Dr. Sheikh Mahbub Habib


Area Head, SPIN



phone+49 (6151) 16 - 23199
fax+49 (6151) 16 - 23202
officeS2|02 A312
postal addressTU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt

Short Bio

Sheikh Mahbub Habib (Google Scholar) is leading the SPIN (Smart Protection in Infrastructures and Networks) area in the Telecooperation (TK) Lab. He holds a doctoral degree (Dr. rer. nat.) in Computer Science focusing on IT Security and Trust Management from the Technische Universität Darmstadt. In 2012, he visited the Macquarie University Sydney, Australia as a “Visiting Scholar” to work on "Trust and Security Management Mechanisms in Cloud Computing Environments". He joined the TK lab as a doctoral student in 2009 after obtaining his M. Sc. degree from Chalmers University of Technology in the same year. Sheikh obtained his B.Sc. Engg. degree in Computer Science and Engineering from KUET, Bangladesh in Sept. 2003. Currently, he is involved in several Cybersecurity research projects, namely CROSSING, PAT, PROTECTIVE, funded by the German Research Foundation (DFG) and European Commission (EC). His research interests are computational trust models, logical reasoning of trust, trust management mechanisms, trust-aware security models, and mobile security. 

Current Research Projects

Privacy and Trust for Mobile Users
The project follows the goal of empowering users, protecting privacy, and improving trust among the stakeholders in our connected society.
Cryptography-Based Security Solutions
The goal of this center is to provide cryptography-based security solutions enabling trust in new and next generation computing environments.
PROTECTIVE is an EU H2020 project, which aims to provide security teams, with a greater cyber capability through improved cyber situational awareness (CSA).

Past Research Projects

Center for Advanced Security Research Darmstadt

Publications (browse my Google Scholar page for the complete list)

Additional Attributes


Evidence-Based Trust Mechanism Using Clustering Algorithms for Distributed Storage Systems

Giulia Traverso, Carlos Garcia Cordero, Mehrdad Nojoumian, Reza Azarderakhsh, Denise Demirel, Sheikh Mahbub Habib, Johannes Buchmann
In: 15th Annual Conference on Privacy, Security and Trust (PST), August 2017

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Nikolaos Alexopoulos, Jörg Daubert, Max Mühlhäuser, Sheikh Mahbub Habib
In: TrustCom, August 2017
[Online-Edition: http://stprp-activity.com/TrustCom2017]


Theses (open, ongoing, finished)

4 Entries found


Application Security Prioritization Schema

Master Thesis


In today’s IT ecosystem, big multinational organizations have tens if not hundreds of web applications. It’s usually not possible for global organizations to know the technical specification (security) for all their web applications around the world. According to National Vulnerability database, i.e. NVD, in last 4 years the number of vulnerabilities have been more than 5000 per year. So with hundreds of web applications, more than 5000 vulnerabilities per year and not all technical specification known, it can confusing to decide which application to fix first. So, organizations need framework to prioritize applications which have biggest impact on their business due to vulnerabilities without knowing all the technical details.

The Merck Group has products in health care, Life Science and Performance Materials. The thesis presents a framework called Application Vulnerability Business Impact Framework, i.e. AVBIF. This framework is developed for Merck KGaA which has products in health care, Life Science and Performance Materials. The AVBIF encourages development of ISMS and abstracts the unknown that is technical details by using template based approach. The AVBIF considers the business impact factor in the calculation for severity of vulnerability making the framework sensitive to the business impact. It also considers vulnerable applications exposing other applications which share data, location or login (SSO). Thus the severity rating an organization will get for its applications will be based not only on the severity of the vulnerability but also the impact on the business if the vulnerability is exploited in the web application.


Trust-Oriented Recommender System for Cloud Reputation Services

Master Thesis


The latest trend in computing world is the cloud computing which is Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand. There are numbers of cloud providers that provide different services, e.g. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), to users. Users need to select the most trustworthy service provider that they can totally rely upon to fulfil their demands. For this purpose, trust calculation plays an important role. Because the limited Web interfaces do not allow users to identify the trustworthiness of service providers like typical face-to-face interaction. Users can find the trustworthiness of a service provider in cloud reputation services, e.g. TaaS4Cloud.  The functionality of this web service can be enhanced by users’ ratings and recommendations to make it more user-centric. So that users can select the appropriate provider they need. In this case, trustworthiness of the users should also be considered to get more dependable recommendations. We can fulfil these requirements of users to select the most trustworthy providers by implementing a trust-oriented recommender system for cloud reputation services.


Automating Trustworthiness Assessment of Mobile Applications

Master Thesis


Smartphones have become the information hub for people and organizations.  In order to enhance the usability of smartphones, so-called mobile apps are available in app stores for download. Many of these apps are useful for our daily life. However, the current app stores do not provide means to support users in distinguishing “good” (trusted) apps from the “bad” (untrusted) ones considering security & privacy related factors. In this thesis, a system architecture is proposed to automate the trustworthiness assessment of mobile apps from an end-user perspective. We also plan to develop a solution to realize the system that calculates and visualizes the trust score of mobile apps.  

Trust in Collaborative Intrusion Detection

Master Thesis


Community services



TPC Member:


DateTitleName of the eventLocation
08/06/2017Smart Protection in Infrastructures and
Networks (SPIN)
Invited Talk at the University of OxfordOxford, UK
06/09/2016Computational trust methods for security risk quantification and managementCrisis Conference 2016 (Invited Speaker)Roscoff,France
18/07/2016Computational Trust for Cloud Security QuantificationIFIPTM 2016 (Invited Speaker)Darmstadt, Germany
19/01/2016Trust Establishment Mechanisms for Digital Service EnvironmentsInvited Talk at the East Delta UniversityChittagong, Bangladesh
29/05/2015Computational Trust Methods for Security Quantification in the Cloud Security EcosystemTrust Workshop 2015Darmstadt, Germany
19/11/2014Trust Establishment Mechanisms for Distributed Service EnvironmentsCAST-GI Promotionspreis IT-Sicherheit 2014, Fraunhofer SITDarmstadt, Germany
10/11/2014Computational Trust Methods for Security Quantification: challenges and approachesResearch Colloquium, Quality and Usability Lab, Telekom Innovation LabsBerlin, Germany
29/10/2013Smart Security and TrustTrust Workshop,  The Irish Centre for Cloud Computing & Commerce (IC4)Dublin, Ireland
27/08/2013Trust Establishment Mechanisms for Distributed Service EnvironmentsDoctoral thesis defense, TU DarmstadtDarmstadt, Germany
24/07/2013Ensemble Methods for Computational Trust AssessmentNRG Seminar, National ICT Australia (NICTA)Sydney, Australia
23/07/2013Ensemble Methods for Computational Trust AssessmentResearch Seminar, Advanced Cyber Security Research Centre (ACSRC)@MQSydney, Australia
17/07/2013A Trust-Aware Framework for Evaluating Security Controls of Service Providers in Cloud MarketplacesIEEE TrustCom 2013

Melboune, Australia

21/03/2013A Framework for Evaluating Trust of Service Providers in Cloud MarketplacesACM SAC 2013Coimbra, Portugal


CertainLogic: A Logic for Modelling Trust in Complex Systems under Uncertainty and ConflictNRG Seminar, National ICT Australia (NICTA)Sydney, Australia


Towards a Trust Management System for Cloud ComputingIEEE TrustCom 2011Changsha, China


Trust Establishment in Cloud ComputingIFIPTM'11 Summer School (Poster presentation)Copenhagen, Denmark


A Formal Approach Towards Measuring Trust in Distributed SystemsACM SAC 2011Taichung, Taiwan


Trust Establishment in Cloud Computing TK Dissertation SeminarDarmstadt, Germany
21/10/2009Security Evaluation in Windows Mobile OSAB3 Seminar (CASED)Darmstadt, Germany



A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang