Publications

Leveraging Semantic Signatures for Bug Search in Binary Programs

2014 - Jannik Pewny, Felix Schuster, Lukas Bernhard, Christian Rossow, Thorsten Holz

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 [PDF]

Towards Automated Integrity Protection of C++ Virtual Function Tables in Binary Programs

2014 - Robert Gawlik, Thorsten Holz

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 [GitHub] [PDF]

Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security

2014 - Hendrik Meutzner, Viet Hung Nguyen, Thorsten Holz, Do­ro­thea Kolossa

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 - ** Outstanding Paper Award ** [PDF]

The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements

2014 - Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna

14th ACM SIGCOMM Internet Measurement Conference (IMC), Vancouver, Canada, November 2014 [PDF]

Code Reuse Attacks in PHP: Automated POP Chain Generation

2014 - Johannes Dahse, Nikolai Krein, Thorsten Holz

21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 - ** Best Student Paper Award ** [PDF]

You Can Run but You Can’t Read: Preventing Disclosure Exploits in Executable Code

2014 - Michael Backes, Thorsten Holz, Benjamin Kollenda, Philipp Koppe, Stefan Nürnberger, Jannik Pewny

21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 [PDF]

The Art of False Alarms in the Game of Deception: Leveraging Fake Honeypots for Enhanced Security

2014 - Apostolis Zarras

48th IEEE International Carnahan Conference on Security Technology (ICCST), Rome, Italy, October 2014 [PDF]

CloudSylla: Detecting Suspicious System Calls in the Cloud

2014 - Marc Kührer, Johannes Hoffmann, Thorsten Holz

16th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS), Paderborn, Germany, September 2014 [PDF]

Evaluating the Effectiveness of Current Anti-ROP Defenses

2014 - Felix Schuster, Thomas Tendyck, Jannik Pewny, Andreas Maaß, Martin Steegmanns, Moritz Contag, Thorsten Holz

Re­se­arch in At­tacks, In­tru­si­ons and De­fen­ses (RAID) Sym­po­si­um, Gothenburg, Sweden, September 2014 [PDF]

On Emulation-Based Network Intrusion Detection Systems

2014 - Ali Abbasi, Jos Wetzels, Wouter Bokslag, Emmanuele Zambon, Sandro Etalle

17th International Symposium on Research in Attacks, Intrusions and Defences (RAID) [PDF]

Paint it Black: Evaluating the Effectiveness of Malware Blacklists

2014 - Marc Kührer, Christian Rossow, Thorsten Holz

Re­se­arch in At­tacks, In­tru­si­ons and De­fen­ses (RAID) Sym­po­si­um, Gothenburg, Sweden, September 2014 [PDF]

Static Detection of Second-Order Vulnerabilities in Web Applications

2014 - Johannes Dahse, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 - ** Internet Defense Prize by Facebook ** [PDF]

Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data

2014 - Sebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 [PDF]

Exit from Hell? Reducing the Impact of Amplification DDoS Attacks

2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 [PDF]

Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks

2014 - Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz

8th USENIX Workshop on Offensive Technologies (WOOT), San Diego, CA, USA, August 2014 [PDF]

Virtual Machine-based Fingerprinting Schemes

2014 - Moritz Contag

9. GI FG SIDAR Gra­du­ier­ten-Work­shop über Re­ak­ti­ve Si­cher­heit (SPRING), 2014

Automated Generation of Models for Fast and Precise Detection of HTTP-Based Malware

2014 - Apostolis Zarras, Antonis Papadogiannakis, Robert Gawlik, Thorsten Holz

12th Annual Conference on Privacy, Security and Trust (PST), Toronto, Canada, July 2014 [PDF]

Communication Reduced Interaction Protocol between Customer, Charging Station, and Charging Station Management System

2014 - Karl-Heinz Krempels, Christoph Terwelp, Stefan Wüller, Tilman Frosch, Sevket Gökay

3rd International Conference on Smart Grids and Green IT Systems (SMARTGREENS 2014), Barcelona, Spain, April 2014

Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior

2014 - Hugo Gascon, Sebastian Uellenbeck, Christopher Wolf, Konrad Rieck

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Vienna, Austria, March 2014 [PDF]

GraphNeighbors: Hampering Shoulder-Surfing Attacks on Smartphones

2014 - Irfan Altiok, Sebastian Uellenbeck, Thorsten Holz

GI Si­cher­heit - Schutz und Zu­ver­läs­sig­keit, Jah­res­ta­gung des Fach­be­reichs Si­cher­heit der Ge­sell­schaft für In­for­ma­tik, Vienna, Austria, March 2014 [PDF]

Simulation of Built-in PHP features for Precise Static Code Analysis

2014 - Johannes Dahse, Thorsten Holz

Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2014 [PDF]
Page: