default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCIDThorsten Holz
2020 – today
- 2025
[j26]Thorsten Holz
:
Unsafe Code Still a Hurdle Copilot Must Clear. Commun. ACM 68(2): 95 (2025)- [j25]Christian Böttger, Nurullah Demir, Jan Hörnemann, Bhupendra Acharya, Norbert Pohlmann, Thorsten Holz, Matteo Große-Kampmann, Tobias Urban:
Understanding Regional Filter Lists: Efficacy and Impact. Proc. Priv. Enhancing Technol. 2025(2): 309-325 (2025) - [c213]Matteo Leonelli, Addison Crump, Meng Wang, Florian Bauckholt, Keno Hassler, Ali Abbasi, Thorsten Holz:
TWINFUZZ: Differential Testing of Video Hardware Acceleration Stacks. NDSS 2025 - [c212]Jianqiang Wang, Meng Wang, Qinying Wang, Nils Langius, Li Shi, Ali Abbasi, Thorsten Holz:
A Comprehensive Memory Safety Analysis of Bootloaders. NDSS 2025 - [c211]Bhupendra Acharya, Dario Lazzaro, Antonio Emanuele Cinà, Thorsten Holz:
Pirates of Charity: Exploring Donation-based Abuses in Social Media Platforms. WWW 2025: 3968-3981 - 2024
- [j24]Tobias Cloosters, Oussama Draissi, Johannes Willbold, Thorsten Holz, Lucas Davi:
Memory Corruption at the Border of Trusted Execution. IEEE Secur. Priv. 22(4): 87-96 (2024) - [c210]Lukas Bernhard, Nico Schiller, Moritz Schloegel, Nils Bars, Thorsten Holz:
DarthShader: Fuzzing WebGPU Shader Translators & Compilers. CCS 2024: 690-704 - [c209]Nils Bars, Moritz Schloegel, Nico Schiller, Lukas Bernhard, Thorsten Holz:
No Peer, no Cry: Network Application Fuzzing via Fault Injection. CCS 2024: 750-764 - [c208]Florian Bauckholt, Thorsten Holz:
WebAssembly as a Fuzzing Compilation Target (Registered Report). FUZZING 2024: 23-32 - [c207]Jonas Ricker, Dennis Assenmacher, Thorsten Holz, Asja Fischer, Erwin Quiring:
AI-Generated Faces in the Real World: A Large-Scale Case Study of Twitter Profile Images. RAID 2024: 513-530 - [c206]Hossein Hajipour, Keno Hassler, Thorsten Holz, Lea Schönherr, Mario Fritz:
CodeLMSec Benchmark: Systematically Evaluating and Finding Security Vulnerabilities in Black-Box Code Language Models. SaTML 2024: 684-709 - [c205]Bhupendra Acharya, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, Hoang Dai Nguyen, Adam Oest, Phani Vadrevu, Thorsten Holz:
Conning the Crypto Conman: End-to-End Analysis of Cryptocurrency-based Technical Support Scams. SP 2024: 17-35 - [c204]Joel Frank, Franziska Herbert, Jonas Ricker, Lea Schönherr, Thorsten Eisenhofer, Asja Fischer, Markus Dürmuth, Thorsten Holz:
A Representative Study on Human Detection of Artificially Generated Media Across Countries. SP 2024: 55-73 - [c203]Moritz Schloegel, Nils Bars, Nico Schiller, Lukas Bernhard, Tobias Scharnowski, Addison Crump, Arash Ale Ebrahim, Nicolai Bissantz, Marius Muench, Thorsten Holz:
SoK: Prudent Evaluation Practices for Fuzzing. SP 2024: 1974-1993 - [c202]Bhupendra Acharya, Dario Lazzaro, Efrén López-Morales, Adam Oest, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, Thorsten Holz:
The Imitation Game: Exploring Brand Impersonation Attacks on Social Media Platforms. USENIX Security Symposium 2024 - [c201]Emre Güler, Sergej Schumilo, Moritz Schloegel, Nils Bars, Philipp Görz, Xinyi Xu, Cemal Kaygusuz, Thorsten Holz:
Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities. USENIX Security Symposium 2024 - [c200]Joschua Schilling, Andreas Wendler, Philipp Görz, Nils Bars, Moritz Schloegel, Thorsten Holz:
A Binary-level Thread Sanitizer or Why Sanitizing on the Binary Level is Hard. USENIX Security Symposium 2024 - [c199]Jonas Ricker, Simon Damm, Thorsten Holz, Asja Fischer:
Towards the Detection of Diffusion Model Deepfakes. VISIGRAPP (4): VISAPP 2024: 446-457 - [c198]Johannes Willbold, Moritz Schloegel, Robin Bisping, Martin Strohmeier, Thorsten Holz, Vincent Lenders:
VSAsTer: Uncovering Inherent Security Issues in Current VSAT System Practices. WISEC 2024: 288-299 - [d2]Jonas Ricker, Simon Damm, Thorsten Holz, Asja Fischer:
Towards the Detection of Diffusion Model Deepfakes (Additional Datasets). Zenodo, 2024
- [i54]Bhupendra Acharya, Muhammad Saad, Antonio Emanuele Cinà, Lea Schönherr, Hoang Dai Nguyen, Adam Oest, Phani Vadrevu, Thorsten Holz:
Conning the Crypto Conman: End-to-End Analysis of Cryptocurrency-based Technical Support Scams. CoRR abs/2401.09824 (2024) - [i53]Jonas Ricker, Dennis Assenmacher, Thorsten Holz, Asja Fischer, Erwin Quiring:
AI-Generated Faces in the Real World: A Large-Scale Case Study of Twitter Profile Images. CoRR abs/2404.14244 (2024) - [i52]Moritz Schloegel, Nils Bars, Nico Schiller, Lukas Bernhard, Tobias Scharnowski, Addison Crump, Arash Ale Ebrahim, Nicolai Bissantz, Marius Muench, Thorsten Holz:
SoK: Prudent Evaluation Practices for Fuzzing. CoRR abs/2405.10220 (2024) - [i51]Nils Bars, Moritz Schloegel, Nico Schiller, Lukas Bernhard, Thorsten Holz:
No Peer, no Cry: Network Application Fuzzing via Fault Injection. CoRR abs/2409.01059 (2024) - [i50]Lukas Bernhard, Nico Schiller, Moritz Schloegel, Nils Bars, Thorsten Holz:
DarthShader: Fuzzing WebGPU Shader Translators & Compilers. CoRR abs/2409.01824 (2024) - [i49]Hossein Hajipour, Lea Schönherr, Thorsten Holz, Mario Fritz:
HexaCoder: Secure Code Generation via Oracle-Guided Synthetic Training Data. CoRR abs/2409.06446 (2024) - [i48]Teemu Rytilahti, Thorsten Holz:
Bad Neighbors: On Understanding VPN Provider Networks. CoRR abs/2410.08737 (2024) - [i47]Mario Beluri, Bhupendra Acharya, Soheil Khodayari, Giada Stivala, Giancarlo Pellegrino, Thorsten Holz:
Exploration of the Dynamics of Buy and Sale of Social Media Accounts. CoRR abs/2412.14985 (2024) - [i46]Bhupendra Acharya, Dominik Sautter, Muhammad Saad, Thorsten Holz:
ScamChatBot: An End-to-End Analysis of Fake Account Recovery on Social Media via Chatbots. CoRR abs/2412.15072 (2024) - [i45]Bhupendra Acharya, Thorsten Holz:
An Explorative Study of Pig Butchering Scams. CoRR abs/2412.15423 (2024) - [i44]Bhupendra Acharya, Dario Lazzaro, Antonio Emanuele Cinà, Thorsten Holz:
Pirates of Charity: Exploring Donation-based Abuses in Social Media Platforms. CoRR abs/2412.15621 (2024) - 2023
- [j23]Christine Utz, Sabrina Amft, Martin Degeling, Thorsten Holz, Sascha Fahl, Florian Schaub:
Privacy Rarely Considered: Exploring Considerations in the Adoption of Third-Party Services by Websites. Proc. Priv. Enhancing Technol. 2023(1): 5-28 (2023) - [c197]Sahar Abdelnabi, Kai Greshake, Shailesh Mishra, Christoph Endres, Thorsten Holz, Mario Fritz:
Not What You've Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection. AISec@CCS 2023: 79-90 - [c196]Michael Rodler, David Paaßen, Wenting Li, Lukas Bernhard, Thorsten Holz, Ghassan Karame, Lucas Davi:
EF↯CF: High Performance Smart Contract Fuzzing for Exploit Generation. EuroS&P 2023: 449-471 - [c195]Nico Schiller, Xinyi Xu, Lukas Bernhard, Nils Bars, Moritz Schloegel, Thorsten Holz:
Novelty Not Found: Adaptive Fuzzer Restarts to Improve Input Space Coverage (Registered Report). FUZZING 2023: 12-20 - [c194]Addison Crump, Dongjia Zhang, Syeda Mahnur Asif, Dominik Christian Maier, Andrea Fioraldi, Thorsten Holz, Davide Balzarotti:
CrabSandwich: Fuzzing Rust with Rust (Registered Report). FUZZING 2023: 39-46 - [c193]Nurullah Demir, Jan Hörnemann, Matteo Große-Kampmann, Tobias Urban, Norbert Pohlmann, Thorsten Holz, Christian Wressnegger:
On the Similarity of Web Measurements Under Different Experimental Setups. IMC 2023: 356-369 - [c192]Samuel Groß, Simon Koch, Lukas Bernhard, Thorsten Holz, Martin Johns:
FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities. NDSS 2023 - [c191]Nico Schiller, Merlin Chlosta, Moritz Schloegel, Nils Bars, Thorsten Eisenhofer, Tobias Scharnowski, Felix Domke, Lea Schönherr, Thorsten Holz:
Drone Security and the Mysterious Case of DJI's DroneID. NDSS 2023 - [c190]Noah Spahn, Nils Hanke, Thorsten Holz, Christopher Kruegel, Giovanni Vigna:
Container Orchestration Honeypot: Observing Attacks in the Wild. RAID 2023: 381-396 - [c189]Hojjat Aghakhani, Lea Schönherr, Thorsten Eisenhofer, Dorothea Kolossa, Thorsten Holz, Christopher Kruegel, Giovanni Vigna:
Venomave: Targeted Poisoning Against Speech Recognition. SaTML 2023: 404-417 - [c188]Johannes Willbold, Moritz Schloegel, Manuel Vögele, Maximilian Gerhardt, Thorsten Holz, Ali Abbasi:
Space Odyssey: An Experimental Software Security Analysis of Satellites. SP 2023: 1-19 - [c187]Tobias Scharnowski, Felix Buchmann, Simon Wörner, Thorsten Holz:
A Case Study on Fuzzing Satellite Firmware. SpaceSec 2023 - [c186]Nils Bars, Moritz Schloegel, Tobias Scharnowski, Nico Schiller, Thorsten Holz:
Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge. USENIX Security Symposium 2023: 1847-1864 - [c185]Tobias Scharnowski, Simon Wörner, Felix Buchmann, Nils Bars, Moritz Schloegel, Thorsten Holz:
Hoedur: Embedded Firmware Fuzzing using Multi-Stream Inputs. USENIX Security Symposium 2023: 2885-2902 - [c184]Philipp Görz, Björn Mathis, Keno Hassler, Emre Güler, Thorsten Holz, Andreas Zeller, Rahul Gopinath:
Systematic Assessment of Fuzzers using Mutation Analysis. USENIX Security Symposium 2023: 4535-4552 - [c183]Thorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz, Konrad Rieck:
No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning. USENIX Security Symposium 2023: 5109-5126 - [d1]Jonas Ricker, Simon Damm, Thorsten Holz, Asja Fischer:
Towards the Detection of Diffusion Model Deepfakes (Dataset). Zenodo, 2023 - [i43]Hossein Hajipour, Thorsten Holz, Lea Schönherr, Mario Fritz:
Systematically Finding Security Vulnerabilities in Black-Box Code Generation Models. CoRR abs/2302.04012 (2023) - [i42]Kai Greshake, Sahar Abdelnabi, Shailesh Mishra, Christoph Endres, Thorsten Holz, Mario Fritz:
More than you've asked for: A Comprehensive Analysis of Novel Prompt Injection Threats to Application-Integrated Large Language Models. CoRR abs/2302.12173 (2023) - [i41]Thorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz, Konrad Rieck:
No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning. CoRR abs/2303.14443 (2023) - [i40]Michael Rodler, David Paaßen, Wenting Li, Lukas Bernhard, Thorsten Holz, Ghassan Karame, Lucas Davi:
EF/CF: High Performance Smart Contract Fuzzing for Exploit Generation. CoRR abs/2304.06341 (2023) - [i39]Joel Frank, Franziska Herbert, Jonas Ricker, Lea Schönherr, Thorsten Eisenhofer, Asja Fischer, Markus Dürmuth, Thorsten Holz:
A Representative Study on Human Detection of Artificially Generated Media Across Countries. CoRR abs/2312.05976 (2023) - 2022
- [j22]Lea Schönherr, Maximilian Golla, Thorsten Eisenhofer, Jan Wiele, Dorothea Kolossa, Thorsten Holz:
Exploring accidental triggers of smart speakers. Comput. Speech Lang. 73: 101328 (2022) - [j21]Terry Benzel, Thorsten Holz:
Selected Papers From the 2021 IEEE Symposium on Security and Privacy. IEEE Secur. Priv. 20(2): 8-9 (2022) - [c182]Lukas Bernhard, Tobias Scharnowski, Moritz Schloegel, Tim Blazytko, Thorsten Holz:
JIT-Picking: Differential Fuzzing of JavaScript Engines. CCS 2022: 351-364 - [c181]Lukas Bernhard, Michael Rodler, Thorsten Holz, Lucas Davi:
xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64. EuroS&P 2022: 502-519 - [c180]Sergej Schumilo, Cornelius Aschermann, Andrea Jemmett, Ali Abbasi, Thorsten Holz:
Nyx-net: network fuzzing with incremental snapshots. EuroSys 2022: 166-180 - [c179]Tobias Scharnowski, Nils Bars, Moritz Schloegel, Eric Gustafson, Marius Muench, Giovanni Vigna, Christopher Kruegel, Thorsten Holz, Ali Abbasi:
Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing. USENIX Security Symposium 2022: 1239-1256 - [c178]Moritz Schloegel, Tim Blazytko, Moritz Contag, Cornelius Aschermann, Julius Basler, Thorsten Holz, Ali Abbasi:
Loki: Hardening Code Obfuscation Against Automated Attacks. USENIX Security Symposium 2022: 3055-3073 - [c177]Tobias Cloosters, Johannes Willbold, Thorsten Holz, Lucas Davi:
SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing. USENIX Security Symposium 2022: 3147-3164 - [c176]Nurullah Demir, Matteo Große-Kampmann, Tobias Urban, Christian Wressnegger, Thorsten Holz, Norbert Pohlmann:
Reproducibility and Replicability of Web Measurement Studies. WWW 2022: 533-544 - [i38]Lukas Bernhard, Michael Rodler, Thorsten Holz, Lucas Davi:
xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64. CoRR abs/2203.04117 (2022) - [i37]Christine Utz, Sabrina Amft, Martin Degeling, Thorsten Holz, Sascha Fahl, Florian Schaub:
Privacy Rarely Considered: Exploring Considerations in the Adoption of Third-Party Services by Websites. CoRR abs/2203.11387 (2022) - [i36]Jonas Ricker, Simon Damm, Thorsten Holz, Asja Fischer:
Towards the Detection of Diffusion Model Deepfakes. CoRR abs/2210.14571 (2022) - [i35]Philipp Görz, Björn Mathis, Keno Hassler, Emre Güler, Thorsten Holz, Andreas Zeller, Rahul Gopinath:
How to Compare Fuzzers. CoRR abs/2212.03075 (2022) - 2021
- [c175]Florian Quinkert, Dennis Tatang, Thorsten Holz:
Digging Deeper: An Analysis of Domain Impersonation in the Lower DNS Hierarchy. DIMVA 2021: 68-87 - [c174]Florian Quinkert, Martin Degeling, Thorsten Holz:
Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings. DIMVA 2021: 341-360 - [c173]Dennis Tatang, Robin Flume, Thorsten Holz:
Extended Abstract: A First Large-Scale Analysis on Usage of MTA-STS. DIMVA 2021: 361-370 - [c172]Moritz Schloegel, Tim Blazytko, Julius Basler, Fabian Hemmer, Thorsten Holz:
Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains. ESORICS (1) 2021: 218-239 - [c171]Sebastian Österlund, Elia Geretto, Andrea Jemmett, Emre Güler, Philipp Görz, Thorsten Holz, Cristiano Giuffrida, Herbert Bos:
CollabFuzz: A Framework for Collaborative Fuzzing. EuroSec@EuroSys 2021: 1-7 - [c170]Dennis Tatang, Philip Kreißel, Michael Sehring, Florian Quinkert, Martin Degeling, Thorsten Holz:
Likes are not Likes A Crowdworking Platform Analysis. ICWSM Workshops 2021 - [c169]Dennis Tatang, Florian Zettl, Thorsten Holz:
The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws. RAID 2021: 354-369 - [c168]Thorsten Eisenhofer, Lea Schönherr, Joel Frank, Lars Speckemeier, Dorothea Kolossa, Thorsten Holz:
Dompteur: Taming Audio Adversarial Examples. USENIX Security Symposium 2021: 2309-2326 - [c167]Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wörner, Thorsten Holz:
Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types. USENIX Security Symposium 2021: 2597-2614 - [c166]Merlin Chlosta, David Rupprecht, Thorsten Holz:
On the challenges of automata reconstruction in LTE networks. WISEC 2021: 164-174 - [c165]Merlin Chlosta, David Rupprecht, Christina Pöpper, Thorsten Holz:
5G SUCI-catchers: still catching them all? WISEC 2021: 359-364 - [i34]Thorsten Eisenhofer, Lea Schönherr, Joel Frank, Lars Speckemeier, Dorothea Kolossa, Thorsten Holz:
Dompteur: Taming Audio Adversarial Examples. CoRR abs/2102.05431 (2021) - [i33]Joel Frank, Thorsten Holz:
[RE] CNN-generated images are surprisingly easy to spot...for now. CoRR abs/2104.02984 (2021) - [i32]Moritz Schloegel, Tim Blazytko, Moritz Contag, Cornelius Aschermann, Julius Basler, Thorsten Holz, Ali Abbasi:
Loki: Hardening Code Obfuscation Against Automated Attacks. CoRR abs/2106.08913 (2021) - [i31]Sergej Schumilo, Cornelius Aschermann, Andrea Jemmett, Ali Abbasi, Thorsten Holz:
Nyx-Net: Network Fuzzing with Incremental Snapshots. CoRR abs/2111.03013 (2021) - 2020
- [c164]Emre Güler, Philipp Görz, Elia Geretto, Andrea Jemmett, Sebastian Österlund, Herbert Bos, Cristiano Giuffrida, Thorsten Holz:
Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing. ACSAC 2020: 360-372 - [c163]Lea Schönherr, Thorsten Eisenhofer, Steffen Zeiler, Thorsten Holz, Dorothea Kolossa:
Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems. ACSAC 2020: 843-855 - [c162]Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann:
Measuring the Impact of the GDPR on Data Sharing in Ad Networks. AsiaCCS 2020: 222-235 - [c161]Florian Quinkert, Martin Degeling, Jim Blythe, Thorsten Holz:
Be the Phisher - Understanding Users' Perception of Malicious Domains. AsiaCCS 2020: 263-276 - [c160]Christian Dresen, Fabian Ising, Damian Poddebniak, Tobias Kappert, Thorsten Holz, Sebastian Schinzel:
CORSICA: Cross-Origin Web Service Identification. AsiaCCS 2020: 409-419 - [c159]Tobias Urban, Matteo Große-Kampmann, Dennis Tatang, Thorsten Holz, Norbert Pohlmann:
Plenty of Phish in the Sea: Analyzing Potential Pre-attack Surfaces. ESORICS (2) 2020: 272-291 - [c158]Joel Frank, Thorsten Eisenhofer, Lea Schönherr, Asja Fischer, Dorothea Kolossa, Thorsten Holz:
Leveraging Frequency Analysis for Deep Fake Image Recognition. ICML 2020: 3247-3258 - [c157]David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper:
IMP4GT: IMPersonation Attacks in 4G NeTworks. NDSS 2020 - [c156]Teemu Rytilahti, Thorsten Holz:
On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways. NDSS 2020 - [c155]Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wörner, Thorsten Holz:
HYPER-CUBE: High-Dimensional Hypervisor Fuzzing. NDSS 2020 - [c154]Cornelius Aschermann, Sergej Schumilo, Ali Abbasi, Thorsten Holz:
Ijon: Exploring Deep State Spaces via Fuzzing. SP 2020: 1597-1612 - [c153]David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper:
Call Me Maybe: Eavesdropping Encrypted LTE Calls With ReVoLTE. USENIX Security Symposium 2020: 73-88 - [c152]Tim Blazytko, Moritz Schlögel, Cornelius Aschermann, Ali Abbasi, Joel Frank, Simon Wörner, Thorsten Holz:
AURORA: Statistical Crash Analysis for Automated Root Cause Explanation. USENIX Security Symposium 2020: 235-252 - [c151]Joel Frank, Cornelius Aschermann, Thorsten Holz:
ETHBMC: A Bounded Model Checker for Smart Contracts. USENIX Security Symposium 2020: 2757-2774 - [c150]Tobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann:
Beyond the Front Page: Measuring Third Party Dynamics in the Field. WWW 2020: 1275-1286 - [i30]Tobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann:
Beyond the Front Page: Measuring Third Party Dynamics in the Field. CoRR abs/2001.10248 (2020) - [i29]Joel Frank, Thorsten Eisenhofer, Lea Schönherr, Asja Fischer, Dorothea Kolossa, Thorsten Holz:
Leveraging Frequency Analysis for Deep Fake Image Recognition. CoRR abs/2003.08685 (2020) - [i28]Christian Dresen, Fabian Ising, Damian Poddebniak, Tobias Kappert, Thorsten Holz, Sebastian Schinzel:
CORSICA: Cross-Origin Web Service Identification. CoRR abs/2004.00939 (2020) - [i27]Ali Abbasi, Jos Wetzels, Thorsten Holz, Sandro Etalle:
Challenges in Designing Exploit Mitigations for Deeply Embedded Systems. CoRR abs/2007.02307 (2020) - [i26]Jannik Pewny, Philipp Koppe, Thorsten Holz:
Steroids for DOPed Applications: A Compiler for Automated Data-Oriented Programming. CoRR abs/2007.02308 (2020) - [i25]Behrad Garmany, Martin Stoffel, Robert Gawlik, Thorsten Holz:
Static Detection of Uninitialized Stack Variables in Binary Code. CoRR abs/2007.02314 (2020) - [i24]Jannik Pewny, Thorsten Holz:
EvilCoder: Automated Bug Insertion. CoRR abs/2007.02326 (2020) - [i23]Andre Pawlowski, Victor van der Veen, Dennis Andriesse, Erik van der Kouwe, Thorsten Holz, Cristiano Giuffrida, Herbert Bos:
VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching. CoRR abs/2007.03302 (2020) - [i22]Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz:
Breaking and Fixing Destructive Code Read Defenses. CoRR abs/2007.03548 (2020) - [i21]Benjamin Kollenda, Philipp Koppe, Marc Fyrbiak, Christian Kison, Christof Paar, Thorsten Holz:
An Exploratory Analysis of Microcode as a Building Block for System Defenses. CoRR abs/2007.03549 (2020) - [i20]Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz:
Detile: Fine-Grained Information Leak Detection in Script Engines. CoRR abs/2007.03550 (2020) - [i19]Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz:
Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets. CoRR abs/2007.04116 (2020) - [i18]Lea Schönherr, Maximilian Golla, Thorsten Eisenhofer, Jan Wiele, Dorothea Kolossa, Thorsten Holz:
Unacceptable, where is my privacy? Exploring Accidental Triggers of Smart Speakers. CoRR abs/2008.00508 (2020) - [i17]Hojjat Aghakhani, Thorsten Eisenhofer, Lea Schönherr, Dorothea Kolossa, Thorsten Holz, Christopher Kruegel, Giovanni Vigna:
VENOMAVE: Clean-Label Poisoning Against Speech Recognition. CoRR abs/2010.10682 (2020)
2010 – 2019
- 2019
- [j20]Christine Utz, Stephan Koloßa, Thorsten Holz, Pierre Thielbörger:
Die DSGVO als internationales Vorbild? Datenschutz und Datensicherheit 43(11): 700-705 (2019) - [j19]Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz:
We Value Your Privacy ... Now Take Some Cookies - Measuring the GDPR's Impact on Web Privacy. Inform. Spektrum 42(5): 345-346 (2019) - [j18]Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann:
Analyzing leakage of personal information by malware. J. Comput. Secur. 27(4): 459-481 (2019) - [c149]Andre Pawlowski, Victor van der Veen, Dennis Andriesse, Erik van der Kouwe, Thorsten Holz, Cristiano Giuffrida, Herbert Bos:
VPS: excavating high-level C++ constructs from low-level binaries to protect dynamic dispatching. ACSAC 2019: 97-112 - [c148]Tobias Urban, Martin Degeling, Thorsten Holz, Norbert Pohlmann:
"Your hashed IP address: Ubuntu.": perspectives on transparency tools for online advertising. ACSAC 2019: 702-717 - [c147]Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz:
(Un)informed Consent: Studying GDPR Consent Notices in the Field. CCS 2019: 973-990 - [c146]Florian Quinkert, Tobias Lauinger, William K. Robertson, Engin Kirda, Thorsten Holz:
It's Not what It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains. CNS 2019: 259-267 - [c145]Dennis Tatang, Carl Richard Theodor Schneider, Thorsten Holz:
Large-Scale Analysis of Infrastructure-Leaking DNS Servers. DIMVA 2019: 353-373 - [c144]Dennis Tatang, Florian Quinkert, Thorsten Holz:
Below the Radar: Spotting DNS Tunnels in Newly Observed Hostnames in the Wild. eCrime 2019: 1-15 - [c143]Andrew Paverd, Marcus Völp, Ferdinand Brasser, Matthias Schunter, N. Asokan, Ahmad-Reza Sadeghi, Paulo Jorge Esteves Veríssimo, Andreas Steininger, Thorsten Holz:
Sustainable Security & Safety: Challenges and Opportunities. CERTS 2019: 4:1-4:13 - [c142]Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann:
A Study on Subject Data Access in Online Advertising After the GDPR. DPM/CBT@ESORICS 2019: 61-79 - [c141]Behrad Garmany, Martin Stoffel, Robert Gawlik, Thorsten Holz:
Static Detection of Uninitialized Stack Variables in Binary Code. ESORICS (2) 2019: 68-87 - [c140]Nicolai Davidsson, Andre Pawlowski, Thorsten Holz:
Towards Automated Application-Specific Software Stacks. ESORICS (2) 2019: 88-109 - [c139]Matteo Cagnazzo, Thorsten Holz, Norbert Pohlmann:
GDPiRated - Stealing Personal Information On- and Offline. ESORICS (2) 2019: 367-386 - [c138]Dennis Tatang, Tim Suurland, Thorsten Holz:
Study of DNS Rebinding Attacks on Smart Home Devices. CyberICPS/SECPRE/SPOSE/ADIoT@ESORICS 2019: 391-401 - [c137]Ali Abbasi, Jos Wetzels, Thorsten Holz, Sandro Etalle:
Challenges in Designing Exploit Mitigations for Deeply Embedded Systems. EuroS&P 2019: 31-46 - [c136]Jannik Pewny, Philipp Koppe, Thorsten Holz:
STEROIDS for DOPed Applications: A Compiler for Automated Data-Oriented Programming. EuroS&P 2019: 111-126 - [c135]Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, Ahmad-Reza Sadeghi, Daniel Teuchert:
NAUTILUS: Fishing for Deep Bugs with Grammars. NDSS 2019 - [c134]Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, Thorsten Holz:
REDQUEEN: Fuzzing with Input-to-State Correspondence. NDSS 2019 - [c133]Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz:
We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy. NDSS 2019 - [c132]Katharina Kohls, Kai Jansen, David Rupprecht, Thorsten Holz, Christina Pöpper:
On the Challenges of Geographical Avoidance for Tor. NDSS 2019 - [c131]Lea Schönherr, Katharina Kohls, Steffen Zeiler, Thorsten Holz, Dorothea Kolossa:
Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding. NDSS 2019 - [c130]David Rupprecht, Katharina Kohls, Thorsten Holz, Christina Pöpper:
Breaking LTE on Layer Two. IEEE Symposium on Security and Privacy 2019: 1121-1136 - [c129]Emre Güler, Cornelius Aschermann, Ali Abbasi, Thorsten Holz:
AntiFuzz: Impeding Fuzzing Audits of Binary Executables. USENIX Security Symposium 2019: 1931-1947 - [c128]Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, Thorsten Holz:
GRIMOIRE: Synthesizing Structure while Fuzzing. USENIX Security Symposium 2019: 1985-2002 - [c127]Katharina Kohls, David Rupprecht, Thorsten Holz, Christina Pöpper:
Lost traffic encryption: fingerprinting LTE/4G traffic on layer two. WiSec 2019: 249-260 - [c126]Merlin Chlosta, David Rupprecht, Thorsten Holz, Christina Pöpper:
LTE security disabled: misconfiguration in commercial networks. WiSec 2019: 261-266 - [e7]Lorenzo Cavallaro, Johannes Kinder, Thorsten Holz:
Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy, CPS-SPC@CCS 2019, London, UK, November 11, 2019. ACM 2019, ISBN 978-1-4503-6831-5 [contents] - [i16]Dennis Tatang, Florian Quinkert, Nico Dolecki, Thorsten Holz:
A Study of Newly Observed Hostnames and DNS Tunneling in the Wild. CoRR abs/1902.08454 (2019) - [i15]Nicolai Davidsson, Andre Pawlowski, Thorsten Holz:
Towards Automated Application-Specific Software Stacks. CoRR abs/1907.01933 (2019) - [i14]Lea Schönherr, Steffen Zeiler, Thorsten Holz, Dorothea Kolossa:
Robust Over-the-Air Adversarial Examples Against Automatic Speech Recognition Systems. CoRR abs/1908.01551 (2019) - [i13]Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, Thorsten Holz:
(Un)informed Consent: Studying GDPR Consent Notices in the Field. CoRR abs/1909.02638 (2019) - [i12]Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz:
Reverse Engineering x86 Processor Microcode. CoRR abs/1910.00948 (2019) - 2018
- [j17]David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar R. Weippl, Christina Pöpper:
On Security Research Towards Future Mobile Network Generations. IEEE Commun. Surv. Tutorials 20(3): 2518-2542 (2018) - [c125]Behrad Garmany, Martin Stoffel, Robert Gawlik, Philipp Koppe, Tim Blazytko, Thorsten Holz:
Towards Automated Generation of Exploitation Primitives for Web Browsers. ACSAC 2018: 300-312 - [c124]Benjamin Kollenda, Philipp Koppe, Marc Fyrbiak, Christian Kison, Christof Paar, Thorsten Holz:
An Exploratory Analysis of Microcode as a Building Block for System Defenses. CCS 2018: 1649-1666 - [c123]Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz:
An Empirical Study on Online Price Differentiation. CODASPY 2018: 76-83 - [c122]Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz:
On the Weaknesses of Function Table Randomization. DIMVA 2018: 185-207 - [c121]Tobias Urban, Dennis Tatang, Thorsten Holz, Norbert Pohlmann:
Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs. ESORICS (1) 2018: 449-469 - [c120]Teemu Rytilahti, Dennis Tatang, Janosch Kopper, Thorsten Holz:
Masters of Time: An Overview of the NTP Ecosystem. EuroS&P 2018: 122-136 - [c119]Enes Göktas, Benjamin Kollenda, Philipp Koppe, Erik Bosman, Georgios Portokalidis, Thorsten Holz, Herbert Bos, Cristiano Giuffrida:
Position-Independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure. EuroS&P 2018: 227-242 - [c118]Christian Röpke, Thorsten Holz:
Preventing Malicious SDN Applications From Hiding Adverse Network Manipulations. SecSoN@SIGCOMM 2018: 40-45 - [c117]Matteo Cagnazzo, Markus Hertlein, Thorsten Holz, Norbert Pohlmann:
Threat modeling for mobile health systems. WCNC Workshops 2018: 314-319 - [c116]Robert Gawlik, Thorsten Holz:
SoK: Make JIT-Spray Great Again. WOOT @ USENIX Security Symposium 2018 - [p3]Felix Schuster, Thorsten Holz:
Attacking dynamic code. The Continuing Arms Race 2018: 139-180 - [e6]Michael D. Bailey, Thorsten Holz, Manolis Stamatogiannakis, Sotiris Ioannidis:
Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Heraklion, Crete, Greece, September 10-12, 2018, Proceedings. Lecture Notes in Computer Science 11050, Springer 2018, ISBN 978-3-030-00469-9 [contents] - [i11]Florian Quinkert, Thorsten Holz, K. S. M. Tozammel Hossain, Emilio Ferrara, Kristina Lerman:
RAPTOR: Ransomware Attack PredicTOR. CoRR abs/1803.01598 (2018) - [i10]Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz:
We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy. CoRR abs/1808.05096 (2018) - [i9]Lea Schönherr, Katharina Kohls, Steffen Zeiler, Thorsten Holz, Dorothea Kolossa:
Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding. CoRR abs/1808.05665 (2018) - [i8]Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann:
The Unwanted Sharing Economy: An Analysis of Cookie Syncing and User Transparency under GDPR. CoRR abs/1811.08660 (2018) - 2017
- [j16]Katharina Krombholz, Thomas Hupperich, Thorsten Holz:
May the Force Be with You: The Future of Force-Sensitive Authentication. IEEE Internet Comput. 21(3): 64-69 (2017) - [j15]Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz:
Cross-architecture bug search in binary executables. it Inf. Technol. 59(2): 83 (2017) - [j14]Hendrik Meutzner, Santosh Gupta, Viet-Hung Nguyen, Thorsten Holz, Dorothea Kolossa:
Toward Improved Audio CAPTCHAs Based on Auditory Perception and Language Understanding. ACM Trans. Priv. Secur. 19(4): 10:1-10:31 (2017) - [c115]Jannik Pewny, Philipp Koppe, Lucas Davi, Thorsten Holz:
Breaking and Fixing Destructive Code Read Defenses. ACSAC 2017: 55-67 - [c114]Ali Abbasi, Thorsten Holz, Emmanuele Zambon, Sandro Etalle:
ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers. ACSAC 2017: 437-448 - [c113]Benjamin Kollenda, Enes Göktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, Radhesh Krishnan Konoth, Cristiano Giuffrida, Herbert Bos, Thorsten Holz:
Towards Automated Discovery of Crash-Resistant Primitives in Binary Executables. DSN 2017: 189-200 - [c112]Andre Pawlowski, Moritz Contag, Victor van der Veen, Chris Ouwehand, Thorsten Holz, Herbert Bos, Elias Athanasopoulos, Cristiano Giuffrida:
MARX: Uncovering Class Hierarchies in C++ Programs. NDSS 2017 - [c111]Dennis Tatang, Florian Quinkert, Joel Frank, Christian Röpke, Thorsten Holz:
SDN-Guard: Protecting SDN controllers against SDN rootkits. NFV-SDN 2017: 297-302 - [c110]Moritz Contag, Vector Guo Li, Andre Pawlowski, Felix Domke, Kirill Levchenko, Thorsten Holz, Stefan Savage:
How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles. IEEE Symposium on Security and Privacy 2017: 231-250 - [c109]Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz:
kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels. USENIX Security Symposium 2017: 167-182 - [c108]Tim Blazytko, Moritz Contag, Cornelius Aschermann, Thorsten Holz:
Syntia: Synthesizing the Semantics of Obfuscated Code. USENIX Security Symposium 2017: 643-659 - [c107]Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz:
Reverse Engineering x86 Processor Microcode. USENIX Security Symposium 2017: 1163-1180 - [i7]David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar R. Weippl, Christina Pöpper:
On Security Research towards Future Mobile Network Generations. CoRR abs/1710.08932 (2017) - [i6]Thomas Hupperich, Dennis Tatang, Nicolai Wilkop, Thorsten Holz:
An Empirical Study on Price Differentiation Based on System Fingerprints. CoRR abs/1712.03031 (2017) - 2016
- [j13]Christian Röpke, Thorsten Holz:
On network operating system security. Int. J. Netw. Manag. 26(1): 6-24 (2016) - [c106]Jannik Pewny, Thorsten Holz:
EvilCoder: automated bug insertion. ACSAC 2016: 214-225 - [c105]Katharina Kohls, Thorsten Holz, Dorothea Kolossa, Christina Pöpper:
SkypeLine: Robust Hidden Data Transmission for VoIP. AsiaCCS 2016: 877-888 - [c104]Johannes Hoffmann, Teemu Rytilahti, Davide Maiorca, Marcel Winandy, Giorgio Giacinto, Thorsten Holz:
Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation. CODASPY 2016: 139-141 - [c103]Andre Pawlowski, Moritz Contag, Thorsten Holz:
Probfuscation: An Obfuscation Approach Using Probabilistic Control Flows. DIMVA 2016: 165-185 - [c102]Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz:
Detile: Fine-Grained Information Leak Detection in Script Engines. DIMVA 2016: 322-342 - [c101]Thomas Hupperich, Henry Hosseini, Thorsten Holz:
Leveraging Sensor Fingerprinting for Mobile Device Authentication. DIMVA 2016: 377-396 - [c100]Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz:
Automated Multi-architectural Discovery of CFI-Resistant Code Gadgets. ESORICS (1) 2016: 602-620 - [c99]Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz:
How Secure is TextSecure? EuroS&P 2016: 457-472 - [c98]Robert Gawlik, Benjamin Kollenda, Philipp Koppe, Behrad Garmany, Thorsten Holz:
Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding. NDSS 2016 - [c97]Michael Backes, Thorsten Holz, Christian Rossow, Teemu Rytilahti, Milivoj Simeonovski, Ben Stock:
On the Feasibility of TTL-Based Filtering for DRDoS Mitigation. RAID 2016: 303-322 - [c96]Katharina Krombholz, Thomas Hupperich, Thorsten Holz:
Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices. SOUPS 2016: 207-219 - [c95]Victor van der Veen, Enes Göktas, Moritz Contag, Andre Pawlowski, Xi Chen, Sanjay Rawat, Herbert Bos, Thorsten Holz, Elias Athanasopoulos, Cristiano Giuffrida:
A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level. IEEE Symposium on Security and Privacy 2016: 934-953 - [c94]Thomas Hupperich, Katharina Krombholz, Thorsten Holz:
Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness. TRUST 2016: 40-59 - [c93]Julian Lettner, Benjamin Kollenda, Andrei Homescu, Per Larsen, Felix Schuster, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Michael Franz:
Subversive-C: Abusing and Protecting Dynamic Message Dispatch. USENIX ATC 2016: 209-221 - [c92]Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis:
No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells. WWW 2016: 1021-1032 - [e5]Thorsten Holz, Stefan Savage:
25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016. USENIX Association 2016 [contents] - 2015
- [c91]Thomas Hupperich, Davide Maiorca, Marc Kührer, Thorsten Holz, Giorgio Giacinto:
On the Robustness of Mobile Device Fingerprinting: Can Mobile Users Escape Modern Web-Tracking Mechanisms? ACSAC 2015: 191-200 - [c90]Stephen J. Crane, Stijn Volckaert, Felix Schuster, Christopher Liebchen, Per Larsen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz, Bjorn De Sutter, Michael Franz:
It's a TRaP: Table Randomization and Protection against Function-Reuse Attacks. CCS 2015: 243-255 - [c89]Sebastian Uellenbeck, Thomas Hupperich, Christopher Wolf, Thorsten Holz:
Tactile One-Time Pad: Leakage-Resilient Authentication for Smartphones. Financial Cryptography 2015: 237-253 - [c88]Marc Kührer, Thomas Hupperich, Jonas Bushart, Christian Rossow, Thorsten Holz:
Going Wild: Large-Scale Classification of Open DNS Resolvers. Internet Measurement Conference 2015: 355-368 - [c87]Johannes Dahse, Thorsten Holz:
Experience report: an empirical study of PHP security mechanism usage. ISSTA 2015: 60-70 - [c86]Christian Röpke, Thorsten Holz:
Retaining control over SDN network services. NetSys 2015: 1-5 - [c85]Bernd Jäger, Christian Röpke, Iris Adam, Thorsten Holz:
Multi-layer Access Control for SDN-Based Telco Clouds. NordSec 2015: 197-204 - [c84]Apostolis Zarras, Antonis Papadogiannakis, Sotiris Ioannidis, Thorsten Holz:
Revealing the relationship network behind link spam. PST 2015: 101-108 - [c83]Christian Röpke, Thorsten Holz:
SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks. RAID 2015: 339-356 - [c82]Dario Weißer, Johannes Dahse, Thorsten Holz:
Security Analysis of PHP Bytecode Protection Mechanisms. RAID 2015: 493-514 - [c81]Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz:
Cross-Architecture Bug Search in Binary Executables. IEEE Symposium on Security and Privacy 2015: 709-724 - [c80]Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz:
Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications. IEEE Symposium on Security and Privacy 2015: 745-762 - [e4]Jaeyeon Jung, Thorsten Holz:
24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015. USENIX Association 2015 [contents] - 2014
- [j12]Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk:
Scriptless attacks: Stealing more pie without touching the sill. J. Comput. Secur. 22(4): 567-599 (2014) - [c79]Hendrik Meutzner, Viet-Hung Nguyen, Thorsten Holz, Dorothea Kolossa:
Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security. ACSAC 2014: 276-285 - [c78]Robert Gawlik, Thorsten Holz:
Towards automated integrity protection of C++ virtual function tables in binary programs. ACSAC 2014: 396-405 - [c77]Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, Christian Rossow:
Leveraging semantic signatures for bug search in binary programs. ACSAC 2014: 406-415 - [c76]Johannes Dahse, Nikolai Krein, Thorsten Holz:
Code Reuse Attacks in PHP: Automated POP Chain Generation. CCS 2014: 42-53 - [c75]Michael Backes, Thorsten Holz, Benjamin Kollenda, Philipp Koppe, Stefan Nürnberger, Jannik Pewny:
You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code. CCS 2014: 1342-1353 - [c74]Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna:
The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements. Internet Measurement Conference 2014: 373-380 - [c73]Johannes Dahse, Thorsten Holz:
Simulation of Built-in PHP Features for Precise Static Code Analysis. NDSS 2014 - [c72]Apostolis Zarras, Antonis Papadogiannakis, Robert Gawlik, Thorsten Holz:
Automated generation of models for fast and precise detection of HTTP-based malware. PST 2014: 249-256 - [c71]Marc Kührer, Christian Rossow, Thorsten Holz:
Paint It Black: Evaluating the Effectiveness of Malware Blacklists. RAID 2014: 1-21 - [c70]Felix Schuster, Thomas Tendyck, Jannik Pewny, Andreas Maaß, Martin Steegmanns, Moritz Contag, Thorsten Holz:
Evaluating the Effectiveness of Current Anti-ROP Defenses. RAID 2014: 88-108 - [c69]Irfan Altiok, Sebastian Uellenbeck, Thorsten Holz:
GraphNeighbors: Hampering Shoulder-Surfing Attacks on Smartphones. Sicherheit 2014: 25-35 - [c68]Marc Kührer, Johannes Hoffmann, Thorsten Holz:
CloudSylla: Detecting Suspicious System Calls in the Cloud. SSS 2014: 63-77 - [c67]Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz:
Exit from Hell? Reducing the Impact of Amplification DDoS Attacks. USENIX Security Symposium 2014: 111-125 - [c66]Sebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, Thorsten Holz:
Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data. USENIX Security Symposium 2014: 813-828 - [c65]Johannes Dahse, Thorsten Holz:
Static Detection of Second-Order Vulnerabilities in Web Applications. USENIX Security Symposium 2014: 989-1003 - [c64]Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz:
Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks. WOOT 2014 - [e3]Thorsten Holz, Sotiris Ioannidis:
Trust and Trustworthy Computing - 7th International Conference, TRUST 2014, Heraklion, Crete, Greece, June 30 - July 2, 2014. Proceedings. Lecture Notes in Computer Science 8564, Springer 2014, ISBN 978-3-319-08592-0 [contents] - [i5]Tilman Frosch, Christian Mainka, Christoph Bader, Florian Bergsma, Jörg Schwenk, Thorsten Holz:
How Secure is TextSecure? IACR Cryptol. ePrint Arch. 2014: 904 (2014) - 2013
- [j11]Andrea Dardanelli, Federico Maggi, Mara Tanelli, Stefano Zanero, Sergio M. Savaresi, R. Kochanek, Thorsten Holz:
A Security Layer for Smartphone-to-Vehicle Communication Over Bluetooth. IEEE Embed. Syst. Lett. 5(3): 34-37 (2013) - [j10]Benedikt Driessen, Ralf Hund, Carsten Willems, Christof Paar, Thorsten Holz:
An experimental security analysis of two satphone standards. ACM Trans. Inf. Syst. Secur. 16(3): 10 (2013) - [c63]Panagiotis Papadopoulos, Antonis Papadogiannakis, Michalis Polychronakis, Apostolis Zarras, Thorsten Holz, Evangelos P. Markatos:
k-subscription: privacy-preserving microblogging browsing through obfuscation. ACSAC 2013: 49-58 - [c62]Jannik Pewny, Thorsten Holz:
Control-flow restrictor: compiler-based CFI for iOS. ACSAC 2013: 309-318 - [c61]Tim Werthmann, Ralf Hund, Lucas Davi, Ahmad-Reza Sadeghi, Thorsten Holz:
PSiOS: bring your own privacy & security to iOS devices. AsiaCCS 2013: 13-24 - [c60]Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, Thorsten Holz:
Quantifying the security of graphical passwords: the case of android unlock patterns. CCS 2013: 161-172 - [c59]Felix Schuster, Thorsten Holz:
Towards reducing the attack surface of software backdoors. CCS 2013: 851-862 - [c58]Felix Schuster, Stefan Rüster, Thorsten Holz:
Preventing Backdoors in Server Applications with a Separated Software Architecture - (Short Paper). DIMVA 2013: 197-206 - [c57]Ralf Hund, Carsten Willems, Thorsten Holz:
Practical Timing Side Channel Attacks Against Kernel Space ASLR. NDSS 2013 - [c56]Johannes Hoffmann, Stephan Neumann, Thorsten Holz:
Mobile Malware Detection Based on Energy Fingerprints - A Dead End? RAID 2013: 348-368 - [c55]Johannes Hoffmann, Martin Ussath, Thorsten Holz, Michael Spreitzenbarth:
Slicing droids: program slicing for smali code. SAC 2013: 1844-1851 - [c54]Ralf Hund, Carsten Willems, Thorsten Holz:
Practical Timing Side Channel Attacks against Kernel Space ASLR. IEEE Symposium on Security and Privacy 2013: 191-205 - 2012
- [j9]Marc Kührer, Thorsten Holz:
An Empirical Analysis of Malware Blacklists. Prax. Inf.verarb. Kommun. 35(1): 11-16 (2012) - [c53]Carsten Willems, Felix C. Freiling, Thorsten Holz:
Using memory management to detect and extract illegitimate code for malware analysis. ACSAC 2012: 179-188 - [c52]Carsten Willems, Ralf Hund, Andreas Fobian, Dennis Felsch, Thorsten Holz, Amit Vasudevan:
Down to the bare metal: using processor features for binary analysis. ACSAC 2012: 189-198 - [c51]Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk:
Scriptless attacks: stealing the pie without touching the sill. CCS 2012: 760-771 - [c50]Johannes Hoffmann, Sebastian Uellenbeck, Thorsten Holz:
SmartProxy: Secure Smartphone-Assisted Login on Compromised Machines. DIMVA 2012: 184-203 - [c49]Armin Büscher, Thorsten Holz:
Tracking DDoS Attacks: Insights into the Business of Disrupting the Web. LEET 2012 - [c48]Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi:
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. NDSS 2012 - [c47]Benedikt Driessen, Ralf Hund, Carsten Willems, Christof Paar, Thorsten Holz:
Don't Trust Satellite Phones: A Security Analysis of Two Satphone Standards. IEEE Symposium on Security and Privacy 2012: 128-142 - [c46]Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher Kruegel, Giovanni Vigna:
B@bel: Leveraging Email Delivery for Spam Mitigation. USENIX Security Symposium 2012: 16-32 - 2011
- [j8]Markus Engelberth, Felix C. Freiling, Jan Göbel, Christian Gorecki, Thorsten Holz, Ralf Hund, Philipp Trinius, Carsten Willems:
Das Internet-Malware-Analyse-System (InMAS) - Ein System zur großflächigen Sammlung und Analyse von Schadsoftware im Internet. Datenschutz und Datensicherheit 35(4): 247-252 (2011) - [j7]Konrad Rieck, Philipp Trinius, Carsten Willems, Thorsten Holz:
Automatic analysis of malware behavior using machine learning. J. Comput. Secur. 19(4): 639-668 (2011) - [c45]Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz:
Crouching tiger - hidden payload: security risks of scalable vectors graphics. CCS 2011: 239-250 - [c44]Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, Ahmad-Reza Sadeghi:
Poster: control-flow integrity for smartphones. CCS 2011: 749-752 - [c43]Thorsten Holz:
Systems Security Research at Ruhr-University Bochum. SysSec@DIMVA 2011: 131-134 - [c42]Brett Stone-Gross, Thorsten Holz, Gianluca Stringhini, Giovanni Vigna:
The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns. LEET 2011 - [c41]Felix Gröbert, Carsten Willems, Thorsten Holz:
Automated Identification of Cryptographic Primitives in Binary Programs. RAID 2011: 41-60 - [c40]Mario Heiderich, Tilman Frosch, Thorsten Holz:
IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM. RAID 2011: 281-300 - [c39]Michael Becher, Felix C. Freiling, Johannes Hoffmann, Thorsten Holz, Sebastian Uellenbeck, Christopher Wolf:
Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices. IEEE Symposium on Security and Privacy 2011: 96-111 - [c38]Christian Gorecki, Felix C. Freiling, Marc Kührer, Thorsten Holz:
TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet. SSS 2011: 208-222 - [c37]Grégoire Jacob, Ralf Hund, Christopher Kruegel, Thorsten Holz:
JACKSTRAWS: Picking Command and Control Connections from Bot Traffic. USENIX Security Symposium 2011 - [c36]Gianluca Stringhini, Thorsten Holz, Brett Stone-Gross, Christopher Kruegel, Giovanni Vigna:
BOTMAGNIFIER: Locating Spambots on the Internet. USENIX Security Symposium 2011 - [e2]Engin Kirda, Thorsten Holz:
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS@EuroSys 2011, Salzburg, Austria, April 10, 2011. ACM 2011, ISBN 978-1-4503-0768-0 [contents] - [e1]Thorsten Holz, Herbert Bos:
Detection of Intrusions and Malware, and Vulnerability Assessment - 8th International Conference; DIMVA 2011, Amsterdam, The Netherlands, July 7-8, 2011. Proceedings. Lecture Notes in Computer Science 6739, Springer 2011, ISBN 978-3-642-22423-2 [contents] - 2010
- [c35]Matthias Luft, Thorsten Holz:
A Small Leak will Sink a Great Ship: An Empirical Study of DLP Solutions. ISSE 2010: 354-364 - [c34]Marco Balduzzi, Christian Platzer, Thorsten Holz, Engin Kirda, Davide Balzarotti, Christopher Kruegel:
Abusing Social Networks for Automated User Profiling. RAID 2010: 422-441 - [c33]Andreas Dewald, Thorsten Holz, Felix C. Freiling:
ADSandbox: sandboxing JavaScript to fight malicious websites. SAC 2010: 1859-1864 - [c32]Konrad Rieck, Guido Schwenk, Tobias Limmer, Thorsten Holz, Pavel Laskov:
Botzilla: detecting the "phoning home" of malicious software. SAC 2010: 1978-1984 - [c31]Michael Spreitzenbarth, Thorsten Holz:
Towards Secure Deletion on Smartphones. Sicherheit 2010: 165-176 - [c30]Philipp Trinius, Carsten Willems, Thorsten Holz, Konrad Rieck:
A Malware Instruction Set for Behavior-Based Analysis. Sicherheit 2010: 205-216 - [c29]Clemens Kolbitsch, Thorsten Holz, Christopher Kruegel, Engin Kirda:
Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries. IEEE Symposium on Security and Privacy 2010: 29-44 - [c28]Gilbert Wondracek, Thorsten Holz, Engin Kirda, Christopher Kruegel:
A Practical Attack to De-anonymize Social Network Users. IEEE Symposium on Security and Privacy 2010: 223-238 - [c27]Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda, Christopher Kruegel:
Is the Internet for Porn? An Insight Into the Online Adult Industry. WEIS 2010
2000 – 2009
- 2009
- [b2]Thorsten Holz:
Tracking and Mitigation of Malicious Remote Control Networks. University of Mannheim, Germany, 2009, pp. I-XIII, 1-138 - [c26]Jan Göbel, Thorsten Holz, Philipp Trinius:
Towards Proactive Spam Filtering (Extended Abstract). DIMVA 2009: 38-47 - [c25]Thorsten Holz, Markus Engelberth, Felix C. Freiling:
Learning More about the Underground Economy: A Case-Study of Keyloggers and Dropzones. ESORICS 2009: 1-18 - [c24]Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda:
Automatically Generating Models for Botnet Detection. ESORICS 2009: 232-249 - [c23]Thorsten Holz, Markus Engelberth, Felix C. Freiling:
Eine Analyse von 33 Gigabyte gestohlener Keylogger-Daten. GI Jahrestagung 2009: 193 - [c22]Ralf Hund, Thorsten Holz, Felix C. Freiling:
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms. USENIX Security Symposium 2009: 383-398 - [c21]Philipp Trinius, Thorsten Holz, Jan Göbel, Felix C. Freiling:
Visual analysis of malware behavior using treemaps and thread graphs. VizSEC 2009: 33-38 - [p2]Jianwei Zhuge, Thorsten Holz, Chengyu Song, Jinpeng Guo, Xinhui Han, Wei Zou:
Studying Malicious Websites and the Underground Economy on the Chinese Web. Managing Information Risk and the Economics of Security 2009: 225-244 - [p1]Thorsten Holz:
Verfolgen und Abschwächen von Malicious Remote Control Networks. Ausgezeichnete Informatikdissertationen 2009: 101-110 - 2008
- [b1]Niels Provos, Thorsten Holz:
Virtual Honeypots - From Botnet Tracking to Intrusion Detection. Addison-Wesley 2008, ISBN 978-0-321-33632-3, pp. I-XXIII, 1-440 - [c20]Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov:
Learning and Classification of Malware Behavior. DIMVA 2008: 108-125 - [c19]Felix C. Freiling, Thorsten Holz, Martin Mink:
Reconstructing People's Lives: A Case Study in Teaching Forensic Computing. IMF 2008: 125-141 - [c18]Jose Nazario, Thorsten Holz:
As the net churns: Fast-flux botnet observations. MALWARE 2008: 24-31 - [c17]Thorsten Holz, Christian Gorecki, Konrad Rieck, Felix C. Freiling:
Measuring and Detecting Fast-Flux Service Networks. NDSS 2008 - [c16]Thorsten Holz, Moritz Steiner, Frederic Dahl, Ernst W. Biersack, Felix C. Freiling:
Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm. LEET 2008 - [c15]Ali Ikinci, Thorsten Holz, Felix C. Freiling:
Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients. Sicherheit 2008: 407-421 - [c14]Jianwei Zhuge, Thorsten Holz, Chengyu Song, Jinpeng Guo, Xinhui Han, Wei Zou:
Studying Malicious Websites and the Underground Economy on the Chinese Web. WEIS 2008 - [i4]Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck, James P. G. Sterbenz:
08102 Working Group -- Requirements for Network Monitoring from an IDS Perspective. Network Attack Detection and Defense 2008 - [i3]Marc Dacier, Hervé Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck, James P. G. Sterbenz:
8102 Working Group -- Attack Taxonomy. Network Attack Detection and Defense 2008 - 2007
- [j6]Carsten Willems, Thorsten Holz, Felix C. Freiling:
Toward Automated Dynamic Malware Analysis Using CWSandbox. IEEE Secur. Priv. 5(2): 32-39 (2007) - [c13]Jan Goebel, Thorsten Holz, Carsten Willems:
Measurement and Analysis of Autonomous Spreading Malware in a University Environment. DIMVA 2007: 109-128 - [c12]Jianwei Zhuge, Thorsten Holz, Xinhui Han, Chengyu Song, Wei Zou:
Collecting Autonomous Spreading Malware Using High-Interaction Honeypots. ICICS 2007: 438-451 - [c11]Jan Goebel, Thorsten Holz:
Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation. HotBots 2007 - 2006
- [j5]Thorsten Holz, Simon Marechal, Frédéric Raynal:
New Threats and Attacks on the World Wide Web. IEEE Secur. Priv. 4(2): 72-75 (2006) - [j4]Jan Göbel, Jens Hektor, Thorsten Holz:
Advanced Honeypot-Based Intrusion Detection. login Usenix Mag. 31(6) (2006) - [c10]Zinaida Benenson, Felix C. Freiling, Thorsten Holz, Dogan Kesdogan, Lucia Draque Penso:
Safety, Liveness, and Information Flow: Dependability Revisited. ARCS Workshops 2006: 56-65 - [c9]Philip Anderson, Maximillian Dornseif, Felix C. Freiling, Thorsten Holz, Alastair Irons, Christopher Laing, Martin Mink:
A Comparative Study of Teaching Forensics at a University Degree Level. IMF 2006: 116-127 - [c8]Paul Baecher, Markus Koetter, Thorsten Holz, Maximillian Dornseif, Felix C. Freiling:
The Nepenthes Platform: An Efficient Approach to Collect Malware. RAID 2006: 165-184 - [c7]Thorsten Holz:
Learning More About Attack Patterns With Honeypots. Sicherheit 2006: 30-41 - [c6]Rainer Böhme, Thorsten Holz:
The Effect of Stock Spam on Financial Markets. WEIS 2006 - 2005
- [j3]Thorsten Holz:
A Short Visit to the Bot Zoo. IEEE Secur. Priv. 3(3): 76-79 (2005) - [j2]Thorsten Holz:
Spying with Bots. login Usenix Mag. 30(6) (2005) - [c5]Thorsten Holz:
Security Measurements and Metrics for Networks. Dependability Metrics 2005: 157-165 - [c4]Maximillian Dornseif, Thorsten Holz, Sven Müller:
Honeypots and Limitations of Deception. DFN-Arbeitstagung über Kommunikationsnetze 2005: 235-252 - [c3]Fabien Pouget, Thorsten Holz:
A Pointillist Approach for Comparing Honeypots. DIMVA 2005: 51-68 - [c2]Felix C. Freiling, Thorsten Holz, Georg Wicherski:
Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks. ESORICS 2005: 319-335 - 2004
- [j1]Maximillian Dornseif, Felix C. Gärtner, Thorsten Holz:
Vulnerability Assessment using Honeypots. Prax. Inf.verarb. Kommun. 27(4): 195-201 (2004) - [c1]Maximillian Dornseif, Felix C. Gärtner, Thorsten Holz:
Ermittlung von Verwundbarkeiten mit elektronischen Ködern. DIMVA 2004: 129-141 - [i2]Maximillian Dornseif, Thorsten Holz, Christian N. Klein:
NoSEBrEaK - Attacking Honeynets. CoRR cs.CR/0406052 (2004) - [i1]Maximillian Dornseif, Felix C. Gärtner, Thorsten Holz:
Ermittlung von Verwundbarkeiten mit elektronischen Koedern. CoRR cs.CR/0406059 (2004)
Coauthor Index
Felix C. Freiling
aka: Felix C. Gärtner
aka: Felix C. Gärtner
Christopher Krügel
aka: Christopher Kruegel
aka: Christopher Kruegel
Moritz Schloegel
aka: Moritz Schlögel
aka: Moritz Schlögel
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
[+][–] Unpaywalled article links
Add open access links from 
to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
[+][–] Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the 
of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Add a list of references from 
, 
, and 
to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
Load additional information about publications from 
.
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2025-05-14 23:13 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
