Thorsten Holz
According to our database1,
Thorsten Holz
authored at least 177 papers
between 2004 and 2019.
Collaborative distances:
Collaborative distances:
Timeline
Legend:
Book In proceedings Article PhD thesis OtherLinks
Homepages:
-
at orcid.org
On csauthors.net:
Bibliography
2019
Analyzing leakage of personal information by malware.
Journal of Computer Security, 2019
Die DSGVO als internationales Vorbild?
Datenschutz und Datensicherheit, 2019
Reverse Engineering x86 Processor Microcode.
CoRR, 2019
(Un)informed Consent: Studying GDPR Consent Notices in the Field.
CoRR, 2019
Robust Over-the-Air Adversarial Examples Against Automatic Speech Recognition Systems.
CoRR, 2019
Towards Automated Application-Specific Software Stacks.
CoRR, 2019
A Study of Newly Observed Hostnames and DNS Tunneling in the Wild.
CoRR, 2019
Lost traffic encryption: fingerprinting LTE/4G traffic on layer two.
Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, 2019
LTE security disabled: misconfiguration in commercial networks.
Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, 2019
AntiFuzz: Impeding Fuzzing Audits of Binary Executables.
Proceedings of the 28th USENIX Security Symposium, 2019
GRIMOIRE: Synthesizing Structure while Fuzzing.
Proceedings of the 28th USENIX Security Symposium, 2019
Breaking LTE on Layer Two.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019
On the Challenges of Geographical Avoidance for Tor.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019
REDQUEEN: Fuzzing with Input-to-State Correspondence.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019
NAUTILUS: Fishing for Deep Bugs with Grammars.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019
STEROIDS for DOPed Applications: A Compiler for Automated Data-Oriented Programming.
Proceedings of the IEEE European Symposium on Security and Privacy, 2019
Challenges in Designing Exploit Mitigations for Deeply Embedded Systems.
Proceedings of the IEEE European Symposium on Security and Privacy, 2019
A Study on Subject Data Access in Online Advertising After the GDPR.
Proceedings of the Data Privacy Management, Cryptocurrencies and Blockchain Technology, 2019
Static Detection of Uninitialized Stack Variables in Binary Code.
Proceedings of the Computer Security - ESORICS 2019, 2019
GDPiRated - Stealing Personal Information On- and Offline.
Proceedings of the Computer Security - ESORICS 2019, 2019
Sustainable Security & Safety: Challenges and Opportunities.
Proceedings of the 4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems, 2019
Large-Scale Analysis of Infrastructure-Leaking DNS Servers.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2019
It's Not what It Looks Like: Measuring Attacks and Defensive Registrations of Homograph Domains.
Proceedings of the 7th IEEE Conference on Communications and Network Security, 2019
"Your hashed IP address: Ubuntu.": perspectives on transparency tools for online advertising.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019
VPS: excavating high-level C++ constructs from low-level binaries to protect dynamic dispatching.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019
2018
The Unwanted Sharing Economy: An Analysis of Cookie Syncing and User Transparency under GDPR.
CoRR, 2018
Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding.
CoRR, 2018
We Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR's Impact on Web Privacy.
CoRR, 2018
RAPTOR: Ransomware Attack PredicTOR.
CoRR, 2018
On Security Research Towards Future Mobile Network Generations.
IEEE Communications Surveys and Tutorials, 2018
SoK: Make JIT-Spray Great Again.
Proceedings of the 12th USENIX Workshop on Offensive Technologies, 2018
Threat modeling for mobile health systems.
Proceedings of the 2018 IEEE Wireless Communications and Networking Conference Workshops, 2018
Preventing Malicious SDN Applications From Hiding Adverse Network Manipulations.
Proceedings of the 2018 Workshop on Security in Softwarized Networks: Prospects and Challenges, 2018
Masters of Time: An Overview of the NTP Ecosystem.
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018
Position-Independent Code Reuse: On the Effectiveness of ASLR in the Absence of Information Disclosure.
Proceedings of the 2018 IEEE European Symposium on Security and Privacy, 2018
Towards Understanding Privacy Implications of Adware and Potentially Unwanted Programs.
Proceedings of the Computer Security, 2018
On the Weaknesses of Function Table Randomization.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2018
An Empirical Study on Online Price Differentiation.
Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, 2018
An Exploratory Analysis of Microcode as a Building Block for System Defenses.
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018
Towards Automated Generation of Exploitation Primitives for Web Browsers.
Proceedings of the 34th Annual Computer Security Applications Conference, 2018
Attacking dynamic code.
Proceedings of the Continuing Arms Race: Code-Reuse Attacks and Defenses, 2018
2017
Toward Improved Audio CAPTCHAs Based on Auditory Perception and Language Understanding.
ACM Trans. Priv. Secur., 2017
Cross-architecture bug search in binary executables.
it - Information Technology, 2017
May the Force Be with You: The Future of Force-Sensitive Authentication.
IEEE Internet Computing, 2017
An Empirical Study on Price Differentiation Based on System Fingerprints.
CoRR, 2017
kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels.
Proceedings of the 26th USENIX Security Symposium, 2017
Syntia: Synthesizing the Semantics of Obfuscated Code.
Proceedings of the 26th USENIX Security Symposium, 2017
How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017
SDN-Guard: Protecting SDN controllers against SDN rootkits.
Proceedings of the 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks, 2017
MARX: Uncovering Class Hierarchies in C++ Programs.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017
Towards Automated Discovery of Crash-Resistant Primitives in Binary Executables.
Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2017
Breaking and Fixing Destructive Code Read Defenses.
Proceedings of the 33rd Annual Computer Security Applications Conference, 2017
ECFI: Asynchronous Control Flow Integrity for Programmable Logic Controllers.
Proceedings of the 33rd Annual Computer Security Applications Conference, 2017
2016
On network operating system security.
Int. Journal of Network Management, 2016
No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells.
Proceedings of the 25th International Conference on World Wide Web, 2016
Subversive-C: Abusing and Protecting Dynamic Message Dispatch.
Proceedings of the 2016 USENIX Annual Technical Conference, 2016
Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness.
Proceedings of the Trust and Trustworthy Computing - 9th International Conference, 2016
A Tough Call: Mitigating Advanced Code-Reuse Attacks at the Binary Level.
Proceedings of the IEEE Symposium on Security and Privacy, 2016
Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices.
Proceedings of the Twelfth Symposium on Usable Privacy and Security, 2016
On the Feasibility of TTL-Based Filtering for DRDoS Mitigation.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2016
Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016
Automated Multi-architectural Discovery of CFI-Resistant Code Gadgets.
Proceedings of the Computer Security - ESORICS 2016, 2016
Probfuscation: An Obfuscation Approach Using Probabilistic Control Flows.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2016
Leveraging Sensor Fingerprinting for Mobile Device Authentication.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2016
Detile: Fine-Grained Information Leak Detection in Script Engines.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2016
Evaluating Analysis Tools for Android Apps: Status Quo and Robustness Against Obfuscation.
Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, 2016
SkypeLine: Robust Hidden Data Transmission for VoIP.
Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016
EvilCoder: automated bug insertion.
Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016
2015
Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015
Security Analysis of PHP Bytecode Protection Mechanisms.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015
SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2015
Revealing the relationship network behind link spam.
Proceedings of the 13th Annual Conference on Privacy, Security and Trust, 2015
Multi-layer Access Control for SDN-Based Telco Clouds.
Proceedings of the Secure IT Systems, 20th Nordic Conference, 2015
Retaining control over SDN network services.
Proceedings of the 2015 International Conference and Workshops on Networked Systems, 2015
Experience report: an empirical study of PHP security mechanism usage.
Proceedings of the 2015 International Symposium on Software Testing and Analysis, 2015
Going Wild: Large-Scale Classification of Open DNS Resolvers.
Proceedings of the 2015 ACM Internet Measurement Conference, 2015
Tactile One-Time Pad: Leakage-Resilient Authentication for Smartphones.
Proceedings of the Financial Cryptography and Data Security, 2015
It's a TRaP: Table Randomization and Protection against Function-Reuse Attacks.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015
On the Robustness of Mobile Device Fingerprinting: Can Mobile Users Escape Modern Web-Tracking Mechanisms?
Proceedings of the 31st Annual Computer Security Applications Conference, 2015
2014
Scriptless attacks: Stealing more pie without touching the sill.
Journal of Computer Security, 2014
How Secure is TextSecure?
IACR Cryptology ePrint Archive, 2014
Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks.
Proceedings of the 8th USENIX Workshop on Offensive Technologies, 2014
Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014
Exit from Hell? Reducing the Impact of Amplification DDoS Attacks.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014
Static Detection of Second-Order Vulnerabilities in Web Applications.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014
CloudSylla: Detecting Suspicious System Calls in the Cloud.
Proceedings of the Stabilization, Safety, and Security of Distributed Systems, 2014
GraphNeighbors: Hampering Shoulder-Surfing Attacks on Smartphones.
Proceedings of the Sicherheit 2014: Sicherheit, 2014
Evaluating the Effectiveness of Current Anti-ROP Defenses.
Proceedings of the Research in Attacks, Intrusions and Defenses, 2014
Paint It Black: Evaluating the Effectiveness of Malware Blacklists.
Proceedings of the Research in Attacks, Intrusions and Defenses, 2014
Automated generation of models for fast and precise detection of HTTP-based malware.
Proceedings of the 2014 Twelfth Annual International Conference on Privacy, 2014
Simulation of Built-in PHP Features for Precise Static Code Analysis.
Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014
The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements.
Proceedings of the 2014 Internet Measurement Conference, 2014
Code Reuse Attacks in PHP: Automated POP Chain Generation.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014
You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014
Leveraging semantic signatures for bug search in binary programs.
Proceedings of the 30th Annual Computer Security Applications Conference, 2014
Using automatic speech recognition for attacking acoustic CAPTCHAs: the trade-off between usability and security.
Proceedings of the 30th Annual Computer Security Applications Conference, 2014
Towards automated integrity protection of C++ virtual function tables in binary programs.
Proceedings of the 30th Annual Computer Security Applications Conference, 2014
2013
An experimental security analysis of two satphone standards.
ACM Trans. Inf. Syst. Secur., 2013
A Security Layer for Smartphone-to-Vehicle Communication Over Bluetooth.
Embedded Systems Letters, 2013
Slicing droids: program slicing for smali code.
Proceedings of the 28th Annual ACM Symposium on Applied Computing, 2013
Mobile Malware Detection Based on Energy Fingerprints - A Dead End?
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2013
Practical Timing Side Channel Attacks Against Kernel Space ASLR.
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013
Preventing Backdoors in Server Applications with a Separated Software Architecture - (Short Paper).
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2013
PSiOS: bring your own privacy & security to iOS devices.
Proceedings of the 8th ACM Symposium on Information, Computer and Communications Security, 2013
Quantifying the security of graphical passwords: the case of android unlock patterns.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013
Towards reducing the attack surface of software backdoors.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013
Control-flow restrictor: compiler-based CFI for iOS.
Proceedings of the Annual Computer Security Applications Conference, 2013
k-subscription: privacy-preserving microblogging browsing through obfuscation.
Proceedings of the Annual Computer Security Applications Conference, 2013
2012
An Empirical Analysis of Malware Blacklists.
Praxis der Informationsverarbeitung und Kommunikation, 2012
B@bel: Leveraging Email Delivery for Spam Mitigation.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012
Don't Trust Satellite Phones: A Security Analysis of Two Satphone Standards.
Proceedings of the IEEE Symposium on Security and Privacy, 2012
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones.
Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012
Tracking DDoS Attacks: Insights into the Business of Disrupting the Web.
Proceedings of the 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2012
SmartProxy: Secure Smartphone-Assisted Login on Compromised Machines.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2012
Scriptless attacks: stealing the pie without touching the sill.
Proceedings of the ACM Conference on Computer and Communications Security, 2012
Down to the bare metal: using processor features for binary analysis.
Proceedings of the 28th Annual Computer Security Applications Conference, 2012
Using memory management to detect and extract illegitimate code for malware analysis.
Proceedings of the 28th Annual Computer Security Applications Conference, 2012
2011
Automatic analysis of malware behavior using machine learning.
Journal of Computer Security, 2011
Das Internet-Malware-Analyse-System (InMAS) - Ein System zur großflächigen Sammlung und Analyse von Schadsoftware im Internet.
Datenschutz und Datensicherheit, 2011
BOTMAGNIFIER: Locating Spambots on the Internet.
Proceedings of the 20th USENIX Security Symposium, 2011
JACKSTRAWS: Picking Command and Control Connections from Bot Traffic.
Proceedings of the 20th USENIX Security Symposium, 2011
TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet.
Proceedings of the Stabilization, Safety, and Security of Distributed Systems, 2011
Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices.
Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011
IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM.
Proceedings of the Recent Advances in Intrusion Detection - 14th International Symposium, 2011
Automated Identification of Cryptographic Primitives in Binary Programs.
Proceedings of the Recent Advances in Intrusion Detection - 14th International Symposium, 2011
The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns.
Proceedings of the 4th USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2011
Systems Security Research at Ruhr-University Bochum.
Proceedings of the First SysSec Workshop 2011, 2011
Crouching tiger - hidden payload: security risks of scalable vectors graphics.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011
Poster: control-flow integrity for smartphones.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011
2010
Is the Internet for Porn? An Insight Into the Online Adult Industry.
Proceedings of the 9th Annual Workshop on the Economics of Information Security, 2010
A Practical Attack to De-anonymize Social Network Users.
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010
Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries.
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010
A Malware Instruction Set for Behavior-Based Analysis.
Proceedings of the Sicherheit 2010: Sicherheit, 2010
Towards Secure Deletion on Smartphones.
Proceedings of the Sicherheit 2010: Sicherheit, 2010
Botzilla: detecting the "phoning home" of malicious software.
Proceedings of the 2010 ACM Symposium on Applied Computing (SAC), 2010
ADSandbox: sandboxing JavaScript to fight malicious websites.
Proceedings of the 2010 ACM Symposium on Applied Computing (SAC), 2010
Abusing Social Networks for Automated User Profiling.
Proceedings of the Recent Advances in Intrusion Detection, 13th International Symposium, 2010
A Small Leak will Sink a Great Ship: An Empirical Study of DLP Solutions.
Proceedings of the ISSE 2010, 2010
2009
Visual analysis of malware behavior using treemaps and thread graphs.
Proceedings of the 6th International Workshop on Visualization for Cyber Security 2009, 2009
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms.
Proceedings of the 18th USENIX Security Symposium, 2009
Eine Analyse von 33 Gigabyte gestohlener Keylogger-Daten.
Proceedings of the Informatik 2009: Im Focus das Leben, 2009
Verfolgen und Abschwächen von Malicious Remote Control Networks.
Proceedings of the Ausgezeichnete Informatikdissertationen 2009, 2009
Automatically Generating Models for Botnet Detection.
Proceedings of the Computer Security, 2009
Learning More about the Underground Economy: A Case-Study of Keyloggers and Dropzones.
Proceedings of the Computer Security, 2009
Towards Proactive Spam Filtering (Extended Abstract).
Proceedings of the Detection of Intrusions and Malware, 2009
Studying Malicious Websites and the Underground Economy on the Chinese Web.
Proceedings of the Managing Information Risk and the Economics of Security, 2009
Tracking and Mitigation of Malicious Remote Control Networks.
PhD thesis, 2009
2008
Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients.
Proceedings of the Sicherheit 2008: Sicherheit, 2008
Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm.
Proceedings of the First USENIX Workshop on Large-Scale Exploits and Emergent Threats, 2008
Measuring and Detecting Fast-Flux Service Networks.
Proceedings of the Network and Distributed System Security Symposium, 2008
As the net churns: Fast-flux botnet observations.
Proceedings of the 3rd International Conference on Malicious and Unwanted Software, 2008
Reconstructing People's Lives: A Case Study in Teaching Forensic Computing.
Proceedings of the IT-Incidents Management & IT-Forensics, 2008
Learning and Classification of Malware Behavior.
Proceedings of the Detection of Intrusions and Malware, 2008
8102 Working Group -- Attack Taxonomy.
Proceedings of the Perspectives Workshop: Network Attack Detection and Defense, 2.3., 2008
08102 Working Group -- Requirements for Network Monitoring from an IDS Perspective.
Proceedings of the Perspectives Workshop: Network Attack Detection and Defense, 2.3., 2008
Virtual Honeypots - From Botnet Tracking to Intrusion Detection.
Addison-Wesley, ISBN: 978-0-321-33632-3, 2008
2007
Toward Automated Dynamic Malware Analysis Using CWSandbox.
IEEE Security & Privacy, 2007
Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation.
Proceedings of the First Workshop on Hot Topics in Understanding Botnets, 2007
Collecting Autonomous Spreading Malware Using High-Interaction Honeypots.
Proceedings of the Information and Communications Security, 9th International Conference, 2007
Measurement and Analysis of Autonomous Spreading Malware in a University Environment.
Proceedings of the Detection of Intrusions and Malware, 2007
2006
Advanced Honeypot-Based Intrusion Detection.
;login:, 2006
New Threats and Attacks on the World Wide Web.
IEEE Security & Privacy, 2006
The Effect of Stock Spam on Financial Markets.
Proceedings of the 5th Annual Workshop on the Economics of Information Security, 2006
Learning More About Attack Patterns With Honeypots.
Proceedings of the Sicherheit 2006: Sicherheit, 2006
The Nepenthes Platform: An Efficient Approach to Collect Malware.
Proceedings of the Recent Advances in Intrusion Detection, 9th International Symposium, 2006
A Comparative Study of Teaching Forensics at a University Degree Level.
Proceedings of the IT-Incidents Management & IT-Forensics, 2006
Safety, Liveness, and Information Flow: Dependability Revisited.
Proceedings of the ARCS 2006, 2006
2005
Spying with Bots.
;login:, 2005
A Short Visit to the Bot Zoo.
IEEE Security & Privacy, 2005
Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks.
Proceedings of the Computer Security, 2005
A Pointillist Approach for Comparing Honeypots.
Proceedings of the Detection of Intrusions and Malware, 2005
Honeypots and Limitations of Deception.
Proceedings of the "Heute schon das Morgen sehen", 2005
Security Measurements and Metrics for Networks.
Proceedings of the Dependability Metrics: Advanced Lectures [result from a Dagstuhl seminar, October 30, 2005
2004
Vulnerability Assessment using Honeypots.
Praxis der Informationsverarbeitung und Kommunikation, 2004
Ermittlung von Verwundbarkeiten mit elektronischen Koedern
CoRR, 2004
NoSEBrEaK - Attacking Honeynets
CoRR, 2004
Ermittlung von Verwundbarkeiten mit elektronischen Ködern.
Proceedings of the Detection of Intrusions and Malware & Vulnerability Assessment, 2004