PhD thesis defenses are a public affair and open to anyone who is interested. Attending them is a great way to get to know the work going on by your peers in the various research groups. On this page you will find a list of upcoming and past defense talks.

Please go here for electronic access to most of the doctoral dissertations from Saarbrücken Computer Science going back to about 1990.

March

Miaoran Zhang
Advancing Semantic Understanding in Multilingual and Multimodal Contexts
(Advisor: Prof. Dietrich Klakow)
Monday, 23.03.26, 15:15, building C7 4, room 1.17

Capturing semantic information in texts remains a significant challenge in natural language processing, stemming from the inherent and multifaceted complexity of human expressions. This dissertation advances the semantic understanding capabilities of language models focusing on two key aspects: the encoding of linguistic units into meaningful representations and the modeling of semantic relationships in multilingual and multimodal contexts. It begins by investigating the key factors that influence word embedding learning, followed by a novel method to improve sentence embeddings by combining visual and textual information. Next, a framework is proposed to predict semantic relatedness for under-represented languages. Finally, the research examines the impact of few-shot demonstrations in in-context learning across a wide range of languages and tasks that require nuanced semantic understanding. Overall, these studies combine technical innovations with in-depth analysis, facilitating the development of more robust, multilingual, and multimodal intelligent systems.

Janik Huth
The Subfield Bilinear Collision Problem and its Application to Post-Quantum Signatures
(Advisor: Prof. Antoine Joux)
Friday, 20.03.26, 10:00, building E9 1, room 0.05

In this dissertation, we introduce the Subfield Bilinear Collision (SBC) problem as a new cryptographic hardness assumption and explore its application to post-quantum signature schemes. First, we construct an MPC-in-the-Head (MPCitH) based identification protocol and digital signature scheme from SBC. The resulting signature scheme is more compact compared to previous post-quantum MPCitH proposals, while retaining efficient signing and verification algorithms. Building on this, we design a VOLE-in-the-Head (VOLEitH) signature scheme from SBC, further reducing communication costs and signature size. In order to achieve these improvements, we develop new generic techniques, including a faster hypercube folding algorithm, the correlated GGM forest, and MinMax commitments for GGM trees. These optimizations are not tied to the SBC problem and can therefore be applied more broadly to improve the efficiency of schemes based on MPCitH and VOLEitH. Finally, we extend the methodology of MPCitH beyond digital signatures to Fully Homomorphic Encryption (FHE). We propose Fherret, a novel proof system that leverages MPCitH techniques to provide correctness and honest evaluation guarantees for FHE while preserving circuit privacy. This approach protects against reaction-based attacks without requiring the heavy overhead of zk-SNARK-based methods.

Renas Bacho
Enhancing the Security and Efficiency of Distributed Key Generation and Its Applications
(Advisor: Prof. Julian Loss, now Bochum)
Thursday, 19.03.26, 16:15, building E9 1, room 0.05

Distributed Key Generation (DKG) is a fault-tolerant protocol in which n parties jointly generate a public–secret key pair. The secret key is distributed among the parties via a t-out-of-n threshold secret sharing scheme but is ne-ver reconstructed or stored in a single location. A DKG protocol is essential for bootstrapping threshold cryptosystems without relying on a trusted third party. This eliminates single points of failure and trust, which is crucial for decentralized systems such as blockchains. Key applications of DKG protocols include threshold encryption, threshold signatures, and distributed randomness generation. Indeed, many state-of-the-art Byzantine fault-tolerant (BFT) protocols employ threshold signatures and distributed randomness to enhance communication efficiency, or threshold encryption to prevent censorship.
In this thesis, we make significant progress in strengthening the security guarantees and improving the efficiency of distributed key generation and its applications, particularly threshold signatures and distributed randomness generation. Our main contributions are summarized as follows:
– Part I: We revisit the security of the threshold BLS signature scheme under adaptive corruptions, as used in many state-of-the-art Byzantine fault-tolerant (BFT) distributed protocols. First, we introduce a new security notion for DKG protocols and show that several existing protocols, previously proven only under static security, satisfy this notion under adaptive corruptions. Second, assuming any DKG protocol with this property, we provide a tight adaptive security proof for the threshold BLS signature scheme, thereby justifying real-world parameter choices.
– Part II: We revisit the security of efficient publicly verifiable secret sharing (PVSS) schemes under adaptive corruptions, which are employed in many state-of-the-art distributed randomness beacon and DKG protocols. First, we introduce a new security notion for (aggregatable) PVSS schemes and show that several existing schemes, previously proven only under static security, satisfy it under adaptive corruptions. Second, we demonstrate that this notion directly yields adaptive security for state-of-the-art distributed randomness beacon protocols in their respective network models, which build upon (aggregatable) PVSS schemes satisfying our new notion of unpredictability.

Jan-Oliver Kaiser
Strong Program Logics for Weak Memory and Even Stronger Types for Tactic Programming
(Advisor: Prof. Deepak Garg)
Thursday, 19.03.26, 10:00, building E1 5, room 0.29

Computers have become ubiquitous in everyday life and so have bugs in programs running on those computers. Research in the field of programming languages and verification has produced countless ways to attack the problem of software defects. This thesis concerns itself with two established techniques being applied to an unconventional setting.
Firstly, in the category of extending the applicability of program verification to more realistic settings, we demonstrate how to verify high-performance algorithms and data structures making use of highly efficient memory access patterns that are not automatically synchronized with main memory or other processors’ caches. Hardware and programming languages that expose these weakly or unsynchronized memory accesses are said to have weak memory models. The lack of synchronization in weak memory models goes directly against the assumption of sequential consistency which still sits at the heart of most verification works. Concretely, we show how to perform verification in weak memory models using an existing program logic framework, Iris, that was traditionally limited to sequential consistency. In building on Iris, we inherit its mechanized proof of soundness of the core logic as well as the ability to perform mechanized program verification.
Secondly, we propose to bring the benefits of dependent types to the process of writing and automating proofs in the Rocq proof assistant. This aims to adress the limitations of Rocq’s oldest — and, for a long time, only — tactic language: Ltac. Ltac’s pitfalls are numerous and it is arguably unable to fulfill the requirements of large verification projects. Our contribution is a new tactic language called Mtac2. Mtac2 is based on Mtac, a principled metaprogramming language for Rocq offering strongly typed primitives based on Rocq’s own dependent type system. Mtac’s primitives could already be used to implement some tactics but it lacks the ability to directly interact with Rocq’s proof state and to perform backwards reasoning on it. Mtac2 extends Mtac with support for backwards reasoning and keeps in line with Mtac’s tradition of strong types by introducing the concept of typed tactics. Typed tactics statically track the expected type of the current goal(s) and can rule out entire classes of mistakes that often plague Ltac tactics.

Seyedali Rasaii
Understanding the Impact of Banner Interaction on Web Tracking via Cookies
(Advisor: Prof. Anja Feldmann)
Wednesday, 18.03.26, 15:15, building E1 4, room 0.24

The Internet has become a cornerstone of modern society, revolutionizing how people communicate, conduct business, and access information. Its connectivity capabilities have enabled the emergence of new types of services in the form of online platforms, such as messaging and shopping. In parallel, advertising has become a dominant revenue model for these plat-forms. Consequently, advertising companies utilize tracking technologies, such as cookies, to collect large amounts of data, including Personally Identifiable Information (PII), enabling them to deliver personalized content and targeted advertisements. Although these practices enhance user experience and platform monetization, the extensive collection, storage, and analysis of personal data at scale raises concerns regarding user autonomy and privacy.
Recognizing these concerns, governments and regulatory bodies have introduced frameworks, including the General Data Protection Regulation (GDPR), to safeguard user privacy. Under the GDPR, any website or service that collects or processes personal data—defined in Article 4(1) as any information relating to an identified or identifiable natural person (“data subject”)—of individuals located in the EU must obtain users’ consent prior to data collection. In response to publishers’ efforts to comply with these requirements, consent mechanisms such as cookie banners have emerged to inform users about data collection practices and obtain explicit consent for processing their personal data.
In this study, we evaluate cookie banners from different perspectives in accordance with GDPR provisions and mandates. First, we introduce BannerClick, a tool capable of interacting with cookie banners with nearly 99% accuracy. Using BannerClick, we examine the web cookie landscape through various lenses, including geographic location, device type, and banner interaction modes, providing a comprehensive understanding of how these factors influence the deployment of tracking cookies.
Furthermore, we investigate the emerging trend of cookie paywalls, which allow users to choose between accepting tracking or paying for an ad-free experience, assessing their implications for privacy and accessibility. Lastly, we explore the structural misalignments between existing consent mechanisms and regulatory objectives, demonstrating how seemingly opposing interactions with banners can influence the behavior of subsequently visited websites, thereby extending unwanted tracking via cookies. Ultimately, our findings highlight significant gaps between current consent practices—primarily in the form of cookie banners—and the objectives of privacy laws, emphasizing the need for more practical and user-centric solutions.

Faezeh Nasrabadi
A Binary Analysis Platform for Cryptographic Protocols
(Advisor: Prof. Cas Cremers)
Wednesday, 18.03.26, 14:00, building E9 1, room 0.05

We introduce CryptoBAP, a framework for formally verifying cryptographic protocol implementations directly at the binary level on ARMv8 and RISC-V architectures. CryptoBAP performs crypto-aware symbolic execution on machine code to extract high-level models that capture all feasible execution paths, including complex control flow. These models are then analyzed using established protocol verification tools such as ProVerif, Tamarin, CryptoVerif, and DeepSec, allowing the verification of standard security properties against active adversaries. The framework supports multi-language parallel composition through a unified symbolic semantics, enabling components written in different languages to interoperate seamlessly without the need for translations.
Beyond ensuring functional correctness and protocol security, CryptoBAP extends analysis to include microarchitectural side-channel attacks by integrating leakage models into symbolic analysis. We apply our approach to several real-world systems, such as the Basic Access Control protocol used in e-passports, TinySSH, WireGuard, and WhatsApp. Our evaluations reveal concrete privacy and security vulnerabilities, along with discrepancies between implementations and their specifications, demonstrating the practicality of binary-level formal verification for modern cryptographic software.

Nihar G. Sabnis
Re-envisioning Touch: Designing Embodied Material and Force Experiences with Motion-Coupled Vibrotactile Feedback
(Advisor: Dr. Paul Strohmeier)
Monday, 09.03.26, 10:00, building E1 5, room 1.29

When we interact with the world through the sense of touch, for instance while stretching fabric, pressing a sponge, twisting an object, or gripping a tool, our movements generate subtle vibrations that help us perceive material properties such as texture, softness, and force. These vibrations are tightly coupled to our actions. In contrast, most digital systems rely on “buzz-buzz” vibrations that feel artificial and disconnected from our movements.
In my thesis, I explore how synchronizing vibration with user action—what I call motion-coupled vibration—can transform digital touch from a passive signal into an embodied, action-driven experience. Over the period of my PhD, I developed low-latency open-source hardware to render motion-coupled vibration, explored how motion-coupled vibration can help to create intuitive tactile symbols, conducted psychophysics studies to investigate the perceptual mechanisms which make motion-coupled vibration feel embodied, and extended single limb virtual material rendering using motion-coupled vibration to bimanual material experiences such as stretching, bending and twisting. My research demonstrates how motion-coupled vibration can evoke richer sensations of materiality, connectedness, and force without mechanical actuation. Together, these contributions help in understanding motion-coupled vibration better while extending their applicability to create more natural and embodied material experiences, while pushing the frontier of experiences created using vibrotactile feedback.

February

Xudong Hong
Visually Grounded Story Generation
(Advisor: Prof. Vera Demberg)
Friday, 27.02.26, 15:00, building C7 4, room 1.17

Storytelling is always a central part of human language use. Humans use stories to capture experience, find meaning, and make sense of the world. Story generation is a comprehensive testbed for language, cognition, and reasoning in AI. However, existing automatic story generation systems are largely text-based, which limits their ability to ground text in visual perception. In this thesis, we address this challenge by introducing the task of VGSG, which aims to generate coherent, diverse, and visually grounded stories from visual narratives. We start by asking two research questions: 1) How can VGSG be improved from the aspect of events and characters? 2) How can data collection, model design, and human/automatic evaluations be improved concerning properties, including coherence, diversity, plot progression, and visual grounding?
In order to answer these questions, we first investigate the fundamental elements (characters and events) and properties of good stories (coherence, diversity, and plot progression). After that, we propose a cognitively and linguistically motivated framework to model events and characters and integrate script knowledge for the story generation process. The hierarchical architecture uses graph-based representations to represent events and characters in visual narratives at the first stage and utilizes these representations for story generation at the second stage. Experiments show that graph-based event representations improve diversity and visual grounding of generated stories in VGSG. In addition, representations of events benefit text generation while scripts improve story generation.
Secondly, we design datasets, models, and evaluation methods that bring visual grounding into story generation. We first build the VWP dataset, which contains curated sequences of movie shots with aligned character annotations and human-written stories. The VWP dataset provides more coherent, diverse, and visually grounded narratives than previous datasets, and serves as a strong resource for training and evaluating VGSG models. On top of our framework, we then propose explicit representations for events and characters in visual narratives, and demonstrate how character-grounded features improve local coherence and visual grounding. We further introduce coherence-driven components, including Character Grid, as well as a linguistically inspired learning objective, Visual Coherence Loss. These components learn the recurrence pattern of entities across visual narratives and drive the model to generate coherent character mentions. These contributions establish strong models that outperform state-of-the-art models on both automatic and human evaluations, producing stories that are more coherent, diverse, and visually grounded.
Overall, this thesis proposes VGSG as a notable direction in computational linguistics and AI. By combining linguistic theory, cognitive intuitions, and multimodal deep learning, we propose a framework for building models that generate stories closer to human narratives.

Karl Schrader
Neuroexplicit Models for Data Processing
(Advisor: Prof. Joachim Weickert)
Thursday, 26.02.26, 10:15, building C7 4, room 1.17

This thesis explores hybrid approaches that integrate neural networks into model-based methods for image processing. Model-driven techniques based on differential equations and variational methods offer strong theoretical foundations and mathematical guarantees. If one expresses their goals and the algorithms to achieve them as mathematical equations, they become explicit and human-interpretable. Conversely, neural networks excel across a wide range of tasks but still remain black boxes. To bridge this gap, we investigate how the potential of neural networks can be leveraged by model-based approaches while preserving their interpretability. First, we focus on the model-based side. We propose a new derivation for a class of discretisations, which can then be implemented using typical neural network building blocks for a fast implementation. Next, we demonstrate that even simple neural solvers can effectively address numerically challenging problems, achieving good results for the inpainting of images and sound fields. Finally, we propose a neural mask optimisation framework for diffusion-based inpainting. It leads to the first neural method capable of handling high-resolution images by harmoniously combining model-based principles with neural optimisation. By embedding neural solutions within the structure of established model-based frameworks, our work advances the field of neuroexplicit computing and constructs interpretable yet performant approaches.

Yusra Elbitar
Understanding User Consent Choices: An Exploration of the Runtime Permission Model in the Mobile and Web Ecosystem
(Advisor: Dr. Sven Bugiel)
Wednesday, 25.02.26, 16:00, building E9 1, room 0.01

Modern mobile and web applications rely heavily on access to sensitive user data to deliver personalized and feature-rich experiences. To support informed decision-making, platforms allow developers to shape permission requests through timing and explanatory rationales, yet surprisingly little is known about how these design choices influence users’ decisions.
In this dissertation, we present a comprehensive investigation into how the design of permission requests affects user behavior across mobile and web platforms. Through three large-scale empirical studies, we examine when users are most likely to grant access, how language and visual framing shape trust and understanding, and how real-world developers implement permission rationales in practice. Our findings reveal that seemingly subtle design choices can significantly influence user consent, often in ways users themselves do not recognize.
This work offers concrete design recommendations for developers and platform designers while raising critical questions about transparency, manipulation, and standardization in permission rationales. Ultimately, we lay the groundwork for more trustworthy, user-centered permission request systems.

Zhixiong Zhuang
AI Model Stealing under Realistic Threat Models: Risks and Countermeasures
(Advisor: Prof. Mario Fritz)
Wednesday, 25.02.26, 15:00, building E9 1, room 0.05

Artificial intelligence (AI) models are widely deployed in real-world applications such as control systems, healthcare, and generative AI services, where they constitute valuable intellectual property. Recent research has shown that attackers can replicate model functionality through black-box access, raising serious concerns about security and intellectual property protection, especially in practical deployment settings.
This dissertation investigates AI model stealing under realistic threat scenarios to advance the security of AI systems. Specifically, we focus on two central questions: (1) Can model functionality be extracted in specific, real-world applications? (2) How does the rise of GenAI reshape the model stealing landscape, both by enabling new attacks and by requiring defenses against theft of the GenAI models themselves? We study model stealing in control systems and healthcare, showing that effective extraction is possible even under strict constraints such as the absence of environment access or domain-specific data. We further examine how generative AI–based image synthesis enables scalable automated attacks, and how system prompts emerge as new targets for functionality stealing and defense. Overall, this dissertation characterizes the risk landscape of AI model stealing under realistic threat models and offers guidance for building more secure and resilient AI systems in practice.

Sneha Singhania
High-coverage Information Extraction from Web and Narrative Texts
(Advisors: Dr. Simon Razniewski and Prof. Gerhard Weikum)
Tuesday, 24.02.26, 10:00, building E1 5, room 0.29

Information extraction (IE) transforms unstructured text into structured representations, such as subject-predicate-object triples. While prior IE methods have largely prioritized precision, many knowledge-intensive applications require high recall. This dissertation advances methods for high-recall IE across three settings. First, for webscale documents, we introduce the task of predicting document-level information coverage for relation extraction and propose a lightweight classifier that prioritizes high-recall documents under budget constraints. We further present a framework for extracting temporally grounded OpenIE propositions from evolving documents and integrating them into retrieval-augmented generation. Second, for parametric LLM knowledge, we study the multi-valued slot-filling task and formulate extraction as a rank-then-select task using predicate-specific prompting. Third, for long-form narrative texts, we introduce a two-stage framework that combines recall-oriented generation with precision-oriented scrutinization to extract long object lists. Together, by rethinking the interplay between retrieval and extraction, this thesis advances the state of high-recall IE.

Niklas Metzger
Algorithms for Reasoning about Information Flow and Knowledge in Distributed Systems
(Advisor: Prof. Bernd Finkbeiner, now Munich)
Monday, 23.02.26, 16:15, building E9 1, room 0.05

This thesis shows how reasoning about information flow and knowledge, two core hyperproperties in the security and verification of distributed systems, can guide the design of correct-by-construction synthesis algorithms. Traditionally, these notions appear only as system requirements: security constrains information flow, and agents act based on what they know. By reinterpreting them as principles for algorithm design, we develop fundamentally new compositional synthesis methods. For distributed synthesis, whose goal is to automatically build component implementations that jointly satisfy a specification, we introduce explicit assumptions about the necessary information flow between components. These assumptions enable a decomposition into subproblems whose local solutions compose into a globally correct system. For controller synthesis, where the synthesized controller has to correctly govern a plant, we introduce prophecies: declarative statements of what a controller must know about a plant’s implementation. Prophecies allow us to construct a universal controller that is correct for all plants and can later be specialized to a concrete plant. Finally, we take first steps toward handling common knowledge, the shared agreement among agents, by lifting existing temporal hyperlogics to express second-order hyperproperties. We also present a monitoring algorithm that checks, during execution, whether a distributed system satisfies a second-order hyperproperty.

Khwaja Zubair Sediqi
Unexpected Routes: BGP Prefixes Beyond Recommended Practices
(Advisor: Prof. Anja Feldmann)
Tuesday, 17.02.26, 10:00, building E1 4, room 0.24

The Internet is composed of a vast collection of interconnected networks, also known as Autonomous Systems (ASes). ASes use Border Gateway Protocol (BGP) to exchange the reachability information of IP prefixes. The Resource Public Key Infrastructure (RPKI) enhances BGP security by providing cryptographically verifiable objects that confirm the ownership of the IP prefix by an AS. A set of well-documented best practices and guidelines for route announcements governs the Internet’s interdomain routing between ASes. For proper operation of Internet routing, adherence of network operators to the recommended norms and best practices is important. Among these best practices are the recommendations for using prefix lengths up to /24 for IPv4 and up to /48 for IPv6, single origin AS for IP prefix announcement, and registering a single prefix per Route Origin Authorization (ROA) object in RPKI. However, not all network operators follow these recommendations and instead their
route announcement might be based on their policies, business needs, or technical limitations. Deviating from best routing practices can lead to routing inconsistency, complicate prefix origin validation, and disrupt network performance. This dissertation examines the routing ecosystem for violations of aforementioned best practices. We define these cases as “unexpected routes” because they represent routes that are less anticipated and remain underexplored in prior research.
First, we examine the routing ecosystem of the Internet for IP prefix sizes that are too specific. More precisely, we focus on IP prefixes more specific than /24 in IPv4 (i.e., /25 to /32) and than /48 for IPv6 (i.e., /49 to /128), and we refer to these prefixes as Hyperspecific Prefixes (HSPs). We analyze over eleven years of BGP data from well-known route collector projects to understand the evolution, examine their BGP communities and CIDR sizes to understand the reasons for HSP existence, and the potential role they might serve in Internet routing. Our findings show that most HSPs are accidental (internal) route leaks, or infrastructure peering subnets, and BGP blackholing. Next, we examine the origin AS for IP prefixes announced via BGP to the Internet. Using single-origin AS for a prefix is recommended; however, the routing ecosystem of the Internet exhibits several thousand prefixes having Multi Origin AS (MOAS) prefixes. We analyze MOAS prefixes, using over six years of daily BGP Routing Information Base (RIB) snapshots from route collectors to examine the lifespan, propagation pattern, and potential relationship between the origin ASes of MOAS prefixes and the reason for MOAS prefixes’ existence on the Internet. Our findings reveal that mergers of companies are the largest contributors to MOAS prefixes, and examining their CIDR size reveals their potential usage for fine-grained traffic engineering. Hypergiants, including Google and Amazon, are also among the user of MOAS prefixes. Then, we analyze the potential relationship between IPv4 and IPv6 address families at the prefix level. We use DNS records hosted on IPv4 and IPv6 prefixes and apply the Jaccard similarity index, as a suitable approach, to identify pairs of IPv4 and IPv6 prefixes having a similar set of DNS records on their IPs and refer to them as sibling prefix pairs. We identify 76k IPv4-IPv6 sibling, and 60% of sibling prefixes are registered to the RPKI. Finally, we examine the current ROA structure across five RIRs’ RPKI trees for single prefix per ROA recommendation and analyze the RPKI validation delay by setting a testbed. We find that current ROA structure across five RIRs is not the same, and the network delay and cryptographic verification of ROAs are the main delay contributors in RPKI synchronization process.

Till Schlüter
Systematic Characterization, Exploitation, and Protection of Microarchitectural Features
(Advisor: Dr. Nils Ole Tippenhauer)
Tuesday, 10.02.26, 10:00, building E9 1, room 0.01

Modern digital infrastructure relies on fast, efficient processors. To achieve high performance, CPUs incorporate proprietary microarchitectural optimization features. These features, however, can inadvertently introduce security vulnerabilities that compromise fundamental platform guarantees. We examine microarchitectural features from three perspectives: characterization, exploitation, and protection. We develop novel methods to characterize security-critical microarchitectural properties, including the Leakage Template, an abstract representation of a side channel. We propose how Leakage Templates can be created and utilized to find instances of the channel they describe in real programs.We also design FetchBench, a framework for characterizing hardware prefetching mechanisms. Using FetchBench, we uncover an unknown Spatial Memory Streaming (SMS) prefetch-er implementation in a commercial processor and show how it can be exploited to leak secrets across privilege domains. On the defensive side, we design and implement PreFence, an efficient mitigation against prefetching-based attacks that selectively disables prefetchers during security-critical code execution. Finally, we systematize defenses against attacks on microarchitectural features by analyzing academic and non-academic literature. We point out a bias towards the x86_64 architecture and identify gaps where no defenses are proposed against the attacks we consider.

Pascal Hennen
An Empirical Evaluation of Messy BGP Data Sources
(Advisor: Prof. Anja Feldmann)
Monday, 09.02.26, 15:00, building E1 4, room 0.24

The Internet is the world’s largest human-build system and as such evolved to be rather complex. Operators use the Border Gateway Protocol (BGP)—the Internet’s de-facto inter-AS routing protocol—to enable global connectivity. However, routing on the Internet is evolving. Although the specification of BGP has not changed since decades, its additions and usage patterns have. Thus, BGP has become an important topic to study for researchers. They use BGP data to, e.g., understand routing decisions, map the Internet’s topology, and improve security. Each AS uses BGP to realize its routing policies based on the business agreements that they have with its neighboring ASes. ASes typically do not share their business agreements publicly. Yet, ASes need to see the effects of a change in their BGP configuration. Route collector projects such as RouteViews and RIPE’s Routing Information Service (RIS) collect BGP data from as many ASes as possible and make that data publicly available in BGP archives. In addition, data broker services provide interfaces to these BGP archives. Whereas operators use this data to optimize their networks, researchers frequently use this data to study and understand the routing ecosystem. Until now the consistency and reliability of these data sources was usually assumed to be a given. However, it is not. In this dissertation, we fill this gap by investigating the temporal consistency (are routes recorded when they should be) and internal consistency (are routes recorded correctly). Furthermore, we evaluate whether a popular BGP route collector data broker (BGPStream’s broker) reliably returns all data files according to supplied search terms.
As a policy-based protocol, BGP is implemented on the border routers of ASes. A border router maintains multiple BGP sessions and selects the best route for a prefix by evaluating all learned routes. This is done via BGP attributes. Adjusting these BGP attributes and/or filtering routes allows an AS to implement its routing policies and manage its relationships with other networks. It is commonly assumed that ASes use the same BGP policies for all sessions with the same neighbor AS, preferring the same next-hop AS for the same prefix. In this dissertation, we show that this is often not the case—we refer to such ASes as being heterogeneous. We propose two inference methods to (i) quantify the number of heterogeneous ASes as observed by the route collectors, and (ii) identify ASes which explicitly diverge from the conventional BGP behavior. Route collectors yield a public view of the Internet—they do not show privately assigned BGP attributes. Thus, ASes collaborate with each other and operate publicly accessible Looking Glasses (LGs).
LGs are websites that allow other operators to perform queries on a subset of routers within the ASes to gather routing information. In this dissertation, we collect a LG dataset that focuses on collecting BGP attributes from more than 149 LGs in 154 ASes from 931 routers via scraping LGs. Hereby, the difficulties relate to the non-uniformity of the LGs—most interfaces differ, the fluctuating accessibility of the LGs, as well as the different output formats. To overcome this we combined manual configuration with an automated scraping process followed by careful post-processing and manual checks.

Sebastian Schirmer
Specifying Monitors for Autonomous Cyber-Physical Systems
(Advisor: Prof. Bernd Finkbeiner, now Munich)
Friday, 06.02.26, 16:00, building E1 1, room 407

In this thesis, we investigate and apply specification-based monitoring for autonomous cyber-physical systems, such as unmanned aerial vehicles (UAV). The aim is to support development and ensure safe and correct operation.
First, we show how aviation safety documents map to monitoring and how system behaviors are formalized. In particular, we propose temporal behavior trees (TBT), which build upon the widely used Behavior Tree (BT) framework for robotic task execution by combining it with temporal languages. TBTs provide a modular structure for decomposing complex tasks and enable retrofitting monitoring into applications that use BT.
Second, we present offline monitoring algorithms that analyze system log files post-execution. We introduce trace segmentation that splits the trace into segments and assigns them portions of the specification. This helps to understand which parts of the specification are violated and require further development. We then propose trace repair that minimally modifies a trace that violates its specification so that it satisfies it. Our experiments include an autonomous landing of a UAV on a ship and demonstrate their practical use.
Last, we present tools for online monitoring that ease the integration of specified monitors and validate these monitors in real-world flight tests. The results confirm the effectiveness of our specified monitors in safeguarding both machine learning components and UAV operations.

Philipp Christmann
Question Answering over Heterogeneous Sources
(Advisors: Prof. Gerhard Weikum  & Dr. Rishiraj Saha Roy)
Friday, 06.02.26, 10:00, building E1 4, room 0.24

Question answering (QA) systems provide crisp answers to questions posed by end users. Most existing QA systems rely on a single type of information source for answering: either a curated knowledge base (KB), or a text corpus, or a set of web tables, which limits their answer coverage.
This dissertation makes the following salient contributions:
(i) Proposing a general 3-stage architecture for answering questions over heterogeneous sources to improve answer coverage.
(ii) Developing end-to-end QA systems for conversational questions with incomplete intent, temporal questions with implicit or explicit time constraints, and complex questions that involve aggregation, grouping and joining of information from different sources.
(iii) Constructing large-scale benchmarks for conversational, temporal, and complex QA, as well as QA over personal data, which require the integration of heterogeneous sources.
By design, answers obtained by our QA systems can be traced back to the underlying evidence, and the approaches build upon small-scale language models for computational efficiency.

Magdalena Theresa Kaiser
Reinforcement Learning from Implicit Feedback for Conversational Question Answering
(Advisors: Prof. Gerhard Weikum  & Dr. Rishiraj Saha Roy)
Wednesday, 04.02.26, 10:00, building E1 4, room 0.24

Conversational systems that enable interactions with users in natural language to satisfy their information needs and assist them in completing their tasks have been a long-standing goal. Recent advancements in Machine Learning and Natural Language Processing have enabled the development of such systems. Feedback is essential to continuously improve and adapt these systems to users’ needs. This thesis focuses on Conversational Question Answering (ConvQA), where the task is to provide crisp answers to fact-centric questions, formulated in natural language. ConvQA models are usually trained and evaluated on benchmarks of gold-standard question-answer pairs. Manually judging answer correctness is costly and therefore often not available in real-world scenarios. If available, these judgments are often limited in scope and quality. This thesis studies forms of implicit feedback to effectively train and improve conversational systems from limited amounts of data.

January

Linjie Lyu
Global Illumination in Inverse Rendering: From Probabilistic Reconstruction to Generative Editing
(Advisor: Prof. Christian Theobalt)
Friday, 16.01.26, 16:00, building E1 4, room 0.24

Reconstructing geometry, materials, and lighting from images – known as inverse rendering – is a central problem in computer graphics and vision. A key difficulty lies in accurately modeling global illumination effects such as shadows, reflections, and color bleeding, which are essential for realistic scene understanding but challenging to infer from limited visual observations.
This thesis advances inverse rendering by explicitly accounting for global illumination while addressing two fundamental challenges: ambiguity in reconstructing 3D scenes from images, and the high computational cost of simulating light transport. To handle ambiguity, we introduce probabilistic inverse rendering frameworks that represent multiple plausible scene interpretations, enabling uncertainty-aware reconstruction and principled strategies for image acquisition. To improve efficiency, we develop differentiable rendering techniques that approximate complex light transport, including fast soft shadow computation and neural representations that enable efficient relighting under unknown illumination.
In addition, we explore diffusion-based generative models as complementary priors for global-illumination-aware image decomposition and editing, enabling semantic manipulation of lighting and materials without full 3D reconstruction.
Together, these contributions form a unified framework for scalable and robust inverse rendering in complex environments. By combining physical mo-deling, uncertainty reasoning, and generative priors, this work enables more reliable scene reconstruction and editing, with applications in 3D content creation, visual effects, and augmented reality.

Mallikarjun BR
Monocular face reconstruction and editing using priors learned from 2D data
(Advisor: Prof. Christian Theobalt)
Tuesday, 13.01.26, 09:00, building E1 5, room 0.02

Digital facial models equipped with semantic editing capabilities play a pivotal role across various domains such as film, gaming, telepresence, and social media. Conventionally, digital modeling involved representing both geometric and appearance properties, with the ability to semantically edit expressions and appearances in response to scene illumination changes and facial part alterations. Traditionally, achieving this level of fidelity necessitated costly setups like multi-view and light-stage rigs, limiting accessibility due to physical and financial constraints. Consequently, methods that require just a single monocular image offer substantial practical advantages, albeit facing the challenge of being under-constrained. To address this challenge, methods often rely on prior models, such as 3D Morphable Models (3DMM), constructed from a collection of 3D scans. However, acquiring large-scale 3D scans poses its own set of challenges, thereby limiting the quality of the prior model based on available data. In this thesis, a novel approach is proposed to learn a 3DMM model directly from extensive unstructured video and image datasets. Furthermore, existing methods typically approximate skin as a diffuse surface, failing to accurately capture photo-realistic appearance, particularly under complex illumination conditions involving diffuse, specular, subsurface scattering, self-shadows, and inter-reflections. To address this limitation, a new neural representation is proposed to estimate intricate illumination effects. Additionally, while modeling facial appearance, it’s crucial to account for non-facial regions like hair and neck. This thesis introduces a method leveraging a pre-trained 2D Generative Adversarial Network (GAN) to synthesize novel views and illumination, ensuring comprehensive modeling of these regions. Facial structures encompass various semantic parts like hair, eyes, and eyebrows. Existing methods often overlook certain parts or use a unified representation, hindering specific part-editing tasks. To overcome this, a compositional generative model is proposed, treating each part as a distinct entity. Efficient and photorealistic models are essential for wide-spread adoption. Thus, this thesis proposes an efficient 3D generative model capable of real-time sampling and rendering. Moreover, this model offers dense 3D correspondenc-es between samples, enhancing its utility for downstream applications. Lastly, the thesis provides an outlook on future research directions for each sub-problem addressed herein.

Vagrant Gautam
Fair and Faithful Processing of Referring Expressions in English
(Advisor: Prof. Dietrich Klakow)
Friday, 09.01.26, 15:00, building C7 4, room 1.17

Names (“Vagrant”), pronouns (“they”) and definite descriptions (“the birder”) are examples of referring expressions, linguistic forms that point to referents. The many-to-many relation-ship between these forms and the referents they denote make referential reasoning a significant challenge for natural language processing systems that deal exclusively with linguistic form. Beyond denotational meanings, referring expressions can also have gendered and racial connotations, leading to their use in measuring sociodemographic biases in society and NLP systems. In this talk, I will introduce theoretical arguments and empirical evidence that refer-ring expressions are problematic proxies for sociodemographic factors. Then, I will present my work on disentangling meaningful reasoning about pronominal reference from shallow repetition. After this overview of my dissertation, I will conclude with a broader perspective on fair and faithful natural language processing, beyond referring expressions and English.

Hoang Thu Trang Do
Transcriptomic and Proteomic Rewiring in Tissue-specific Regulation
(Advisor: Prof. Volkhard Helms)
Friday, 09.01.26, 13:00, building E2 1, room E007

The identity of a cell is characterized by its distinct physiology and behaviours, which develop from a single embryonic cell during the course of development. The differences between cell types or tissues within an organism are reflected at multiple levels, from its genetic components in DNA and RNA, to protein interactions and characteristic signalling pathways. In this doctoral thesis, the rewiring events at different omics levels that are linked by various cell-dependent regulatory factors were investigated, ultimately to deepen the understanding of cells fate and identity. The first study „Association between Differential Exon Usage and De-regulated Epigenetic Marks in Development“ focuses on the interplay between alternative splicing (AS) and epigenetic deregulation, while two later studies, namely „A better brain? Alternative spliced STIM2 in hominoids arises with synapse formation and creates a gain-of-function variant“ and „HyperTRIBE identifies IGF2BP2/IMP2 targets in vivo and links IMP2 to autophagy“, explore the functional roles of specific transcript variant and RBPs in specific cell types and experiment contexts. In the second chapter, three projects including „Detecting Re-wiring Events in Protein-Protein Interaction Networks Based on Transcriptomic Data“, „PPIX-press and PPICompare Webservers infer condition-specific and differential PPI networks“ and „Tissue-specific RNA binding protein networks provide insights on splicing processes“, assessed and developed a new workflow consisting of two webservices for analyzing protein-protein interaction networks with the ultimate aim to study the differential interactions of RBPs across various cell types and tissues that may associate with AS.