attacks that exploit the subtleties of underlying cryptographic operations. This thesis advances the accuracy of symbolic analysis by refining the abstraction of cryptographic primitives and by assessing the limits of leading verification tools.
First, we propose more detailed symbolic models for cryptographic hash functions, authenticated encryption with associated data (AEAD), and key encapsulation mechanisms (KEMs). We integrate these models into Tamarin, a leading symbolic verification tool, and demonstrate their ability to automatically detect both known and novel attacks in real-world security protocols.
Second, we present the first formal analysis of the Security Protocol and Data Model (SPDM), a widely deployed industry security standard. Our work results in one of the largest Tamarin models to date, pushing the boundaries of symbolic analysis and revealing a severe authentication vulnerability. This discovery led to our proposed fixes being included in both the specification and the reference implementation.

Lea GRÖBER
Challenges for Individual Digital Sovereignty in the Context of Security and Privacy
(Advisor: Dr. Katharina Krombholz)
Friday, 04.07.25, 14:15h, building E9 1, room 0.01

Digital sovereignty empowers individuals to make self-determined decisions and actions regarding digital technologies, particularly concerning security and privacy. This dissertation explores the security and privacy challenges limiting users‘ digital sovereignty through four studies.
First, I investigate self-hosted systems that offer maximum digital sovereignty. A qualitative study explores why people self-host and what challenges they face. A quantitative study examines the prevalence and characteristics of these systems and their operators. These studies highlight the potential for digital sovereignty but underscore significant barriers, especially in securing systems. Next, I examine mainstream technologies that restrict user sovereignty. A study on autonomous vehicles, which require minimal user input but offer limited control, examines the information drivers need for security-critical situations, enabling digitally sovereign use. Lastly, I analyze global corporations’ impact on non-Western populations through a study of Pakistani content creators on social media. The study reveals insufficient safeguards for vulnerable communities in a shifting threat landscape. These studies suggest that while automation can aid, users value informed decision-making in critical contexts. Additionally, reliance on large corporations fails to guarantee security and privacy for all users, emphasizing the need for alternative approaches to enhance digital sovereignty.

Chao WANG
Deep High Dynamic Range Imaging: Reconstruction, Generation and Display
(Advisor: Dr.habil. Karol Myszkowski)
Friday, 04.07.25, 12:30h, building E1 4, room 0.19

High Dynamic Range (HDR) images offer clear advantages over Low Dynamic Range (LDR) images, such as greater bit depth, a wider color gamut, and improved dynamic range, enhancing both visual quality and post-production flexibility. However, challenges remain in HDR content acquisition and display. This thesis investigates deep learning methods informed by physical priors to address these challenges. It explores HDR reconstruction from sparse, defocused LDR inputs using implicit neural representations, and extends to HDR all-in-focus field reconstruction via 3D Gaussian Splatting from multi-view inputs. It further explores HDR generation from in-the-wild LDR images or limited HDR images, leveraging the learned HDR prior for LDR-to-HDR restoration. Lastly, it proposes a self-supervised tone mapping framework based on feature contrast masking loss to enable perceptually faithful HDR display on LDR devices.

Yue FAN
Improving Representation Learning from Data and Model Perspectives: Semi-Supervised Learning and Foundation Models
(Advisor: Prof. Bernt Schiele)
Friday, 04.07.25, 11:00h, building E1 4, room 0.24

Artificial intelligence (AI) has made impressive progress in recent years, yet major challenges remain, including the reliance on large labeled datasets, the difficulty of learning from imperfect unlabeled data, and the need for models that generalize across diverse tasks and do-mains. This dissertation addresses these challenges from both data and model perspectives. The first part improves standard semi-supervised learning methods by introducing new techniques that better utilize unlabeled data, including adaptive pseudo-labeling and representation-based regularization. The second part tackles more realistic learning scenarios, where unlabeled data may be imbalanced, noisy, or domain-shifted, and proposes novel algorithms and a new benchmark to support robust evaluation across multiple domains. The final part takes a step toward general-purpose AI by developing a diffusion-based model capable of handling multiple vision tasks within a unified framework.
Together, these contributions aim to make AI systems more practical, reliable, and versatile, advancing us closer to generalizable and data-efficient learning.

June

Ghazaleh HARATINEZHAD TORBATI
Textual User Profiles for Search-based Recommendation
(Advisor: Prof. Gerhard Weikum)
Friday, 27.06.25, 14:00h, building E1 4, room 0.24

Search-based recommendation is a paradigm that combines users’ long-term profiles with their current search queries to guide the recommendation process. This dissertation investigates how user-generated text can serve as a valuable source for constructing textual user profiles, with an emphasis on transparency and scrutability, enabling users to understand and control their profiles. It makes three key contributions: (1) demonstrating the effectiveness of sparse, questionnaire-based profiles for capturing core preferences; (2) leveraging user-to-user chat data as a novel, richer profiling source; and (3) developing methods to distill concise profiles from long, noisy review texts using a range of techniques.

Jonas BUSHART
Anatomy of DNS: Investigating Vulnerabilities and Countermeasures from Clients to Authoritative Servers
(Advisor: Prof. Christian Rossow)
Wednesday, 04.06.25, 13:00h, building E2 2, room 0.01 (Günter-Hotz auditorium)

The Domain Name System (DNS) is a critical component of the Internet infrastructure, responsible for translating human-readable domain names into IP addresses. However, DNS has been shown to be vulnerable to various attacks, including traffic analysis, semantic bugs, and denial-of-service (DoS) attacks. This dissertation explores the security and privacy of DNS, with a focus on identifying vulnerabilities and developing effective countermeasures.
Our research reveals that encrypted DNS protocols are still susceptible to traffic analysis attacks, despite the use of padding to obscure message sizes. We demonstrate a novel traffic analysis method that can deanonymize website visits with high accuracy, highlighting the need for more effective mitigations. Furthermore, we identify vulnerabilities in recursive DNS resolvers using a mutation-based fuzzer, ResolFuzz, and show that differential fuzzing can be an effective approach to uncovering DNS vulnerabilities.
Our work also explores the threat of (D)DoS attacks against DNS infrastructure, including a new application-layer DDoS attack, DNS Unchained, which uses amplification to overload authoritative name servers. We demonstrate the potential for this attack to be combined with pulsing attacks to create a more powerful and harder-to-block attack. Finally, we assess the resilience of authoritative DNS infrastructures against application-layer (D)DoS attacks and propose an anomaly detection defense that can be deployed by upstream ISPs or Internet Exchange Points to mitigate such attacks. Overall, this dissertation contributes to the understanding of DNS security and privacy and provides insights into the development of effective countermeasures to protect this critical infrastructure.

Janis Peer SPRENGER
Capturing and Simulating Realistic Pedestrian Movements
(Advisor: Prof. Philipp Slusallek)
Monday, 02.06.25 14:00h , building D3 2, NB -1.63, VisRoom

In this colloquium, Janis Sprenger will present and defend his dissertation on the capturing and simulation of realistic pedestrian movements in traffic scenarios. The training and validation of autonomous vehicles in urban environments require simulated vehicle-pedestrian interaction scenarios. However, current driving simulators do not yet provide adequate representations of the pedestrian agents. This work contributes to addressing that gap by supporting three important steps in the creation of realistic pedestrian agents: (i) capturing pedestrian behavior and motion to establish a robust and usable data source, (ii) animating pedestrian agents using data-driven neural networks to generate realistic and intention-revealing motions, and (iii) integrating animation models into existing driving simulators and behavior simulation frameworks through a dedicated and engine-agnostic framework.

May

Yiting QU
Mitigating Risks in Real-World and AI-Generated Visual Content
(Advisor: Prof. Michael Backes)
Thursday, 22.05.25 14:00h , building E9 1, room 0.01

Visual content, such as images and point clouds, is a fundamental medium in the digital age. However, visual content includes many unsafe, harmful, and unauthorized materials. The spread of such content has posed significant risks both to web communities and to the real world. For example, the dissemination of hateful memes could incite hatred against an ethnic group and even cause real-world harm. Although the advancement of artificial intelligence (AI) provides technical solutions for detecting this content, these technologies also have the potential to amplify these risks. In this dissertation, we investigate both real-world and AI-generated risks in visual content through four studies. Our studies highlight AI’s dual role: while it can help mitigate unsafe content, it also accelerates its creation at low cost. We call for collaborative efforts to address the risks posed by unsafe and unauthorized visual content, particularly those introduced by AI generative models.

Hendrik LEIDINGER
SCL(EQ): Simple Clause Learning in First-Order Logic with Equality
(Advisor: Prof. Christoph Weidenbach)
Wednesday, 21.05.25 12:00h , building E1 4, room 0.24

I propose the SCL(EQ) calculus that lifts SCL for first-order logic to first-order logic with equality. SCL(EQ) learns non-redundant clauses only. It builds a trail of annotated ground literals, representing the model assumption for non-ground input clauses. The trail includes propagations (inferred literals) and decisions (guessed literals). When a clause is false under the model assumption, SCL(EQ) derives a new non-ground clause via paramodulation. The new clause is nonredundant under a dynamic ordering, which, along with a maximum term, limits ground literals and ensures termination. I prove SCL(EQ) to be sound and refutationally complete.
SCL(EQ) may use congruence closure (CC) to identify propagations and conflicts efficiently. However, exhaustive propagation of unit clauses already causes a worst case exponential blowup in ground instances. To address this, I propose CC(X), a generalization of CC with variables. It creates an explicit representation of constrained congruence classes of the whole ground input space smaller than the maximum term. I prove CC(X) sound and complete, implement it, and evalu-ate its performance against state-of-the-art CC. Joint work with Yasmine Briefs integrates Knuth-Bendix ordering into CC(X).

Simon SPIES
Shaking Up the Foundations of Modern Separation Logic
(Advisor: Prof. Derek Dreyer)
Friday, 16.05.25 11:00h , building E1 5, room 029

The problem of how to scalably verify large, stateful programs is one of the oldest—and still unsolved—challenges of computer science. Over the last two decades, there has been considerable progress toward this goal with the advent of separation logic, a verification technique for modularly reasoning about stateful programs. While originally only devel-oped for imperative, pointer-manipulating programs, separation logic has in its modern form become an essential tool in the toolbox of the working semanticist for modeling programming languages and verifying programs.
With this thesis, I present a line of work that revisits the foundations of modern separa-tion logic in the context of the separation logic framework Iris. It targets two broader areas: step-indexing and automation. Step-indexing is a powerful technique for modeling many of the advanced, cyclic features of modern languages. Here, Transfinite Iris shows how to generalize step-indexing from proving safety properties to proving liveness properties, and Later Credits enable more flexible proof patterns for step-indexing based on separation logic resources. Automation, on the other hand, is important for reducing the overhead of verification to scale to larger code bases. Here, Quiver introduces a new form of guided specification inference to reduce the specification overhead of separation logic verification, and Daenerys develops new resources in Iris that lay the groundwork for automating parts of Iris proofs using SMT solvers.

Alexander RATH
How to Train Your Renderer: Optimized Methods for Learning Path Distributions in Monte Carlo Light Transport
(Advisor: Prof. Philipp Slusallek)
Tuesday, 06.05.25 10:00h , building D3 2, room -1.63

Light transport simulation allows us to preview architectural marvels before they break ground, practice complex surgeries without a living subject, and explore alien worlds from the comfort of our homes. Fueled by the steady advancements in computer hardware, rendering virtual scenes is more accessible than ever, and is met by an unprecedented demand for such content. Light interacts with our world in various intricate ways, hence the challenge in realistic rendering lies in tracing all the possible paths that light could take within a given virtual scene. Contemporary approaches predominantly rely on Monte Carlo integration, for which countless sampling procedures have been proposed to handle certain families of effects robustly. Handling all effects holistically through specialized sampling routines, however, remains an unsolved problem.
A promising alternative is to use learning techniques that automatically adapt to the effects present in the scene. However, such approaches require many complex design choices to be made, which existing works commonly resort to heuristics for. In this work, we investigate what constitutes effective learning algorithms for rendering – from data representation and the quantities to be learned, to the fitting process itself. By strategically optimizing these components for desirable goals, such as overall render efficiency, we demonstrate significant improvements over existing approaches.

Joris NIX
Challenging Traditional Views and Techniques in Relational Query Processing and Indexing
(Advisor: Prof. Jens Dittrich)
Tuesday, 06.05.25 14:00h , building E1 1, room 4.07

Query processing and indexing are fundamental components of every relational database management system. These areas are concerned with core aspects such as performance, design, and maintenance, which have been the subject of extensive, longstanding research. As a result, well-established methods and paradigms have emerged, particularly in query optimization, index construction, and the design and functionality of SQL. In this thesis, we aim to challenge and redefine some of these traditional views and techniques.
In the first part of this thesis, we question the translation of a logical plan to a physical plan on the granularity of complete operators during query optimization. Instead, we propose to deepen this process by breaking up the abstraction of an operator to consider more fine-granular subcomponents, enabling additional optimization potential. Our experimental validation demonstrates the impact of varying physical representations of a logical operator and highlights that a more holistic optimization approach can significantly improve estimated query plan quality.
In the second part of this thesis, we aim to apply this approach specifically to index structures, which are generally considered monolithic and hand-crafted entities tailored to specific use cases. We propose a generic indexing framework that breaks up index structures by separating a logical index from a physical index similar to the split into logical and physical operators. Furthermore, we formulate index construction as an optimization problem that we solve using genetic programming. Our experiments show that our approach successfully rediscovers existing baselines. In addition, an optimized index tailored to a specific dataset and workload not only matches, but in some cases, surpasses the performance of traditional indexes.
In the third part of this thesis, we propose a single keyword extension to SQL that breaks up the single-table result limitation by allowing to return a subdatabase. This subdatabase contains the tables that participate in the query, each reduced to those tuples that contribute to the traditional query result. We present four SQL-based rewrite methods and an efficient native algorithm that we implemented in a database system with a state-of-the-art compiling query execution engine. The experimental evaluation shows that multiple individual result sets significantly reduce the overall result set size, with our methods adding minimal overhead to the query execution time and, in some cases, even outperforming traditional, single-table execution.

April

Tuan-Phong NGUYEN
Large-Scale Acquisition of Refined Commonsense Knowledge
(Advisor: Prof. Gerhard Weikum)
Thursday, 24.04.25 11:30h , building E1 5, room 0.29

Common-sense knowledge (CSK) about properties of concepts and human behaviors (e.g., elephants are big and eat plants, children love visiting zoos, tipping is not a common practice in Japan) is crucial for robust human-centric AI. However, this kind of knowledge is covered by a small number of structured knowledge projects. Most prior CSK resources are restricted in their expressiveness to subject-predicate-object (SPO) triples with simple concepts for S and monolithic strings for P and O. Furthermore, the plausibility of CSK can vary across cul-tures (e.g., „one should tip the waiter“ is generally true in the US, but not in Japan), which is overlooked in existing resources. This dissertation aims to address these limitations by:
(1) introducing advanced commonsense knowledge models with refined subjects, semantic facets, and culture-specific assertions;
(2) proposing methods for acquiring such knowledge from large-scale web contents and large language models (LLMs). Our methods strive for both high precision and wide coverage with salient assertions, which resulted in CSK resources that outperform existing resources in various intrinsic and extrinsic evaluations.

Max LOSCH
Improving Trustworthiness of Deep Learning via Inspectable and Robust Representations
(Advisor: Prof. Bernt Schiele)
Friday, 11.04.25 15:00h , building E1 4, room 0.24

An increasing number of Deep Learning systems are applied in the real world and have poten-tial impact on peoples lives: autonomous cars, assisted medical diagnosis or social scoring. Attributable to training increasingly complex models on increasingly large datasets, these applications have become useful since they are trained to be accurate prediction machines. Typically, this is achieved by optimizing for accuracy only while disregarding two critical weak points of deep learning persisting since its inception. Firstly, the complexity of used models render it difficult to explain and understand causes for incorrect predictions – coined as black box property. Secondly, models are susceptible to adversarial examples – slight input perturbations otherwise imperceptible to humans – that can result in dramatic changes in predictions. While mitigation approaches exist, these are often expensive to train and hence are not deployed by default in practice. Both issues reduce the trustworthiness of deep learning and could dampen further adoption for real world problems. In this thesis defense, I discuss mitigations for both issues in two parts. In the first part, I discuss our proposed Semantic Bottlenecks that explicitly align intermediate representations to human meaningful concepts like feet, leg, wood, etc. while reducing dimensionality to address the black-box issue and show that these bottlenecks can be useful for error analysis. In the second part, I discuss two ways to mitigate the risk to adversarial examples with a focus on reducing the computational over-head of conventionally used adversarial training:
(i) training on data subsets and (ii) utilize Lipschitz bounds to enable certification.

March

Rui WEN
(Un)Trustworthy Data in Adversarial Machine Learning
(Advisor: Prof. Michael Backes)
Wednesday, 26.03.25 12:30h , building E9 1, room 0.01

Machine learning has become indispensable across various industries, driving innovation and enabling data-driven decision-making. At the core of this technology is the critical role of data, which is fundamental to model training and directly impacts performance. However, this reliance on data also exposes machine learning systems to vulnerabilities, particularly around privacy and security.
In this dissertation, we explore the role of data in adversarial machine learning, focusing on two major challenges: data privacy leakage and data poisoning. First, we investigate privacy leakage in state-of-the-art models by proposing a membership inference attack against in-context learning. We show that even in restricted settings, it is possible to infer whether specific data points were used in training, posing significant risks in sensitive domains such as healthcare and finance. Next, we examine how data can be exploited as an attack surface, introducing a robust poisoning technique capable of bypassing current defenses. We also propose the first dynamic backdoor attack, which uses flexible triggers to evade detection, high-lighting the need for stronger defense mechanisms. Finally, we conduct a systematic study on how data characteristics, such as data importance, affect the success of machine learning attacks. Our results suggest that adjusting data importance can either increase or reduce vulnerability, offering new strategies for both attacks and defenses.
This dissertation contributes to a deeper understanding of adversarial dynamics, helping to build more secure and trustworthy machine learning systems.

Felix KOSMALLA
Computer-Supported Assistive Systems for In-Situ Movement Guidance in Sports
(Advisor: Prof. Antonio Krüger)
Tuesday, 25.03.25 15:00h , building D3 2, VisRoom (-1.63)

Sports have evolved from preparing for survival into a key component of modern fitness and recreation. Regardless of the level of professionalism, correct movement techniques are essential to enhance performance and to reduce the risk of injuries. Traditional self-learning methods often fall short due to their reliance on individual interpretation and execution, while personal trainers, though effective, lack broad accessibility. To overcome these challenges, computer-supported assistive systems offer real-time, context-dependent feedback during sports movements. In our research, we focus on the design and evaluation of such systems, particularly in rock climbing and slacklining. We introduce a slackline training assistant providing automatic instructions and real-time feedback, targeted especially at novices. In rock climbing, we investigated notification channels and visualization methods for expert modeling. To support future research, we developed two enabling technologies: a toolkit for rapid prototyping of smart insoles that provide foot-related feedback and a mixed-reality platform that creates interactive climbing experiences. Together, these contributions advance the field of computer-supported real-time feedback in sports.

Junaid ALI
Designing Fair Decision-Making Systems
(Advisor: Prof. Krishna Gummadi)
Tuesday, 25.03.25 10:00h , building E1 5, room 0.29

The impact of algorithmic decision-making systems on individuals has raised significant interest in addressing fairness concerns within such systems. Designing fair systems entails several critical components, which have garnered considerable attention from the research community. However, notable gaps persist in three key components. Specifically, in this thesis, we address gaps in following components: i) evaluating existing approaches and systems for (un)fairness, ii) updating deployed algorithmic systems fairly, and iii) designing new decision-making systems from scratch. Firstly, we evaluate fairness concerns within foundation models. The primary challenge is that fairness definitions are task-specific while foundation models can be used for diverse tasks. To address this problem, we introduce a broad taxonomy to evaluate the fairness of popular foundation models and their popular bias mitigation approaches. Secondly, we tackle the issue of fairly updating already deployed algorithmic decision-making systems. To this end, we propose a novel notion of update-fairness and present measures and efficient mechanisms to incorporate this notion in binary classification. However, in cases where there is no deployed system or updating an existing system is prohibitively complex, we must design new fair decision-making systems from scratch. Lastly, we develop new fair decision-making systems for three key application scenarios. Major challenges in designing these systems include computational complexity, lack of existing approaches to tackle fairness issues and designing human-subject based studies. We develop a computationally efficient mechanism for fair influence maximization to make the spread of information in social graphs fair. Additionally, we address fairness concerns under model uncertainty, i.e., uncertainty arising due lack of data or the knowledge about the best model. We propose a novel approach for training nondiscriminatory systems that differentiate errors based on their uncertainty origin and provide efficient methods to identify and equalize errors occurring due model uncertainty in binary classification. Furthermore, we investigate whether algorithmic decision-aids can mitigate inconsistency among human decision-makers through a large-scale study testing novel ways to provide machine advice.

Rati DEVIDZE
Reward Design for Reinforcement Learning Agents
(Advisor: Prof. Adish Singla)
Thursday, 20.03.25 11:30 h , building E1 5, room 0.29

Reward functions are central in reinforcement learning (RL), guiding agents towards optimal decision-making. The complexity of RL tasks requires meticulously designed reward functions that effectively drive learning while avoiding unintended consequences. Effective reward design aims to provide signals that accelerate the agent’s convergence to optimal behavior. Crafting rewards that align with task objectives, foster desired behaviors, and prevent undesirable actions is inherently challenging. This thesis delves into the critical role of reward signals in RL, highlighting their impact on the agent’s behavior and learning dynamics and addressing challenges such as delayed, ambiguous, or intricate rewards. In this thesis work, we tackle different aspects of reward shaping. First, we address the problem of designing informative and interpretable reward signals from a teacher’s/expert’s perspective (teacher-driven). Here, the expert, equipped with the optimal policy and the corresponding value function, designs reward signals that expedite the agent’s convergence to optimal behavior. Second, we build on this teacher-driven approach by introducing a novel method for adaptive interpretable reward design. In this scenario, the expert tailors the rewards based on the learner’s current policy, ensuring alignment and optimal progression. Third, we propose a meta-learning approach, enabling the agent to self-design its reward signals online without expert input (agent-driven). This self-driven method considers the agent’s learning and exploration to establish a self-improving feedback loop.

Hannaneh AKRAMI
Share-Based and Envy-Based Approaches to Fair Division of Indivisible Goods
(Advisors: Prof. Kurt Mehlhorn and Prof. Karl Bringmann)
Thursday, 13.03.25 15:00 h , building E1 4, room 0.24

The fair allocation of resources among agents with individual preferences is a fundamental problem at the intersection of computer science, social choice theory, and economics. This dissertation examines scenarios where the resources to be allocated are a set of indivisible goods. Two primary categories of fairness concepts are considered: share-based and envy-based criteria. Each category encompasses desirable notions of fairness, each with distinct advantages and limitations.
In the first part of the dissertation, we study a share-based fairness notion known as the maximin share (MMS). Since MMS allocations do not always exist, we study relaxed MMS allocations and establish positive results in various settings. In particular, we establish the existence of (3/4 + 3/3836)-MMS allocations for agents with additive valuations, and (3/13)-MMS allocations for agents with fractionally subadditive (XOS) valuations.
In addition, we consider ordinal approximations of MMS and prove the existence of 1-out-of-d4n/3e MMS allocations in the additive setting.
The second part of the dissertation focuses on envy-based fairness notions. For indivisible items, the most prominent envy-based criterion is envy-freeness up to any item (EFX). Although the existence of EFX allocations remains open in many general settings, we contribute to this area by proving the existence of EFX allocations for three agents under minimal constraints on their valuations. Furthermore, we establish the existence of relaxed forms of EFX, including epistemic EFX, and approximate EFX with charity.
In the third and final part of this thesis, we move beyond single fairness criteria—whether share-based or envy-based—to establish the existence of allocations that satisfy multiple fairness guarantees. Specifically, we prove the existence of (partial) allocations that are 2/3-MMS and EFX simultaneously. This line of research, while less established, represents a promising direction for future research.

Adrián JAVALOY BORNÁS
Meet my Expectations: On the Interplay of Trustworthiness and Deep Learn-ing Optimization
(Advisor: Prof. Isabel Valera)
Tuesday, 11.03.25 14:30 h , building E1 1, room 4.07

Deep learning has achieved remarkable success across a wide range of real-world applications, but as its adoption grows, so does the need for trustworthiness. In this dissertation, we argue that a key aspect of model trustworthiness is our perception of control over the model, i.e. whether the model meets the pre-existing expectations that we place on it. However, current optimization methods often lack mechanisms to prioritize solutions that fulfill these expectations over equally performing but less compliant alternatives. In this thesis, we explore how deep learning optimization can be guided to produce models that better match our expectations. We examine three families of models—multitask learning (MTL), probabilistic generative models (PGMs), and causal generative models (CGMs)—each presenting increasing levels of complexity in the expectations we place on them. We identify fundamental challenges in current approaches, introduce novel theoretical insights, and propose new algorithms and metrics to better integrate existing expectations into the training process.
For MTL, we discuss the limitations of multi-objective optimization frameworks and propose new ranking-based evaluation metrics and gradient manipulation techniques to improve task interactions. For PGMs, we develop preprocessing and in-processing strategies to ensure balanced learning across data modalities, significantly enhancing model performance. Finally, for CGMs, we introduce a new family of causal normalizing flows (Causal NFs) that provide strong theoretical guarantees for causal inference, addressing a long-standing challenge in the field. By carefully designing inductive biases and optimization constraints, we demonstrate how deep learning models can be made more reliable and compliant with human expectations, which is key for their successful deployment.

Martin FEICK
Hand-based Illusions for Haptics in Virtual Reality
(Advisor: Prof. Antonio Krüger)
Monday, 10.03.25 15:00 h , building D3 2, NB room -1.63 (VisRoom)

Virtual Reality (VR) enables us to dive into artificially generated worlds, creating the illusion of being elsewhere. However, this illusion falls apart when using our hands to interact with objects inside VR because nothing can be physically touched. Haptic feedback is crucial to our everyday interactions in reality, so its sudden absence can disrupt the immersive nature of VR. To address this, a single physical proxy object can approximate virtual objects’ proper-ties to form a combined visuohaptic illusion. We introduce four novel proxy-based approaches that render tactile and kinesthetic haptic feedback for object interactions in VR. To alter proxies’ perceived properties, we explore perceptual illusions that visually offset virtual hand interactions from their real-world counterpart. Here, we contribute three novel hand-based illusions that can simulate different haptic effects. However, introducing offsets be-tween what users see and what they feel risks disrupting the VR experience. Therefore, we set out to quantify the undetectable offset for various types of interactions, properties of proxies, and users’ virtual representations to understand the techniques’ application limits. Fnally, we present a method for continuously monitoring and tailoring hand-based illusions to individuals’ sensitivity to offsets. Together, this thesis advances the field of haptics for hand-based object interactions in VR.

February

Osman Ali MIAN
Practically Applicable Causal Discovery
(Advisor: Prof. Jilles Vreeken)
Friday, 28.02.25 15:00 h , building E9 1, room 0.05

This thesis focuses on discovering causal dependencies from observational data, which is one of the most fundamental problems in science. In particular, causal discovery aims to disco-ver directed graphs among a set of observed random variables under specified assumptions. While an active area of research, existing causal discovery approaches are not always applicable to real-world scenarios. This is mainly due to their underlying assumptions, which limit their applicability in practice.
In this dissertation, we aim to develop approaches that can be applied to several real-world scenarios to discover causal dependencies, under mild assumptions. We first focus on a setting where we discover the complete causal DAG and not just the Markov equivalence class from observational data. We do so by using the principle of choosing the simplest explanation, measured in information-theoretic terms, to develop a theoretically sound causal discovery method. Next, we extend causal discovery to data collected across multiple environ-ments, addressing biases from pooling data with different interventional distributions. To this end, we propose an approach that uses a similar information-theoretic score to discover causal networks in distributed settings without requiring prior knowledge of whether the data is observational or interventional. Furthermore, we develop a method for continual causal discovery from episodic data that updates causal hypotheses as new data arrives, without the need to re-learn causal networks from scratch each time. Our proposed approach for this scenario can learn causal networks adaptively over time and distinguish between episodes that do not belong to the same causal mechanism. Lastly, we tackle the important aspect of privacy-preserving federated causal discovery. To do so, we propose a general framework that effectively identifies global causal networks without ever sharing the data or learning parameters, while ensuring differential privacy.

Till SPEICHER
On Fairness, Invariance and Memorization in Machine Decision and Deep Learning Algorithms
(Advisor: Prof. Krishna Gummadi)
Monday, 24.02.25 15:00 h , building E1 5, room 0.29

As learning algorithms become more capable, they are used to tackle an increasingly large spectrum of tasks. Their applications range from understanding images, speech and natural language to making socially impactful decisions, such as about people’s eligibility for loans and jobs. Therefore, it is important to better understand both the consequences of algorithmic decisions and the mechanisms by which algorithms arrive at their outputs. Of particular interest in this regard are fairness when algorithmic decisions impact people’s lives and the behavior of deep learning algorithms, the most powerful but also opaque type of learning algorithm.
To this end, this thesis makes two contributions: First, we study fairness in algorithmic decision-making. At a conceptual level, we introduce a metric for measuring unfairness in algorithmic decisions based on inequality indices from the economics literature. We show that this metric can be used to decompose the overall unfairness for a given set of users into between- and within-subgroup components and highlight potential tradeoffs between them, as well as between fairness and accuracy. At an empirical level, we demonstrate the necessity for studying fairness in algorithmically controlled systems by exposing the potential for discrimination that is enabled by Facebook’s advertising platform. In this context, we demonstrate how advertisers can target ads to exclude users belonging to protected sensitive groups, a practice that is illegal in domains such as housing, employment and finance, and highlight the necessity for better mitigation methods.
The second contribution of this thesis is aimed at better understanding the mechanisms governing the behavior of deep learning algorithms. First, we study the role that invariance plays in learning useful representations. We show that the set of invariances possessed by representations is of critical importance in determining whether they are useful for downstream tasks, more important than many other factors commonly considered to determine transfer performance. Second, we investigate memorization in large language models, which have recently become very popular. By training models to memorize random strings, we uncover a rich and surprising set of dynamics during the memorization process. We find that models undergo two phases during memorization, that strings with lower entropy are harder to memorize, that the memorization dynamics evolve during repeated memorization and that models can recall tokens in random strings with only a very restricted amount of information.

Denis SUMIN
Data-driven methods for high-fidelity material appearance reproduction in additive 3D printing
(Advisor: Prof. Karol Myszkowski)
Tuesday, 18.02.25 9:00 h , building E1 4, room 0.24

This thesis addresses key challenges in high-fidelity material appearance reproduction for multi-material inkjet 3D printing. Despite recent advances in fullcolor 3D printing, accurate reproduction remains difficult due to the translucency and scattering properties of common print materials. We develop a comprehensive preparation system to overcome these limitations. Our approach introduces an iterative optimization method to refine volumetric material arrangements, mitigating color bleeding and blurring. Using Monte Carlo light transport simulation and a calibration procedure to obtain material scattering parameters, we achieve superior detail preservation and color fidelity, even in highly translucent media and thin features. To improve computational efficiency, we propose a deep learning-based approach to predict light scattering in heterogeneous materials. This method accelerates simulations by two orders of magnitude while maintaining high-quality optimization, enabling practical full heterogeneous material optimization within printing times. Additionally, we evaluate existing image quality metrics for light-field images, develop a dense light-field dataset, and conduct perceptual experiments to assess artifacts in light-field processing. Our findings highlight the need for specialized metrics to better predict perceived quality in complex fabrication tasks. The developed dataset will aid future research in spatially and angularly varying appearance reproduction, contributing to the advancement of 3D printing and computational fabrication.

January

Martin DESHARNAIS
Formal Verification of Logical Calculi and Simulations in Isabelle/HOL
(Advisor: Prof. Christoph Weidenbach)
Wednesday, 29.01.25 14:00 h , building E1 4, room 0.24

This thesis defense describes my formalizations of three proof calculi: SCL(FOL), ground ordered resolution, and ground superposition. The main theorems formalized for each calculus are soundness (i.e., every formula derived from valid formulas is valid) and refutational completeness (i.e., if a formula is invalid, then the calculus can be used to derive a refutation). For SCL(FOL), another main theorem is that derived formulas are nonredundant (i.e., they are not “obvious” from the already known formulas). Ground ordered resolution only has this last property when a suitable strategy is used. I
re-proved and formalized a previously known result that a specific strategy for SCL(FOL) can simulate a specific strategy for ground ordered resolution and vice versa. This was carried out with a framework for simulation proofs that I developed. All formalizations were carried out using the Isabelle/HOL proof assistant.

Hossein HAJIPOUR
AI Code Generation Models: Opportunities and Risks
(Advisor: Prof. Mario Fritz)
Wednesday, 08.01.25 13:30 h , building E9 1, room 0.01

The advancements in artificial intelligence (AI) for software engineering have opened up transformative possibilities in software development and automation, enabling developers to leverage AI-driven tools for tasks that traditionally require significant manual effort. However, this progress is accompanied by significant risks, particularly regarding the security and trustworthiness of the generated code.
This thesis investigates both the capabilities and associated risks of AI code generation models in various dimensions. First, we study the capabilities of these models by proposing neu-ral-based code generation models to repair common programming errors and reverse-engineering black-box functions effectively. In the second part, we investigate the risks associated with these models, particularly regarding out-of-distribution (OOD) generalization and software security issues. We propose a systematic approach to study the ability of the models to generalize to unseen code structures and present a novel method to automatically examine the tendency of AI code generation models to generate vulnerable code instances. Our study reveals that these models can generate various vulnerable code instances in dif-ferent security scenarios. Motivated by the prevalence of vulnerable code samples generated by AI models, in the third part, we introduce Hexacoder, a method that automatically synthesizes secure code examples and utilizes this data to fine-tune code generation models, enhancing their ability to generate secure code.