Number of items: 108.
Conference or Workshop Item (A Paper)
Krupp, Johannes and Rossow, Christian
(2021)
BGPeek-a-Boo: Active BGP-based Traceback for Amplification DDoS Attacks.
(In Press)
Brengel, Michael and Rossow, Christian
(2021)
YarIx: Scalable YARA-based Malware Intelligence.
Lipp, Moritz and Kogler, Andreas and Oswald, David and Schwarz, Michael and Easdon, Catherine and Canella, Claudio and Gruss, Daniel
(2021)
PLATYPUS: Software-based Power Side-Channel Attacks on x86.
Schwarzl, Martin and Canella, Claudio and Gruss, Daniel and Schwarz, Michael
(2021)
Specfuscator: Evaluating Branch Removal as a Spectre Mitigation.
Schwarzl, Martin and Schuster, Thomas and Schwarz, Michael and Gruss, Daniel
(2021)
Speculative Dereferencing of Registers: Reviving Foreshadow.
Bauer, Markus and Rossow, Christian
(2021)
NoVT: Eliminating C++ Virtual Calls to Mitigate Vtable Hijacking.
(In Press)
Reen, Gaganjeet Singh and Rossow, Christian
(2020)
DPIFuzz: A Differential Fuzzing Frameworkto Detect DPI Elusion Strategies for QUIC.
Erba, Alessandro and Taormina, Riccardo and Galelli, Stefano and Pogliani, Marcello and Carminati, Michele and Zanero, Stefano and Tippenhauer, Nils Ole
(2020)
Constrained Concealment Attacks against Reconstruction-based Anomaly Detectors in Industrial Control Systems.
Turrin, Federico and Erba, Alessandro and Tippenhauer, Nils Ole and Conti, Mauro
(2020)
A Statistical Analysis Framework for ICS Process Datasets.
Wan, Gerry and Izhikevich, Liz and Adrian, David and Yoshioka, Katsunari and Holz, Ralph and Rossow, Christian and Durumeric, Zakir
(2020)
On the Origin of Scanning: The Impact of Location on Internet-Wide Scans.
Bushart, Jonas and Christian, Rossow
(2020)
Padding Ain’t Enough: Assessing the Privacy Guarantees of Encrypted DNS.
Schwarz, Fabian and Rossow, Christian
(2020)
SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients.
Zhao, Qingchuan and Zuo, Chaoshun and Brendan, Dolan-Gavitt and Pellegrino, Giancarlo and Lin, Zhiqiang
(2020)
Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps.
Frassinelli, Daniel and Park, Sohyeon and Nürnberger, Stefan
(2020)
≪ I Know Where You Parked Last Summer ≫ Automated Reverse
Engineering and Privacy Analysis of Modern Cars.
Fass, Aurore and Backes, Michael and Stock, Ben
(2019)
JStap: A Static Pre-Filter for Malicious JavaScript Detection.
Fass, Aurore and Backes, Michael and Stock, Ben
(2019)
HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs.
Ghaeini, Hamid Reza and Chan, Matthew and Bahmani, Raad and Brasser, Ferdinand and Garcia, Luis and Zhou, Jianying and Sadeghi, Ahmad-Reza and Tippenhauer, Nils Ole and Zonouz, Saman
(2019)
PAtt: Physics-based Attestation of Control Systems.
Ghaeini, Hamid Reza and Tippenhauer, Nils Ole and Zhou, Jianying
(2019)
Zero Residual Attacks on Industrial Control Systems and Stateful Countermeasures.
Breitenbacher, Dominik and Homoliak, Ivan and Aung, Yan Lin and Tippenhauer, Nils Ole and Elovici, Yuval
(2019)
HADES-IoT: A Practical Host-Based Anomaly Detection System for IoT Devices.
van Schaik, Stephan and Milburn, Alyssa and Österlund, Sebastian and Frigo, Pietro and Maisuradze, Giorgi and Razavi, Kaveh and Bos, Herbert and Giuffrida, Cristiano
(2019)
RIDL: Rogue In-flight Data Load.
Eskandarian, Saba and Cogan, Jonathan and Birnbaum, Sawyer and Brandon, Peh Chang Wei and Franke, Dillon and Fraser, Forest and Garcia, Gaspar and Gong, Eric and Nguyen, Hung T. and Sethi, Taresh K. and Subbiah, Vishal and Backes, Michael and Pellegrino, Giancarlo and Boneh, Dan
(2019)
Fidelius: Protecting User Secrets from Compromised Browsers.
Tambe, Amit and Aung, Yan Lin and Sridharan, Ragav and Ochoa, Martin and Tippenhauer, Nils Ole and Shabtai, Asaf and Elovici, Yuval
(2019)
Detection of Threats to IoT Devices using Scalable VPN-forwarded Honeypots.
(In Press)
Iacovazzi, Alfonso and Frassinelli, Daniel and Elovici, Yuval
(2019)
The DUSTER Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track Hiding.
Iacovazzi, Alfonso and Frassinelli, Daniel and Elovici, Yuval
(2019)
The {DUSTER} Attack: Tor Onion Service Attribution Based on Flow Watermarking with Track Hiding.
Giraldo, Jairo and Urbina, David and Cárdenas, Alvaro A. and Tippenhauer, Nils Ole
(2019)
Hide and Seek: An Architecture for Improving Attack-Visibility in Industrial Control Systems.
Walla, Sebastian and Rossow, Christian
(2019)
MALPITY: Automatic Identification and Exploitation of Tarpit Vulnerabilities in Malware.
(In Press)
Speicher, Patrick and Steinmetz, Marcel and Hoffmann, Jörg and Backes, Michael and Künnemann, Robert
(2019)
Towards Automated Network Mitigation Analysis.
Speicher, Patrick and Steinmetz, Marcel and Hoffmann, Jörg and Backes, Michael and Künnemann, Robert
(2019)
Towards Automated Network Mitigation Analysis (extended version).
Bushart, Jonas
(2018)
Optimizing Recurrent Pulsing Attacks using Application-Layer Amplification of Open DNS Resolvers.
Krupp, Johannes and Rossow, Christian
(2018)
teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts.
Maisuradze, Giorgi and Rossow, Christian
(2018)
Ret2Spec: Speculative Execution Using Return Stack Buffers.
Tanabe, Rui and Ueno, Wataru and Ishii, Kou and Yoshioka, Katsunari and Matsumoto, Tsutomu and Kasama, Takahiro and Inoue, Daisuke and Rossow, Christian
(2018)
Evasive Malware via Identifier Implanting.
Bushart, Jonas and Rossow, Christian
(2018)
DNS Unchained: Amplified Application-Layer DoS Attacks Against DNS Authoritatives.
Xu, Meng and Qian, Chenxiong and Lu, Kangjie and Backes, Michael and Kim, Taesoo
(2018)
Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels.
Frassinelli, Daniel and Gambi, Alessio and Nürnberger, Stefan and Park, Sohyeon
(2018)
DRiVERSITY - Synthetic Torture Testing to Find Limits of Autonomous Driving Algorithms.
Brengel, Michael and Rossow, Christian
(2018)
Identifying Key Leakage of Bitcoin Users.
(In Press)
Brengel, Michael and Rossow, Christian
(2018)
MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps.
Krupp, Johannes and Karami, Mohammad and Rossow, Christian and McCoy, Damon and Backes, Michael
(2017)
Linking Amplification DDoS Attacks to Booter Services.
Kampmann, Alexander
(2017)
Local Analysis for Global Inputs.
Simeonovski, Milivoj and Pellegrino, Giancarlo and Rossow, Christian and Backes, Michael
(2017)
Who Controls the Internet? Analyzing Global Threats using Property Graph Traversals.
Maisuradze, Giorgi and Backes, Michael and Rossow, Christian
(2017)
Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code.
Lu, Kangjie and Walter, Marie-Therese and Pfaff, David and Nürnberger, Stefan and Lee, Wenke and Backes, Michael
(2017)
Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying.
Grosse, Kathrin and Papernot, Nicolas and Manoharan, Praveen and Backes, Michael and McDaniel, Patrick
(2017)
Adversarial Examples for Malware Detection.
Milner, Kevin and Cremers, Cas and Jiangshan, Yu and Ryan, Mark
(2017)
Automatically Detecting the Misuse of Secrets: Foundations, Design Principles, and Applications.
Jonker, Mattijs and King, Alistair and Krupp, Johannes and Rossow, Christian and Sperotto, Anna and Dainotti, Alberto
(2017)
Millions of Targets Under Attack: A Macroscopic Characterization of the DoS Ecosystem.
Urbina, David and Giraldo, Jairo and Cardenas, Alvaro A. and Tippenhauer, Nils Ole and Valente, Junia and Faisal, Mustafa and Ruths, Justin and Candell, Richard and Sandberg, Henrik
(2016)
Limiting The Impact of Stealthy Attacks on Industrial Control Systems.
Krupp, Johannes and Backes, Michael and Rossow, Christian
(2016)
Identifying the Scan and Attack Infrastructures behind Amplification DDoS attacks.
Backes, Michael and Holz, Thorsten and Rossow, Christian and Rytilahti, Teemu and Simeonovski, Milivoj and Stock, Ben
(2016)
On the Feasibility of TTL-based Filtering for DRDoS Mitigation.
Maisuradze, Giorgi and Backes, Michael and Rossow, Christian
(2016)
What Cannot be Read, Cannot be Leveraged? Revisiting Assumptions of JIT-ROP Defenses.
Nürnberger, Stefan and Rossow, Christian
(2016)
VatiCAN - Vetted, Authenticated CAN Bus.
Stock, Ben and Livshits, Benjamin and Zorn, Benjamin
(2016)
Kizzle: A Signature Compiler for Detecting Exploit Kits.
Brengel, Michael and Backes, Michael and Rossow, Christian
(2016)
Detecting Hardware-Assisted Virtualization.
Götzfried, Johannes and Müller, Tilo and Drescher, Gabor and Nürnberger, Stefan and Backes, Michael
(2016)
RamCrypt: Kernel-based Address Space Encryption for User-mode Processes.
Backes, Michael and Hammer, Christian and Pfaff, David and Skoruppa, Malte
(2016)
Implementation-level Analysis of the JavaScript Helios Voting Client.
Lu, Kangjie and Backes, Michael and Nürnberger, Stefan and Lee, Wenke
(2016)
How to Make ASLR Win the Clone Wars: Runtime Re-Randomization.
Yokoyama, Akira and Ishii, Kou and Tanabe, Rui and Papa, Yinmin and Yoshioka, Katsunari and Matsumoto, Tsutomu and Kasama, Takahiro and Inoue, Daisuke and Brengel, Michael and Backes, Michael and Rossow, Christian
(2016)
SandPrint: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion.
Karimi, M. and Tavakoli, E. and Farajtabar, Mehrdad and Song, Le and Gomez-Rodriguez, Manuel
(2016)
Smart Broadcasting: Do you want to be seen?
Pellegrino, Giancarlo and Catakoglu, Onur and Balzarotti, Davide and Rossow, Christian
(2016)
Uses and Abuses of Server-Side Requests.
Krämer, Lukas and Krupp, Johannes and Makita, Daisuke and Nishizoe, Tomomi and Koide, Takashi and Yoshioka, Katsunari and Rossow, Christian
(2015)
AmpPot: Monitoring and Defending Against Amplification DDoS Attacks.
Pewny, Jannik and Garmany, Behrad and Gawlik, Robert and Rossow, Christian and Holz, Thorsten
(2015)
Cross-Architecture Bug Search in Binary Executables.
Pfaff, David and Hack, Sebastian and Hammer, Christian
(2015)
Learning How to Prevent Return-Oriented Programming Efficiently.
Pellegrino, Giancarlo and Rossow, Christian and Ryba, Fabrice J. and Schmidt, Thomas C. and Wählisch, Matthias
(2015)
Cashing Out the Great Cannon? On Browser-Based DDoS Attacks and Economics.
Kührer, Marc and Hupperich, Thomas and Bushart, Jonas and Rossow, Christian and Holz, Thorsten
(2015)
Going Wild: Large-Scale Classification of Open DNS Resolvers.
Pa, Yin Minn Pa and Suzuki, Shogo and Yoshioka, Katsunari and Matsumoto, Tsutomu and Kasama, Takahiro and Rossow, Christian
(2015)
IoTPOT: Analysing the Rise of IoT Compromises.
Andriesse, Dennis and Rossow, Christian and Bos, Herbert
(2015)
Reliable Recon in Adversarial Peer-to-Peer Botnets.
Perl, Henning and Dechand, Sergej and Smith, Matthew and Arp, Daniel and Yamaguchi, Fabian and Rieck, Konrad and Fahl, Sascha and Acar, Yasemin
(2015)
Vccfinder: Finding potential vulnerabilities in open-source projects to assist code audits.
Karuppayah, Shankar and Roos, Stefanie and Rossow, Christian and Mühlhäuser, Max and Fischer, Mathias
(2015)
Zeus Milker: Circumventing the P2P Zeus Neighbor List Restriction Mechanism.
Backes, Michael and Holz, Thorsten and Kollenda, Benjamin and Koppe, Philipp and Nürnberger, Stefan and Pewny, Jannik
(2014)
You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code.
Kührer, Marc and Hupperich, Thomas and Rossow, Christian and Holz, Thorsten
(2014)
Exit from Hell? Reducing the Impact of Amplification DDoS Attacks.
Blond, Stevens Le and Uritesc, Adina and Gilbert, Cedric and Chua, Zheng Leong and Saxena, Prateek and Kirda, Engin
(2014)
A Look at Targeted Attacks Through the Lense of an NGO.
Backes, Michael and Nürnberger, Stefan
(2014)
Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing.
Backes, Michael and Gerling, Rainer W. and Gerling, Sebastian and Nürnberger, Stefan and Schröder, Dominique and Simkin, Mark
(2014)
WebTrust - A Comprehensive Authenticity and Integrity Framework for HTTP.
Rossow, Christian
(2014)
Amplification Hell: Revisiting Network Protocols for DDoS Abuse.
Kührer, Marc and Hupperich, Thomas and Rossow, Christian and Holz, Thorsten
(2014)
Hell of a Handshake: Abusing TCP for Reflective Amplification DDoS Attacks.
Pewny, Jannik and Schuster, Felix and Bernhard, Lukas and Holz, Thorsten and Rossow, Christian
(2014)
Leveraging semantic signatures for bug search in binary programs.
Karuppayah, Shankar and Fischer, Mathias and Rossow, Christian and Mühlhäuser, Max
(2014)
On Advanced Monitoring in Resilient and Unstructured P2P Botnets.
Welzel, Arne and Rossow, Christian and Bos, Herbert
(2014)
On Measuring the Impact of DDoS Botnets.
Dmitrienko, Alexandra and Liebchen, Christopher and Rossow, Christian and Sadeghi, Ahmad-Reza
(2014)
On the (In)Security of Mobile Two-Factor Authentication.
Kührer, Marc and Rossow, Christian and Holz, Thorsten
(2014)
Paint it Black: Evaluating the Effectiveness of Malware Blacklists.
Pecina, Kim and Mohammadi, Esfandiar and Pöpper, Christina
(2014)
Zero-Communication Seed Establishment for Anti-Jamming Techniques.
Bleikertz, Sören and Bugiel, Sven and Ideler, Hugo and Nürnberger, Stefan and Sadeghi, Ahmad-Reza
(2013)
Client-controlled Cryptography-as-a-Service in the Cloud.
Davi, Lucas Vincenzo and Dmitrienko, Alexandra and Nürnberger, Stefan and Sadeghi, Ahmad-Reza
(2013)
Gadge Me if You Can: Secure and Efficient Ad-Hoc Instruction-Level Randomization for x86 and ARM.
Zhao, Mingchen and Aditya, Paarijaat and Chen, Ang and Lin, Yin and Haeberlen, Andreas and Druschel, Peter and Maggs, Bruce and Wishon, Bill and Ponec, Miroslav
(2013)
Peer-assisted Content Distribution in Akamai Netsession.
Gujarati, Arpan and Cerqueira, Felipe and Brandenburg, Björn B.
(2013)
Schedulability Analysis of the Linux Push and Pull Scheduler with Arbitrary Processor Affinities.
Santos, Nuno and Rodrigues, Rodrigo and Gummadi, Krishna P. and Saroiu, Stefan
(2012)
Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services.
Basin, David and Cremers, Cas and Meier, Simon
(2012)
Provably Repairing the ISO/IEC 9798 Standard for Entity Authentication.
Aditya, Paarijaat and Zhao, Mingchen and Lin, Yin and Haeberlen, Andreas and Druschel, Peter and Maggs, Bruce and Wishon, Bill
(2012)
Reliable Client Accounting for P2P-infrastructure Hybrids.
Davi, Lucas and Dmitrienko, Alexandra and Nürnberger, Stefan and Sadeghi, Ahmad-Reza
(2012)
XIFER: A Software Diversity Tool Against Code-Reuse Attacks.
Bugiel, Sven and Nürnberger, Stefan and Sadeghi, Ahmad-Reza and Schneider, Thomas
(2011)
Twin Clouds: An Architecture for Secure Cloud Computing.
Li, Qi and Xu, Mingwei and Wu, Jianping and Zhang, Xinwen and Lee, Patrick P. C. and Xu, Ke
(2011)
Enhancing the Trust of Internet Routing with Lightweight Route Attestation.
Petrlic, Ronald
(2011)
Integrity Protection for Automated Teller Machines.
Jagadeesan, Radha and Pitcher, Corin and Rathke, Julian and Riely, James
(2011)
Local Memory via Layout Randomization.
Schlesinger, Cole and Pattabiraman, Karthik and Swamy, Nikhil and Walker, David and Zorn, Benjamin
(2011)
Modular Protections Against Non-control Data Attacks.
Kehuan, Zhang and Xiaoyong, Zhou and Yangyi, Chen and XiaoFeng, Wang and Yaoping, Ruan
(2011)
Sedic: Privacy-Aware Data Intensive Computing on Hybrid Clouds.
Bugiel, Sven and Nürnberger, Stefan and Sadeghi, Ahmad-Reza and Schneider, Thomas
(2011)
Twin Clouds: Secure Cloud Computing with Low Latency.
Backes, Michael and Grochulla, Martin and Hriţcu, Cătălin and Maffei, Matteo
(2009)
Achieving Security Despite Compromise Using Zero-knowledge.
Article
Sala, Massimiliano and Sogiorno, Domenica and Taufer, Daniele
(2020)
A Small Subgroup Attack on Bitcoin Address Generation.
Mathematics, 8 (10).
ISSN 2227-7390
Chattopadhyay, Sudipta and Beck, Moritz and Rezine, Ahmed and Zeller, Andreas
(2019)
Quantifying the Information Leakage in Cache Attacks via Symbolic Execution.
ACM Trans. Embed. Comput. Syst., 18 (1).
Yu, Jiangshan and Ryan, Mark and Cremers, Cas
(2018)
DECIM: Detecting Endpoint Compromise In Messaging.
IEEE Transactions on Information Forensics and Security, 13 (1).
pp. 106-118.
Feltz, Michèle and Cremers, Cas
(2018)
Strengthening the Security of Authenticated Key Exchange against Bad Randomness.
Designs, Codes and Cryptography, 86 (3).
pp. 481-516.
Grosse, Kathrin and Manoharan, Praveen and Papernot, Nicolas and Backes, Michael and McDaniel, Patrick
(2017)
On the (Statistical) Detection of Adversarial Examples.
CoRR, abs/17.
(Submitted)
Gerling, Sebastian and Rossow, Christian
(2016)
Angreiferjagd im "Internet der Dinge".
Datenschutz und Datensicherheit, 40 (8).
pp. 507-510.
Berrang, Pascal and Bogdoll, Jonathan and Hahn, Ernst Moritz and Hartmanns, Arnd and Hermanns, Holger
(2012)
Dependability Results for Power Grids with Decentralized Stabilization Strategies.
AVACS Technical Report (83).
ISSN 1860-9821
Thesis
Spier, Steffen
(2015)
Cold boot attacks and the error model of DRAM modules.
Bachelors thesis, Saarland University.
Reischuk, Raphael M.
(2014)
Declarative Design and Enforcement for Secure Cloud Applications.
Doctoral thesis, Saarland University.
Book Section
Tippenhauer, Nils Ole
(2019)
Design and Realization of Testbeds for Security Research in the Industrial Internet of Things.
In:
Security and Privacy Trends in the Industrial Internet of Things.
Springer, Cham, pp. 287-310.
ISBN 978-3-030-12330-7
Asghar, Muhammad Rizwan and Ion, Mihaela and Russello, Giovanni and Crispo, Bruno
(2012)
Securing Data Provenance in the Cloud.
In:
UNSPECIFIED
Lecture Notes in Computer Science, 7039
.
Springer Berlin Heidelberg, pp. 145-160.
ISBN 978-3-642-27584-5
Monograph
Paul, Wolfgang J. and Lutsyk, P and Oberhauser, J
(2016)
Multi-core System Architecture.
Technical Report.
UNSPECIFIED.
This list was generated on Wed Mar 3 00:02:32 2021 CET.