Markus does research in a wide array of applied security-related topics, ranging from mathematical techniques (e.g., fractal hash chain traversal) and cryptographic protocols (e.g., random partial checking) to hardware-related security (e.g., mobile malware detection), fraud experiments (e.g., phishing experiments on eBay users) and user interfaces (e.g., Blue Moon authentication).
What unifies these diverse efforts is the focus on disruptive and efficient solutions to applied security problems. And an effort to look at the big picture. See his publications for more examples.
Markus recognizes the substantial differences between traditional security and mobile security, and much of his applied work addresses the relative absence of mobile security solutions.