Dr. Sheikh Mahbub Habib


Area Head, SPIN



phone+49 (6151) 16 - 23199
fax+49 (6151) 16 - 23202
officeS2|02 A312
postal addressTU Darmstadt - FB 20
FG Telekooperation
Hochschulstraße 10
D-64289 Darmstadt

Short Bio

Sheikh M. Habib (Google Scholar) is a Senior Researcher at the Telecooperation lab. Additionally, he is leading the SPIN (Smart Protection in Infrastructures and Networks) area as a part of the Telecooperation Lab. He joined the lab as a doctoral student in 2009 after obtaining his M. Sc. degree from Chalmers University of Technology in the same year. Sheikh obtained his doctoral degree from Technische Universität Darmstadt in 2013 for his work on computational trust mechanisms with focus on distributed service environments. His research was funded through LOEWE CASED, an initiative by the Hessen State Ministry of Higher Education, Research and the Arts of Germany. Sheikh obtained his B.Sc.Engg. degree in Computer Science and Engineering from KUET, Bangladesh in Sept. 2003.

Research Interests

  • Computational trust models

  • Logical reasoning of trust

  • Trust management mechanisms

  • Trust-aware security models

  • Mobile security

Current Research Projects

Privacy and Trust for Mobile Users
The project follows the goal of empowering users, protecting privacy, and improving trust among the stakeholders in our connected society.
Cryptography-Based Security Solutions
The goal of this center is to provide cryptography-based security solutions enabling trust in new and next generation computing environments.
PROTECTIVE is an EU H2020 project, which aims to provide security teams, with a greater cyber capability through improved cyber situational awareness (CSA).

Past Research Projects

Center for Advanced Security Research Darmstadt

Publications (browse my Google Scholar page for the complete list)

Towards Trust-aware Collaborative Intrusion Detection: challenges and solutions

Author Emmanouil Vasilomanolakis, Sheikh Mahbub Habib, Rabee Sohail Malik, Pavlos Milaszewicz, Max Mühlhäuser
Date June 2017
Kind Inproceedings
PublisherSpringer International Publishing
Book titleInternational Conference on Trust Management (IFIPTM)
LocationGothenburg, Sweden
Research Areas SPIN: Smart Protection in Infrastructures and Networks, Telecooperation
Abstract Collaborative Intrusion Detection Systems (CIDSs) are an<br />emerging field in cyber-security. In such an approach, multiple sensors<br />collaborate by exchanging alert data with the goal of generating a complete<br />picture of the monitored network. This can provide significant improvements<br />in intrusion detection and especially in the identification of<br />sophisticated attacks. However, the challenge of deciding to which extend<br />a sensor can trust others, has not yet been holistically addressed<br />in related work. In this paper, we firstly propose a set of requirements<br />for reliable trust management in CIDSs. Afterwards, we carefully investigate<br />the most dominant CIDS trust schemes. The main contribution of<br />the paper is mapping the results of the analysis to the aforementioned<br />requirements, along with a comparison of the state of the art. Furthermore,<br />this paper identifies and discusses the research gaps and challenges<br />with regard to trust and CIDSs.
Website http://wp.portal.chalmers.se/ifiptm2017/
Full paper (pdf)
[Export this entry to BibTeX]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.


Theses (open, ongoing, finished)

4 Entries found


Trust-Oriented Recommender System for Cloud Reputation Services

Master Thesis

in progress

The latest trend in computing world is the cloud computing which is Internet-based computing that provides shared computer processing resources and data to computers and other devices on demand. There are numbers of cloud providers that provide different services, e.g. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), to users. Users need to select the most trustworthy service provider that they can totally rely upon to fulfil their demands. For this purpose, trust calculation plays an important role. Because the limited Web interfaces do not allow users to identify the trustworthiness of service providers like typical face-to-face interaction. Users can find the trustworthiness of a service provider in cloud reputation services, e.g. TaaS4Cloud.  The functionality of this web service can be enhanced by users’ ratings and recommendations to make it more user-centric. So that users can select the appropriate provider they need. In this case, trustworthiness of the users should also be considered to get more dependable recommendations. We can fulfil these requirements of users to select the most trustworthy providers by implementing a trust-oriented recommender system for cloud reputation services.


Trust in Collaborative Intrusion Detection

Master Thesis

in progress


Application Security Prioritization Schema

Master Thesis


In today’s IT ecosystem, big multinational organizations have tens if not hundreds of web applications. It’s usually not possible for global organizations to know the technical specification (security) for all their web applications around the world. According to National Vulnerability database, i.e. NVD, in last 4 years the number of vulnerabilities have been more than 5000 per year. So with hundreds of web applications, more than 5000 vulnerabilities per year and not all technical specification known, it can confusing to decide which application to fix first. So, organizations need framework to prioritize applications which have biggest impact on their business due to vulnerabilities without knowing all the technical details.

The Merck Group has products in health care, Life Science and Performance Materials. The thesis presents a framework called Application Vulnerability Business Impact Framework, i.e. AVBIF. This framework is developed for Merck KGaA which has products in health care, Life Science and Performance Materials. The AVBIF encourages development of ISMS and abstracts the unknown that is technical details by using template based approach. The AVBIF considers the business impact factor in the calculation for severity of vulnerability making the framework sensitive to the business impact. It also considers vulnerable applications exposing other applications which share data, location or login (SSO). Thus the severity rating an organization will get for its applications will be based not only on the severity of the vulnerability but also the impact on the business if the vulnerability is exploited in the web application.


Automating Trustworthiness Assessment of Mobile Applications

Master Thesis


Smartphones have become the information hub for people and organizations.  In order to enhance the usability of smartphones, so-called mobile apps are available in app stores for download. Many of these apps are useful for our daily life. However, the current app stores do not provide means to support users in distinguishing “good” (trusted) apps from the “bad” (untrusted) ones considering security & privacy related factors. In this thesis, a system architecture is proposed to automate the trustworthiness assessment of mobile apps from an end-user perspective. We also plan to develop a solution to realize the system that calculates and visualizes the trust score of mobile apps.  


DateTitleName of the eventLocation
06/09/2016Computational trust methods for security risk quantification and managementCrisis Conference 2016 (Invited Tutorial)Roscoff,France
18/07/2016Computational Trust for Cloud Security QuantificationIFIPTM 2016 (Invited Talk@Graduate Symposium)Darmstadt, Germany
19/01/2016Trust Establishment Mechanisms for Digital Service EnvironmentsInvited Talk at the East Delta UniversityChittagong, Bangladesh
29/05/2015Computational Trust Methods for Security Quantification in the Cloud Security EcosystemTrust Workshop 2015Darmstadt, Germany
19/11/2014Trust Establishment Mechanisms for Distributed Service EnvironmentsCAST-GI Promotionspreis IT-Sicherheit 2014, Fraunhofer SITDarmstadt, Germany
10/11/2014Computational Trust Methods for Security Quantification: challenges and approachesResearch Colloquium, Quality and Usability Lab, Telekom Innovation LabsBerlin, Germany
29/10/2013Smart Security and TrustTrust Workshop,  The Irish Centre for Cloud Computing & Commerce (IC4)Dublin, Ireland
27/08/2013Trust Establishment Mechanisms for Distributed Service EnvironmentsDoctoral thesis defense, TU DarmstadtDarmstadt, Germany
24/07/2013Ensemble Methods for Computational Trust AssessmentNRG Seminar, National ICT Australia (NICTA)Sydney, Australia
23/07/2013Ensemble Methods for Computational Trust AssessmentResearch Seminar, Advanced Cyber Security Research Centre (ACSRC)@MQSydney, Australia
17/07/2013A Trust-Aware Framework for Evaluating Security Controls of Service Providers in Cloud MarketplacesIEEE TrustCom 2013

Melboune, Australia

21/03/2013A Framework for Evaluating Trust of Service Providers in Cloud MarketplacesACM SAC 2013Coimbra, Portugal


CertainLogic: A Logic for Modelling Trust in Complex Systems under Uncertainty and ConflictNRG Seminar, National ICT Australia (NICTA)Sydney, Australia


Towards a Trust Management System for Cloud ComputingIEEE TrustCom 2011Changsha, China


Trust Establishment in Cloud ComputingIFIPTM'11 Summer School (Poster presentation)Copenhagen, Denmark


A Formal Approach Towards Measuring Trust in Distributed SystemsACM SAC 2011Taichung, Taiwan


Trust Establishment in Cloud Computing TK Dissertation SeminarDarmstadt, Germany
21/10/2009Security Evaluation in Windows Mobile OSAB3 Seminar (CASED)Darmstadt, Germany



A A A | Drucken Print | Impressum Impressum | Sitemap Sitemap | Suche Search | Kontakt Contact | Website Analysis: More Information
zum Seitenanfangzum Seitenanfang