Publications

Dompteur: Taming Audio Adversarial Examples

2021 - Thorsten Eisenhofer, Lea Schönherr, Joel Frank, Lars Speckemeier, Do­ro­thea Kolossa, Thorsten Holz

USENIX Security Symposium, Virtual, August 2021

Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types

2021 - Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wör­ner, Thorsten Holz

USENIX Security Symposium, Virtual, August 2021 [PDF]

Datenübertragbarkeit – Zwischen Abwarten und Umsetzen

2021 - Özlem Karasoy, Gülcan Turgut, Martin Degeling

In: Friedewald et. al, Selbstbestimmung, Privatheit und Datenschutz (Juli, 2021)

Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings

2021 - Florian Quinkert, Martin Degeling, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Virtual, July 2021 [PDF]

Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy

2021 - Florian Quinkert, Dennis Tatang, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Virtual, July 2021 [PDF]

Extended Abstract: A First Large-scale Analysis on Usage of MTA-STS

2021 - Dennis Tatang, Robin Flume, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Virtual, July 2021 [PDF]

Unifying Privacy Policy Detection

2021 - Henry Hosseini, Martin Degeling, Christine Utz, Thomas Hupperich

The 21st Privacy Enhancing Technologies Symposium (PETS 2021), July 12–16, 2021, Virtual Conference

5G SUCI-Catchers: Still catching them all?

2021 - Merlin Chlosta, David Rupprecht, Christina Pöpper, Thorsten Holz

ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Virtual, June 2021 [PDF]

On the Challenges of Automata Reconstruction in LTE Networks

2021 - Merlin Chlosta, David Rupprecht, Thorsten Holz

ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Virtual, June 2021 [PDF]

Likes are not Likes - A Crowdworking Platform Analysis

2021 - Dennis Tatang, Philip Kreißel, Michael Sehring, Florian Quinkert, Martin Degeling, Thorsten Holz

CySoc Workshop at the 15th AAAI Conference on Web and Social Media [pdf]

Apps Against the Spread: Privacy Implications and User Acceptance of COVID-19-Related Smartphone Apps on Three Continents

2021 - Christine Utz, Steffen Becker, Theodor Schnitzler, Florian Farke, Franziska Herbert, Leonie Schaewitz, Martin Degeling, Markus Dürmuth

ACM CHI Conference on Human Factors in Computing Systems 2021 [arXiv Preprint] [ACM Digital Library] [HTML Version]

CollabFuzz: A Framework for Collaborative Fuzzing

2021 - Sebastian Österlund, Elia Geretto, Andrea Jemmett, Emre Güler, Philipp Görz, Thorsten Holz, Cristiano Giuffrida, Herbert Bos

European Workshop on Systems Security (EuroSec), Virtual, April 2021 [pdf]

We Built This Circuit: Exploring Threat Vectors in Circuit Establishment in Tor

2021 - Theodor Schnitzler, Christina Pöpper, Markus Dürmuth, Katharina Kohls

IEEE European Symposium on Security and Privacy (EuroS&P '21). Virtual Conference, September 6-10, 2021 [Paper]

Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem

2021 - Christopher Lentzsch, Sheel Jayesh Shah, Benjamin Andow, Martin Degeling, Anupam Das, William Enck

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2021 [Result Overvíew] [RUB News] [Media Report (Verge)] [pdf]

Reining in the Web's Inconsistencies with Site Policy

2021 - Stefano Calzavara, Tobias Urban, Dennis Tatang, Marius Steffens, Ben Stock

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2021 [PDF]

Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing

2020 - Emre Güler, Philipp Görz, Elia Geretto, Andrea Jemmett, Sebastian Österlund, Herbert Bos, Cristiano Giuffrida, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Virtual, December 2020 [PDF]

Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems

2020 - Lea Schönherr, Thorsten Eisenhofer, Steffen Zeiler, Thorsten Holz, Do­ro­thea Kolossa

Annual Computer Security Applications Conference (ACSAC), Virtual, December 2020 [arXiv Preprint] [PDF]

Effekte der DSGVO auf Webseiten und die Entwicklung der ePrivacy-Verordnung

2020 - Martin Degeling, Christine Utz, Tobias Urban

vorgänge. Zeitschrift für Bürgerrechte und Gesellschaftspolitik Nr. 231/232 [59(3-4)], S. 77-86. [pdf]

Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces

2020 - Tobias Urban, Matteo Große-Kampmann, Dennis Tatang, Thorsten Holz, Norbert Pohlmann

European Symposium on Research in Computer Security (ESORICS), Guildford, UK, September 2020 [PDF]

Data Sharing in Mobile Apps — User Privacy Expectations in Europe

2020 - Nils Quermann, Martin Degeling

5th European Workshop on Usable Security (EuroUSEC 2020) [pdf]

Aurora: Statistical Crash Analysis for Automated Root Cause Explanation

2020 - Tim Blazytko, Moritz Schlögel, Cornelius Aschermann, Ali Abbasi, Joel Frank, Simon Wörner, Thorsten Holz

USENIX Security Symposium, Boston, MA, USA, August 2020 [PDF]

Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE

2020 - David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper

USENIX Security Symposium, Boston, MA, USA, August 2020 [Website] [PDF]

EthBMC: A Bounded Model Checker for Smart Contracts

2020 - Joel Frank, Cornelius Aschermann, Thorsten Holz

USENIX Security Symposium, Boston, MA, USA, August 2020 [PDF]

HALucinator: Firmware Re-hosting Through Abstraction Layer Emulation

2020 - Abraham A. Clements, Eric Gustafson, Tobias Scharnowski, Paul Grosen, David Fritz, Christopher Kruegel, Giovanni Vigna, Saurabh Bagchi, Mathias Payer

USE­NIX Se­cu­ri­ty Sym­po­si­um, Bos­ton, MA, USA, Au­gust 2020 [PDF]

Leveraging Frequency Analysis for Deep Fake Image Recognition

2020 - Joel Frank, Thorsten Eisenhofer, Lea Schönherr, Asja Fischer , Do­ro­thea Kolossa, Thorsten Holz

International Conference on Machine Learning (ICML), July 2020 [arXiv Preprint] [PDF]

Akzeptanz von Corona-Apps in Deutschland vor der Einführung der Corona-Warn-App

2020 - Steffen Becker, Martin Degeling, Markus Dürmuth, Florian Farke, Leonie Schaewitz, Theodor Schnitzler, Christine Utz

Vorabveröffentlichung (Preprint), Juni 2020 [PDF (Deutsch)]

Be the Phisher - Understanding Users’ Perception of Malicious Domains

2020 - Florian Quinkert, Martin Degeling, Jim Blythe, Thorsten Holz

ACM Asia Conference on Computer & Communications Security (ASIACCS), Taipei, Taiwan, June 2020 [PDF]

CORSICA: Cross-Origin Web Service Identification

2020 - Christian Dresen, Fabian Ising, Damian Poddebniak, Tobias Kappert, Thorsten Holz, Sebastian Schinzel

ACM Asia Conference on Computer & Communications Security (ASIACCS), Taipei, Taiwan, June 2020 [PDF]

Measuring the Impact of the GDPR on Data Sharing in Ad Networks

2020 - Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann

ACM Asia Conference on Computer & Communications Security (ASIACCS), Taipei, Taiwan, June 2020 [PDF]

IJON: Exploring Deep State Spaces via Fuzzing

2020 - Cornelius Aschermann, Sergej Schumilo, Ali Abbasi, Thorsten Holz

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2020 [GitHub] [PDF]

Beyond the Front Page: Measuring Third Party Dynamics in the Field

2020 - Tobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann

The Web Conferences (WWW), Tai­pei, Tai­wan, April 2020 [arXiv] [PDF]

Hyper-Cube: High-Dimensional Hypervisor Fuzzing

2020 - Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wörner, Thorsten Holz

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2020 [PDF]

IMP4GT: IMPersonation Attacks in 4G NeTworks

2020 - David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2020 [PDF]

On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways

2020 - Teemu Rytilahti, Thorsten Holz

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2020 [GitHub] [PDF] [Slides]

Exploring User Perceptions of Deletion in Mobile Instant Messaging Applications

2020 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

Journal of Cybersecurity, Volume 6, Issue 1, January 30, 2020 [DOI]

"Your Hashed IP Address: Ubuntu": Perspectives on Transparency Tools for Online Advertising

2019 - Tobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2019 [PDF]

VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching

2019 - Andre Pawlowski, Victor van der Veen, Dennis Andriesse, Erik van der Kouwe, Thorsten Holz, Cristiano Giuffrida, Herbert Bos

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2019 [GitHub] [PDF]

Below the Radar: Spotting DNS Tunnels in Newly Observed Hostnames in the Wild

2019 - Dennis Tatang, Florian Quinkert, Thorsten Holz

APWG Symposium on Electronic Crime Research (eCrime) 2019, Pittsburgh, PA, USA, November 2019 [PDF]

(Un)informed Consent: Studying GDPR Consent Notices in the Field

2019 - Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz

ACM Conference on Computer and Communications Security (CCS 2019), November 2019, London, UK [Techcrunch Report] [GitHub] [PDF] [Slides]

Die DSVGO als internationales Vorbild?

2019 - Christine Utz, Stephan Koloßa, Thorsten Holz, Pierre Thielbörger

Datenschutz und Datensicherheit (DuD) 11/2019, S. 700-705 [DOI] [PDF]

A Study on Subject Data Access in Online Advertising after the GDPR

2019 - Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann

International Workshop on Data Privacy Management (DPM) 2019, co-located with ESORICS 2019 in Luxembourg, September 2019 [PDF]

Study of DNS Rebinding Attacks on Smart Home Devices

2019 - Dennis Tatang, Tim Suurland, Thorsten Holz

International Workshop on Attacks and Defenses for Internet-of-Things (ADIoT) 2019, co-located with ESORICS 2019 in Luxembourg, September 2019 [PDF]

Static Detection of Uninitialized Stack Variables in Binary Code

2019 - Behrad Garmany, Martin Stoffel, Robert Gawlik, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019 [PDF]

Towards Automated Application-Specific Software Stacks

2019 - Nicolai Davidsson, Andre Pawlowski, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019 [Technical Report] [GitHub] [PDF]

GDPiRated – Stealing Personal Information On-and Offline

2019 - Matteo Cagnazzo, Thorsten Holz, Norbert Pohlmann

European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019 [PDF]

Was bedeutet Process Mining für Datenschutz und Mitbestimmung im Unternehmen?

2019 - Martin Degeling

Informatik Spektrum, August 2019 [PDF]

AntiFuzz: Impeding Fuzzing Audits of Binary Executables

2019 - Emre Güler, Cornelius Aschermann, Ali Abbasi, Thorsten Holz

USENIX Security Symposium, Santa Clara, CA, USA, August 2019 [GitHub] [pdf]

GRIMOIRE: Synthesizing Structure while Fuzzing

2019 - Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, Thorsten Holz

USENIX Security Symposium, Santa Clara, CA, USA, August 2019 [GitHub] [Pdf]

Intervention and End-User Development

2019 - Thomas Herrmann, Christopher Lentzsch, Martin Degeling

International Symposium on End User Development (IS-EUD) 2019 [Conference Link] [Springer Link]

Large-scale Analysis of Infrastructure-leaking DNS Servers

2019 - Dennis Tatang, Carl Schneider, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Gothenburg, Sweden, June 2019 [GitHub] [PDF]
Page: