Publications

Security and Trust Architectures for Protecting Sensitive Data on Commodity Computing Platforms

2012 - Marcel Winandy

PhD Thesis, Ruhr-University Bochum, Shaker-Verlag, 2012. [book]

Understanding Fraudulent Activities in Online Ad Exchanges

2011 - Brett Stone-Gross, Ryan Stevens, Apostolis Zarras, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna

11th ACM SIGCOMM Internet Measurement Conference (IMC), Berlin, Germany, November 2011 [PDF]

Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz

18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]

POSTER: Control-Flow Integrity for Smartphones.

2011 - Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi, Thomas Fischer

18th ACM Conference on Computer and Communications Security (CCS'11) [Poster]

Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones

2011 - Lucas Davi, Alexandra Dmitrienko, Christoph Kowalski, Marcel Winandy

STC '11: Proceedings of the 6th ACM Workshop on Scalable Trusted Computing, pp. 49-58, ACM, 2011.

TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet

2011 - Christian Gorecki, Felix C. Freiling, Marc Kührer, Thorsten Holz

13th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Grenoble, France, October 2011 [PDF]

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting

2011 - Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk

International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 [Website]

Automated Identification of Cryptographic Primitives in Binary Programs

2011 - Felix Gröbert, Carsten Willems, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

BotMagnifier: Locating Spambots on the Internet

2011 - Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna

USENIX Security Symposium, San Francisco, CA, August 2011 [PDF]

Jackstraws: Picking Command and Control Connections from Bot Traffic

2011 - Gregoire Jacob, Ralf Hund, Christopher Kruegel, Thorsten Holz

USENIX Security Symposium, San Francisco, CA, August 2011 [PDF]

Proceedings of 8th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)

2011 - Thorsten Holz, Herbert Bos

8th Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), Amsterdam, Netherlands, July 2011 [SpringerLink]

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

2011 - Atanas Filyanov, Jonathan M. McCune, Ahmad-Reza Sadeghi, Marcel Winandy

IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN 2011), pp. 1-12. IEEE Computer Society, 2011. [pdf]

Automatic Analysis of Malware Behavior using Machine Learning

2011 - Konrad Rieck, Philipp Trinius, Carsten Willems, Thorsten Holz

Journal of Computer Security, Vol. 19, No. 4, pages 639-668, 2011 [JCS] [PDF]

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis

2011 - Carsten Willems, Felix Freiling

Technical Report TR-2011-002, University of Mannheim, Department of Computer Science, May 2011 [MADOC Link]

Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices

2011 - Michael Becher , Felix C. Freiling, Johannes Hoffmann, Thorsten Holz, Sebastian Uellenbeck, Christopher Wolf

IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2011 [PDF]

Internals of Windows Memory Management (not only) for Malware Analysis

2011 - Carsten Willems

Technical Report TR-2011-001, University of Mannheim, Department of Computer Science, April 2011 [MADOC Link]

Securing the Access to Electronic Health Records on Mobile Phones

2011 - Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Biomedical Engineering Systems and Technologies 2011 - Revised Selected Papers, Springer-Verlag, 2011. [PDF]

MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients

2011 - Ammar Alkassar, Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Med-e-Tel - Global Telemedicine and eHealth Updates: Knowledge Resources, Vol 4., pp. 385-389, ISfTeH, Luxembourg, 2011. [PDF]

Das Internet-Malware-Analyse-System (InMAS)

2011 - Markus Engelberth, Felix C. Freiling, Jan Goebel, Christian Gorecki, Thorsten Holz, Ralf Hund, Philipp Trinius, Carsten Willems

Datenschutz und Datensicherheit (DuD), Volume 35, Number 4, pp. 247-252 [SpringerLink]

The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns

2011 - Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, Giovanni Vigna

USE­NIX Work­shop on Lar­ge-Sca­le Ex­ploits and Emer­gent Thre­ats (LEET), Boston, MA, March 2011 [PDF]

ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks

2011 - Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy

6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), ACM, 2011.

A Security Architecture for Accessing Health Records on Mobile Phones.

2011 - Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Proceedings of the 4th International Conference on Health Informatics (HEALTHINF 2011), pp. 87-96, SciTePress, 2011. [PDF] [Bibtex]

A Note on the Security in the Card Management System of the German E-Health Card

2010 - Marcel Winandy

Electronic Healthcare, Third International Conference, eHealth 2010, LNICST 69, pp. 196-203, Springer, 2012. [PDF] [Bibtex]

TruWalletM: Secure Web Authentication on Mobile Platforms

2010 - Sven Bugiel, Alexandra Dmitrienko, Kari Kostiainen, Ahmad-Reza Sadeghi, Marcel Winandy

Trusted Systems, Second International Conference, INTRUST 2010, LNCS 6802/2011, Springer, 2011. [Bibtex] [PDF]

Securing the E-Health Cloud

2010 - Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Proceedings of the 1st ACM International Health Informatics Symposium (IHI 2010), ACM, 2010. [pdf] [Bibtex]

Privilege Escalation Attacks on Android.

2010 - Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy

Information Security, 13th International Conference, ISC 2010, LNCS 6531/2011, pp. 346-360, Springer 2011. [Bibtex] [PDF]

A Malware Instruction Set for Behavior-Based Analysis

2010 - Philipp Trinius, Carsten Willems, Thorsten Holz, Konrad Rieck

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Ber­lin, Ger­ma­ny, Oc­to­ber 2010 [PDF]

Towards secure deletion on smartphones

2010 - Michael Spreitzenbarth, Thorsten Holz

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Berlin, Germany, October 2010 [PDF]

Return-Oriented Programming without Returns

2010 - Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy

17th ACM Conference on Computer and Communications Security (CCS 2010) [PDF]

Abusing Social Networks for Automated User Profiling

2010 - Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel

13th International Symposium on Recent Advances in Intrusion Detection (RAID), Ottawa, Canada, September 2010 [PDF]

Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments

2010 - Hans Löhr, Thomas Pöppelmann, Johannes Rave, Martin Steegmanns, Marcel Winandy

Proceedings of 5th Annual Workshop on Scalable Trusted Computing (STC 2010), ACM 2010. [PDF]

Return-Oriented Programming without Returns on ARM

2010 - Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy

Tech­ni­cal Re­port HGI-TR-2010-002 [PDF]

Token-Based Cloud Computing -- Secure Outsourcing of Data and Arbitrary Computations with Lower Latency

2010 - Ahmad-Reza Sadeghi, Thomas Schneider, Marcel Winandy

3rd International Conference on Trust and Trustworthy Computing (TRUST'10) - Workshop on Trust in the Cloud, June 22, Berlin, Germany. [Trust2010.org] [PDF]

Is the Internet for Porn? An Insight Into the Online Adult Industry

2010 - Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, Christopher Kruegel

Workshop on the Economics of Information Security (WEIS), Harvard University, USA, June 2010 [PDF]

Trusted Virtual Domains: Color Your Network

2010 - Luigi Catuogno, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Datenschutz und Datensicherheit (DuD) 5/2010, p. 289-298. [SpringerLink] [PDF]

A Practical Attack to De-Anonymize Social Network Users

2010 - Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel

IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2010 [PDF]

Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries

2010 - Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, Engin Kirda

IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2010 [PDF]

Verfolgen und Abschwächen von Malicious Remote Control Networks

2010 - Thorsten Holz

Ausgezeichnete Informatikdissertationen 2009. LNI D-10, pages 101-110, May 2010 [Dagstuhl Seminar]

ADSandbox: Sandboxing JavaScript to Fight Malicious Websites

2010 - Andreas Dewald, Thorsten Holz, Felix C. Freiling

ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]

Botzilla: Detecting the "Phoning Home" of Malicious Software

2010 - Konrad Rieck, Guido Schwenk, Tobias Limmer, Thorsten Holz, Pavel Laskov

ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]

Cooperation enablement for centralistic early warning systems

2010 - Ulrich Flegel, Johannes Hoffmann, Michael Meier

ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]

ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks

2010 - Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy

Technical Report HGI-TR-2010-001 [PDF]

Pat­terns for Se­cu­re Boot and Se­cu­re Sto­r­a­ge in Com­pu­ter Sys­tems

2010 - Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

4th In­ter­na­tio­nal Work­shop on Se­cu­re sys­tems me­tho­do­lo­gies using pat­terns (SPat­tern 2010), In Proceedings of ARES 2010: International Conference on Availability, Reliability and Security, pp.569-573, IEEE Computer Society, 2010 [pdf]

The InMAS Approach

2010 - Markus Engelberth, Felix Freiling, Jan Goebel, Christian Gorecki, Thorsten Holz, Ralf Hund, Philipp Trinius, Carsten Willems

1st European Workshop on Internet Early Warning and Network Intelligence (EWNI'10) [PDF]

A Malware Instruction Set for Behavior-Based Analysis

2009 - Philipp Trinius, Carsten Willems, Thorsten Holz, Konrad Rieck

Technical Report TR-2009-007, University of Mannheim, December 2009 [MADOC Link] [PDF]

Automatic Analysis of Malware Behavior using Machine Learning

2009 - Philipp Trinius, Carsten Willems, Thorsten Holz, Konrad Rieck

Berlin Institute of Technology, Technical Report 18-2009 [PDF]

Trusted virtual domains - design, implementation and lessons learned.

2009 - Ahmad-Reza Sadeghi, Gianluca Ramunno, Dirk Kuhlmann, Konrad Eriksson, Luigi Catuogno, Alexandra Dmitrienko, Jing Zhan, Steffen Schulz, Marcel Winandy, Matthias Schunter

International Conference on Trusted Systems (INTRUST) 2009. [pdf] [bibtex]

Dynamic Integrity Measurement and Attestation: Towards Defense Against Return-Oriented Programming Attacks.

2009 - Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy

STC'09: Proceedings of the 4th ACM Workshop on Scalable Trusted Computing, p. 49-54, ACM, 2009. [pdf]

TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication.

2009 - Sebastian Gajek, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

STC'09: Proceedings of the 4th ACM Workshop on Scalable Trusted Computing, p. 19-28, ACM, 2009. [pdf]
Page: