Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks

2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz

8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, CA, USA, August 2014 [PDF]

Malicious Code and Access Control in Software-Defined-Networks

2014 - Christian Röpke

9. GI FG SIDAR Graduierten-Workshop über Reaktive Sicherheit (SPRING), 2014 [PDF]

Virtual Machine-based Fingerprinting Schemes

2014 - Moritz Contag

9. GI FG SIDAR Gra­du­ier­ten-Work­shop über Re­ak­ti­ve Si­cher­heit (SPRING), 2014

Security and Privacy as Hygiene Factors of Developer Behavior in Small and Agile Teams

2014 - Kai-Uwe Loser, Martin Degeling

In ICT and Society, edited by Kai Kimppa, Diane Whitehouse, Tiina Kuusela, and Jackie Phahlamohlaka, 255–65. IFIP Advances in Information and Communication Technology 431. Springer Berlin Heidelberg. [doi]

Automated Generation of Models for Fast and Precise Detection of HTTP-Based Malware

2014 - Apostolis Zarras, Antonis Papadogiannakis, Robert Gawlik, Thorsten Holz

12th Annual Conference on Privacy, Security and Trust (PST), Toronto, Canada, July 2014 [PDF]

Technical Report: Paint it Black: Evaluating the Effectiveness of Malware Blacklists

2014 - Marc Kührer, Christian Rossow, Thorsten Holz

TR-HGI-2014-002, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), June 2014 [PDF]

Technical Report: Evaluating the Effectiveness of Current Anti-ROP Defenses

2014 - Felix Schuster, Thomas Tendyck, Jannik Pewny, Andreas Maaß, Martin Steegmanns, Moritz Contag, Thorsten Holz

TR-HGI-2014-001, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), May 2014 [PDF]

Scriptless attacks: Stealing more pie without touching the sill

2014 - Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk

Journal of Computer Security, Volume 22, Number 4 / 2014, Web Application Security – Web @ 25 [URL]

Communication Reduced Interaction Protocol between Customer, Charging Station, and Charging Station Management System

2014 - Karl-Heinz Krempels, Christoph Terwelp, Stefan Wüller, Tilman Frosch, Sevket Gökay

3rd International Conference on Smart Grids and Green IT Systems (SMARTGREENS 2014), Barcelona, Spain, April 2014

Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior

2014 - Hugo Gascon, Sebastian Uellenbeck, Christopher Wolf, Konrad Rieck

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Vienna, Austria, March 2014 [PDF]