Publications

MobileSandbox: Ein Analyseframework für Android Applikationen

2013 - Michael Spreitzenbarth, Johannes Hoffmann, Hanno Lemoine, Thomas Schreck, Florian Echtler

Proceedings of the 13th Deutscher IT-Sicherheitskongress, Bonn, Germany, 2013 [PDF]

Down to the Bare Metal: Using Processor Features for Binary Analysis

2012 - Carsten Willems, Ralf Hund, Amit Vasudevan, Andreas Fobian, Dennis Felsch, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]

Tracking DDoS Attacks: Insights into the Business of Disrupting the Web

2012 - Armin Büscher, Thorsten Holz

5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, CA, April 2012 [PDF]

Understanding Fraudulent Activities in Online Ad Exchanges

2011 - Brett Stone-Gross, Ryan Stevens, Apostolis Zarras, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna

11th ACM SIGCOMM Internet Measurement Conference (IMC), Berlin, Germany, November 2011 [PDF]

TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet

2011 - Christian Gorecki, Felix C. Freiling, Marc Kührer, Thorsten Holz

13th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Grenoble, France, October 2011 [PDF]

IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

A Malware Instruction Set for Behavior-Based Analysis

2010 - Philipp Trinius, Carsten Willems, Thorsten Holz, Konrad Rieck

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Ber­lin, Ger­ma­ny, Oc­to­ber 2010 [PDF]

Return-Oriented Programming without Returns

2010 - Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, Marcel Winandy

17th ACM Conference on Computer and Communications Security (CCS 2010) [PDF]

Botzilla: Detecting the "Phoning Home" of Malicious Software

2010 - Konrad Rieck, Guido Schwenk, Tobias Limmer, Thorsten Holz, Pavel Laskov

ACM Symposium on Applied Computing (SAC), Sierre, Switzerland, March 2010 [PDF]

Software distribution as a malware infection vector

2009 - Felix Gröbert, Ahmad-Reza Sadeghi, Marcel Winandy

International Conference for Internet Technology and Secured Transactions (ICITST 2009) [Bibtex]

Visual Analysis of Malware Behavior (Short paper)

2009 - Philipp Trinius, Thorsten Holz, Jan Göbel, Felix Freiling

Workshop on Visualization for Cyber Security (VizSec), Atlantic City, NJ, USA, October 2009 [pdf]

Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones

2009 - Thorsten Holz, Markus Engelberth, Felix Freiling

Eu­ropean Sym­po­si­um on Re­se­arch in Com­pu­ter Se­cu­ri­ty (ESO­RICS), Saint Malo, France, September 2009 [pdf]

MalOffice - Detecting malicious documents with combined static and dynamic analysis

2009 - Markus Engelberth, Carsten Willems, Thorsten Holz

Virus Bulletin Conference, Geneva, Switzerland, September 2009 [Presentation]

Learning and Classification of Malware Behavior

2008 - Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, July 2008 [PDF]

Studying Malicious Websites and the Underground Economy on the Chinese Web

2008 - Jianwei Zhuge, Thorsten Holz, Chengyu Song, Jinpeng Guo, Xinhui Han, Wei Zou

Work­shop on the Eco­no­mics of In­for­ma­ti­on Se­cu­ri­ty (WEIS), Hanover, NH, USA, June 2008 [pdf]

Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients

2008 - Ali Ikinci, Thorsten Holz, Felix Freiling

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Saarbrücken, April 2008 - **Best Paper Award** [pdf]

Collecting Autonomous Spreading Malware Using High-Interaction Honeypots

2007 - Jianwei Zhuge, Thorsten Holz, Xinhui Han, Chengyu Song, Wei Zou

International Conference on Information and Communications Security (ICICS), LNCS 4861, Zhengzhou, China, December 2007 [pdf]

Measurement and Analysis of Autonomous Spreading Malware in a University Environment

2007 - Thorsten Holz, Jan Goebel, Carsten Willems

Con­fe­rence on De­tec­tion of In­tru­si­ons and Mal­wa­re & Vul­nerabi­li­ty As­sess­ment (DIMVA), Lucerne, Switzerland, July 2007 [PDF]

The Nepenthes Platform: An Efficient Approach to Collect Malware

2006 - Paul Baecher, Markus Koetter, Thorsten Holz, Maximillian Dornseif, Felix Freiling

9th International Symposium on Recent Advances in Intrusion Detection (RAID), Hamburg, Germany, September 2006 [pdf]

Effektives Sammeln von Malware mit Honeypots

2006 - Thorsten Holz, Georg Wicherski

DFN-CERT Workshop "Sicherheit in vernetzten Systemen", Hamburg, March 2006 [pdf]
Page: