Publications

The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws

2021 - Dennis Tatang, Florian Zettl, Thorsten Holz

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Donostia / San Sebastian, Spain, October 2021 ** Distinguished Paper Award ** [PDF]

Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains

2021 - Moritz Schlögel, Tim Blazytko, Julius Basler, Fabian Hemmer, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Online, October 2021 [PDF]

Dompteur: Taming Audio Adversarial Examples

2021 - Thorsten Eisenhofer, Lea Schönherr, Joel Frank, Lars Speckemeier, Do­ro­thea Kolossa, Thorsten Holz

USENIX Security Symposium, Virtual, August 2021 [GitHub] [PDF]

Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types

2021 - Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wör­ner, Thorsten Holz

USENIX Security Symposium, Virtual, August 2021 [PDF]

Datenübertragbarkeit – Zwischen Abwarten und Umsetzen

2021 - Özlem Karasoy, Gülcan Turgut, Martin Degeling

In: Friedewald et. al, Selbstbestimmung, Privatheit und Datenschutz (Juli, 2021) [pdf]

Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings

2021 - Florian Quinkert, Martin Degeling, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Virtual, July 2021 [PDF]

Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy

2021 - Florian Quinkert, Dennis Tatang, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Virtual, July 2021 [PDF]

Extended Abstract: A First Large-scale Analysis on Usage of MTA-STS

2021 - Dennis Tatang, Robin Flume, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Virtual, July 2021 [PDF]

Unifying Privacy Policy Detection

2021 - Henry Hosseini, Martin Degeling, Christine Utz, Thomas Hupperich

The 21st Privacy Enhancing Technologies Symposium (PETS 2021), July 12–16, 2021, Virtual Conference

5G SUCI-Catchers: Still catching them all?

2021 - Merlin Chlosta, David Rupprecht, Christina Pöpper, Thorsten Holz

ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Virtual, June 2021 [PDF]

On the Challenges of Automata Reconstruction in LTE Networks

2021 - Merlin Chlosta, David Rupprecht, Thorsten Holz

ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Virtual, June 2021 [PDF]

Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2

2021 - Christof Beierle, Patrick Derbez, Gregor Leander, Getan Leurent, Havard Raddum, Yann Rotella, David Rupprecht, Lukas Stennes

[Paper]

Likes are not Likes - A Crowdworking Platform Analysis

2021 - Dennis Tatang, Philip Kreißel, Michael Sehring, Florian Quinkert, Martin Degeling, Thorsten Holz

CySoc Workshop at the 15th AAAI Conference on Web and Social Media [pdf]

Apps Against the Spread: Privacy Implications and User Acceptance of COVID-19-Related Smartphone Apps on Three Continents

2021 - Christine Utz, Steffen Becker, Theodor Schnitzler, Florian Farke, Franziska Herbert, Leonie Schaewitz, Martin Degeling, Markus Dürmuth

ACM CHI Conference on Human Factors in Computing Systems 2021 [arXiv Preprint] [ACM Digital Library] [HTML Version]

CollabFuzz: A Framework for Collaborative Fuzzing

2021 - Sebastian Österlund, Elia Geretto, Andrea Jemmett, Emre Güler, Philipp Görz, Thorsten Holz, Cristiano Giuffrida, Herbert Bos

European Workshop on Systems Security (EuroSec), Virtual, April 2021 [pdf]

We Built This Circuit: Exploring Threat Vectors in Circuit Establishment in Tor

2021 - Theodor Schnitzler, Christina Pöpper, Markus Dürmuth, Katharina Kohls

IEEE European Symposium on Security and Privacy (EuroS&P '21). Virtual Conference, September 6-10, 2021 [Paper]

Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem

2021 - Christopher Lentzsch, Sheel Jayesh Shah, Benjamin Andow, Martin Degeling, Anupam Das, William Enck

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2021 [Result Overvíew] [RUB News] [Media Report (Verge)] [pdf]

Reining in the Web's Inconsistencies with Site Policy

2021 - Stefano Calzavara, Tobias Urban, Dennis Tatang, Marius Steffens, Ben Stock

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2021 [PDF]

Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing

2020 - Emre Güler, Philipp Görz, Elia Geretto, Andrea Jemmett, Sebastian Österlund, Herbert Bos, Cristiano Giuffrida, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Virtual, December 2020 [PDF]

Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems

2020 - Lea Schönherr, Thorsten Eisenhofer, Steffen Zeiler, Thorsten Holz, Do­ro­thea Kolossa

Annual Computer Security Applications Conference (ACSAC), Virtual, December 2020 [arXiv Preprint] [PDF]
Page: