Veröffentlichungen

Standardorientierte Speicherung von verschlüsselten Dokumenten in einem XDS-Repository

2013 - Lennart Köster, Fatih Korkmaz, Marcel Winandy

Proceedings of the eHealth2013, May 23-24, Vienna, Austria, OCG, 2013.

Practical Timing Side Channel Attacks Against Kernel Space ASLR

2013 - Ralf Hund, Carsten Willems, Thorsten Holz

IEEE Symposium on Security and Privacy ("Oakland"), San Francisco, CA, May 2013 [pdf]

MobileSandbox: Ein Analyseframework für Android Applikationen

2013 - Michael Spreitzenbarth, Johannes Hoffmann, Hanno Lemoine, Thomas Schreck, Florian Echtler

Proceedings of the 13th Deutscher IT-Sicherheitskongress, Bonn, Germany, 2013 [PDF]

PSiOS: Bring Your Own Privacy & Security to iOS Devices

2013 - Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz

ACM Symposium on Information, Computer and Communications Security (ASIACCS), Hangzhou, China, May 2013 - **Distinguished Paper Award** [pdf]

A Security Layer for Smartphone-to-Vehicle Communication over Bluetooth

2013 - Andrea Dardanelli, Federico Maggi, Mara Tanelli, Stefano Zanero, Sergio M. Savaresi, Roman Kochanek, Thorsten Holz

IEEE Embedded Systems Letters, Volume: 5, Issue: 3 [PDF]

Mobile-Sandbox: Looking Deeper into Android Applications

2013 - Michael Spreitzenbarth, Florian Echtler, Thomas Schreck, Felix C. Freiling, Johannes Hoffmann

28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Coimbra, Portugal, March 2013 [pdf]

Slicing Droids: Program Slicing for Smali Code

2013 - Johannes Hoffmann, Martin Ussath, Michael Spreitzenbarth, Thorsten Holz

28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Co­im­bra, Por­tu­gal, March 2013 [pdf]

Predentifier: Detecting Botnet C&C Domains From Passive DNS Data

2013 - Tilman Frosch, Marc Kührer, Thorsten Holz

Advances in IT Early Warning, Fraunhofer Verlag, February 2013. ISBN: 978-3-8396-0474-8 [Book Website] [PDF]

Down to the Bare Metal: Using Processor Features for Binary Analysis

2012 - Carsten Willems, Ralf Hund, Amit Vasudevan, Andreas Fobian, Dennis Felsch, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis

2012 - Carsten Willems, Felix C. Freiling, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012 [pdf]

CXPInspector: Hypervisor-Based, Hardware-Assisted System Monitoring

2012 - Carsten Willems, Ralf Hund, Thorsten Holz

TR-HGI-2012-002, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), November 2012 [pdf]

PermissionWatcher: Creating User Awareness of Application Permissions in Mobile Systems

2012 - Eric Struse, Julian Seifert, Sebastian Uellenbeck, Enrico Rukzio, Christopher Wolf

International Joint Conference on Ambient Intelligence (AmI), Pisa, Italy, November 2012 [pdf]

Down to the Bare Metal: Using Processor Features for Binary Analysis

2012 - Carsten Willems, Ralf Hund, Dennis Felsch, Andreas Fobian, Thorsten Holz

TR-HGI-2012-001, Ruhr-Universität Bochum, Horst Görtz Institut für IT-Sicherheit (HGI), November 2012 [pdf]

Applying a Security Kernel Framework to Smart Meter Gateways

2012 - Michael Gröne, Marcel Winandy

ISSE 2012 Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe 2012 Conference, pp. 252-259, Springer Vieweg, 2012.

Scriptless Attacks – Stealing the Pie Without Touching the Sill

2012 - Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk

19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, October 2012 [PDF]

Requirements for Integrating End-to-End Security into Large-Scale EHR Systems

2012 - Agnes Gawlik, Lennart Köster, Hiva Mahmoodi, Marcel Winandy

Amsterdam Privacy Conference (APC 2012), Workshop on Engineering EHR Solutions (WEES), 2012, Available at SSRN: http://ssrn.com/abstract=2457987 [online] [PDF]

B@bel: Leveraging Email Delivery for Spam Mitigation

2012 - Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher Kruegel, Giovanni Vigna

21st USENIX Security Symposium, Bellevue, WA, USA, August 2012 [PDF]

On the Fragility and Limitations of Current Browser-provided Clickjacking Protection Schemes

2012 - Sebastian Lekies, Mario Heiderich, Dennis Appelt, Thorsten Holz, Martin Johns

6th USENIX Workshop on Offensive Technologies (WOOT), Bellevue, WA, August 2012 [PDF]

SmartProxy: Secure Smartphone-Assisted Login on Compromised Machines

2012 - Johannes Hoffmann, Sebastian Uellenbeck, Thorsten Holz

9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Heraklion, Greece, July 2012 [PDF]

Informationssicherheit in der Arztpraxis: Aktuelle Herausforderungen und Lösungsansätze

2012 - Marcel Winandy

Datenschutz und Datensicherheit (DuD) 06/2012, S. 419 - 424 [SpringerLink]

Don’t Trust Satellite Phones: A Security Analysis of Two Satphone Standards

2012 - Benedikt Driessen, Ralf Hund, Carsten Willems, Chris­tof Paar, Thorsten Holz

IEEE Symposium on Security and Privacy ("Oakland"), San Francisco, CA, May 2012 - **Best Paper Award** [More Info] [PDF]

Tracking DDoS Attacks: Insights into the Business of Disrupting the Web

2012 - Armin Büscher, Thorsten Holz

5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Jose, CA, April 2012 [PDF]

An Empirical Analysis of Malware Blacklists

2012 - Marc Kührer, Thorsten Holz

PIK - Praxis der Informationsverarbeitung und Kommunikation. Volume 35, Issue 1, Pages 11–16, April 2012 [pdf]

Reverse Code Engineering - State of the Art and Countermeasures

2012 - Carsten Willems

it - Information Technology, Volume 54, Number 2, pages 53-63, March 2012 [Journal] [PDF]

Analyse und Vergleich von BckR2D2-I und II

2012 - Andreas Dewald, Felix Freiling, Thomas Schreck, Michael Spreitzenbarth, Johannes Stüttgen, Stefan Vömel, Carsten Willems

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Darmstadt, Ger­ma­ny, März 2012 [Technical Report]

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis

2012 - Carsten Willems, Felix, Freiling

Technical Reports CS-2012,1 University of Erlangen, Department Informatik, February 2012 [OPUS Link]

MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones

2012 - Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi

Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2012 [PDF]

Flexible Patient-Controlled Security for Electronic Health Records

2012 - Thomas Hupperich, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

ACM SIGHIT International Symposium on Health Informatics (IHI), Miami, January 2012 [PDF]

Security and Trust Architectures for Protecting Sensitive Data on Commodity Computing Platforms

2012 - Marcel Winandy

PhD Thesis, Ruhr-University Bochum, Shaker-Verlag, 2012. [book]

Understanding Fraudulent Activities in Online Ad Exchanges

2011 - Brett Stone-Gross, Ryan Stevens, Apostolis Zarras, Richard Kemmerer, Christopher Kruegel, Giovanni Vigna

11th ACM SIGCOMM Internet Measurement Conference (IMC), Berlin, Germany, November 2011 [PDF]

Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

2011 - Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz

18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011 [PDF]

POSTER: Control-Flow Integrity for Smartphones.

2011 - Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi, Thomas Fischer

18th ACM Conference on Computer and Communications Security (CCS'11) [Poster]

Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones

2011 - Lucas Davi, Alexandra Dmitrienko, Christoph Kowalski, Marcel Winandy

STC '11: Proceedings of the 6th ACM Workshop on Scalable Trusted Computing, pp. 49-58, ACM, 2011.

TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet

2011 - Christian Gorecki, Felix C. Freiling, Marc Kührer, Thorsten Holz

13th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Grenoble, France, October 2011 [PDF]

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting

2011 - Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk

International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011 [Website]

Automated Identification of Cryptographic Primitives in Binary Programs

2011 - Felix Gröbert, Carsten Willems, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

2011 - Mario Heiderich, Tilman Frosch, Thorsten Holz

14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011 [PDF]

BotMagnifier: Locating Spambots on the Internet

2011 - Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna

USENIX Security Symposium, San Francisco, CA, August 2011 [PDF]

Jackstraws: Picking Command and Control Connections from Bot Traffic

2011 - Gregoire Jacob, Ralf Hund, Christopher Kruegel, Thorsten Holz

USENIX Security Symposium, San Francisco, CA, August 2011 [PDF]

Proceedings of 8th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)

2011 - Thorsten Holz, Herbert Bos

8th Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), Amsterdam, Netherlands, July 2011 [SpringerLink]

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

2011 - Atanas Filyanov, Jonathan M. McCune, Ahmad-Reza Sadeghi, Marcel Winandy

IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN 2011), pp. 1-12. IEEE Computer Society, 2011. [pdf]

Automatic Analysis of Malware Behavior using Machine Learning

2011 - Konrad Rieck, Philipp Trinius, Carsten Willems, Thorsten Holz

Journal of Computer Security, Vol. 19, No. 4, pages 639-668, 2011 [JCS] [PDF]

Using Memory Management to Detect and Extract Illegitimate Code for Malware Analysis

2011 - Carsten Willems, Felix Freiling

Technical Report TR-2011-002, University of Mannheim, Department of Computer Science, May 2011 [MADOC Link]

Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices

2011 - Michael Becher , Felix C. Freiling, Johannes Hoffmann, Thorsten Holz, Sebastian Uellenbeck, Christopher Wolf

IEEE Symposium on Security and Privacy ("Oakland"), Berkeley, CA, May 2011 [PDF]

Internals of Windows Memory Management (not only) for Malware Analysis

2011 - Carsten Willems

Technical Report TR-2011-001, University of Mannheim, Department of Computer Science, April 2011 [MADOC Link]

Securing the Access to Electronic Health Records on Mobile Phones

2011 - Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Biomedical Engineering Systems and Technologies 2011 - Revised Selected Papers, Springer-Verlag, 2011. [PDF]

MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients

2011 - Ammar Alkassar, Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Med-e-Tel - Global Telemedicine and eHealth Updates: Knowledge Resources, Vol 4., pp. 385-389, ISfTeH, Luxembourg, 2011. [PDF]

Das Internet-Malware-Analyse-System (InMAS)

2011 - Markus Engelberth, Felix C. Freiling, Jan Goebel, Christian Gorecki, Thorsten Holz, Ralf Hund, Philipp Trinius, Carsten Willems

Datenschutz und Datensicherheit (DuD), Volume 35, Number 4, pp. 247-252 [SpringerLink]

The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns

2011 - Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, Giovanni Vigna

USE­NIX Work­shop on Lar­ge-Sca­le Ex­ploits and Emer­gent Thre­ats (LEET), Boston, MA, March 2011 [PDF]

ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks

2011 - Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy

6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), ACM, 2011.
Seite: