Publications

Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security

2014 - Hendrik Meutzner, Viet Hung Nguyen, Thorsten Holz, Do­ro­thea Kolossa

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 - ** Outstanding Paper Award ** [PDF]

The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements

2014 - Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna

14th ACM SIGCOMM Internet Measurement Conference (IMC), Vancouver, Canada, November 2014 [PDF]

Code Reuse Attacks in PHP: Automated POP Chain Generation

2014 - Johannes Dahse, Nikolai Krein, Thorsten Holz

21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 - ** Best Student Paper Award ** [PDF]

You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code

2014 - Michael Backes, Thorsten Holz, Benjamin Kollenda, Philipp Koppe, Stefan Nürnberger, Jannik Pewny

21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 [PDF]

The Art of False Alarms in the Game of Deception: Leveraging Fake Honeypots for Enhanced Security

2014 - Apostolis Zarras

48th IEEE International Carnahan Conference on Security Technology (ICCST), Rome, Italy, October 2014 [PDF]

CloudSylla: Detecting Suspicious System Calls in the Cloud

2014 - Marc Kührer, Johannes Hoffmann, Thorsten Holz

16th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Paderborn, Germany, September 2014 [PDF]

Evaluating the Effectiveness of Current Anti-ROP Defenses

2014 - Felix Schuster, Thomas Tendyck, Jannik Pewny, Andreas Maaß, Martin Steegmanns, Moritz Contag, Thorsten Holz

Re­se­arch in At­tacks, In­tru­si­ons and De­fen­ses (RAID) Sym­po­si­um, Gothenburg, Sweden, September 2014 [PDF]

On Emulation-Based Network Intrusion Detection Systems

2014 - Ali Abbasi, Jos Wetzels, Wouter Bokslag, Emmanuele Zambon, Sandro Etalle

17th International Symposium on Research in Attacks, Intrusions and Defences (RAID) [PDF]

Paint it Black: Evaluating the Effectiveness of Malware Blacklists

2014 - Marc Kührer, Christian Rossow, Thorsten Holz

Re­se­arch in At­tacks, In­tru­si­ons and De­fen­ses (RAID) Sym­po­si­um, Gothenburg, Sweden, September 2014 [PDF]

Static Detection of Second-Order Vulnerabilities in Web Applications

2014 - Johannes Dahse, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 - ** Internet Defense Prize by Facebook ** [PDF]

Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data

2014 - Sebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 [PDF]

Exit from Hell? Reducing the Impact of Amplification DDoS Attacks

2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 [PDF]

Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks

2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz

8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, CA, USA, August 2014 [PDF]

Virtual Machine-based Fingerprinting Schemes

2014 - Moritz Contag

9. GI FG SIDAR Gra­du­ier­ten-Work­shop über Re­ak­ti­ve Si­cher­heit (SPRING), 2014

Automated Generation of Models for Fast and Precise Detection of HTTP-Based Malware

2014 - Apostolis Zarras, Antonis Papadogiannakis, Robert Gawlik, Thorsten Holz

12th Annual Conference on Privacy, Security and Trust (PST), Toronto, Canada, July 2014 [PDF]

Communication Reduced Interaction Protocol between Customer, Charging Station, and Charging Station Management System

2014 - Karl-Heinz Krempels, Christoph Terwelp, Stefan Wüller, Tilman Frosch, Sevket Gökay

3rd International Conference on Smart Grids and Green IT Systems (SMARTGREENS 2014), Barcelona, Spain, April 2014

Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior

2014 - Hugo Gascon, Sebastian Uellenbeck, Christopher Wolf, Konrad Rieck

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Vienna, Austria, March 2014 [PDF]

GraphNeighbors: Hampering Shoulder-Surfing Attacks on Smartphones

2014 - Irfan Altiok, Sebastian Uellenbeck, Thorsten Holz

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Vienna, Austria, March 2014 [PDF]

Simulation of Built-in PHP features for Precise Static Code Analysis

2014 - Johannes Dahse, Thorsten Holz

Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2014 [PDF]

Control-Flow Restrictor: Compiler-based CFI for iOS

2013 - Jannik Pewny, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2013 [PDF]

k-subscription: Privacy-Preserving Microblogging Browsing through Obfuscation

2013 - Panagiotis Papadopoulos, Antonis Papadogiannakis, Michalis Polychronakis, Apostolis Zarras, Thorsten Holz, Evangelos P. Markatos

29th Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2013 [PDF]

PRIME: Private RSA Infrastructure for Memory-less Encryption

2013 - Behrad Garmany, Tilo Müller

Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2013 - **Best Paper Award** [PDF]

Towards Reducing the Attack Surface of Software Backdoors

2013 - Felix Schuster, Thorsten Holz

20th ACM Conference on Computer and Communications Security (CCS), Berlin, November 2013 [PDF]

Quantifying the Security of Graphical Passwords: The Case of Android Unlock Patterns

2013 - Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, Thorsten Holz

ACM Conference on Computer and Communications Security (CCS), Berlin, November 2013 [PDF]

mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML Mutations

2013 - Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward Z. Yang

20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 2013 [PDF]

Mobile Malware Detection Based on Energy Fingerprints - A Dead End?

2013 - Johannes Hoffmann, Stephan Neumann, Thorsten Holz

Research in Attacks, Intrusions and Defenses (RAID) Symposium, St. Lucia, October 2013 [PDF]

POSTER: On the Usability of Secure GUIs

2013 - Atanas Filyanov, Aysegül Nas, Melanie Volkamer, Marcel Winandy

9th Symposium on Usable Privacy and Security (SOUPS 2013), Newcastle, UK, July 24-26, 2013. [Extended Abstract] [Poster]

Preventing Backdoors In Server Applications With A Separated Software Architecture (Short Paper)

2013 - Felix Schuster, Stefan Rüster, Thorsten Holz

10th Con­fe­rence on De­tec­tion of In­tru­si­ons and Mal­wa­re & Vul­nerabi­li­ty As­sess­ment (DIMVA), Berlin, July 2013 [PDF]

Standardorientierte Speicherung von verschlüsselten Dokumenten in einem XDS-Repository

2013 - Lennart Köster, Fatih Korkmaz, Marcel Winandy

Proceedings of the eHealth2013, May 23-24, Vienna, Austria, OCG, 2013.

Practical Timing Side Channel Attacks Against Kernel Space ASLR

2013 - Ralf Hund, Carsten Willems, Thorsten Holz

IEEE Symposium on Security and Privacy ("Oakland"), San Francisco, CA, May 2013 [pdf]

MobileSandbox: Ein Analyseframework für Android Applikationen

2013 - Michael Spreitzenbarth, Johannes Hoffmann, Hanno Lemoine, Thomas Schreck, Florian Echtler

Proceedings of the 13th Deutscher IT-Sicherheitskongress, Bonn, Germany, 2013 [PDF]

PSiOS: Bring Your Own Privacy & Security to iOS Devices

2013 - Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz

ACM Symposium on Information, Computer and Communications Security (ASIACCS), Hangzhou, China, May 2013 - **Distinguished Paper Award** [pdf]

Mobile-Sandbox: Looking Deeper into Android Applications

2013 - Michael Spreitzenbarth, Florian Echtler, Thomas Schreck, Felix C. Freiling, Johannes Hoffmann

28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Coimbra, Portugal, March 2013 [pdf]

Slicing Droids: Program Slicing for Smali Code

2013 - Johannes Hoffmann, Martin Ussath, Michael Spreitzenbarth, Thorsten Holz

28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Co­im­bra, Por­tu­gal, March 2013 [pdf]

Down to the Bare Metal: Using Processor Features for Binary Analysis

2012 - Carsten Willems, Ralf Hund, Amit Vasudevan, Andreas Fobian, Dennis Felsch, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis

2012 - Carsten Willems, Felix C. Freiling, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]

PermissionWatcher: Creating User Awareness of Application Permissions in Mobile Systems

2012 - Eric Struse, Julian Seifert, Sebastian Uellenbeck, Enrico Rukzio, Christopher Wolf

International Joint Conference on Ambient Intelligence (AmI), Pisa, Italy, November 2012 [pdf]

Applying a Security Kernel Framework to Smart Meter Gateways

2012 - Michael Gröne, Marcel Winandy

ISSE 2012 Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe 2012 Conference, pp. 252-259, Springer Vieweg, 2012.

Scriptless Attacks – Stealing the Pie Without Touching the Sill

2012 - Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk

19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, October 2012 [PDF]

Requirements for Integrating End-to-End Security into Large-Scale EHR Systems

2012 - Agnes Gawlik, Lennart Köster, Hiva Mahmoodi, Marcel Winandy

Amsterdam Privacy Conference (APC 2012), Workshop on Engineering EHR Solutions (WEES), 2012, Available at SSRN: http://ssrn.com/abstract=2457987 [online] [PDF]

B@bel: Leveraging Email Delivery for Spam Mitigation

2012 - Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher Kruegel, Giovanni Vigna

21st USENIX Security Symposium, Bellevue, WA, USA, August 2012 [PDF]

On the Fragility and Limitations of Current Browser-provided Clickjacking Protection Schemes

2012 - Sebastian Lekies, Mario Heiderich, Dennis Appelt, Thorsten Holz, Martin Johns

6th USENIX Workshop on Offensive Technologies (WOOT), Bellevue, WA, August 2012 [PDF]

SmartProxy: Secure Smartphone-Assisted Login on Compromised Machines

2012 - Johannes Hoffmann, Sebastian Uellenbeck, Thorsten Holz

9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Heraklion, Greece, July 2012 [PDF]

Don’t Trust Satellite Phones: A Security Analysis of Two Satphone Standards

2012 - Benedikt Driessen, Ralf Hund, Carsten Willems, Chris­tof Paar, Thorsten Holz

IEEE Symposium on Security and Privacy ("Oakland"), San Francisco, CA, May 2012 - **Best Paper Award** [More Info] [PDF]

Tracking DDoS Attacks: Insights into the Business of Disrupting the Web

2012 - Armin Büscher, Thorsten Holz

5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, CA, April 2012 [PDF]

Analyse und Vergleich von BckR2D2-I und II

2012 - Andreas Dewald, Felix Freiling, Thomas Schreck, Michael Spreitzenbarth, Johannes Stüttgen, Stefan Vömel, Carsten Willems

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Darmstadt, Ger­ma­ny, März 2012 [Technical Report]

MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones

2012 - Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi

Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2012 [PDF]

Flexible Patient-Controlled Security for Electronic Health Records

2012 - Thomas Hupperich, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

ACM SIGHIT International Symposium on Health Informatics (IHI), Miami, January 2012 [PDF]

Understanding Fraudulent Activities in Online Ad Exchanges

2011 - Brett Stone-Gross, Ryan Stevens, Apostolis Zarras, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna

11th ACM SIGCOMM Internet Measurement Conference (IMC), Berlin, Germany, November 2011 [PDF]

Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz

18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]
Page: