Publications

Static Detection of Uninitialized Stack Variables in Binary Code

2019 - Behrad Garmany, Martin Stoffel, Robert Gawlik, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019

Towards Automated Application-Specific Software Stacks

2019 - Nicolai Davidsson, Andre Pawlowski, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019

GDPiRated – Stealing Personal Information On-and Offline

2019 - Matteo Cagnazzo, Thorsten Holz, Norbert Pohlmann

European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019

AntiFuzz: Impeding Fuzzing Audits of Binary Executables

2019 - Emre Güler, Cornelius Aschermann, Ali Abbasi, Thorsten Holz

USENIX Security Symposium, Santa Clara, CA, USA, August 2019 [pdf]

GRIMOIRE: Synthesizing Structure while Fuzzing

2019 - Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, Thorsten Holz

USENIX Security Symposium, Santa Clara, CA, USA, August 2019 [Pdf]

Intervention and End-User Development

2019 - Thomas Herrmann, Christopher Lentzsch, Martin Degeling

[Conference Link]

Large-scale Analysis of Infrastructure-leaking DNS Servers

2019 - Dennis Tatang, Carl Schneider, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Gothenburg, Sweden, June 2019 [GitHub] [PDF]

Challenges in Designing Exploit Mitigations for Deeply Embedded Systems

2019 - Ali Abbasi, Jos Wetzels, Thorsten Holz, Sandro Etalle

IEEE European Symposium on Security and Privacy (EuroS&P 2019), Stockholm, Sweden, June 2019 [PDF]

Steroids for DOPed Applications: A Compiler for Automated Data-Oriented Programming

2019 - Jannik Pewny, Philipp Koppe, Thorsten Holz

IEEE European Symposium on Security and Privacy (EuroS&P 2019), Stockholm, Sweden, June 2019 [PDF]

Analyzing leakage of personal information by malware

2019 - Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann

Journal of Computer Security, 2019

It's Not What It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains

2019 - Florian Quinkert, Tobias Lauinger, William Robertson, Engin Kirda, Thorsten Holz

IEEE Conference on Communications and Network Security (CNS), Washington, D.C., USA, June 2019 [PDF]

Breaking LTE on Layer Two

2019 - David Rupprecht, Katharina Kohls, Christina Pöpper, Thorsten Holz

IEEE Symposium on Security & Privacy (Oakland), May 2019 [Website] [PDF]

Lost Traffic Encryption: Fingerprinting LTE/4G Traffic on Layer Two

2019 - Katharina Kohls, David Rupprecht, Thorsten Holz, Christina Pöpper

Conference on Security and Privacy in Wireless and Mobile Networks (WiSec ’19), May 15–17, 2019, Miami, FL, USA, ACM [PDF]

LTE Security Disabled — Misconfiguration in Commercial Networks

2019 - Merlin Chlosta, David Rupprecht, Thorsten Holz, Christina Pöpper

Conference on Security and Privacy in Wireless and Mobile Networks (WiSec ’19), May 15–17, 2019, Miami, FL, USA, ACM [PDF]

Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding

2019 - Lea Schönherr, Katharina Kohls, Steffen Zeiler, Thorsten Holz, Do­ro­thea Kolossa

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [Demo] [PDF]

Nautilus: Fishing for Deep Bugs with Grammars

2019 - Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, Ahmad-Reza Sadeghi, Daniel Teuchert

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [GitHub] [PDF]

On the Challenges of Geographical Avoidance for Tor

2019 - Katharina Kohls, Kai Jansen, David Rupprecht, Thorsten Holz, Christina Pöpper

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF]

Redqueen: Fuzzing with Input-to-State Correspondence

2019 - Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, Thorsten Holz

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF]

We Value Your Privacy - Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy

2019 - Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [GitHub] [PDF]

DorkPot: A Honeypot-based Analysis of Google Dorks

2019 - Florian Quinkert, Eduard Leonhardt, Thorsten Holz

Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb), San Diego, California, USA, February 2019 - ** Best Paper Award ** [PDF]

A Study of Newly Observed Hostnames and DNS Tunneling in the Wild

2019 - Dennis Tatang, Florian Quinkert, Nico Dolecki, Thorsten Holz

Technical Report, arXiv:1902.08454, February 2019 [arXiv] [PDF]

Redefining Data Transparency: A Multidimensional Approach

2019 - Elisa Bertino, Shawn Merrill, Alina Nesen, Christine Utz

IEEE Computer, Jan. 2019, pp. 16-26, vol. 52 [IEEE] [DOI]

Towards Automated Generation of Exploitation Primitives for Web Browsers

2018 - Behrad Garmany, Martin Stoffel, Robert Gawlik, Philipp Koppe, Tim Blazytko, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, December 2018 [PDF]

The Unwanted Sharing Economy: An Analysis of Cookie Syncing and User Transparency under GDPR

2018 - Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann

Technical Report, arXiv:1811.08660, November 2018 [arXiv]

Profiling im Web. Von Liquiditat und Segmentierung

2018 - Martin Degeling

Vortrag bei der Jahrestagung der Gesellschaft für Wissenschafts- und Technikforschung 2018, Berlin. [website] [Slides]

The Influence of Friends and Experts on Privacy Decision Making in IoT Scenarios

2018 - Pardis Emami-Naeini, Martin Degeling, Lujo Bauer, Richard Chow, Lorrie Cranor, Mohammad Reza Haghighat, Heather Patterson

ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW) 2018 [pdf]

An Exploratory Analysis of Microcode as a Building Block for System Defenses

2018 - Benjamin Kollenda, Philipp Koppe, Marc Fyrbiak, Christian Kison, Chris­tof Paar, Thorsten Holz

ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty (CCS), Toronto, October 2018 [GitHub] [PDF]

Tracking and Tricking a Profiler - Measuring and Influencing Bluekai’s Interest Profiling

2018 - Martin Degeling, Jan Nierhoff

Workshop on Privacy in the Electronic Society (WPES 2018) in conjunction with CCS 2018 [pdf (researchgate)]

Intervenierbarkeit zum Schutz informationeller Selbstbestimmung

2018 - Martin Degeling, Thomas Herrmann

In "Die Fortentwicklung des Datenschutzes: Zwischen Systemgestaltung und Selbstregulierung", edited by Alexander Roßnagel, Michael Friedewald, and Marit Hansen, 193–208. DuD-Fachbeiträge. Wiesbaden: Springer Fachmedien Wiesbaden. [Springer.com] [DOI]

Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs

2018 - Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann

European Symposium on Research in Computer Security (ESORICS), Barcelona, Spain, September 2018 - ** Best Paper Award ** [PDF]

Preventing Malicious SDN Applications From Hiding Adverse Network Manipulations

2018 - Christian Röpke, Thorsten Holz

ACM SIGCOMM Workshop on Security in Softwarized Networks: Prospects and Challenges (SecSoN 2018), Budapest, Hungary, 2018 [PDF]

We Value Your Privacy - Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy

2018 - Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz

Technical Report, arXiv:1808.05096, August 2018 [arXiv] [PDF]

POSTER: User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"

2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

USENIX Symposium on Usable Privacy and Security 2018 (SOUPS '18). Baltimore, MD, USA, August 12-14, 2018

SoK: Make JIT-Spray Great Again

2018 - Robert Gawlik, Thorsten Holz

USENIX Workshop on Offensive Technologies (WOOT), Baltimore, US, August 2018 [PDF]

Personal Privacy Assistants for the Internet of Things

2018 - Anupam Das, Martin Degeling, Daniel Smullen, Norman Sadeh

IEEE Pervasive Computing ( Volume: 17 , Issue: 3 , Jul.-Sep. 2018 ) [pdf] [DOI] [IEEE]

On the Weaknesses of Function Table Randomization

2018 - Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, June 2018 [GitHub] [PDF]

From Interaction to Intervention: An Approach for Keeping Humans in Control in the Context of socio-technical Systems.

2018 - Thomas Herrmann, Albrecht Schmidt, Martin Degeling

STPIS Workshop at CAiSE 2018 [pdf]

On Security Research Towards Future Mobile Network Generations

2018 - David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, Christina Pöpper

IEEE Communications Surveys and Tutorials, Volume: 20, Issue:3, 2018 [arXiv] [IEEE Xplore]

SDN Ro2tkits: A Case Study of Subverting A Closed Source SDN Controller

2018 - Christian Röpke

GI Sicherheit, Konstanz, Germany, 2018

Masters of Time: An Overview of the NTP Ecosystem

2018 - Teemu Rytilahti, Dennis Tatang, Janosch Köpper, Thorsten Holz

IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [GitHub] [PDF]

Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure

2018 - Enes Göktaş, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, Cristiano Giuffrida

IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [PDF]

User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"

2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

European Workshop on Usable Security (EuroUSEC) 2018, London, England, 23 April 2018 [PDF] [Slides]

Towards a Roadmap for Privacy Technologies and the General Data Protection Regulation: A transatlantic initiative

2018 - Stefan Schiffner, Bettina Berendt, Triin Siil, Martin Degeling, Robert Riemann, Florian Schaub, Kim Wuyts, Massimo Attoresi, Seda Gürses, Achim Klabunde, Jules Polonetsky, Norman Sadeh, Gabriela Zanfir-Fortuna

Proceedings of the Annual Privacy Forum 2018 [pdf]

An Empirical Study on Online Price Differentiation

2018 - Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz

ACM Conference on Data and Applications Security and Privacy (CODASPY 2018) Tempe, AZ, March 2018 [ACM DL] [GitHub] [PDF]

Breaking and Fixing Destructive Code Read Defenses

2017 - Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]

ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

2017 - Ali Abbasi, Emmanuele Zambon, Sandro Etalle, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]

An Empirical Study on Price Differentiation Based on System Fingerprints

2017 - Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz

Technical Report, arXiv:1712.03031, December 2017 [arXiv] [PDF]

SDN-Guard: Protecting SDN Controllers Against SDN Rootkits

2017 - Dennis Tatang, Florian Quinkert, Joel Frank, Christian Röpke, Thorsten Holz

IEEE Workshop on Security in NFV-SDN (SN-2017), Berlin, November 2017 [PDF]

On the Significance of Process Comprehension for Conducting Targeted ICS Attacks

2017 - Benjamin Green, Marina Krotofil, Ali Abbasi

3rd ACM Workshop on Cyber-Physical Systems Security and Privacy, November 2017, Dallas, USA. [PDF]
Page: