Publications
Measuring the Impact of the GDPR on Data Sharing in Ad Networks
2020 - Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann
ACM AsiaCCS 2020, Taipei, Taiwan, June 2020Hyper-Cube: High-Dimensional Hypervisor Fuzzing
2020 - Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wörner, Thorsten Holz
Network and Distributed System Security Symposium (NDSS 2020), San Diego, California, USA, February 2020"Your Hashed IP Address: Ubuntu": Perspectives on Transparency Tools for Online Advertising
2019 - Tobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann
Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2019 [PDF]VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching
2019 - Andre Pawlowski, Victor van der Veen, Dennis Andriesse, Erik van der Kouwe, Thorsten Holz, Cristiano Giuffrida, Herbert Bos
Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2019 [GitHub] [PDF]Below the Radar: Spotting DNS Tunnels in Newly Observed Hostnames in the Wild
2019 - Dennis Tatang, Florian Quinkert, Thorsten Holz
APWG Symposium on Electronic Crime Research (eCrime) 2019, Pittsburgh, PA, USA, November 2019 [PDF](Un)informed Consent: Studying GDPR Consent Notices in the Field
2019 - Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz
ACM Conference on Computer and Communications Security (CCS 2019), November 2019, London, UK [Techcrunch Report] [GitHub] [PDF] [Slides]A Study on Subject Data Access in Online Advertising after the GDPR
2019 - Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann
International Workshop on Data Privacy Management (DPM) 2019, co-located with ESORICS 2019 in Luxembourg, September 2019 [PDF]Study of DNS Rebinding Attacks on Smart Home Devices
2019 - Dennis Tatang, Tim Suurland, Thorsten Holz
International Workshop on Attacks and Defenses for Internet-of-Things (ADIoT) 2019, co-located with ESORICS 2019 in Luxembourg, September 2019 [PDF]Static Detection of Uninitialized Stack Variables in Binary Code
2019 - Behrad Garmany, Martin Stoffel, Robert Gawlik, Thorsten Holz
European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019 [PDF]Towards Automated Application-Specific Software Stacks
2019 - Nicolai Davidsson, Andre Pawlowski, Thorsten Holz
European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019 [Technical Report] [GitHub] [PDF]GDPiRated – Stealing Personal Information On-and Offline
2019 - Matteo Cagnazzo, Thorsten Holz, Norbert Pohlmann
European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019 [PDF]AntiFuzz: Impeding Fuzzing Audits of Binary Executables
2019 - Emre Güler, Cornelius Aschermann, Ali Abbasi, Thorsten Holz
USENIX Security Symposium, Santa Clara, CA, USA, August 2019 [GitHub] [pdf]GRIMOIRE: Synthesizing Structure while Fuzzing
2019 - Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, Thorsten Holz
USENIX Security Symposium, Santa Clara, CA, USA, August 2019 [GitHub] [Pdf]Intervention and End-User Development
2019 - Thomas Herrmann, Christopher Lentzsch, Martin Degeling
International Symposium on End User Development (IS-EUD) 2019 [Conference Link] [Springer Link]Large-scale Analysis of Infrastructure-leaking DNS Servers
2019 - Dennis Tatang, Carl Schneider, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Gothenburg, Sweden, June 2019 [GitHub] [PDF]Challenges in Designing Exploit Mitigations for Deeply Embedded Systems
2019 - Ali Abbasi, Jos Wetzels, Thorsten Holz, Sandro Etalle
IEEE European Symposium on Security and Privacy (EuroS&P 2019), Stockholm, Sweden, June 2019 [PDF]Steroids for DOPed Applications: A Compiler for Automated Data-Oriented Programming
2019 - Jannik Pewny, Philipp Koppe, Thorsten Holz
IEEE European Symposium on Security and Privacy (EuroS&P 2019), Stockholm, Sweden, June 2019 [PDF]It's Not What It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains
2019 - Florian Quinkert, Tobias Lauinger, William Robertson, Engin Kirda, Thorsten Holz
IEEE Conference on Communications and Network Security (CNS), Washington, D.C., USA, June 2019 [PDF]Breaking LTE on Layer Two
2019 - David Rupprecht, Katharina Kohls, Christina Pöpper, Thorsten Holz
IEEE Symposium on Security & Privacy (Oakland), May 2019 [Website] [PDF]POSTER: Application-Layer Routing Attacks on Tor
2019 - Katharina Kohls, Christina Pöpper
IEEE Symposium on Security & Privacy (Oakland), May 2019 [Proposal] [Poster]Lost Traffic Encryption: Fingerprinting LTE/4G Traffic on Layer Two
2019 - Katharina Kohls, David Rupprecht, Thorsten Holz, Christina Pöpper
Conference on Security and Privacy in Wireless and Mobile Networks (WiSec ’19), May 15–17, 2019, Miami, FL, USA, ACM [PDF]LTE Security Disabled — Misconfiguration in Commercial Networks
2019 - Merlin Chlosta, David Rupprecht, Thorsten Holz, Christina Pöpper
Conference on Security and Privacy in Wireless and Mobile Networks (WiSec ’19), May 15–17, 2019, Miami, FL, USA, ACM [PDF]Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding
2019 - Lea Schönherr, Katharina Kohls, Steffen Zeiler, Thorsten Holz, Dorothea Kolossa
Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [Demo] [PDF]Nautilus: Fishing for Deep Bugs with Grammars
2019 - Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, Ahmad-Reza Sadeghi, Daniel Teuchert
Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [GitHub] [PDF]On the Challenges of Geographical Avoidance for Tor
2019 - Katharina Kohls, Kai Jansen, David Rupprecht, Thorsten Holz, Christina Pöpper
Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF] [Slides]Redqueen: Fuzzing with Input-to-State Correspondence
2019 - Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, Thorsten Holz
Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [GitHub] [PDF]We Value Your Privacy - Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy
2019 - Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz
Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [GitHub] [PDF]DorkPot: A Honeypot-based Analysis of Google Dorks
2019 - Florian Quinkert, Eduard Leonhardt, Thorsten Holz
Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb), San Diego, California, USA, February 2019 - ** Best Paper Award ** [PDF]Towards Automated Generation of Exploitation Primitives for Web Browsers
2018 - Behrad Garmany, Martin Stoffel, Robert Gawlik, Philipp Koppe, Tim Blazytko, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, December 2018 [PDF]Profiling im Web. Von Liquiditat und Segmentierung
2018 - Martin Degeling
Vortrag bei der Jahrestagung der Gesellschaft für Wissenschafts- und Technikforschung 2018, Berlin. [website] [Slides]The Influence of Friends and Experts on Privacy Decision Making in IoT Scenarios
2018 - Pardis Emami-Naeini, Martin Degeling, Lujo Bauer, Richard Chow, Lorrie Cranor, Mohammad Reza Haghighat, Heather Patterson
ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW) 2018 [pdf]An Exploratory Analysis of Microcode as a Building Block for System Defenses
2018 - Benjamin Kollenda, Philipp Koppe, Marc Fyrbiak, Christian Kison, Christof Paar, Thorsten Holz
ACM Conference on Computer and Communications Security (CCS), Toronto, October 2018 [GitHub] [PDF]Tracking and Tricking a Profiler - Measuring and Influencing Bluekai’s Interest Profiling
2018 - Martin Degeling, Jan Nierhoff
Workshop on Privacy in the Electronic Society (WPES 2018) in conjunction with CCS 2018 [pdf (researchgate)]Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs
2018 - Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann
European Symposium on Research in Computer Security (ESORICS), Barcelona, Spain, September 2018 - ** Best Paper Award ** [PDF]Preventing Malicious SDN Applications From Hiding Adverse Network Manipulations
2018 - Christian Röpke, Thorsten Holz
ACM SIGCOMM Workshop on Security in Softwarized Networks: Prospects and Challenges (SecSoN 2018), Budapest, Hungary, 2018 [PDF]POSTER: User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"
2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth
USENIX Symposium on Usable Privacy and Security 2018 (SOUPS '18). Baltimore, MD, USA, August 12-14, 2018SoK: Make JIT-Spray Great Again
2018 - Robert Gawlik, Thorsten Holz
USENIX Workshop on Offensive Technologies (WOOT), Baltimore, US, August 2018 [PDF]DigesTor: Comparing Passive Traffic Analysis Attacks on Tor
2018 - Katharina Kohls, Christina Pöpper
European Symposium on Research in Computer Security 2018 (ESORICS '18), Barcelona, Spain, September, 2018 [Website] [PDF] [Slides]On the Weaknesses of Function Table Randomization
2018 - Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, June 2018 [GitHub] [PDF]From Interaction to Intervention: An Approach for Keeping Humans in Control in the Context of socio-technical Systems.
2018 - Thomas Herrmann, Albrecht Schmidt, Martin Degeling
STPIS Workshop at CAiSE 2018 [pdf]SDN Ro2tkits: A Case Study of Subverting A Closed Source SDN Controller
2018 - Christian Röpke
GI Sicherheit, Konstanz, Germany, 2018Masters of Time: An Overview of the NTP Ecosystem
2018 - Teemu Rytilahti, Dennis Tatang, Janosch Köpper, Thorsten Holz
IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [GitHub] [PDF]Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure
2018 - Enes Göktaş, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, Cristiano Giuffrida
IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [PDF]User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"
2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth
European Workshop on Usable Security (EuroUSEC) 2018, London, England, 23 April 2018 [PDF] [Slides]Towards a Roadmap for Privacy Technologies and the General Data Protection Regulation: A transatlantic initiative
2018 - Stefan Schiffner, Bettina Berendt, Triin Siil, Martin Degeling, Robert Riemann, Florian Schaub, Kim Wuyts, Massimo Attoresi, Seda Gürses, Achim Klabunde, Jules Polonetsky, Norman Sadeh, Gabriela Zanfir-Fortuna
Proceedings of the Annual Privacy Forum 2018 [pdf]An Empirical Study on Online Price Differentiation
2018 - Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz
ACM Conference on Data and Applications Security and Privacy (CODASPY 2018) Tempe, AZ, USA, March 2018 [ACM DL] [GitHub] [PDF]Breaking and Fixing Destructive Code Read Defenses
2017 - Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers
2017 - Ali Abbasi, Emmanuele Zambon, Sandro Etalle, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]SDN-Guard: Protecting SDN Controllers Against SDN Rootkits
2017 - Dennis Tatang, Florian Quinkert, Joel Frank, Christian Röpke, Thorsten Holz
IEEE Workshop on Security in NFV-SDN (SN-2017), Berlin, November 2017 [PDF]On the Significance of Process Comprehension for Conducting Targeted ICS Attacks
2017 - Benjamin Green, Marina Krotofil, Ali Abbasi
3rd ACM Workshop on Cyber-Physical Systems Security and Privacy, November 2017, Dallas, USA. [PDF]Assisting users in a world full of cameras: A privacy-aware infrastructure for computer vision applications
2017 - Anupam Das, Martin Degeling, Xiaoyou Wang, Junjue Wang, Normand Sadeh, Mahadev Satyanarayanan
Computer Vision and Pattern Recognition Workshops (CVPRW) [pdf]kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
2017 - Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz
USENIX Security Symposium, Vancouver, Canada, August 2017 [GitHub] [PDF]Reverse Engineering x86 Processor Microcode
2017 - Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz
USENIX Security Symposium, Vancouver, Canada, August 2017 [GitHub] [PDF]Syntia: Synthesizing the Semantics of Obfuscated Code
2017 - Tim Blazytko, Moritz Contag, Cornelius Aschermann, Thorsten Holz
USENIX Security Symposium, Vancouver, Canada, August 2017 [GitHub] [PDF]μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems
2017 - Ali Abbasi, Jos Wetzels, Wouter Bokslag, Emmanuele Zambon, Sandro Etalle
International Conference on Network and System Security, August 2017, Helsinki, Finland. [PDF]Towards Automated Discovery of Crash-Resistant Primitives in Binaries
2017 - Benjamin Kollenda, Enes Goktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, R.K. Konoth, Cristiano Giuffrida, Herbert Bo, Thorsten Holz
IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) [PDF]Towards privacy-aware smart buildings: Capturing, communicating, and enforcing privacy policies and preferences
2017 - Primal Pappachan, Martin Degeling, Roberto Yus, Anupam Das, Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang, Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh, Nalini Venkatasubramanian
ICDCS Workshop on Internet of Things Computing and Applications [pdf]How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles
2017 - Moritz Contag, Guo Li, Andre Pawlowski, Felix Domke, Kirill Levchenko, Thorsten Holz, Stefan Savage
IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2017 [PDF]Privacy expectations and preferences in an IoT World
2017 - Pardis Emami Naeini, Sruti Bhagavatula, Hana Habib, Martin Degeling, Lujo Bauer, Lorrie Cranor, Norman Sadeh
Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS) [pdf]POSTER: Traffic Analysis Attacks in Anonymity Networks
2017 - Katharina Kohls, Christina Pöpper
ACM Asia Conference on Computer and Communications Security (ASIACCS) 2017 [PDF]MARX: Uncovering Class Hierarchies in C++ Programs
2017 - Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida
Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2017 [GitHub] [PDF]EvilCoder: Automated Bug Insertion
2016 - Jannik Pewny, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, December 2016 [GitHub] [PDF]Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation
2016 - Ali Abbasi, Majid Hashemi, Emmanuele Zambon, Sandro Etalle
11th International Conference on Critical Information Infrastructures Security, October 10-12, 2016, Paris, France. [PDF]Privacy by Socio-Technical Design - a collaborative approach for privacy friendly system design
2016 - Martin Degeling, Christopher Lentzsch, Alexander Nolte, Thomas Herrmann, Kai-Uwe Loser
2nd IEEE International Conference on Collaboration and Internet Computing (CIC 2016)Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets
2016 - Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz
European Symposium on Research in Computer Security (ESORICS), Heraklion, Greece, September 2016 [pdf]On the Feasibility of TTL-based Filtering for DRDoS Mitigation
2016 - Michael Backes, Thorsten Holz, Christian Rossow, Teemu Rytilahti, Milivoj Simeonovski, Ben Stock
International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Evry, France, September 2016 [PDF]Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness
2016 - Thomas Hupperich, Kromholz Katharina, Thorsten Holz
9th International Conference on Trust & Trustworthy Computing (TRUST), Vienna, Austria, August 2016 [pdf]Undermining Entropy-based Information Hiding (And What to do About it)
2016 - Enes Göktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, Herbert Bos
24th USENIX Security Symposium, Austin, TX, USA, August 2016 [PDF]Detile: Fine-Grained Information Leak Detection in Script Engines
2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]Leveraging Sensor Fingerprinting for Mobile Device Authentication
2016 - Thomas Hupperich, Henry Hosseini, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [pdf]Probfuscation: An Obfuscation Approach using Probabilistic Control Flows
2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [GitHub] [PDF]Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices
2016 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz
Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA, June 2016 [PDF]Subversive-C: Abusing and Protecting Dynamic Message Dispatch
2016 - Julian Lettner, Benjamin Kollenda, Andrei Homescu, Per Larsen, Felix Schuster, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Michael Franz
2016 USENIX Annual Technical Conference (USENIX ATC '16), Denver, USA, June 2016 [PDF]SkypeLine: Robust Hidden Data Transmission for VoIP
2016 - Katharina Kohls, Thorsten Holz, Dorothea Kolossa, Christina Pöpper
ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Xi'an, May 2016 [PDF]A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level
2016 - Victor van der Veen, Enes Goktas, Moritz Contag, Andre Pawlowski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, Cristiano Giuffrida
IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2016 [PDF]No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells
2016 - Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis
25th International World Wide Web Conference (WWW), Montreal, April 2016 [PDF]SDN Malware: Problems of Current Protection Systems and Potential Countermeasures
2016 - Christian Röpke
GI Sicherheit, Bonn, Germany, 2016 (Best Paper Award)Poster: Automated, Context-Sensitive Analysis of iOS Applications
2016 - Dennis Tatang
1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, GermanyPoster: The Curious Case of NTP Monlist
2016 - Teemu Rytilahti, Thorsten Holz
1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, Germany [pdf]How Secure is TextSecure?
2016 - Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz
IEEE European Symposium on Security and Privacy (EuroS&P 2016) [PDF]Neuralyzer: Flexible Expiration Times for the Revocation of Online Data
2016 - Apostolis Zarras, Katharina Kohls, Markus Dürmuth, Christina Pöpper
In Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY) 2016 *** OUTSTANDING PAPER AWARD *** [PDF]Poster: Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation
2016 - Johannes Hoffmann, Teemu Rytilahti, Marcel Winandy, Giorgio Giacinto, Thorsten Holz
Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY) 2016Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding
2016 - Robert Gawlik, Benjamin Kollenda, Philipp Koppe, Behrad Garmany, Thorsten Holz
Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2016 [PDF]On the Robustness of Mobile Device Fingerprinting
2015 - Thomas Hupperich, Marc Kührer, Thorsten Holz, Giorgio Giacinto
31th Annual Computer Security Applications Conference (ACSAC), Los Angeles, USA, December 2015 [PDF]Security Analysis of PHP Bytecode Protection Mechanisms
2015 - Dario Weißer, Johannes Dahse, Thorsten Holz
Research in Attacks, Intrusions and Defenses (RAID) Symposium, Kyoto, Japan, November 2015 [PDF]SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks
2015 - Christian Röpke, Thorsten Holz
Research in Attacks, Intrusions and Defenses (RAID) Symposium, Kyoto, Japan, November 2015 [PDF]On The Vagueness Of Online Profiling
2015 - Martin Degeling
"Profile, Predict, Prevent" Blockchain Workshops [pdf]Going Wild: Large-Scale Classification of Open DNS Resolvers
2015 - Marc Kührer, Thomas Hupperich, Jonas Bushart, Christian Rossow, Thorsten Holz
15th ACM Internet Measurement Conference (IMC), Tokyo, Japan, October 2015 [PDF]Multi-Layer Access Control for SDN-based Telco Clouds
2015 - Bernd Jäger, Christian Röpke, Iris Adam, Thorsten Holz
Nordic Conference on Secure IT System (NordSec), Stockholm, Sweden, October 2015 [PDF]It's a TRAP: Table Randomization and Protection against Function Reuse Attacks
2015 - Stephen Crane, Stijn Volckaert, Felix Schuster, Christopher Liebchen, Per Larsen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Bjorn De Sutter, Michael Franz
22nd ACM Conference on Computer and Communications Security (CCS), Denver, October 2015 [PDF]Revealing the Relationship Network Behind Link Spam
2015 - Apostolis Zarras, Antonis Papadogiannakis, Sotiris Ioannidis, Thorsten Holz
13th Annual Conference on Privacy, Security and Trust (PST), Izmir, Turkey, July 2015 [PDF]Experience Report: An Empirical Study of PHP Security Mechanism Usage
2015 - Johannes Dahse, Thorsten Holz
International Symposium on Software Testing and Analysis (ISSTA) [PDF]Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications
2015 - Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz
36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]Cross-Architecture Bug Search in Binary Executables
2015 - Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz
36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]VC3: Trustworthy Data Analytics in the Cloud using SGX
2015 - Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz , Mark Russinovich
36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]A Practical Investigation of Identity Theft Vulnerabilities in Eduroam
2015 - Sebastian Brenza, Andre Pawlowski, Christina Pöpper
In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec), 2015 [Project Webpage] [PDF]Retaining Control over SDN Network Services
2015 - Christian Röpke, Thorsten Holz
International Conference on Networked Systems (NetSys), 2015Tactile One-Time Pad: Leakage-Resilient Authentication for Smartphones
2015 - Sebastian Uellenbeck, Thomas Hupperich, Christopher Wolf, Thorsten Holz
Financial Cryptography and Data Security 2015 [pdf]Leveraging Semantic Signatures for Bug Search in Binary Programs
2014 - Jannik Pewny, Felix Schuster, Lukas Bernhard, Christian Rossow, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2014 [PDF]Towards Automated Integrity Protection of C++ Virtual Function Tables in Binary Programs
2014 - Robert Gawlik, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2014 [GitHub] [PDF]Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security
2014 - Hendrik Meutzner, Viet Hung Nguyen, Thorsten Holz, Dorothea Kolossa
Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2014 - ** Outstanding Paper Award ** [PDF]The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements
2014 - Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna
14th ACM SIGCOMM Internet Measurement Conference (IMC), Vancouver, Canada, November 2014 [PDF]Code Reuse Attacks in PHP: Automated POP Chain Generation
2014 - Johannes Dahse, Nikolai Krein, Thorsten Holz
21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 - ** Best Student Paper Award ** [PDF]You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code
2014 - Michael Backes, Thorsten Holz, Benjamin Kollenda, Philipp Koppe, Stefan Nürnberger, Jannik Pewny
21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 [PDF]The Art of False Alarms in the Game of Deception: Leveraging Fake Honeypots for Enhanced Security
2014 - Apostolis Zarras
48th IEEE International Carnahan Conference on Security Technology (ICCST), Rome, Italy, October 2014 [PDF]CloudSylla: Detecting Suspicious System Calls in the Cloud
2014 - Marc Kührer, Johannes Hoffmann, Thorsten Holz
16th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Paderborn, Germany, September 2014 [PDF]Evaluating the Effectiveness of Current Anti-ROP Defenses
2014 - Felix Schuster, Thomas Tendyck, Jannik Pewny, Andreas Maaß, Martin Steegmanns, Moritz Contag, Thorsten Holz
Research in Attacks, Intrusions and Defenses (RAID) Symposium, Gothenburg, Sweden, September 2014 [PDF]On Emulation-Based Network Intrusion Detection Systems
2014 - Ali Abbasi, Jos Wetzels, Wouter Bokslag, Emmanuele Zambon, Sandro Etalle
17th International Symposium on Research in Attacks, Intrusions and Defences (RAID) [PDF]Paint it Black: Evaluating the Effectiveness of Malware Blacklists
2014 - Marc Kührer, Christian Rossow, Thorsten Holz
Research in Attacks, Intrusions and Defenses (RAID) Symposium, Gothenburg, Sweden, September 2014 [PDF]Static Detection of Second-Order Vulnerabilities in Web Applications
2014 - Johannes Dahse, Thorsten Holz
23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 - ** Internet Defense Prize by Facebook ** [PDF]Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data
2014 - Sebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, Thorsten Holz
23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 [PDF]Exit from Hell? Reducing the Impact of Amplification DDoS Attacks
2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz
23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 [PDF]Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks
2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz
8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, CA, USA, August 2014 [PDF]Virtual Machine-based Fingerprinting Schemes
2014 - Moritz Contag
9. GI FG SIDAR Graduierten-Workshop über Reaktive Sicherheit (SPRING), 2014Automated Generation of Models for Fast and Precise Detection of HTTP-Based Malware
2014 - Apostolis Zarras, Antonis Papadogiannakis, Robert Gawlik, Thorsten Holz
12th Annual Conference on Privacy, Security and Trust (PST), Toronto, Canada, July 2014 [PDF]Communication Reduced Interaction Protocol between Customer, Charging Station, and Charging Station Management System
2014 - Karl-Heinz Krempels, Christoph Terwelp, Stefan Wüller, Tilman Frosch, Sevket Gökay
3rd International Conference on Smart Grids and Green IT Systems (SMARTGREENS 2014), Barcelona, Spain, April 2014Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior
2014 - Hugo Gascon, Sebastian Uellenbeck, Christopher Wolf, Konrad Rieck
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Vienna, Austria, March 2014 [PDF]GraphNeighbors: Hampering Shoulder-Surfing Attacks on Smartphones
2014 - Irfan Altiok, Sebastian Uellenbeck, Thorsten Holz
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Vienna, Austria, March 2014 [PDF]Simulation of Built-in PHP features for Precise Static Code Analysis
2014 - Johannes Dahse, Thorsten Holz
Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2014 [PDF]Control-Flow Restrictor: Compiler-based CFI for iOS
2013 - Jannik Pewny, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2013 [PDF]k-subscription: Privacy-Preserving Microblogging Browsing through Obfuscation
2013 - Panagiotis Papadopoulos, Antonis Papadogiannakis, Michalis Polychronakis, Apostolis Zarras, Thorsten Holz, Evangelos P. Markatos
29th Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2013 [PDF]PRIME: Private RSA Infrastructure for Memory-less Encryption
2013 - Behrad Garmany, Tilo Müller
Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2013 - **Best Paper Award** [PDF]Towards Reducing the Attack Surface of Software Backdoors
2013 - Felix Schuster, Thorsten Holz
20th ACM Conference on Computer and Communications Security (CCS), Berlin, November 2013 [PDF]Quantifying the Security of Graphical Passwords: The Case of Android Unlock Patterns
2013 - Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, Thorsten Holz
ACM Conference on Computer and Communications Security (CCS), Berlin, November 2013 [PDF]mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML Mutations
2013 - Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward Z. Yang
20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 2013 [PDF]Mobile Malware Detection Based on Energy Fingerprints - A Dead End?
2013 - Johannes Hoffmann, Stephan Neumann, Thorsten Holz
Research in Attacks, Intrusions and Defenses (RAID) Symposium, St. Lucia, October 2013 [PDF]POSTER: On the Usability of Secure GUIs
2013 - Atanas Filyanov, Aysegül Nas, Melanie Volkamer, Marcel Winandy
9th Symposium on Usable Privacy and Security (SOUPS 2013), Newcastle, UK, July 24-26, 2013. [Extended Abstract] [Poster]Preventing Backdoors In Server Applications With A Separated Software Architecture (Short Paper)
2013 - Felix Schuster, Stefan Rüster, Thorsten Holz
10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Berlin, July 2013 [PDF]Standardorientierte Speicherung von verschlüsselten Dokumenten in einem XDS-Repository
2013 - Lennart Köster, Fatih Korkmaz, Marcel Winandy
Proceedings of the eHealth2013, May 23-24, Vienna, Austria, OCG, 2013.Practical Timing Side Channel Attacks Against Kernel Space ASLR
2013 - Ralf Hund, Carsten Willems, Thorsten Holz
IEEE Symposium on Security and Privacy ("Oakland"), San Francisco, CA, May 2013 [pdf]MobileSandbox: Ein Analyseframework für Android Applikationen
2013 - Michael Spreitzenbarth, Johannes Hoffmann, Hanno Lemoine, Thomas Schreck, Florian Echtler
Proceedings of the 13th Deutscher IT-Sicherheitskongress, Bonn, Germany, 2013 [PDF]PSiOS: Bring Your Own Privacy & Security to iOS Devices
2013 - Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz
ACM Symposium on Information, Computer and Communications Security (ASIACCS), Hangzhou, China, May 2013 - **Distinguished Paper Award** [pdf]Mobile-Sandbox: Looking Deeper into Android Applications
2013 - Michael Spreitzenbarth, Florian Echtler, Thomas Schreck, Felix C. Freiling, Johannes Hoffmann
28th International ACM Symposium on Applied Computing (SAC), Coimbra, Portugal, March 2013 [pdf]Slicing Droids: Program Slicing for Smali Code
2013 - Johannes Hoffmann, Martin Ussath, Michael Spreitzenbarth, Thorsten Holz
28th International ACM Symposium on Applied Computing (SAC), Coimbra, Portugal, March 2013 [pdf]Down to the Bare Metal: Using Processor Features for Binary Analysis
2012 - Carsten Willems, Ralf Hund, Amit Vasudevan, Andreas Fobian, Dennis Felsch, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis
2012 - Carsten Willems, Felix C. Freiling, Thorsten Holz
Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]PermissionWatcher: Creating User Awareness of Application Permissions in Mobile Systems
2012 - Eric Struse, Julian Seifert, Sebastian Uellenbeck, Enrico Rukzio, Christopher Wolf
International Joint Conference on Ambient Intelligence (AmI), Pisa, Italy, November 2012 [pdf]Applying a Security Kernel Framework to Smart Meter Gateways
2012 - Michael Gröne, Marcel Winandy
ISSE 2012 Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe 2012 Conference, pp. 252-259, Springer Vieweg, 2012.Scriptless Attacks – Stealing the Pie Without Touching the Sill
2012 - Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk
19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, October 2012 [PDF]Requirements for Integrating End-to-End Security into Large-Scale EHR Systems
2012 - Agnes Gawlik, Lennart Köster, Hiva Mahmoodi, Marcel Winandy
Amsterdam Privacy Conference (APC 2012), Workshop on Engineering EHR Solutions (WEES), 2012, Available at SSRN: http://ssrn.com/abstract=2457987 [online] [PDF]B@bel: Leveraging Email Delivery for Spam Mitigation
2012 - Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher Kruegel, Giovanni Vigna
21st USENIX Security Symposium, Bellevue, WA, USA, August 2012 [PDF]On the Fragility and Limitations of Current Browser-provided Clickjacking Protection Schemes
2012 - Sebastian Lekies, Mario Heiderich, Dennis Appelt, Thorsten Holz, Martin Johns
6th USENIX Workshop on Offensive Technologies (WOOT), Bellevue, WA, August 2012 [PDF]SmartProxy: Secure Smartphone-Assisted Login on Compromised Machines
2012 - Johannes Hoffmann, Sebastian Uellenbeck, Thorsten Holz
9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Heraklion, Greece, July 2012 [PDF]Don’t Trust Satellite Phones: A Security Analysis of Two Satphone Standards
2012 - Benedikt Driessen, Ralf Hund, Carsten Willems, Christof Paar, Thorsten Holz
IEEE Symposium on Security and Privacy ("Oakland"), San Francisco, CA, May 2012 - **Best Paper Award** [More Info] [PDF]Tracking DDoS Attacks: Insights into the Business of Disrupting the Web
2012 - Armin Büscher, Thorsten Holz
5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, CA, April 2012 [PDF]Analyse und Vergleich von BckR2D2-I und II
2012 - Andreas Dewald, Felix Freiling, Thomas Schreck, Michael Spreitzenbarth, Johannes Stüttgen, Stefan Vömel, Carsten Willems
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Darmstadt, Germany, März 2012 [Technical Report]MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones
2012 - Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi
Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2012 [PDF]Flexible Patient-Controlled Security for Electronic Health Records
2012 - Thomas Hupperich, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
ACM SIGHIT International Symposium on Health Informatics (IHI), Miami, January 2012 [PDF]Understanding Fraudulent Activities in Online Ad Exchanges
2011 - Brett Stone-Gross, Ryan Stevens, Apostolis Zarras, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna
11th ACM SIGCOMM Internet Measurement Conference (IMC), Berlin, Germany, November 2011 [PDF]Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics
2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz
18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]POSTER: Control-Flow Integrity for Smartphones.
2011 - Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi, Thomas Fischer
18th ACM Conference on Computer and Communications Security (CCS'11) [Poster]Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones
2011 - Lucas Davi, Alexandra Dmitrienko, Christoph Kowalski, Marcel Winandy
STC '11: Proceedings of the 6th ACM Workshop on Scalable Trusted Computing, pp. 49-58, ACM, 2011.TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet
2011 - Christian Gorecki, Felix C. Freiling, Marc Kührer, Thorsten Holz
13th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Grenoble, France, October 2011 [PDF]The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting
2011 - Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk
International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 [Website]Automated Identification of Cryptographic Primitives in Binary Programs
2011 - Felix Gröbert, Carsten Willems, Thorsten Holz
14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM
2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz
14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]BotMagnifier: Locating Spambots on the Internet
2011 - Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna
USENIX Security Symposium, San Francisco, CA, August 2011 [PDF]Jackstraws: Picking Command and Control Connections from Bot Traffic
2011 - Gregoire Jacob, Ralf Hund, Christopher Kruegel, Thorsten Holz
USENIX Security Symposium, San Francisco, CA, August 2011 [PDF]Uni-directional Trusted Path: Transaction Confirmation on Just One Device
2011 - Atanas Filyanov, Jonathan M. McCune, Ahmad-Reza Sadeghi, Marcel Winandy
IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN 2011), pp. 1-12. IEEE Computer Society, 2011. [pdf]Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices
2011 - Michael Becher , Felix C. Freiling, Johannes Hoffmann, Thorsten Holz, Sebastian Uellenbeck, Christopher Wolf
IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2011 [PDF]MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients
2011 - Ammar Alkassar, Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy
Med-e-Tel - Global Telemedicine and eHealth Updates: Knowledge Resources, Vol 4., pp. 385-389, ISfTeH, Luxembourg, 2011. [PDF]The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns
2011 - Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, Giovanni Vigna
USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston, MA, March 2011 [PDF]ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
2011 - Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy
6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), ACM, 2011.A Security Architecture for Accessing Health Records on Mobile Phones.
2011 - Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
Proceedings of the 4th International Conference on Health Informatics (HEALTHINF 2011), pp. 87-96, SciTePress, 2011. [PDF] [Bibtex]A Note on the Security in the Card Management System of the German E-Health Card
2010 - Marcel Winandy
Electronic Healthcare, Third International Conference, eHealth 2010, LNICST 69, pp. 196-203, Springer, 2012. [PDF] [Bibtex]TruWalletM: Secure Web Authentication on Mobile Platforms
2010 - Sven Bugiel, Alexandra Dmitrienko, Kari Kostiainen, Ahmad-Reza Sadeghi, Marcel Winandy
Trusted Systems, Second International Conference, INTRUST 2010, LNCS 6802/2011, Springer, 2011. [Bibtex] [PDF]Securing the E-Health Cloud
2010 - Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
Proceedings of the 1st ACM International Health Informatics Symposium (IHI 2010), ACM, 2010. [pdf] [Bibtex]Privilege Escalation Attacks on Android.
2010 - Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy
Information Security, 13th International Conference, ISC 2010, LNCS 6531/2011, pp. 346-360, Springer 2011. [Bibtex] [PDF]A Malware Instruction Set for Behavior-Based Analysis
2010 - Philipp Trinius, Carsten Willems, Thorsten Holz, Konrad Rieck
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Berlin, Germany, October 2010 [PDF]Towards secure deletion on smartphones
2010 - Michael Spreitzenbarth, Thorsten Holz
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Berlin, Germany, October 2010 [PDF]Return-Oriented Programming without Returns
2010 - Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy
17th ACM Conference on Computer and Communications Security (CCS 2010) [PDF]Abusing Social Networks for Automated User Profiling
2010 - Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel
13th International Symposium on Recent Advances in Intrusion Detection (RAID), Ottawa, Canada, September 2010 [PDF]Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments
2010 - Hans Löhr, Thomas Pöppelmann, Johannes Rave, Martin Steegmanns, Marcel Winandy
Proceedings of 5th Annual Workshop on Scalable Trusted Computing (STC 2010), ACM 2010. [PDF]Token-Based Cloud Computing -- Secure Outsourcing of Data and Arbitrary Computations with Lower Latency
2010 - Ahmad-Reza Sadeghi, Thomas Schneider, Marcel Winandy
3rd International Conference on Trust and Trustworthy Computing (TRUST'10) - Workshop on Trust in the Cloud, June 22, Berlin, Germany. [Trust2010.org] [PDF]Is the Internet for Porn? An Insight Into the Online Adult Industry
2010 - Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, Christopher Kruegel
Workshop on the Economics of Information Security (WEIS), Harvard University, USA, June 2010 [PDF]A Practical Attack to De-Anonymize Social Network Users
2010 - Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel
IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2010 [PDF]Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries
2010 - Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, Engin Kirda
IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2010 [PDF]ADSandbox: Sandboxing JavaScript to Fight Malicious Websites
2010 - Andreas Dewald, Thorsten Holz, Felix C. Freiling
ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]Botzilla: Detecting the "Phoning Home" of Malicious Software
2010 - Konrad Rieck, Guido Schwenk, Tobias Limmer, Thorsten Holz, Pavel Laskov
ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]Cooperation enablement for centralistic early warning systems
2010 - Ulrich Flegel, Johannes Hoffmann, Michael Meier
ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]Patterns for Secure Boot and Secure Storage in Computer Systems
2010 - Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
4th International Workshop on Secure systems methodologies using patterns (SPattern 2010), In Proceedings of ARES 2010: International Conference on Availability, Reliability and Security, pp.569-573, IEEE Computer Society, 2010 [pdf]The InMAS Approach
2010 - Markus Engelberth, Felix Freiling, Jan Goebel, Christian Gorecki, Thorsten Holz, Ralf Hund, Philipp Trinius, Carsten Willems
1st European Workshop on Internet Early Warning and Network Intelligence (EWNI'10) [PDF]Trusted virtual domains - design, implementation and lessons learned.
2009 - Ahmad-Reza Sadeghi, Gianluca Ramunno, Dirk Kuhlmann, Konrad Eriksson, Luigi Catuogno, Alexandra Dmitrienko, Jing Zhan, Steffen Schulz, Marcel Winandy, Matthias Schunter
International Conference on Trusted Systems (INTRUST) 2009. [pdf] [bibtex]Dynamic Integrity Measurement and Attestation: Towards Defense Against Return-Oriented Programming Attacks.
2009 - Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy
STC'09: Proceedings of the 4th ACM Workshop on Scalable Trusted Computing, p. 49-54, ACM, 2009. [pdf]TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication.
2009 - Sebastian Gajek, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy
STC'09: Proceedings of the 4th ACM Workshop on Scalable Trusted Computing, p. 19-28, ACM, 2009. [pdf]Software distribution as a malware infection vector
2009 - Felix Gröbert, Ahmad-Reza Sadeghi, Marcel Winandy
International Conference for Internet Technology and Secured Transactions (ICITST 2009) [Bibtex]Walowdac - Analysis of a Peer-to-Peer Botnet
2009 - Ben Stock, Jan Göbel, Markus Engelberth, Felix Freiling, Thorsten Holz
European Conference on Computer Network Defense (EC2ND), Milan, Italy, November 2009 [pdf]Transparent Mobile Storage Protection in Trusted Virtual Domains
2009 - Luigi Catuogno, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi, Marcel Winandy
23rd Large Installation System Administration Conference (LISA '09), p. 159--172, USENIX Association, 2009. [pdf]Visual Analysis of Malware Behavior (Short paper)
2009 - Philipp Trinius, Thorsten Holz, Jan Göbel, Felix Freiling
Workshop on Visualization for Cyber Security (VizSec), Atlantic City, NJ, USA, October 2009 [pdf]Automatically Generating Models for Botnet Detection
2009 - Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Göbel, Christopher Kruegel, Engin Kirda
European Symposium on Research in Computer Security (ESORICS), Saint Malo, France, September 2009 [pdf]Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones
2009 - Thorsten Holz, Markus Engelberth, Felix Freiling
European Symposium on Research in Computer Security (ESORICS), Saint Malo, France, September 2009 [pdf]A Pattern for Secure Graphical User Interface Systems.
2009 - Thomas Fischer, Ahmad-Reza Sadeghi, Marcel Winandy
3rd International Workshop on Secure systems methodologies using patterns (SPattern 2009), in DEXA '09: Proceedings of the 20th International Workshop on Database and Expert Systems Application, p.186-190, IEEE Computer Society, 2009. [pdf] [bibtex]Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
2009 - Ralf Hund, Thorsten Holz, Felix Freiling
USENIX Security Symposium, Montreal, Canada, August 2009 [PDF]Towards Proactive Spam Filtering (Extended Abstract)
2009 - Jan Göbel, Thorsten Holz, Philipp Trinius
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Milan, Italy, July 2009 [pdf]Einsatz von Sicherheitskernen und Trusted Computing.
2009 - Ahmad-Reza Sadeghi, Marcel Winandy,
D-A-CH Security 2009, Bochum, Germany. [pdf]Frühe Warnung durch Beobachten und Verfolgen von bösartiger Software im Deutschen Internet: Das Internet-Malware-Analyse System (InMAS)
2009 - Markus Engelberth, Felix Freiling, Jan Goebel, Christian Gorecki, Thorsten Holz, Philipp Trinius, Carsten Willems
11. Deutscher IT-Sicherheitskongress des Bundesamtes für Sicherheit in der Informationstechnik (BSI), Bonn, May 2009 [PDF]Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels.
2009 - Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marion Weber, Marcel Winandy
TRUST 2009: Proceedings of the 2nd International Conference on Trusted Computing, LNCS 5471, p. 45-62 Springer, 2009. [pdf]Trusted Privacy Domains - Challenges for Trusted Computing in Privacy-Protecting Information Sharing.
2009 - Hans Löhr, Ahmad-Reza Sadeghi, Claire Vishik, Marcel Winandy
Proceedings of 5th Information Security Practice and Experience Conference (ISPEC'09), LNCS 5451, p. 396-407, Springer, 2009. [pdf]MalOffice - Detecting malicious documents with combined static and dynamic analysis
2009 - Markus Engelberth, Carsten Willems, Thorsten Holz
Virus Bulletin Conference, Geneva, Switzerland, September 2009 [Presentation]Towards Next-Generation Botnets
2008 - Ralf Hund, Matthias Hamann, Thorsten Holz
European Conference on Computer Network Defense (EC2ND), Dublin, Ireland, December 2008 [PDF]Flexible and Secure Enterprise Rights Management Based on Trusted Virtual Domains
2008 - Ahmad-Reza Sadeghi, Marcel Winandy, Christian Stüble, Rani Husseiki, Yacine Gasmi, Patrick Stewin, Martin Unger
STC '08: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, p. 71-80, ACM, 2008. [pdf]As the Net Churns: Fast-Flux Botnet Observations
2008 - Jose Nazario, Thorsten Holz
International Conference on Malicious and Unwanted Software, October 2008 [pdf]Reconstructing Peoples Lives: A Case Study in Teaching Forensic Computing
2008 - Felix Freiling, Thorsten Holz, Martin Mink
International Conference on IT Security Incident Management & IT Forensics (IMF), Mannheim, Germany, September 2008 [pdf]Property-Based TPM Virtualization
2008 - Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy
Information Security, 11th International Conference, ISC 2008, LNCS 5222, p. 1-16, Springer, 2008. [pdf] [bibtex]Sicherheitsprobleme elektronischer Wahlauszählungssysteme in der Praxis
2008 - Yacine Gasmi, Christian Hessmann, Martin Pittenauer, Marcel Winandy
INFORMATIK 2008, Beherrschbare Systeme - dank Informatik, Band 1, Beiträge der 38. Jahrestagung der Gesellschaft für Informatik e.V. (GI), LNI 133, GI, 2008.Learning and Classification of Malware Behavior
2008 - Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, July 2008 [PDF]Studying Malicious Websites and the Underground Economy on the Chinese Web
2008 - Jianwei Zhuge, Thorsten Holz, Chengyu Song, Jinpeng Guo, Xinhui Han, Wei Zou
Workshop on the Economics of Information Security (WEIS), Hanover, NH, USA, June 2008 [pdf]Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm
2008 - Thorsten Holz, Moritz Steiner, Frederic Dahl, Ernst Biersack, Felix C. Freiling
USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Francisco, CA, April 2008 [pdf]Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients
2008 - Ali Ikinci, Thorsten Holz, Felix Freiling
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Saarbrücken, April 2008 - **Best Paper Award** [pdf]Rishi: Identifizierung von Bots durch Auswerten der IRC Nicknamen
2008 - Jan Göbel, Thorsten Holz
DFN-CERT Workshop "Sicherheit in vernetzten Systemen", Hamburg, February 2008 [pdf]Measuring and Detecting Fast-Flux Service Networks
2008 - Thorsten Holz, Christian Gorecki, Konrad Rieck, Felix Freiling
Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2008 [pdf]Collecting Autonomous Spreading Malware Using High-Interaction Honeypots
2007 - Jianwei Zhuge, Thorsten Holz, Xinhui Han, Chengyu Song, Wei Zou
International Conference on Information and Communications Security (ICICS), LNCS 4861, Zhengzhou, China, December 2007 [pdf]Measurement and Analysis of Autonomous Spreading Malware in a University Environment
2007 - Thorsten Holz, Jan Goebel, Carsten Willems
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Lucerne, Switzerland, July 2007 [PDF]Trusted User-Aware Web Authentication
2007 - Jörg Schwenk, Ahmad-Reza Sadeghi, Sebastian Gajek, Marcel Winandy,
Presented at the Workshop on Trustworthy User Interfaces for Passwords and Personal Information (TIPPI'07), Stanford, USA, June 22, 2007. [PDF]Compartmented Security for Browsers – Or How to Thwart a Phisher with Trusted Computing
2007 - Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy
In Proceedings of the The Second International Conference on Availability, Reliability and Security (ARES 2007), Vienna, Austria, April 10-13, 2007, pages 120-127. IEEE Computer Society, 2007. [pdf]Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation
2007 - Jan Göbel, Thorsten Holz
USENIX Workshop on Hot Topics in Understanding Botnets (HotBots), Cambridge, MA, April 2007 [pdf]Towards Multicolored Computing - Compartmented Security to Prevent Phishing Attacks.
2006 - Sebastian Gajek, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy
Workshop on Information and System Security (WISSEC'06), Antwerpen (Belgium), 2006 .TCG Inside? - A Note on TPM Specification Compliance
2006 - Ahmad-Reza Sadeghi, Christian Wachsmann, Marcel Selhorst, Christian Stüble, Marcel Winandy
In Proceedings of the first ACM Workshop on Scalable Trusted Computing (ACMSTC), Alexandria, Virginia, USA, November 3, 2006, pages 47-56. ACM Press, 2006.A Comparative Study of Teaching Forensics at a University Degree Level
2006 - Philip Anderson, Maximillian Dornseif, Felix Freiling, Thorsten Holz, Alastair Irons, Christopher Laing, Martin Mink
International Conference on IT Security Incident Management & IT Forensics (IMF), Stuttgart, Germany, October 2006 [pdf]Security Architecture for Device Encryption and VPN
2006 - Ahmad-Reza Sadeghi, Marcel Winandy, Christian Stüble, Ammar Alkassar, Michael Scheibel
Accepted for ISSE (Information Security Solution Europe) 2006 [Springer Link]The Nepenthes Platform: An Efficient Approach to Collect Malware
2006 - Paul Baecher, Markus Koetter, Thorsten Holz, Maximillian Dornseif, Felix Freiling
9th International Symposium on Recent Advances in Intrusion Detection (RAID), Hamburg, Germany, September 2006 [pdf]The Effect of Stock Spam on Financial Markets
2006 - Rainer Böhme, Thorsten Holz
Workshop on the Economics of Information Security (WEIS), University of Cambridge, June 2006 [SSRN Link]Design and Implementation of the Honey-DVD
2006 - Maximillian Dornseif, Felix Freiling, Nils Gedicke, Thorsten Holz
IEEE Information Assurance Workshop (IAW), West Point, NY, June 2006 [pdf]Design and Implementation of a Secure Linux Device Encryption Architecture
2006 - Ahmad-Reza Sadeghi, Marcel Winandy, Christian Stüble, Michael Scheibel
LinuxTag 2006. [pdf]Safety, Liveness, and Information Flow: Dependability Revisited
2006 - Zinaida Benenson, Felix Freiling, Thorsten Holz, Dogan Kesdogan, Lucia Draque Penso
ARCS Workshop on Dependability and Fault-Tolerance, Frankfurt am Main, Germany, March 2006 [pdf]Effektives Sammeln von Malware mit Honeypots
2006 - Thorsten Holz, Georg Wicherski
DFN-CERT Workshop "Sicherheit in vernetzten Systemen", Hamburg, March 2006 [pdf]Learning More About Attack Patterns With Honeypots
2006 - Thorsten Holz
GI Sicherheit - Schutz und Zuverlässigkeit, Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik, Magdeburg, February 2006 [pdf]Multilateral Security Considerations for Adaptive Mobile Applications
2005 - Adrian Spalka, Armin B. Cremers, Marcel Winandy
Proceedings of the 2nd International Conference on E-Business and Telecommunication Networks (ICETE 2005), pp. 133-137, INSTICC, 2005.Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks
2005 - Felix Freiling, Thorsten Holz, Georg Wicherski
European Symposium on Research in Computer Security (ESORICS), Milan, Italy, September 2005 [pdf]A Pointillist Approach for Comparing Honeypots
2005 - Fabien Pouget, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Vienna, Austria, July 2005 [pdf]Detecting Honeypots and Other Suspicious Environments
2005 - Thorsten Holz, Frederic Raynal
IEEE Information Assurance Workshop (IAW), West Point, NY, June 2005 [pdf]NoSEBrEaK - Attacking Honeynets
2004 - Maximillian Dornseif, Thorsten Holz, Christian N. Klein
IEEE Information Assurance Workshop (IAW), West Point, NY, June 2004 [pdf]Ermittlung von Verwundbarkeiten mit elektronischen Ködern
2004 - Maximillian Dornseif, Felix C. Gärtner, Thorsten Holz
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Dortmund, Germany, July 2004 [pdf]