Publications

Experience Report: An Empirical Study of PHP Security Mechanism Usage

2015 - Johannes Dahse, Thorsten Holz

International Symposium on Software Testing and Analysis (ISSTA) [PDF]

Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications

2015 - Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz

36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]

Cross-Architecture Bug Search in Binary Executables

2015 - Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz

36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]

VC3: Trustworthy Data Analytics in the Cloud using SGX

2015 - Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz , Mark Russinovich

36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]

A Practical Investigation of Identity Theft Vulnerabilities in Eduroam

2015 - Sebastian Brenza, Andre Pawlowski, Christina Pöpper

In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec), 2015 [Project Webpage] [PDF]

Retaining Control over SDN Network Services

2015 - Christian Röpke, Thorsten Holz

International Conference on Networked Systems (NetSys), 2015

Tactile One-Time Pad: Leakage-Resilient Authentication for Smartphones

2015 - Sebastian Uellenbeck, Thomas Hupperich, Christopher Wolf, Thorsten Holz

Financial Cryptography and Data Security 2015 [pdf]

Leveraging Semantic Signatures for Bug Search in Binary Programs

2014 - Jannik Pewny, Felix Schuster, Lukas Bernhard, Christian Rossow, Thorsten Holz

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 [PDF]

Towards Automated Integrity Protection of C++ Virtual Function Tables in Binary Programs

2014 - Robert Gawlik, Thorsten Holz

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 [GitHub] [PDF]

Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security

2014 - Hendrik Meutzner, Viet Hung Nguyen, Thorsten Holz, Do­ro­thea Kolossa

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 - ** Outstanding Paper Award ** [PDF]
Page: