Number of items: 110.
Conference or Workshop Item (A Paper)
Abdelnabi, Sahar and Fritz, Mario
(2023)
Fact-Saboteurs: A Taxonomy of Evidence Manipulation Attacks against Fact-Verification Systems.
(In Press)
Aghakhani, Hojjat and Schönherr, Lea and Eisenhofer, Thorsten and Kolossa, Dorothea and Holz, Thorsten and Kruegel, Christopher and Vigna, Giovanni
(2023)
VENOMAVE: Targeted Poisoning Against Speech Recognition.
Agrawal, Akanksha and Marx, Dániel and Neuen, Daniel and Slusallek, Jasper
(2023)
Computing Square Colorings on Bounded-Treewidth and Planar Graphs.
(In Press)
AlHamdan, Abdullah and Staicu, Cristian-Alexandru
(2023)
SandDriller: A Fully-Automated Approach for Testing Language-Based JavaScript Sandboxes.
Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Acar, Yasemin and Fahl, Sascha
(2023)
“Would You Give the Same Priority to the Bank and a Game? I Do Not!”
Exploring Credential Management Strategies and Obstacles during Password Manager Setup.
Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Krause, Alexander and Simko, Lucy and Acar, Yasemin and Fahl, Sascha
(2023)
“We’ve Disabled MFA for You”: An Evaluation of the Security and
Usability of Multi-Factor Authentication Recovery Deployments.
(In Press)
Balliu, Alkida and Brandt, Sebastian and Kuhn, Fabian and Olivetti, Dennis
(2023)
Distributed Maximal Matching and Maximal Independent Set on Hypergraphs.
(Submitted)
Balliu, Alkida and Brandt, Sebastian and Kuhn, Fabian and Olivetti, Dennis and Schmid, Gustav
(2023)
On the Node-Averaged Complexity of Locally Checkable Problems on Trees.
(Submitted)
Bars, Nils and Schloegel, Moritz and Scharnowski, Tobias and Schiller, Nico and Holz, Thorsten
(2023)
Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge.
Beutner, Raven and Finkbeiner, Bernd and Frenkel, Hadar and Metzger, Niklas
(2023)
Second-Order Hyperproperties.
Beutner, Raven and Finkbeiner, Bernd and Frenkel, Hadar and Siber, Julian
(2023)
Checking and Sketching Causes on Temporal Sequences.
(Submitted)
Bhuiyan, Masudul Hasan Masud and Parthasarathy, Adithya Srinivas and Vasilakis, Nikos and Pradel, Michael and Staicu, Cristian-Alexandru
(2023)
SecBench.js: An Executable Security Benchmark Suite for Server-Side JavaScript.
Bindel, Nina and Cremers, Cas and Zhao, Mang
(2023)
FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiation.
(In Press)
Blechschmidt, Birk and Stock, Ben
(2023)
Extended Hell(o): A Comprehensive Large-Scale Study on Email Confidentiality and Integrity Mechanisms in the Wild.
Bo, Li and Schmidt, Mikkel N. and Alstrøm, Tommy S. and Stich, Sebastian U.
(2023)
On the effectiveness of partial variance reduction in federated learning with heterogeneous data.
Borrello, Pietro and Easdon, Catherine and Schwarzl, Martin and Czerny, Roland and Schwarz, Michael
(2023)
CustomProcessingUnit: Reverse Engineering and Customization of Intel Microcode.
Bushart, Jonas and Rossow, Christian
(2023)
Anomaly-based Filtering of Application-Layer DDoS Against DNS Authoritatives.
(Submitted)
Bushart, Jonas and Rossow, Christian
(2023)
ResolFuzz: Differential Fuzzing of DNS Resolvers.
Bytes, Andrei and Rajput, Prashant Hari Narayan and Doumanidis, Constantine and Tippenhauer, Nils Ole and Maniatakos, Michail and Zhou, Jianying
(2023)
FieldFuzz: In Situ Blackbox Fuzzing of Proprietary Industrial Automation Runtimes via the Network.
Chakraborty, Dhiman and Schwarz, Michael and Bugiel, Sven
(2023)
TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors.
Cheval, Vincent and Cremers, Cas and Dax, Alexander and Hirschi, Lucca and Jacomme, Charlie and Kremer, Steve
(2023)
Hash Gone Bad: Automated discovery of protocol attacks that exploit hash function weaknesses.
Cosler, Matthias and Hahn, Christopher and Mendoza, Daniel and Schmitt, Frederik and Trippel, Caroline
(2023)
nl2spec: Interactively Translating Unstructured Natural Language to Temporal Logics with Large Language Models.
Cosler, Matthias and Schmitt, Frederik and Hahn, Christopher and Finkbeiner, Bernd
(2023)
Iterative Circuit Repair Against Formal Specifications.
Cremers, Cas and Dax, Alexander and Jacomme, Charlie and Zhao, Mang
(2023)
Automated Analysis of Protocols that use Authenticated Encryption: How Subtle AEAD Differences can impact Protocol Security.
(Submitted)
Cremers, Cas and Dax, Alexander and Naska, Aurora
(2023)
Formal Analysis of SPDM: Security Protocol and Data Model version 1.2.
Cremers, Cas and Jacomme, Charlie and Naska, Aurora
(2023)
Formal Analysis of Session-Handling in Secure Messaging: Lifting Security from Sessions to Conversations.
(Submitted)
Dewes, Rafael and Dimitrova, Rayna
(2023)
Compositional High-Quality Synthesis.
(In Press)
Ding, Aolin and Chan, Matthew and Hassanzadeh, Amin and Tippenhauer, Nils Ole and Ma, Shiqing and Zonouz, Saman
(2023)
Get Your Cyber-Physical Tests Done! Data-Driven Vulnerability Assessment of Robotic Vehicle.
Doron-Arad, Ilan and Kulik, Ariel and Shachnai, Hadas
(2023)
An EPTAS for Budgeted Matching and Budgeted Matroid Intersection via Representative Sets.
(In Press)
Doron-Arad, Ilan and Kulik, Ariel and Shachnai, Hadas
(2023)
An EPTAS for Budgeted Matroid Independent Set.
(In Press)
Eberlein, Martin and Smytzek, Marius and Steinhöfel, Dominic and Grunske, Lars and Zeller, Andreas
(2023)
Semantic Debugging.
(In Press)
Eberlein, Martin and Smytzek, Marius and Steinhöfel, Dominic and Grunske, Lars and Zeller, Andreas
(2023)
Semantic Debugging.
(In Press)
Eisele, Max and Ebert, Daniel and Huth, Christopher and Zeller, Andreas
(2023)
Fuzzing Embedded Systems Using Debug Interfaces.
(In Press)
Erba, Alessandro and Tippenhauer, Nils Ole
(2023)
White-box Concealment Attacks Against Anomaly Detectors for Cyber-Physical Systems.
Esiyok, Ilkan and Berrang, Pascal and Cohn-Gordon, Katriel and Künnemann, Robert
(2023)
Accountable Javascript Code Delivery.
Fassl, Matthias and Krombholz, Katharina
(2023)
Why I Can't Authenticate --- Understanding the Low Adoption of Authentication Ceremonies with Autoethnography.
Finkbeiner, Bernd and Frenkel, Hadar and Hofmann, Jana and Janine, Lohse
(2023)
Automata-Based Software Model Checking of Hyperproperties.
Finkbeiner, Bernd and Siber, Julian
(2023)
Counterfactuals Modulo Temporal Logics.
Focke, Jacob and Marx, Dániel and Mc Inerney, Fionn and Neuen, Daniel and Sankar, Govind and Schepper, Philipp and Wellnitz, Philip
(2023)
Tight Complexity Bounds for Counting Generalized Dominating Sets in Bounded-Treewidth Graphs.
(In Press)
Fourné, Marcel and Wermke, Dominik and Enck, William and Fahl, Sascha and Acar, Yasemin
(2023)
It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security.
Gadhikar, Advait and Mukherjee, Sohom and Burkholz, Rebekka
(2023)
Why Random Pruning Is All We Need to Start Sparse.
Gegenhuber, Gabriel Karl and Mayer, Wilfried and Weippl, Edgar and Dabrowski, Adrian
(2023)
MobileAtlas: Geographically Decoupled Measurements in Cellular Networks for Security and Privacy Research.
(In Press)
Gerhardt, Dañiel and Ponticello, Alexander and Dabrowski, Adrian and Krombholz, Katharina
(2023)
Investigating Verification Behavior and Perceptions of Visual Digital Certificates.
Gerlach, Lukas and Thomas, Fabian and Pietsch, Robert and Schwarz, Michael
(2023)
A Rowhammer Reproduction Study Using the Blacksmith Fuzzer.
Gerlach, Lukas and Weber, Daniel and Zhang, Ruiyi and Schwarz, Michael
(2023)
A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs.
Ghorbani Lyastani, Sanam and Bugiel, Sven and Backes, Michael
(2023)
A Systematic Study of the Consistency of Two-Factor Authentication User Journeys on Top-Ranked Websites.
Gröber, Lea and Mrowczynski, Rafael and Vijay, Nimisha and Muller, Daphne A. and Dabrowski, Adrian and Krombholz, Katharina
(2023)
To Cloud or not to Cloud: A Qualitative Study on Self-Hosters’ Motivation, Operation, and Security Mindset.
Gunsing, Aldo and Bhaumik, Ritam and Jha, Ashwin and Mennink, Bart and Shen, Yaobin
(2023)
Revisiting the Indifferentiability of the Sum of Permutations.
(Submitted)
Guthoff, Carolyn and Anell, Simon and Hainzinger, Johann and Dabrowski, Adrian and Krombholz, Katharina
(2023)
Perceptions of Distributed Ledger Technology Key Management - An Interview Study with Finance Professionals.
Hantke, Florian and Calzavara, Stefano and Wilhelm, Moritz and Rabitti, Alvise and Stock, Ben
(2023)
You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements.
Hanzlik, Lucjan and Loss, Julian and Wagner, Benedikt
(2023)
Rai-Choo! Evolving Blind Signatures to the Next Level.
Hanzlik, Lucjan and Loss, Julian and Wagner, Benedikt
(2023)
Token meets Wallet: Formalizing Privacy and Revocation for FIDO2.
Hasan, Rakibul and Weil, Rebecca and Siegel, Rudolf and Krombholz, Katharina
(2023)
A Psychometric Scale to Measure Individuals’ Value of Other People’s Privacy (VOPP).
Heim, Philippe and Dimitrova, Rayna
(2023)
Taming Large Bounds in Synthesis from Bounded-Liveness Specifications.
(In Press)
Izhikevich, Liz and Tran, Manda and Kallitsis, Michalis and Fass, Aurore and Durumeric, Zakir
(2023)
Cloud Watching: Understanding Attacks Against Cloud-Hosted Services.
Jiang, Xiaowen and Stich, Sebastian U.
(2023)
Adaptive SGD with Polyak stepsize and Line-search: Robust Convergence and Variance Reduction.
Khodayari, Soheil and Pellegrino, Giancarlo
(2023)
It's (DOM) Clobbering Time: Attack Techniques, Prevalence, and Defenses.
(Submitted)
Kogler, Andreas and Juffinger, Jonas and Giner, Lukas and Gerlach, Lukas and Schwarzl, Martin and Schwarz, Michael and Gruss, Daniel and Mangard, Stefan
(2023)
Collide+Power: Leaking Inaccessible Data with Software-based Power Side Channels.
Koloskova, Anastasia and Hendrikx, Hadrien and Stich, Sebastian U.
(2023)
Revisiting Gradient Clipping: Stochastic bias and tight convergence guarantees.
Krause, Alexander and Klemmer, Jan H. and Huaman, Nicolas and Wermke, Dominik and Acar, Yasemin and Fahl, Sascha
(2023)
Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secrets in Source Code Repositories.
Li, Zheng and Yu, Ning and Salem, Ahmed and Backes, Michael and Fritz, Mario and Zhang, Yang
(2023)
UnGANable: Defending Against GAN-based Face Manipulation.
Lorenz, Tobias and Kwiatkowska, Marta and Fritz, Mario
(2023)
Certifiers Make Neural Networks Vulnerable to Availability Attacks.
(In Press)
Mammadov, Tural
(2023)
Learning Program Models from Generated Inputs.
Mohtashami, Amirkeivan and Jaggi, Martin and Stich, Sebastian U.
(2023)
Special Properties of Gradient Descent with Large Learning Rates.
Morio, Kevin and Esiyok, Ilkan and Jackson, Dennis and Künnemann, Robert
(2023)
Automated Security Analysis of Exposure Notification Systems.
(In Press)
Mosier, Nicholas and Eselius, Kate and Nemati, Hamed and Mitchell, John and Trippel, Caroline
(2023)
Hardware-Software Codesign for Mitigating Spectre.
Motallebighomi, Maryam and Sathaye, Harshad and Singh, Mridula and Ranganathan, Aanjhan
(2023)
Location-independent GNSS Relay Attacks: A Lazy Attacker’s
Guide to Bypassing Navigation Message Authentication.
Mustafa, Maryam and Asad, Abdul Moeed and Hassan, Shehrbano and Haider, Urooj and Durrani, Zainab and Krombholz, Katharina
(2023)
Pakistani Teens and Privacy - How Gender Disparities, Religion and Family Values Impact the Privacy Design Space.
Nasrabadi, Faezeh and Künnemann, Robert and Nemati, Hamed
(2023)
CryptoBap: A Binary Analysis Platform for Cryptographic Protocols.
Nicolae, Maria-Irina and Eisele, Max and Zeller, Andreas
(2023)
Revisiting Neural Program Smoothing for Fuzzing.
(In Press)
Ortloff, Anna-Marie and Fassl, Matthias and Ponticello, Alexander and Martius, Florin and Mertens, Anna and Krombholz, Katharina and Smith, Matthew
(2023)
Different Researchers, Different Results? Analyzing the Influence of Researcher Experience and Data Type During Qualitative Analysis of an Interview and Survey Study on Security Advice.
Pan, Jiaxin and Wagner, Benedikt
(2023)
Chopsticks: Fork-Free Two-Round Multi-Signatures from Non-Interactive Assumptions.
Pan, Jiaxin and Wagner, Benedikt and Zeng, Runzhi
(2023)
Lattice-based Authenticated Key Exchange with Tight Security.
Qu, Yiting and He, Xinlei and Pierson, Shannon and Backes, Michael and Zhang, Yang and Zannettou, Savvas
(2023)
On the Evolution of (Hateful) Memes by Means of Multimodal Contrastive Learning.
Qu, Yiting and Shen, Xinyue and He, Xinlei and Backes, Michael and Zannettou, Savvas and Zhang, Yang
(2023)
Unsafe Diffusion: On the Generation of Unsafe Images and
Hateful Memes From Text-To-Image Models.
(Submitted)
Rack, Jeremy and Staicu, Cristian-Alexandru
(2023)
Jack-in-the-box: An Empirical Study of JavaScript Bundling on the Web and its Security Implications.
Rasifard, Hamed and Gopinath, Rahul and Backes, Michael and Nemati, Hamed
(2023)
SEAL: Capability-Based Access Control for Data-Analytic Scenarios.
(In Press)
Rautenstrauch, Jannis and Pellegrino, Giancarlo and Stock, Ben
(2023)
The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web.
Roeschlin, Marc and Camurati, Giovanni and Brunner, Pascal and Mridula, Singh and Srdjan, Capkun
(2023)
EdgeTDC: On the Security of Time Difference of Arrival Measurements in CAN Bus Systems.
Schiller, Nico and Chlosta, Merlin and Schloegel, Moritz and Bars, Nils and Eisenhofer, Thorsten and Scharnowski, Tobias and Domke, Felix and Schönherr, Lea and Holz, Thorsten
(2023)
Drone Security and the Mysterious Case of DJI's DroneID.
Schlüter, Till and Choudhari, Amit and Hetterich, Lorenz and Trampert, Leon and Nemati, Hamed and Ibrahim, Ahmad and Schwarz, Michael and Rossow, Christian and Tippenhauer, Nils Ole
(2023)
FetchBench: Systematic Identification and Characterization of Proprietary Prefetchers.
Schwarzl, Martin and Borrello, Pietro and Saileshwar, Gururaj and Müller, Hanna and Schwarz, Michael and Gruss, Daniel
(2023)
Practical Timing Side-Channel Attacks on Memory Compression.
Shcherbakov, Mikhail and Balliu, Musard and Staicu, Cristian-Alexandru
(2023)
Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js.
Siegel, Rudolf and Mrowczynski, Rafael and Hellenthal, Maria and Schilling, Michael
(2023)
Poster: From Hashes to Ashes – A Comparison of Transcription Services.
Smytzek, Marius
(2023)
From Input to Failure: Explaining Program Behavior via Cause-Effect Chains.
(In Press)
Staicu, Cristian-Alexandru and Rahaman, Sazzadur and Kiss, Ágnes and Backes, Michael
(2023)
Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages.
Stivala, Giada and Abdelnabi, Sahar and Mengascini, Andrea and Graziano, Mariano and Fritz, Mario and Pellegrino, Giancarlo
(2023)
From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!
(In Press)
Thomas, Fabian and Gerlach, Lukas and Schwarz, Michael
(2023)
Hammulator: Simulate Now - Exploit Later.
Utz, Christine and Amft, Sabrina and Degeling, Martin and Holz, Thorsten and Fahl, Sascha and Schaub, Florian
(2023)
Privacy Rarely Considered: Exploring Considerations in the
Adoption of Third-Party Services by Websites.
Utz, Christine and Michels, Matthias and Degeling, Martin and Marnau, Ninja and Stock, Ben
(2023)
Comparing Large-Scale Privacy and Security Notifications.
(In Press)
Walita, Tim and Erba, Alessandro and Castellanos, John H. and Tippenhauer, Nils Ole
(2023)
Blind Concealment from Reconstruction-based Attack Detectors for Industrial Control Systems via Backdoor Attacks.
Wang, Boya and Lueks, Wouter and Sukaitis, Justinas and Graf Narbel, Vincent and Troncoso, Carmela
(2023)
Not Yet Another Digital ID: Privacy-Preserving Humanitarian Aid Distribution.
(In Press)
Wang, Haiming and Zhang, Zhikun and Wang, Tianhao and He, Shibo and Backes, Michael and Chen, Jiming and Zhang, Yang
(2023)
PrivTrace: Differentially Private Trajectory Synthesis by Adaptive Markov Model.
Weber, Daniel and Thomas, Fabian and Gerlach, Lukas and Zhang, Ruiyi and Schwarz, Michael
(2023)
Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks.
Weber, Daniel and Thomas, Fabian and Gerlach, Lukas and Zhang, Ruiyi and Schwarz, Michael
(2023)
Reviving Meltdown 3a.
Wermke, Dominik and Klemmer, Jan H. and Wöhler, Noah and Schmüser, Juliane and Harshini Sri Ramulu, Yasemin Acar and Fahl, Sascha
(2023)
"Always Contribute Back": A Qualitative Study on Security Challenges of the Open Source Supply Chain.
Wi, Seongil and Nguyen, Trung Tin and Kim, Jiwhan and Stock, Ben and Son, Sooel
(2023)
DiffCSP: Finding Browser Bugs in Content Security
Policy Enforcement through Differential Testing.
Willbold, Johannes and Schloegel, Moritz and Vögele, Manuel and Gerhardt, Maximilian and Holz, Thorsten and Abbasi, Ali
(2023)
Space Odyssey: An Experimental Software Security Analysis of Satellites.
Yuan, Xiaojian and Chen, Kejiang and Zhang, Jie and Zhang, Weiming and Yu, Nenghai and Zhang, Yang
(2023)
Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network.
Zhang, Ruiyi and Kim, Taehyun and Weber, Daniel and Schwarz, Michael
(2023)
(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels.
Article
Ben Guebila, Marouen and Wang, Tian and Lopes-Ramos, Camila M. and Fanfani, Viola and Weighill, Des and Burkholz, Rebekka and Schlauch, Daniel and Paulson, Joseph N. and Altenbuchinger, Michael and Shutta, Katherine H and Sonawane, Abhijeet R. and Lim, James and Calderer, Genis and van IJzendoorn, David G. P. and Morgan, Daniel and Marin, Alessandro and Chen, Cho-Yi and Song, Qi and Saha, Enakshi and DeMeo, Dawn L. and Padi, Megha and Platig, John and Kuijjer, Marieke and Glass, Kimberly and Quackenbush, John
(2023)
The Network Zoo: a multilingual package for the inference and analysis of gene regulatory networks.
Genome Biology, 24 (1).
ISSN 1474-7596
Cogliati, Benoît-Michel and Ethan, Jordan and Jha, Ashwin
(2023)
Subverting Telegram's End-to-End Encryption.
IACR Transactions on Symmetric Cryptology, 2023 (1).
pp. 5-40.
ISSN 2519-173X
EdalatNejad, Kasra and Raynal, Mathilde and Lueks, Wouter and Troncoso, Carmela
(2023)
Private Collection Matching Protocols.
Proceedings on Privacy Enhancing Technologies (PoPETs).
(In Press)
Fassl, Matthias and Ponticello, Alexander and Dabrowski, Adrian and Krombholz, Katharina
(2023)
Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon.
Proceedings of the ACM on Human-Computer Interaction, 7 (CSCW2).
Finkbeiner, Bernd
(2023)
Logics and Algorithms for Hyperproperties.
ACM SIGLOG News, 10 (2).
pp. 4-23.
ISSN 2372-3491
Fisman, Dana and Frenkel, Hadar and Zilles, Sandra
(2023)
Inferring Symbolic Automata.
Logical Methods in Computer Science, 19 (2).
Horváth, Samuel and Kovalev, Dmitry and Mishchenko, Konstantin and Richtárik, Peter and Stich, Sebastian U.
(2023)
Stochastic distributed learning with gradient quantization and double-variance reduction.
Optimization Methods and Software, 38 (1).
pp. 91-106.
Lenzen, Christoph and Medina, Moti and Saberi, Mehrdad and Schmid, Stefan
(2023)
Robust Routing Made Easy: Reinforcing Networks Against Non-Benign Faults.
IEEE/ACM Transactions on Networking.
pp. 1-15.
ISSN 1063-6692
Book Section
Distler, Verena and Fassl, Matthias and Habib, Hana and Krombholz, Katharina and Lenzini, Gabriele and Lallemand, Carine and Koenig, Vincent and Cranor, Lorrie Faith
(2023)
Empirical Research Methods in Usable Privacy and Security.
In:
Human Factors in Privacy Research.
Springer Cham, pp. 29-53.
ISBN 978-3-031-28643-8
Monograph
Schwarz, Fabian and Do, Khue and Heide, Gunnar and Hanzlik, Lucjan and Rossow, Christian
(2023)
FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs (Extended Version).
Technical Report.
UNSPECIFIED.
This list was generated on Wed Nov 20 22:41:28 2024 CET.