Publications

On Security Research towards Future Mobile Network Generations

2017 - David Rupprecht, Adrian Dabrowski, Thorsten Holz, Edgar Weippl, Christina Pöpper

arXiv:1710.08932, November 2017 [arXiv] [PDF]

May the Force be with You: The Future of Force-Sensitive Authentication

2017 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Journal of Internet Computing, Special Issue of Usable Security and Privacy, 2017 [pdf]

Dynamic Spatially Isolated Secure Zones for NoC-based Many-core Accelerators

2016 - Maria Mendéz Real, Philipp Wehner, Vincent Migliore, Vianney Lapotre, Diana Göhringer, Guy Gogniat

In Proc. of the 11th International Workshop on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC), pp. 1-6, Tallinn, Estonia, 2016.

Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices

2016 - Katharina Krombholz, Thomas Hupperich, Thorsten Holz

Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), Denver, USA, June 2016 [PDF]

No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells

2016 - Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis

25th International World Wide Web Conference (WWW), Montreal, April 2016 [PDF]

Multi-Layer Access Control for SDN-based Telco Clouds

2015 - Bernd Jäger, Christian Röpke, Iris Adam, Thorsten Holz

Nordic Conference on Secure IT System (NordSec), Stockholm, Sweden, October 2015 [PDF]

Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security

2014 - Hendrik Meutzner, Viet Hung Nguyen, Thorsten Holz, Do­ro­thea Kolossa

An­nual Com­pu­ter Se­cu­ri­ty Ap­p­li­ca­ti­ons Con­fe­rence (ACSAC), New Or­leans, USA, De­cem­ber 2014 - ** Outstanding Paper Award ** [PDF]

The Dark Alleys of Madison Avenue: Understanding Malicious Advertisements

2014 - Apostolis Zarras, Alexandros Kapravelos, Gianluca Stringhini, Thorsten Holz, Christopher Kruegel, Giovanni Vigna

14th ACM SIGCOMM Internet Measurement Conference (IMC), Vancouver, Canada, November 2014 [PDF]

A Trusted Versioning File System for Passive Mobile Storage Devices

2014 - Luigi Catuogno, Hans Löhr, Marcel Winandy, Ahmad-Reza Sadeghi

Journal of Network and Computer Applications, Vol. 38, February 2014, pp. 65-75. http://dx.doi.org/10.1016/j.jnca.2013.05.006 [doi]

Mobile Malware Detection Based on Energy Fingerprints - A Dead End?

2013 - Johannes Hoffmann, Stephan Neumann, Thorsten Holz

Research in Attacks, Intrusions and Defenses (RAID) Symposium, St. Lucia, October 2013 [PDF]

A Security Layer for Smartphone-to-Vehicle Communication over Bluetooth

2013 - Andrea Dardanelli, Federico Maggi, Mara Tanelli, Stefano Zanero, Sergio M. Savaresi, Roman Kochanek, Thorsten Holz

IEEE Embedded Systems Letters, Volume: 5, Issue: 3 [PDF]

On the Fragility and Limitations of Current Browser-provided Clickjacking Protection Schemes

2012 - Sebastian Lekies, Mario Heiderich, Dennis Appelt, Thorsten Holz, Martin Johns

6th USENIX Workshop on Offensive Technologies (WOOT), Bellevue, WA, August 2012 [PDF]

SmartProxy: Secure Smartphone-Assisted Login on Compromised Machines

2012 - Johannes Hoffmann, Sebastian Uellenbeck, Thorsten Holz

9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Heraklion, Greece, July 2012 [PDF]

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

2011 - Atanas Filyanov, Jonathan M. McCune, Ahmad-Reza Sadeghi, Marcel Winandy

IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN 2011), pp. 1-12. IEEE Computer Society, 2011. [pdf]

Securing the Access to Electronic Health Records on Mobile Phones

2011 - Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Biomedical Engineering Systems and Technologies 2011 - Revised Selected Papers, Springer-Verlag, 2011. [PDF]

MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients

2011 - Ammar Alkassar, Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Med-e-Tel - Global Telemedicine and eHealth Updates: Knowledge Resources, Vol 4., pp. 385-389, ISfTeH, Luxembourg, 2011. [PDF]

A Security Architecture for Accessing Health Records on Mobile Phones.

2011 - Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy

Proceedings of the 4th International Conference on Health Informatics (HEALTHINF 2011), pp. 87-96, SciTePress, 2011. [PDF] [Bibtex]

TruWalletM: Secure Web Authentication on Mobile Platforms

2010 - Sven Bugiel, Alexandra Dmitrienko, Kari Kostiainen, Ahmad-Reza Sadeghi, Marcel Winandy

Trusted Systems, Second International Conference, INTRUST 2010, LNCS 6802/2011, Springer, 2011. [Bibtex] [PDF]

Privilege Escalation Attacks on Android.

2010 - Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Marcel Winandy

Information Security, 13th International Conference, ISC 2010, LNCS 6531/2011, pp. 346-360, Springer 2011. [Bibtex] [PDF]

Trusted Virtual Domains: Color Your Network

2010 - Luigi Catuogno, Hans Löhr, Mark Manulis, Ahmad-Reza Sadeghi, Christian Stüble, Marcel Winandy

Datenschutz und Datensicherheit (DuD) 5/2010, p. 289-298. [SpringerLink] [PDF]

Towards Automated Security Policy Enforcement in Multi-Tenant Virtual Data Centers

2010 - Ahmad-Reza Sadeghi, Christian Stüble, Serdar Cabuk, Chris I. Dalton, Konrad Eriksson, Dirk Kuhlmann, Hari Govind V. Ramasamy, Gianluca Ramunnok, Matthias Schunter

Journal of Computer Security, IOS Press, Vlo. 18, Number 1, pp. 89-121, 2010

Software distribution as a malware infection vector

2009 - Felix Gröbert, Ahmad-Reza Sadeghi, Marcel Winandy

International Conference for Internet Technology and Secured Transactions (ICITST 2009) [Bibtex]

End-to-End Header Protection in S/MIME and PGP Mail.

2007 - Jörg Schwenk, Lijun Liao,

Postersession in the 10th German IT Security Congress, Federal Office for Information Security, Bonn (Germany), 2007. [PDF]

A Case Study on Online-Banking Security.

2006 - Jörg Schwenk, Sebastian Gajek, Henrik te Heesen

International Conference on Emerging Trends in Information and Communication Security (ETRICS'06) Workshop on Security and Privacy in Future Business Services, Freiburg (Germany), 2006 .

Key-Assignment Strategies for CPPM.

2004 - Jörg Schwenk, Andre Adelsbach,

ACM Multimedia and Security Workshop 2004, Magdeburg, Germany, pp. 107 - 115, © ACM, 2004. [PDF]

Pseudonym Generation Scheme for Ad-Hoc Group Communication Based on IDH.

2004 - Jörg Schwenk, Mark Manulis,

In Proceedings of the 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), Lecture Notes in Computer Science, volume 3313, pages 107-124, Springer-Verlag, 2005. [Springer Link] [PDF] [Bibtex]

How Secure Are FPGAs in Cryptographic Applications? (Long Version)

2003 - Thomas Wollinger, Chris­tof Paar

IACR, http://eprint.iacr.org, cryptology, ePrint archive: Report 2003/119, Juni 5, 2003. [web] [pdf] [gzipped postscript]

Tree based Key Agreement for Multicast.

2001 - Jörg Schwenk, T. Martin, R. Schaffelhofer

Proc. Communications and Multimedia Security 2001, Mai 2001, Darmstadt.

How to securely broadcast a secret.

1999 - Jörg Schwenk,

In: B. Preneel (Ed.): Proceedings Communications an Multimedia Security '99, Kluwer Academic Publishers, 1999.

Recent Developments in Digital Wireless Network Security

1996 - G. Pierce, Chris­tof Paar

Massachusetts Telecommunication Council and UMass Technical Conference on Telecommunications, Lowell, March, 1996. [ps]
Page: