Publications

Towards Automated Discovery of Crash-Resistant Primitives in Binaries

2017 - Benjamin Kollenda, Enes Goktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, R.K. Konoth, Cristiano Giuffrida, Herbert Bo, Thorsten Holz

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) [PDF]

Towards privacy-aware smart buildings: Capturing, communicating, and enforcing privacy policies and preferences

2017 - Primal Pappachan, Martin Degeling, Roberto Yus, Anupam Das, Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang, Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh, Nalini Venkatasubramanian

ICDCS Workshop on Internet of Things Computing and Applications [pdf]

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles

2017 - Moritz Contag, Guo Li, Andre Pawlowski, Felix Domke, Kirill Levchenko, Thorsten Holz, Stefan Savage

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2017 [PDF]

Privacy expectations and preferences in an IoT World

2017 - Pardis Emami Naeini, Sruti Bhagavatula, Hana Habib, Martin Degeling, Lujo Bauer, Lorrie Cranor, Norman Sadeh

Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS) [pdf]

MARX: Uncovering Class Hierarchies in C++ Programs

2017 - Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2017 [GitHub] [PDF]

EvilCoder: Automated Bug Insertion

2016 - Jannik Pewny, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, December 2016 [GitHub] [PDF]

Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation

2016 - Ali Abbasi, Majid Hashemi, Emmanuele Zambon, Sandro Etalle

11th International Conference on Critical Information Infrastructures Security, October 10-12, 2016, Paris, France. [PDF]

Privacy by Socio-Technical Design - a collaborative approach for privacy friendly system design

2016 - Martin Degeling, Christopher Lentzsch, Alexander Nolte, Thomas Herrmann, Kai-Uwe Loser

2nd IEEE International Conference on Collaboration and Internet Computing (CIC 2016)

Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets

2016 - Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Heraklion, Greece, September 2016 [pdf]

On the Feasibility of TTL-based Filtering for DRDoS Mitigation

2016 - Michael Backes, Thorsten Holz, Christian Rossow, Teemu Rytilahti, Milivoj Simeonovski, Ben Stock

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Evry, France, September 2016 [PDF]

Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness

2016 - Thomas Hupperich, Kromholz Katharina, Thorsten Holz

9th International Conference on Trust & Trustworthy Computing (TRUST), Vienna, Austria, August 2016 [pdf]

Undermining Entropy-based Information Hiding (And What to do About it)

2016 - Enes Göktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, Herbert Bos

24th USENIX Security Symposium, Austin, TX, USA, August 2016 [PDF]

Detile: Fine-Grained Information Leak Detection in Script Engines

2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]

Leveraging Sensor Fingerprinting for Mobile Device Authentication

2016 - Thomas Hupperich, Henry Hosseini, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [pdf]

Probfuscation: An Obfuscation Approach using Probabilistic Control Flows

2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [GitHub] [PDF]

Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices

2016 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA, June 2016 [PDF]

Subversive-C: Abusing and Protecting Dynamic Message Dispatch

2016 - Julian Lettner, Benjamin Kollenda, Andrei Homescu, Per Larsen, Felix Schuster, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Michael Franz

2016 USENIX Annual Technical Conference (USENIX ATC '16), Denver, USA, June 2016 [PDF]

SkypeLine: Robust Hidden Data Transmission for VoIP

2016 - Katharina Kohls, Thorsten Holz, Do­ro­thea Kolossa, Christina Pöpper

ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Xi'an, May 2016 [PDF]

A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level

2016 - Victor van der Veen, Enes Goktas, Moritz Contag, Andre Pawlowski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, Cristiano Giuffrida

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2016 [PDF]

No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells

2016 - Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis

25th International World Wide Web Conference (WWW), Montreal, April 2016 [PDF]
Page: