Veröffentlichungen

Towards Automated Discovery of Crash-Resistant Primitives in Binaries

2017 - Benjamin Kollenda, Enes Goktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, R.K. Konoth, Cristiano Giuffrida, Herbert Bo, Thorsten Holz

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles

2017 - Moritz Contag, Guo Li, Andre Pawlowski, Felix Domke, Stefan Savage, Kirill Levchenko, Thorsten Holz

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2017

MARX: Uncovering Class Hierarchies in C++ Programs

2017 - Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida

Symposium on Network and Distributed System Security (NDSS), San Diego, California, USA, February 2017 [PDF]

Toward Improved Audio CAPTCHAs Based on Auditory Perception and Language Understanding

2017 - Hendrik Meutzner, Santosh Gupta, Viet-Hung Nguyen, Thorsten Holz, Do­ro­thea Kolossa

ACM Transactions on Privacy and Security (TOPS), Volume 19, Issue 4, February 2017

May the Force be with You: The Future of Force-Sensitive Authentication

2017 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Journal of Internet Computing, Special Issue of Usable Security and Privacy, 2017 [pdf]

EvilCoder: Automated Bug Insertion

2016 - Jannik Pewny, Thorsten Holz

Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, December 2016

Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets

2016 - Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz

European Symposium on Research in Computer Security (ESORICS), Heraklion, Greece, September 2016 [pdf]

On the Feasibility of TTL-based Filtering for DRDoS Mitigation

2016 - Michael Backes, Thorsten Holz, Christian Rossow, Teemu Rytilahti, Milivoj Simeonovski, Ben Stock

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Evry, France, September 2016

Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness

2016 - Thomas Hupperich, Kromholz Katharina, Thorsten Holz

9th International Conference on Trust & Trustworthy Computing (TRUST), Vienna, Austria, August 2016 [pdf]

Undermining Entropy-based Information Hiding (And What to do About it)

2016 - Enes Göktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, Herbert Bos

24th USENIX Security Symposium, Austin, TX, USA, August 2016 [PDF]

Technical Report: Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation

2016 - Johannes Hoffmann, Teemu Rytilahti, Davide Maiorca, Marcel Winandy, Giorgio Giacinto, Thorsten Holz

TR-HGI-2016-003, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), August 2016 [pdf]

Technical Report: Detile: Fine-Grained Information Leak Detection in Script Engines

2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz

TR-HGI-2016-004, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), July 2016 [PDF]

Detile: Fine-Grained Information Leak Detection in Script Engines

2016 - Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]

Leveraging Sensor Fingerprinting for Mobile Device Authentication

2016 - Thomas Hupperich, Henry Hosseini, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [pdf]

Probfuscation: An Obfuscation Approach using Probabilistic Control Flows

2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz

Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016 [PDF]

Technical Report: Probfuscation: An Obfuscation Approach using Probabilistic Control Flows

2016 - Andre Pawlowski, Moritz Contag, Thorsten Holz

TR-HGI-2016-002, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), July 2016 [PDF]

Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices

2016 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA, June 2016 [PDF]

Subversive-C: Abusing and Protecting Dynamic Message Dispatch

2016 - Julian Lettner, Benjamin Kollenda, Andrei Homescu, Per Larsen, Felix Schuster, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Michael Franz

2016 USENIX Annual Technical Conference (USENIX ATC '16), Denver, USA, June 2016 [PDF]

SkypeLine: Robust Hidden Data Transmission for VoIP

2016 - Katharina Kohls, Thorsten Holz, Do­ro­thea Kolossa, Christina Pöpper

ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), Xi'an, May 2016 [PDF]

A Tough call: Mitigating Advanced Code-Reuse Attacks At The Binary Level

2016 - Victor van der Veen, Enes Goktas, Moritz Contag, Andre Pawlowski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, Cristiano Giuffrida

IEEE Symposium on Security and Privacy ("Oakland"), San Jose, CA, May 2016 [PDF]

Interdiction in Practice – Hardware Trojan Against a High-Security USB Flash Drive

2016 - Pawel Swierczynski, Marc Fyrbiak, Philipp Koppe, Amir Moradi, Chris­tof Paar

Journal of Cryptographic Engineering, Springer, June 2016. [DOI] [pdf]

No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells

2016 - Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis

25th International World Wide Web Conference (WWW), Montreal, April 2016 [PDF]

SDN Malware: Problems of Current Protection Systems and Potential Countermeasures

2016 - Christian Röpke

GI Sicherheit, Bonn, Germany, 2016 (Best Paper Award)

Poster: Automated, Context-Sensitive Analysis of iOS Applications

2016 - Dennis Tatang

1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, Germany

Poster: The Curious Case of NTP Monlist

2016 - Teemu Rytilahti, Thorsten Holz

1st IEEE European Symposium on Security and Privacy (Euro S&P 2016), Saarbrücken, Germany [pdf]

How Secure is TextSecure?

2016 - Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz

IEEE European Symposium on Security and Privacy (EuroS&P 2016) [PDF]

Neuralyzer: Flexible Expiration Times for the Revocation of Online Data

2016 - Apostolis Zarras, Katharina Kohls, Markus Dürmuth, Christina Pöpper

In Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY) 2016 *** OUTSTANDING PAPER AWARD *** [PDF]

Poster: Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation

2016 - Johannes Hoffmann, Teemu Rytilahti, Davide Maiorca, Marcel Winandy, Giorgio Giacinto, Thorsten Holz

Pro­cee­dings of the ACM Con­fe­rence on Data and Ap­p­li­ca­ti­on Se­cu­ri­ty and Pri­va­cy (ACM CO­DAS­PY) 2016

Technical Report: SkypeLine Robust Hidden Data Transmission for VoIP

2016 - Katharina Kohls, Thorsten Holz, Do­ro­thea Kolossa, Christina Pöpper

TR-HGI-2016-001, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), February 2016 [PDF]

Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding

2016 - Robert Gawlik, Benjamin Kollenda, Philipp Koppe, Behrad Garmany, Thorsten Holz

An­nual Net­work & Di­stri­bu­ted Sys­tem Se­cu­ri­ty Sym­po­si­um (NDSS), San Diego, Fe­bru­ary 2016 [PDF]

On Network Operating System Security

2016 - Christian Röpke, Thorsten Holz

International Journal of Network Management (IJNM) - Special Issue on Software-Defined Networking and Network Function Virtualization for Flexible Network Management, 2016

Technical Report: On the Effectiveness of Fingerprinting Mobile Devices

2015 - Thomas Hupperich, Davide Maiorca, Marc Kührer, Thorsten Holz, Giorgio Giacinto

TR-HGI-2015-002, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), December 2015 [PDF]

On the Robustness of Mobile Device Fingerprinting

2015 - Thomas Hupperich, Davide Maiorca, Marc Kührer, Thorsten Holz, Giorgio Giacinto

31th Annual Computer Security Applications Conference (ACSAC), Los Angeles, USA, December 2015 [PDF]

Security Analysis of PHP Bytecode Protection Mechanisms

2015 - Dario Weißer, Johannes Dahse, Thorsten Holz

Research in Attacks, Intrusions and Defenses (RAID) Symposium, Kyoto, Japan, November 2015 [PDF]

SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks

2015 - Christian Röpke, Thorsten Holz

Research in Attacks, Intrusions and Defenses (RAID) Symposium, Kyoto, Japan, November 2015 [PDF]

Going Wild: Large-Scale Classification of Open DNS Resolvers

2015 - Marc Kührer, Thomas Hupperich, Jonas Bushart, Christian Rossow, Thorsten Holz

15th ACM In­ter­net Me­a­su­re­ment Con­fe­rence (IMC), Tokyo, Japan, Oc­to­ber 2015 [PDF]

Multi-Layer Access Control for SDN-based Telco Clouds

2015 - Bernd Jäger, Christian Röpke, Iris Adam, Thorsten Holz

Nordic Conference on Secure IT System (NordSec), Stockholm, Sweden, October 2015 [PDF]

It's a TRAP: Table Randomization and Protection against Function Reuse Attacks

2015 - Stephen Crane, Stijn Volckaert, Felix Schuster, Christopher Liebchen, Per Larsen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Bjorn De Sutter, Michael Franz

22nd ACM Conference on Computer and Communications Security (CCS), Denver, October 2015 [PDF]

On Locational Privacy in the Absence of Anonymous Payments

2015 - Tilman Frosch, Sven Schäge, Martin Goll, Thorsten Holz

Gutwirth, S., Leenes R., P. De Hert and Y. Poullet, Data protection on the Move. Current Developments in ICT and Privacy/Data Protection. Springer (forthcoming, 2015), Dordrecht. [pdf]

Revealing the Relationship Network Behind Link Spam

2015 - Apostolis Zarras, Antonis Papadogiannakis, Sotiris Ioannidis, Thorsten Holz

13th Annual Conference on Privacy, Security and Trust (PST), Izmir, Turkey, July 2015 [PDF]

Experience Report: An Empirical Study of PHP Security Mechanism Usage

2015 - Johannes Dahse, Thorsten Holz

International Symposium on Software Testing and Analysis (ISSTA) [PDF]

Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications

2015 - Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz

36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]

Cross-Architecture Bug Search in Binary Executables

2015 - Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz

36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]

VC3: Trustworthy Data Analytics in the Cloud using SGX

2015 - Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz , Mark Russinovich

36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015 [PDF]

A Practical Investigation of Identity Theft Vulnerabilities in Eduroam

2015 - Sebastian Brenza, Andre Pawlowski, Christina Pöpper

In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec), 2015 [Project Webpage] [PDF]

Retaining Control over SDN Network Services

2015 - Christian Röpke, Thorsten Holz

International Conference on Networked Systems (NetSys), 2015

FPGA Trojans through Detecting and Weakening of Cryptographic Primitives

2015 - Pawel Swierczynski, Marc Fyrbiak, Philipp Koppe, Chris­tof Paar

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Volume PP Issue 99, February 2015. [DOI] [pdf]

Tactile One-Time Pad: Leakage-Resilient Authentication for Smartphones

2015 - Sebastian Uellenbeck, Thomas Hupperich, Christopher Wolf, Thorsten Holz

Financial Cryptography and Data Security 2015 [pdf]

VC3: Trustworthy Data Analytics in the Cloud

2014 - Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, Mark Russinovich

MSR-TR-2014-39, Microsoft Research, December 2014 [Microsoft Research]

Technical Report: Towards Automated Integrity Protection of C++ Virtual Function Tables in Binary Programs

2014 - Robert Gawlik, Thorsten Holz

TR-HGI-2014-004, Ruhr-Uni­ver­si­tät Bo­chum, Horst Görtz In­sti­tut für IT-Si­cher­heit (HGI), December 2014 [PDF]
Seite: