Veröffentlichungen

Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs

2018 - Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann

European Symposium on Research in Computer Security (ESORICS), Barcelona, Spain, September 2018

Preventing Malicious SDN Applications From Hiding Adverse Network Manipulations

2018 - Christian Röpke, Thorsten Holz

ACM SIGCOMM Workshop on Security in Softwarized Networks: Prospects and Challenges (SecSoN 2018), Budapest, Hungary, 2018 [PDF]

POSTER: User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"

2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

USENIX Symposium on Usable Privacy and Security 2018 (SOUPS '18). Baltimore, MD, USA, August 12-14, 2018

Breaking LTE on Layer Two

2018 - David Rupprecht, Katharina Kohls, Christina Pöpper, Thorsten Holz

To appear in the IEEE Symposium on Security & Privacy, May 2019 [Website] [[PDF]]

On the Weaknesses of Function Table Randomization

2018 - Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, June 2018 [PDF]

On Security Research Towards Future Mobile Network Generations

2018 - David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, Christina Pöpper

IEEE Communications Surveys and Tutorials

SDN Ro2tkits: A Case Study of Subverting A Closed Source SDN Controller

2018 - Christian Röpke

GI Sicherheit, Konstanz, Germany, 2018

Masters of Time: An Overview of the NTP Ecosystem

2018 - Teemu Rytilahti, Dennis Tatang, Janosch Köpper, Thorsten Holz

IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018 [PDF]

Position-independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure

2018 - Enes Göktaş, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, Cristiano Giuffrida

IEEE European Symposium on Security and Privacy (Euro S&P), London, United Kingdom, April 2018

User Perception and Expectations on Deleting Instant Messages -or- "What Happens If I Press This Button?"

2018 - Theodor Schnitzler, Christine Utz, Florian Farke, Christina Pöpper, Markus Dürmuth

European Workshop on Usable Security (EuroUSEC) 2018, London, England, 23 April 2018 [PDF] [Slides]

An Empirical Study on Online Price Differentiation

2018 - Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz

ACM Conference on Data and Applications Security and Privacy (CODASPY 2018) Tempe, AZ, March 2018 [ACM DL] [PDF]

Breaking and Fixing Destructive Code Read Defenses

2017 - Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]

ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers

2017 - Ali Abbasi, Emmanuele Zambon, Sandro Etalle, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Puerto Rico, USA, December 2017 [PDF]

An Empirical Study on Price Differentiation Based on System Fingerprints

2017 - Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz

Technical Report, arXiv:1712.03031, December 2017 [arXiv] [PDF]

SDN-Guard: Protecting SDN Controllers Against SDN Rootkits

2017 - Dennis Tatang, Florian Quinkert, Joel Frank, Christian Röpke, Thorsten Holz

IEEE Workshop on Security in NFV-SDN (SN-2017), Berlin, November 2017 [PDF]

On the Significance of Process Comprehension for Conducting Targeted ICS Attacks

2017 - Benjamin Green, Marina Krotofil, Ali Abbasi

3rd ACM Workshop on Cyber-Physical Systems Security and Privacy, November 2017, Dallas, USA. [PDF]

On Security Research towards Future Mobile Network Generations

2017 - David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, Christina Pöpper

arXiv:1710.08932, November 2017 [arXiv] [PDF]

kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

2017 - Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz

26th USENIX Security Symposium, Vancouver, Canada, August 2017 [PDF]

Reverse Engineering x86 Processor Microcode

2017 - Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Chris­tof Paar, Thorsten Holz

26th USENIX Security Symposium, Vancouver, Canada, August 2017 [PDF]

Syntia: Synthesizing the Semantics of Obfuscated Code

2017 - Tim Blazytko, Moritz Contag, Cornelius Aschermann, Thorsten Holz

26th USENIX Security Symposium, Vancouver, Canada, August 2017 [PDF]

μShield: Configurable Code-Reuse Attacks Mitigation For Embedded Systems

2017 - Ali Abbasi, Jos Wetzels, Wouter Bokslag, Emmanuele Zambon, Sandro Etalle

International Conference on Network and System Security, August 2017, Helsinki, Finland. [PDF]

Towards Automated Discovery of Crash-Resistant Primitives in Binaries

2017 - Benjamin Kollenda, Enes Goktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, R.K. Konoth, Cristiano Giuffrida, Herbert Bo, Thorsten Holz

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) [PDF]

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles

2017 - Moritz Contag, Guo Li, Andre Pawlowski, Felix Domke, Kirill Levchenko, Thorsten Holz, Stefan Savage

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2017 [PDF]

MARX: Uncovering Class Hierarchies in C++ Programs

2017 - Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida

Symposium on Network and Distributed System Security (NDSS), San Diego, California, USA, February 2017 [PDF]

Toward Improved Audio CAPTCHAs Based on Auditory Perception and Language Understanding

2017 - Hendrik Meutzner, Santosh Gupta, Viet-Hung Nguyen, Thorsten Holz, Do­ro­thea Kolossa

ACM Transactions on Privacy and Security (TOPS), Volume 19, Issue 4, February 2017

May the Force be with You: The Future of Force-Sensitive Authentication

2017 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Journal of Internet Computing, Special Issue of Usable Security and Privacy, 2017 [pdf]

EvilCoder: Automated Bug Insertion

2016 - Jannik Pewny, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, December 2016 [PDF]

Stealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin Control Exploitation

2016 - Ali Abbasi, Majid Hashemi, Emmanuele Zambon, Sandro Etalle

11th International Conference on Critical Information Infrastructures Security, October 10-12, 2016, Paris, France. [PDF]

Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets

2016 - Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Heraklion, Greece, September 2016 [pdf]

On the Feasibility of TTL-based Filtering for DRDoS Mitigation

2016 - Michael Backes, Thorsten Holz, Christian Rossow, Teemu Rytilahti, Milivoj Simeonovski, Ben Stock

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Evry, France, September 2016 [PDF]

Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness

2016 - Thomas Hupperich, Kromholz Katharina, Thorsten Holz

9th International Conference on Trust & Trustworthy Computing (TRUST), Vienna, Austria, August 2016 [pdf]

Undermining Entropy-based Information Hiding (And What to do About it)

2016 - Enes Göktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, Herbert Bos

24th USENIX Security Symposium, Austin, TX, USA, August 2016 [PDF]

Technical Report: Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation

2016 - Johannes Hoffmann, Teemu Rytilahti, Davide Maiorca, Marcel Winandy, Giorgio Giacinto, Thorsten Holz

TR-HGI-2016-003, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), August 2016 [pdf]

Technical Report: Detile: Fine-Grained Information Leak Detection in Script Engines

2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz

TR-HGI-2016-004, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), July 2016 [PDF]

Detile: Fine-Grained Information Leak Detection in Script Engines

2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]

Leveraging Sensor Fingerprinting for Mobile Device Authentication

2016 - Thomas Hupperich, Henry Hosseini, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [pdf]

Probfuscation: An Obfuscation Approach using Probabilistic Control Flows

2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]

Technical Report: Probfuscation: An Obfuscation Approach using Probabilistic Control Flows

2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz

TR-HGI-2016-002, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), July 2016 [PDF]

Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices

2016 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA, June 2016 [PDF]

Subversive-C: Abusing and Protecting Dynamic Message Dispatch

2016 - Julian Lettner, Benjamin Kollenda, Andrei Homescu, Per Larsen, Felix Schuster, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Michael Franz

2016 USENIX Annual Technical Conference (USENIX ATC '16), Denver, USA, June 2016 [PDF]

SkypeLine: Robust Hidden Data Transmission for VoIP

2016 - Katharina Kohls, Thorsten Holz, Do­ro­thea Kolossa, Christina Pöpper

ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Xi'an, May 2016 [PDF]

A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level

2016 - Victor van der Veen, Enes Goktas, Moritz Contag, Andre Pawlowski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, Cristiano Giuffrida

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2016 [PDF]

Interdiction in Practice – Hardware Trojan Against a High-Security USB Flash Drive

2016 - Pawel Swierczynski, Marc Fyrbiak, Philipp Koppe, Amir Moradi, Chris­tof Paar

Journal of Cryptographic Engineering, Springer, June 2016. [DOI] [pdf]

No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells

2016 - Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis

25th International World Wide Web Conference (WWW), Montreal, April 2016 [PDF]

SDN Malware: Problems of Current Protection Systems and Potential Countermeasures

2016 - Christian Röpke

GI Sicherheit, Bonn, Germany, 2016 (Best Paper Award)

Poster: Automated, Context-Sensitive Analysis of iOS Applications

2016 - Dennis Tatang

1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, Germany

Poster: The Curious Case of NTP Monlist

2016 - Teemu Rytilahti, Thorsten Holz

1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, Germany [pdf]

How Secure is TextSecure?

2016 - Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz

IEEE European Symposium on Security and Privacy (EuroS&P 2016) [PDF]

Neuralyzer: Flexible Expiration Times for the Revocation of Online Data

2016 - Apostolis Zarras, Katharina Kohls, Markus Dürmuth, Christina Pöpper

In Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY) 2016 *** OUTSTANDING PAPER AWARD *** [PDF]

Poster: Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation

2016 - Johannes Hoffmann, Teemu Rytilahti, Davide Maiorca, Marcel Winandy, Giorgio Giacinto, Thorsten Holz

Pro­cee­dings of the ACM Con­fe­rence on Data and Ap­p­li­ca­ti­on Se­cu­ri­ty and Pri­va­cy (ACM CO­DAS­PY) 2016
Seite: