Veröffentlichungen

Breaking LTE on Layer Two

2019 - David Rupprecht, Katharina Kohls, Christina Pöpper, Thorsten Holz

To appear in the IEEE Symposium on Security & Privacy, May 2019 [Website] [[PDF]]

Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding

2019 - Lea Schönherr, Katharina Kohls, Steffen Zeiler, Thorsten Holz, Do­ro­thea Kolossa

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [Demo] [PDF]

Nautilus: Fishing for Deep Bugs with Grammars

2019 - Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, Ahmad-Reza Sadeghi, Daniel Teuchert

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF]

On the Challenges of Geographical Avoidance for Tor

2019 - Katharina Kohls, Kai Jansen, David Rupprecht, Thorsten Holz, Christina Pöpper

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF]

Redqueen: Fuzzing with Input-to-State Correspondence

2019 - Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, Thorsten Holz

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF]

We Value Your Privacy - Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy

2019 - Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz

Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019 [PDF]

Towards Automated Generation of Exploitation Primitives for Web Browsers

2018 - Behrad Garmany, Martin Stoffel, Robert Gawlik, Philipp Koppe, Tim Blazytko, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, December 2018 [PDF]

Profiling im Web. Von Liquiditat und Segmentierung

2018 - Martin Degeling

Vortrag bei der Jahrestagung der Gesellschaft für Wissenschafts- und Technikforschung 2018, Berlin. [website] [Slides]

The Influence of Friends and Experts on Privacy Decision Making in IoT Scenarios

2018 - Pardis Emami-Naeini, Martin Degeling, Lujo Bauer, Richard Chow, Lorrie Cranor, Mohammad Reza Haghighat, Heather Patterson

ACM Conference on Computer-Supported Cooperative Work and Social Computing (CSCW) 2018 [pdf]

An Exploratory Analysis of Microcode as a Building Block for System Defenses

2018 - Benjamin Kollenda, Philipp Koppe, Marc Fyrbiak, Christian Kison, Chris­tof Paar, Thorsten Holz

ACM Con­fe­rence on Com­pu­ter and Com­mu­ni­ca­ti­ons Se­cu­ri­ty (CCS), Toronto, October 2018 [PDF]

Tracking and Tricking a Profiler - Measuring and Influencing Bluekai’s Interest Profiling

2018 - Martin Degeling, Jan Nierhoff

Workshop on Privacy in the Electronic Society (WPES 2018) in conjunction with CCS 2018 [pdf (researchgate)]

Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs

2018 - Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann

European Symposium on Research in Computer Security (ESORICS), Barcelona, Spain, September 2018 - ** Best Paper Award ** [PDF]

Preventing Malicious SDN Applications From Hiding Adverse Network Manipulations

2018 - Christian Röpke, Thorsten Holz

ACM SIGCOMM Workshop on Security in Softwarized Networks: Prospects and Challenges (SecSoN 2018), Budapest, Hungary, 2018 [PDF]

POSTER: User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"

2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

USENIX Symposium on Usable Privacy and Security 2018 (SOUPS '18). Baltimore, MD, USA, August 12-14, 2018

SoK: Make JIT-Spray Great Again

2018 - Robert Gawlik, Thorsten Holz

USENIX Workshop on Offensive Technologies (WOOT), Baltimore, US, August 2018 [PDF]

On the Weaknesses of Function Table Randomization

2018 - Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, June 2018 [GitHub] [PDF]

From Interaction to Intervention: An Approach for Keeping Humans in Control in the Context of socio-technical Systems.

2018 - Thomas Herrmann, Albrecht Schmidt, Martin Degeling

STPIS Workshop at CAiSE 2018 [pdf]

SDN Ro2tkits: A Case Study of Subverting A Closed Source SDN Controller

2018 - Christian Röpke

GI Sicherheit, Konstanz, Germany, 2018

Masters of Time: An Overview of the NTP Ecosystem

2018 - Teemu Rytilahti, Dennis Tatang, Janosch Köpper, Thorsten Holz

IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [GitHub] [PDF]

Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure

2018 - Enes Göktaş, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, Cristiano Giuffrida

IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [PDF]

User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"

2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

European Workshop on Usable Security (EuroUSEC) 2018, London, England, 23 April 2018 [PDF] [Slides]

Towards a Roadmap for Privacy Technologies and the General Data Protection Regulation: A transatlantic initiative

2018 - Stefan Schiffner, Bettina Berendt, Triin Siil, Martin Degeling, Robert Riemann, Florian Schaub, Kim Wuyts, Massimo Attoresi, Seda Gürses, Achim Klabunde, Jules Polonetsky, Norman Sadeh, Gabriela Zanfir-Fortuna

Proceedings of the Annual Privacy Forum 2018 [pdf]

An Empirical Study on Online Price Differentiation

2018 - Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz

ACM Conference on Data and Applications Security and Privacy (CODASPY 2018) Tempe, AZ, March 2018 [ACM DL] [GitHub] [PDF]

Breaking and Fixing Destructive Code Read Defenses

2017 - Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]

ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

2017 - Ali Abbasi, Emmanuele Zambon, Sandro Etalle, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]

SDN-Guard: Protecting SDN Controllers Against SDN Rootkits

2017 - Dennis Tatang, Florian Quinkert, Joel Frank, Christian Röpke, Thorsten Holz

IEEE Workshop on Security in NFV-SDN (SN-2017), Berlin, November 2017 [PDF]

On the Significance of Process Comprehension for Conducting Targeted ICS Attacks

2017 - Benjamin Green, Marina Krotofil, Ali Abbasi

3rd ACM Workshop on Cyber-Physical Systems Security and Privacy, November 2017, Dallas, USA. [PDF]

Assisting users in a world full of cameras: A privacy-aware infrastructure for computer vision applications

2017 - Anupam Das, Martin Degeling, Xiaoyou Wang, Junjue Wang, Normand Sadeh, Mahadev Satyanarayanan

Computer Vision and Pattern Recognition Workshops (CVPRW) [pdf]

kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

2017 - Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz

USENIX Security Symposium, Vancouver, Canada, August 2017 [GitHub] [PDF]

Reverse Engineering x86 Processor Microcode

2017 - Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Chris­tof Paar, Thorsten Holz

USENIX Security Symposium, Vancouver, Canada, August 2017 [GitHub] [PDF]

Syntia: Synthesizing the Semantics of Obfuscated Code

2017 - Tim Blazytko, Moritz Contag, Cornelius Aschermann, Thorsten Holz

USENIX Security Symposium, Vancouver, Canada, August 2017 [GitHub] [PDF]

μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems

2017 - Ali Abbasi, Jos Wetzels, Wouter Bokslag, Emmanuele Zambon, Sandro Etalle

International Conference on Network and System Security, August 2017, Helsinki, Finland. [PDF]

Towards Automated Discovery of Crash-Resistant Primitives in Binaries

2017 - Benjamin Kollenda, Enes Goktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, R.K. Konoth, Cristiano Giuffrida, Herbert Bo, Thorsten Holz

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) [PDF]

Towards privacy-aware smart buildings: Capturing, communicating, and enforcing privacy policies and preferences

2017 - Primal Pappachan, Martin Degeling, Roberto Yus, Anupam Das, Sruti Bhagavatula, William Melicher, Pardis Emami Naeini, Shikun Zhang, Lujo Bauer, Alfred Kobsa, Sharad Mehrotra, Norman Sadeh, Nalini Venkatasubramanian

ICDCS Workshop on Internet of Things Computing and Applications [pdf]

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles

2017 - Moritz Contag, Guo Li, Andre Pawlowski, Felix Domke, Kirill Levchenko, Thorsten Holz, Stefan Savage

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2017 [PDF]

Privacy expectations and preferences in an IoT World

2017 - Pardis Emami Naeini, Sruti Bhagavatula, Hana Habib, Martin Degeling, Lujo Bauer, Lorrie Cranor, Norman Sadeh

Proceedings of the 13th Symposium on Usable Privacy and Security (SOUPS) [pdf]

MARX: Uncovering Class Hierarchies in C++ Programs

2017 - Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida

Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, February 2017 [GitHub] [PDF]

EvilCoder: Automated Bug Insertion

2016 - Jannik Pewny, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, December 2016 [GitHub] [PDF]

Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation

2016 - Ali Abbasi, Majid Hashemi, Emmanuele Zambon, Sandro Etalle

11th International Conference on Critical Information Infrastructures Security, October 10-12, 2016, Paris, France. [PDF]

Privacy by Socio-Technical Design - a collaborative approach for privacy friendly system design

2016 - Martin Degeling, Christopher Lentzsch, Alexander Nolte, Thomas Herrmann, Kai-Uwe Loser

2nd IEEE International Conference on Collaboration and Internet Computing (CIC 2016)

Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets

2016 - Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Heraklion, Greece, September 2016 [pdf]

On the Feasibility of TTL-based Filtering for DRDoS Mitigation

2016 - Michael Backes, Thorsten Holz, Christian Rossow, Teemu Rytilahti, Milivoj Simeonovski, Ben Stock

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Evry, France, September 2016 [PDF]

Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness

2016 - Thomas Hupperich, Kromholz Katharina, Thorsten Holz

9th International Conference on Trust & Trustworthy Computing (TRUST), Vienna, Austria, August 2016 [pdf]

Undermining Entropy-based Information Hiding (And What to do About it)

2016 - Enes Göktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, Herbert Bos

24th USENIX Security Symposium, Austin, TX, USA, August 2016 [PDF]

Detile: Fine-Grained Information Leak Detection in Script Engines

2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]

Leveraging Sensor Fingerprinting for Mobile Device Authentication

2016 - Thomas Hupperich, Henry Hosseini, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [pdf]

Probfuscation: An Obfuscation Approach using Probabilistic Control Flows

2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [GitHub] [PDF]

Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices

2016 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA, June 2016 [PDF]

Subversive-C: Abusing and Protecting Dynamic Message Dispatch

2016 - Julian Lettner, Benjamin Kollenda, Andrei Homescu, Per Larsen, Felix Schuster, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Michael Franz

2016 USENIX Annual Technical Conference (USENIX ATC '16), Denver, USA, June 2016 [PDF]

SkypeLine: Robust Hidden Data Transmission for VoIP

2016 - Katharina Kohls, Thorsten Holz, Do­ro­thea Kolossa, Christina Pöpper

ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Xi'an, May 2016 [PDF]
Seite: