Christian Rossow

Proceedings of the 8th IEEE European Symposium on Security and Privacy, 2023

ResolFuzz: Differential Fuzzing of DNS Resolvers.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2023, 2023

FetchBench: Systematic Identification and Characterization of Proprietary Prefetchers.

[BibT_eX]

[DOI]

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022

AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities.

[BibT_eX]

[DOI]

Ilya Grishchenko

Proceedings of the 31st USENIX Security Symposium, 2022

Browser-Based CPU Fingerprinting.

[BibT_eX]

[DOI]

Leon Trampert

Michael Schwarz

Proceedings of the Computer Security - ESORICS 2022, 2022

FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels.

[BibT_eX]

[DOI]

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022

TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation.

[BibT_eX]

[DOI]

Markus Bauer

Ilya Grishchenko

Proceedings of the Annual Computer Security Applications Conference, 2022

2021

Osiris: Automated Discovery of Microarchitectural Side Channels.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

YARIX: Scalable YARA-based Malware Intelligence.

[BibT_eX]

[DOI]

Proceedings of the 30th USENIX Security Symposium, 2021

BGPeek-a-Boo: Active BGP-based Traceback for Amplification DDoS Attacks.

[BibT_eX]

[DOI]

Proceedings of the IEEE European Symposium on Security and Privacy, 2021

NoVT: Eliminating C++ Virtual Calls to Mitigate Vtable Hijacking.

[BibT_eX]

[DOI]

Markus Bauer

Proceedings of the IEEE European Symposium on Security and Privacy, 2021

ANYway: Measuring the Amplification DDoS Potential of Domains.

[BibT_eX]

[DOI]

Olivier van der Toorn

Mattijs Jonker

Roland van Rijswijk-Deij

Anna Sperotto

Proceedings of the 17th International Conference on Network and Service Management, 2021

Cali: Compiler-Assisted Library Isolation.

[BibT_eX]

[DOI]

Markus Bauer

Proceedings of the ASIA CCS '21: ACM Asia Conference on Computer and Communications Security, 2021

2020

SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients.

[BibT_eX]

[DOI]

Fabian Schwarz

Proceedings of the 29th USENIX Security Symposium, 2020

Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS.

[BibT_eX]

[DOI]

Proceedings of the 10th USENIX Workshop on Free and Open Communications on the Internet, 2020

Slitheen++: Stealth TLS-based Decoy Routing.

[BibT_eX]

[DOI]

Benedikt Birtel

Proceedings of the 10th USENIX Workshop on Free and Open Communications on the Internet, 2020

On the Origin of Scanning: The Impact of Location on Internet-Wide Scans.

[BibT_eX]

[DOI]

Proceedings of the IMC '20: ACM Internet Measurement Conference, 2020

DPIFuzz: A Differential Fuzzing Framework to Detect DPI Elusion Strategies for QUIC.

[BibT_eX]

[DOI]

Gaganjeet Singh Reen

Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

2019

Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild.

[BibT_eX]

[DOI]

Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

MALPITY: Automatic Identification and Exploitation of Tarpit Vulnerabilities in Malware.

[BibT_eX]

[DOI]

Walla Sebastian

Proceedings of the IEEE European Symposium on Security and Privacy, 2019

2018

Speculose: Analyzing the Security Implications of Speculative Execution in CPUs.

[BibT_eX]

[DOI]

CoRR, 2018

teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts.

[BibT_eX]

[DOI]

Proceedings of the 27th USENIX Security Symposium, 2018

The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators.

[BibT_eX]

[DOI]

Proceedings of the 2018 IEEE Symposium on Security and Privacy, 2018

DNS Unchained: Amplified Application-Layer DoS Attacks Against DNS Authoritatives.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2018

Identifying Key Leakage of Bitcoin Users.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2018

Didn't You Hear Me? - Towards More Successful Web Vulnerability Notifications.

[BibT_eX]

[DOI]

Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018

Evasive Malware via Identifier Implanting.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2018

MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2018

ret2spec: Speculative Execution Using Return Stack Buffers.

[BibT_eX]

[DOI]

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018

2017

Cross-architecture bug search in binary executables.

[BibT_eX]

[DOI]

it Inf. Technol., 2017

Who Controls the Internet?: Analyzing Global Threats using Property Graph Traversals.

[BibT_eX]

[DOI]

Proceedings of the 26th International Conference on World Wide Web, 2017

Linking Amplification DDoS Attacks to Booter Services.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017

Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code.

[BibT_eX]

[DOI]

Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Millions of targets under attack: a macroscopic characterization of the DoS ecosystem.

[BibT_eX]

[DOI]

Proceedings of the 2017 Internet Measurement Conference, 2017

Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs.

[BibT_eX]

[DOI]

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016

IoTPOT: A Novel Honeypot for Revealing Current IoT Threats.

[BibT_eX]

[DOI]

J. Inf. Process., 2016

Angreiferjagd im "Internet der Dinge".

[BibT_eX]

[DOI]

Sebastian Gerling

Datenschutz und Datensicherheit, 2016

Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses.

[BibT_eX]

[DOI]

Proceedings of the 25th USENIX Security Symposium, 2016

SandPrint: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

Uses and Abuses of Server-Side Requests.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

On the Feasibility of TTL-Based Filtering for DRDoS Mitigation.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016

Detecting Hardware-Assisted Virtualization.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2016

- vatiCAN - Vetted, Authenticated CAN Bus.

[BibT_eX]

[DOI]

Stefan Nürnberger

Proceedings of the Cryptographic Hardware and Embedded Systems - CHES 2016, 2016

POSTER: Mapping the Landscape of Large-Scale Vulnerability Notifications.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

Identifying the Scan and Attack Infrastructures Behind Amplification DDoS Attacks.

[BibT_eX]

[DOI]

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015

Amplification and DRDoS Attack Defense - A Survey and New Perspectives.

[BibT_eX]

[DOI]

CoRR, 2015

Cashing Out the Great Cannon? On Browser-Based DDoS Attacks and Economics.

[BibT_eX]

[DOI]

Proceedings of the 9th USENIX Workshop on Offensive Technologies, 2015

IoTPOT: Analysing the Rise of IoT Compromises.

[BibT_eX]

[DOI]

Proceedings of the 9th USENIX Workshop on Offensive Technologies, 2015

jÄk: Using Dynamic Analysis to Crawl and Test Modern Web Applications.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015

AmpPot: Monitoring and Defending Against Amplification DDoS Attacks.

[BibT_eX]

[DOI]

Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015

Going Wild: Large-Scale Classification of Open DNS Resolvers.

[BibT_eX]

[DOI]

Proceedings of the 2015 ACM Internet Measurement Conference, 2015

Reliable Recon in Adversarial Peer-to-Peer Botnets.

[BibT_eX]

[DOI]

Dennis Andriesse

Proceedings of the 2015 ACM Internet Measurement Conference, 2015

Zeus Milker: Circumventing the P2P Zeus Neighbor List Restriction Mechanism.

[BibT_eX]

[DOI]

Proceedings of the 35th IEEE International Conference on Distributed Computing Systems, 2015

POSTER: In the Net of the Spider: Measuring the Anonymity-Impact of Network-level Adversaries Against Tor.

[BibT_eX]

[DOI]

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014

Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks.

[BibT_eX]

[DOI]

Proceedings of the 8th USENIX Workshop on Offensive Technologies, 2014

Exit from Hell? Reducing the Impact of Amplification DDoS Attacks.

[BibT_eX]

[DOI]

Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Paint It Black: Evaluating the Effectiveness of Malware Blacklists.

[BibT_eX]

[DOI]

Marc Kührer

Thorsten Holz

Proceedings of the Research in Attacks, Intrusions and Defenses, 2014

Amplification Hell: Revisiting Network Protocols for DDoS Abuse.

[BibT_eX]

[DOI]

Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

On advanced monitoring in resilient and unstructured P2P botnets.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Conference on Communications, 2014

On the (In)Security of Mobile Two-Factor Authentication.

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 2014

On measuring the impact of DDoS botnets.

[BibT_eX]

[DOI]

Arne Welzel

Proceedings of the Seventh European Workshop on System Security, 2014

Leveraging semantic signatures for bug search in binary programs.

[BibT_eX]

[DOI]

Proceedings of the 30th Annual Computer Security Applications Conference, 2014

2013

CoCoSpot: Clustering and recognizing botnet command and control channels using traffic analysis.

[BibT_eX]

[DOI]

Norbert Pohlmann

Comput. Networks, 2013

SoK: P2PWNED - Modeling and Evaluating the Resilience of Peer-to-Peer Botnets.

[BibT_eX]

[DOI]

Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

Exploiting visual appearance to cluster and detect rogue software.

[BibT_eX]

[DOI]

Norbert Pohlmann

Proceedings of the 28th Annual ACM Symposium on Applied Computing, 2013

Highly resilient peer-to-peer botnets are here: An analysis of Gameover Zeus.

[BibT_eX]

[DOI]

Proceedings of the 8th International Conference on Malicious and Unwanted Software: "The Americas", 2013

ProVeX: Detecting Botnets with Encrypted Command and Control Channels.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2013

2012

Prudent Practices for Designing Malware Experiments: Status Quo and Outlook.

[BibT_eX]

[DOI]

Proceedings of the IEEE Symposium on Security and Privacy, 2012

Large-Scale Analysis of Malware Downloaders.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2012

Manufacturing compromise: the emergence of exploit-as-a-service.

[BibT_eX]

[DOI]

Kirill Levchenko

Panayiotis Mavrommatis

Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011

On Botnets That Use DNS for Command and Control.

[BibT_eX]

[DOI]

Proceedings of the Seventh European Conference on Computer Network Defense, 2011

Sandnet: network traffic analysis of malicious software.

[BibT_eX]

[DOI]

Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, 2011

2008

Empirische Untersuchung von IP-Blacklists.

[BibT_eX]

[DOI]

Proceedings of the Sicherheit 2008: Sicherheit, 2008

Empirical research of IP blacklists.

[BibT_eX]

[DOI]

Christian Dietrich

Proceedings of the ISSE 2008, 2008

Empirical research on IP blacklisting.

[BibT_eX]

[DOI]