Browse by Research Area

(2024) CacheWarp: Software-based Fault Injection using Selective State Reset.

(2024) Efficient and Generic Microarchitectural Hash-Function Recovery.

(2023) Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks.

(2023) ResolFuzz: Differential Fuzzing of DNS Resolvers.

(2023) Reviving Meltdown 3a.

(2023) A Rowhammer Reproduction Study Using the Blacksmith Fuzzer.

(2023) Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge.

(2023) Automated Security Analysis of Exposure Notification Systems. (In Press)

(2023) Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels.

(2023) (M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels.

(2023) Revisiting Neural Program Smoothing for Fuzzing. (In Press)

(2023) Anomaly-based Filtering of Application-Layer DDoS Against DNS Authoritatives. (Submitted)

(2023) FetchBench: Systematic Identification and Characterization of Proprietary Prefetchers.

(2023) White-box Concealment Attacks Against Anomaly Detectors for Cyber-Physical Systems.

(2023) A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs.

(2023) Space Odyssey: An Experimental Software Security Analysis of Satellites.

(2023) Fuzzing Embedded Systems Using Debug Interfaces. (In Press)

(2023) CustomProcessingUnit: Reverse Engineering and Customization of Intel Microcode.

(2023) Hammulator: Simulate Now - Exploit Later.

(2023) Practical Timing Side-Channel Attacks on Memory Compression.

(2023) Subverting Telegram's End-to-End Encryption.

(2022) TyPro: Forward CFI for C-Style Indirect Function Calls Using Type Propagation. (In Press)

(2022) Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation.

(2022) HyperDbg: Reinventing Hardware-Assisted Debugging.

(2022) Jit-Picking: Differential Fuzzing of JavaScript Engines.

(2022) Security Analysis of Vendor Implementations of the OPC UA Protocol for Industrial Control Systems.

(2022) TrustedGateway: TEE-Assisted Routing and Firewall Enforcement Using ARM TrustZone. (In Press)

(2022) Browser-based CPU Fingerprinting. (In Press)

(2022) CPU Port Contention Without SMT.

(2022) Robust and Scalable Process Isolation against Spectre in the Cloud.

(2022) AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities.

(2022) Loki: Hardening Code Obfuscation Against Automated Attacks.

(2022) SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing.

(2022) ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture.

(2022) AMD Prefetch Attacks through Power and Time.

(2022) Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing.

(2022) Hiding in Plain Sight? On the Efficacy of Power Side Channel-Based Control Flow Monitoring.

(2022) Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels.

(2022) Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks.

(2022) Rapid Prototyping for Microarchitectural Attacks.

(2022) Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX.

(2022) A survey on the group of points arising from elliptic curves with a Weierstrass model over a ring. (In Press)

(2022) xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64.

(2022) Branch Different - Spectre Attacks on Apple Silicon.

(2022) Finding and Exploiting CPU Features using MSR Templating.

(2022) Nyx-Net: Network Fuzzing with Incremental Snapshots.

(2022) Debugger-driven Embedded Fuzzing.

(2021) vBump: Securing Ethernet-based Industrial Control System Networks with VLAN-based Traffic Aggregation.

(2021) Automating Seccomp Filter Generation for Linux Applications.

(2021) ANYway: Measuring the Amplification DDoS Potential of Domains.

(2021) BGPeek-a-Boo: Active BGP-based Traceback for Amplification DDoS Attacks.

(2021) YarIx: Scalable YARA-based Malware Intelligence.

(2021) LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks.

(2021) Osiris: Automated Discovery of Microarchitectural Side Channels. (In Press)

(2021) Assessing the Use of Insecure ICS Protocols via IXP Network Traffic Analysis.

(2021) PLATYPUS: Software-based Power Side-Channel Attacks on x86.

(2021) Cali: Compiler Assisted Library Isolation. (In Press)

(2021) Specfuscator: Evaluating Branch Removal as a Spectre Mitigation.

(2021) Speculative Dereferencing of Registers: Reviving Foreshadow.

(2021) NoVT: Eliminating C++ Virtual Calls to Mitigate Vtable Hijacking. (In Press)

(2021) COTS Drone Detection Using Video Streaming Characteristics.

(2020) DPIFuzz: A Differential Fuzzing Frameworkto Detect DPI Elusion Strategies for QUIC.

(2020) xOSSig: Leveraging OS Diversity to Automatically Extract Malware Code Signatures.

(2020) Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems.

(2020) A Statistical Analysis Framework for ICS Process Datasets.

(2020) On the Origin of Scanning: The Impact of Location on Internet-Wide Scans.

(2020) Studying JavaScript Security Through Static Analysis.

(2020) A Small Subgroup Attack on Bitcoin Address Generation.

(2020) Padding Ain’t Enough: Assessing the Privacy Guarantees of Encrypted DNS.

(2020) SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients.

(2020) Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy.

(2020) BIAS: Bluetooth Impersonation AttackS.

(2020) Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps.

(2020) ≪ I Know Where You Parked Last Summer ≫ Automated Reverse Engineering and Privacy Analysis of Modern Cars.

(2019) JStap: A Static Pre-Filter for Malicious JavaScript Detection.

(2019) HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs.

(2019) PAtt: Physics-based Attestation of Control Systems.

(2019) Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures.

(2019) HADES-IoT: A Practical Host-Based Anomaly Detection System for IoT Devices.

(2019) RIDL: Rogue In-flight Data Load.

(2019) Fidelius: Protecting User Secrets from Compromised Browsers.

(2019) Detection of Threats to IoT Devices using Scalable VPN-forwarded Honeypots. (In Press)

(2019) Quantifying the Information Leakage in Cache Attacks via Symbolic Execution.

(2019) The DUSTER Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track Hiding.

(2019) Design and Realization of Testbeds for Security Research in the Industrial Internet of Things.

(2019) Hide and Seek: An Architecture for Improving Attack-Visibility in Industrial Control Systems.

(2019) MALPITY: Automatic Identification and Exploitation of Tarpit Vulnerabilities in Malware. (In Press)

(2019) Towards Automated Network Mitigation Analysis.

(2019) Towards Automated Network Mitigation Analysis (extended version).

(2018) Optimizing Recurrent Pulsing Attacks using Application-Layer Amplification of Open DNS Resolvers.

(2018) teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts.

(2018) Ret2Spec: Speculative Execution Using Return Stack Buffers.

(2018) Evasive Malware via Identifier Implanting.

(2018) DNS Unchained: Amplified Application-Layer DoS Attacks Against DNS Authoritatives.

(2018) Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels.

(2018) DECIM: Detecting Endpoint Compromise In Messaging.

(2018) DRiVERSITY - Synthetic Torture Testing to Find Limits of Autonomous Driving Algorithms.

(2018) Identifying Key Leakage of Bitcoin Users. (In Press)

(2018) MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps.

(2018) Strengthening the Security of Authenticated Key Exchange against Bad Randomness.

(2017) Linking Amplification DDoS Attacks to Booter Services.

(2017) Local Analysis for Global Inputs.

(2017) Who Controls the Internet? Analyzing Global Threats using Property Graph Traversals.

(2017) Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code.

(2017) Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying.

(2017) Adversarial Examples for Malware Detection.

(2017) Automatically Detecting the Misuse of Secrets: Foundations, Design Principles, and Applications.

(2017) Millions of Targets Under Attack: A Macroscopic Characterization of the DoS Ecosystem.

(2017) On the (Statistical) Detection of Adversarial Examples. (Submitted)

(2016) Limiting The Impact of Stealthy Attacks on Industrial Control Systems.

(2016) Identifying the Scan and Attack Infrastructures behind Amplification DDoS attacks.

(2016) On the Feasibility of TTL-based Filtering for DRDoS Mitigation.

(2016) What Cannot be Read, Cannot be Leveraged? Revisiting Assumptions of JIT-ROP Defenses.

(2016) VatiCAN - Vetted, Authenticated CAN Bus.

(2016) Kizzle: A Signature Compiler for Detecting Exploit Kits.

(2016) Detecting Hardware-Assisted Virtualization.

(2016) RamCrypt: Kernel-based Address Space Encryption for User-mode Processes.

(2016) Implementation-level Analysis of the JavaScript Helios Voting Client.

(2016) How to Make ASLR Win the Clone Wars: Runtime Re-Randomization.

(2016) Angreiferjagd im "Internet der Dinge".

(2016) Multi-core System Architecture.

(2016) SandPrint: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion.

(2016) Smart Broadcasting: Do you want to be seen?

(2016) Uses and Abuses of Server-Side Requests.

(2015) AmpPot: Monitoring and Defending Against Amplification DDoS Attacks.

(2015) Cold boot attacks and the error model of DRAM modules.

(2015) Cross-Architecture Bug Search in Binary Executables.

(2015) Learning How to Prevent Return-Oriented Programming Efficiently.

(2015) Cashing Out the Great Cannon? On Browser-Based DDoS Attacks and Economics.

(2015) Going Wild: Large-Scale Classification of Open DNS Resolvers.

(2015) IoTPOT: Analysing the Rise of IoT Compromises.

(2015) Reliable Recon in Adversarial Peer-to-Peer Botnets.

(2015) Vccfinder: Finding potential vulnerabilities in open-source projects to assist code audits.

(2015) Zeus Milker: Circumventing the P2P Zeus Neighbor List Restriction Mechanism.

(2014) You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code.

(2014) Exit from Hell? Reducing the Impact of Amplification DDoS Attacks.

(2014) A Look at Targeted Attacks Through the Lense of an NGO.

(2014) Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing.

(2014) WebTrust - A Comprehensive Authenticity and Integrity Framework for HTTP.

(2014) Amplification Hell: Revisiting Network Protocols for DDoS Abuse.

(2014) Declarative Design and Enforcement for Secure Cloud Applications.

(2014) Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks.

(2014) Leveraging semantic signatures for bug search in binary programs.

(2014) On Advanced Monitoring in Resilient and Unstructured P2P Botnets.

(2014) On Measuring the Impact of DDoS Botnets.

(2014) On the (In)Security of Mobile Two-Factor Authentication.

(2014) Paint it Black: Evaluating the Effectiveness of Malware Blacklists.

(2014) Zero-Communication Seed Establishment for Anti-Jamming Techniques.

(2013) Client-controlled Cryptography-as-a-Service in the Cloud.

(2013) Gadge Me if You Can: Secure and Efficient Ad-Hoc Instruction-Level Randomization for x86 and ARM.

(2013) Peer-assisted Content Distribution in Akamai Netsession.

(2013) Schedulability Analysis of the Linux Push and Pull Scheduler with Arbitrary Processor Affinities.

(2012) Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services.

(2012) Dependability Results for Power Grids with Decentralized Stabilization Strategies.

(2012) Provably Repairing the ISO/IEC 9798 Standard for Entity Authentication.

(2012) Reliable Client Accounting for P2P-infrastructure Hybrids.

(2012) Securing Data Provenance in the Cloud.

(2012) XIFER: A Software Diversity Tool Against Code-Reuse Attacks.

(2011) Twin Clouds: An Architecture for Secure Cloud Computing.

(2011) Enhancing the Trust of Internet Routing with Lightweight Route Attestation.

(2011) Integrity Protection for Automated Teller Machines.

(2011) Local Memory via Layout Randomization.

(2011) Modular Protections Against Non-control Data Attacks.

(2011) Sedic: Privacy-Aware Data Intensive Computing on Hybrid Clouds.

(2011) Twin Clouds: Secure Cloud Computing with Low Latency.

(2009) Achieving Security Despite Compromise Using Zero-knowledge.