Details

Rank:	#7 Worldwide #1 in Europe
Papers:	179
Number of Researchers:	102
APA (average papers per authors):	1.8
Country:	GERMANY

"Isolating Intrusions by Automatic Experiments"

Stephan Neuhaus, Andreas Zeller, ... -- NDSS 2006

"Extended Abstract: Information Flow in the Peer-Reviewing Process"

Michael Backes, Markus Duermuth, Dominique Unruh, ... -- Oakland 2007

"Predicting Vulnerable Software Components"

Andreas Zeller, ... -- CCS 2007

"Compromising Reflections-or-How to Read LCD Monitors around the Corner"

Michael Backes, ... -- Oakland 2008

"Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol"

Michael Backes, ... -- Oakland 2008

"Type-checking Zero-knowledge"

Michael Backes, ... -- CCS 2008

"CSAR: A Practical and Provable Technique to Make Randomized Systems Accountable"

Michael Backes, ... -- NDSS 2009

"Automatic Discovery and Quantification of Information Leaks"

Michael Backes, ... -- Oakland 2009

"Tempest in a Teapot: Compromising Reflections Revisited"

Michael Backes, ... -- Oakland 2009

"CoSP: a general framework for computational soundness proofs"

Michael Backes, ... -- CCS 2009

"Computationally sound verification of source code"

Michael Backes, ... -- CCS 2010

"Acoustic Side-Channel Attacks on Printers"

Michael Backes, ... -- Usenix 2010

"A Security API for Distributed Social Networks"

Michael Backes, ... -- NDSS 2011

"Automated Synthesis of Secure Distributed Applications"

Michael Backes, ... -- NDSS 2012

"ObliviAd: Provably Secure and Practical Online Behavioral Advertising"

Michael Backes, ... -- Oakland 2012

"Computational Soundness Without Protocol Restrictions"

Michael Backes, ... -- CCS 2012

"Fuzzing with Code Fragments"

Andreas Zeller, ... -- Usenix 2012

"Preventing Side-channel Leaks in Web Traffic: A Formal Approach"

Michael Backes, ... -- NDSS 2013

"Verifiable Delegation of Computation on Outsourced Data"

Michael Backes, ... -- CCS 2013

"Relational Abstract Interpretation for the Verification of 2-Hypersafety Properties"

Bernd Finkbeiner, ... -- CCS 2013

"Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies"

Sven Bugiel, ... -- Usenix 2013

"(Nothing else) MATor(s): Monitoring the Anonymity of Tor's Path Selection"

Michael Backes, ... -- CCS 2014

"You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code"

Michael Backes, ... -- CCS 2014

"Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing"

Michael Backes, ... -- Usenix 2014

"ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data"

Michael Backes, ... -- Oakland 2015

"Cross-Architecture Bug Search in Binary Executables"

Christian Rossow, ... -- Oakland 2015

"Boxify: Full-fledged App Sandboxing for Stock Android"

Michael Backes, Sven Bugiel, ... -- Usenix 2015

"In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services"

Giancarlo Pellegrino, ... -- Usenix 2015

"How to Make ASLR Win the Clone Wars: Runtime Re-Randomization"

Stefan Nurnberger, Michael Backes, ... -- NDSS 2016

"SoK: Lessons Learned From Android Security Research For Appified Software Platforms"

Michael Backes, Sven Bugiel, Sascha Fahl, ... -- Oakland 2016

"You Get Where You're Looking For: The Impact Of Information Sources On Code Security"

Yasemin Acar, Michael Backes, Sascha Fahl, ... -- Oakland 2016

"Reliable Third-Party Library Detection in Android and its Security Applications"

Michael Backes, Sven Bugiel, Erik Derr, ... -- CCS 2016

"Membership Privacy in MicroRNA-based Studies"

Michael Backes, Pascal Berrang, ... -- CCS 2016

"Efficient Cryptographic Password Hardening Services From Partially Oblivious Commitments"

Michael Backes, ... -- CCS 2016

"Computational Soundness of Dalvik Bytecode"

Michael Backes, ... -- CCS 2016

"Identifying the Scanners and Attack Infrastructure behind Amplification DDoS attacks"

Michael Backes, Christian Rossow, ... -- CCS 2016

"Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification"

Ben Stock, Giancarlo Pellegrino, Christian Rossow, Michael Backes, ... -- Usenix 2016

"What Cannot be Read, Cannot be Leveraged? Revisiting Assumptions of JIT-ROP Defenses"

Michael Backes, Christian Rossow, ... -- Usenix 2016

"An Empirical Study of Textual Key-Fingerprint Representations"

Yasemin Acar, Sascha Fahl, ... -- Usenix 2016

"On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis"

Michael Backes, Sven Bugiel, Erik Derr, ... -- Usenix 2016

"Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles"

Michael Backes, Pascal Berrang, ... -- Usenix 2016

"P2P Mixing and Unlinkable Bitcoin Transactions"

Tim Ruffing, ... -- NDSS 2017

"SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks"

Giulio Malavolta, ... -- NDSS 2017

"Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code"

Giorgi Maisuradze, Michael Backes, Christian Rossow, ... -- NDSS 2017

"Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying"

Marie-Therese Walter, David Pfaff, Stefan Nurnberger, Michael Backes, ... -- NDSS 2017

"Comparing the Usability of Cryptographic APIs"

Yasemin Acar, Michael Backes, Sascha Fahl, Christian Stransky, ... -- Oakland 2017

"Identifying Personal DNA Methylation Profiles by Genotype Inference"

Michael Backes, Pascal Berrang, Mathias Humbert, ... -- Oakland 2017

"Stack Overflow Considered Harmful? --- The Impact of Copy&Paste on Android Application Security"

Christian Stransky, Yasemin Acar, Michael Backes, Sascha Fahl, ... -- Oakland 2017

"A Stitch in Time: Supporting Android Developers in Writing Secure Code"

Michael Backes, ... -- CCS 2017

"Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs"

Giancarlo Pellegrino, Simon Koch, Michael Backes, Christian Rossow, ... -- CCS 2017

"Keep me updated: An Empirical Study of Third-Party Library Updatability on Android"

Erik Derr, Sven Bugiel, Michael Backes, ... -- CCS 2017

"The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android"

Jie Huang, Oliver Schranz, Sven Bugiel, Michael Backes, ... -- CCS 2017

"Verifying Security Policies in Multi-agent Workflows with Loops"

Bernd Finkbeiner, ... -- CCS 2017

"walk2friends: Inferring Social Links from Mobility Profiles"

Michael Backes, Yang Zhang, ... -- CCS 2017

"How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security"

Ben Stock, Marius Steffens, Michael Backes, ... -- Usenix 2017

"Didn't You Hear Me? - Towards More Successful Web Vulnerability Notifications."

Ben Stock, Giancarlo Pellegrino, Michael Backes, Christian Rossow, ... -- NDSS 2018

"Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels"

Michael Backes, ... -- Oakland 2018

"The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators"

Marten Oltrogge, Erik Derr, Christian Stransky, Christian Rossow, Giancarlo Pellegrino, Sven Bugiel, Michael Backes, ... -- Oakland 2018

"On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees"

Cas Cremers, ... -- CCS 2018

"ret2spec: Speculative Execution Using Return Stack Buffers"

Giorgi Maisuradze, Christian Rossow, ... -- CCS 2018

"Investigating Operators' Perspective on Security Misconfigurations"

Katharina Krombholz, ... -- CCS 2018

"Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse"

Sanam Ghorbani Lyastani, Michael Backes, Sven Bugiel, ... -- Usenix 2018

"teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts"

Johannes Krupp, Christian Rossow, ... -- Usenix 2018

"Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild"

Marius Steffens, Christian Rossow, Ben Stock, ... -- NDSS 2019

"The Unexpected Danger of UX Features: A Case of Sensitive Data Leakage of Drivers in Ride-Hailing Services"

Giancarlo Pellegrino, ... -- NDSS 2019

"MBeacon: Privacy-Preserving Beacons for DNA Methylation Data"

Inken Hagestedt, Yang Zhang, Pascal Berrang, Michael Backes, ... -- NDSS 2019

"ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models"

Ahmed Salem, Yang Zhang, Pascal Berrang, Mario Fritz, Michael Backes, ... -- NDSS 2019

"Nearby Threats: Reversing, Analyzing, and Attacking Google's "Nearby Connections" on Android"

Nils Ole Tippenhauer, ... -- NDSS 2019

"Component-Based Formal Analysis of 5G-AKA: Channel Assumptions and Session Confusion"

Cas Cremers, ... -- NDSS 2019

"DroidCap: OS Support for Capability-based Permissions in Android"

Abdallah Dawoud, Sven Bugiel, ... -- NDSS 2019

"Fidelius: Protecting User Secrets from Compromised Browsers"

Michael Backes, Giancarlo Pellegrino, ... -- Oakland 2019

""If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS"

Katharina Krombholz, ... -- Oakland 2019

"Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy"

Duc Cuong Nguyen, Erik Derr, Michael Backes, Sven Bugiel, ... -- Oakland 2019

"A Usability Evaluation of Let's Encrypt and Certbot - Usable Security Done Right?"

Katharina Krombholz, ... -- CCS 2019

"AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning"

Pascal Dupre, Giancarlo Pellegrino, ... -- CCS 2019

"HideNoSeek: Camouflaging Malicious JavaScript in Benign ASTs"

Aurore Fass, Michael Backes, Ben Stock, ... -- CCS 2019

"Membership Privacy for Fully Dynamic Group Signatures"

Michael Backes, Lucjan Hanzlik, Jonas Schneider-Bensch, ... -- CCS 2019

"MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples"

Ahmed Salem, Michael Backes, Yang Zhang, ... -- CCS 2019

"Seems Legit: Automated Analysis of Subtle Attacks on Protocols that use Signatures"

Cas Cremers, ... -- CCS 2019

"simTPM: User-centric TPM for Mobile Devices"

Dhiman Chakraborty, Lucjan Hanzlik, Sven Bugiel, ... -- Usenix 2019

"The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR"

Nils Ole Tippenhauer, ... -- Usenix 2019

"Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies"

Sebastian Roth, Ben Stock, ... -- NDSS 2020

"Cross-Origin State Inference (COSI) Attacks: Leaking Web Site States through XS-Leaks"

Soheil Khodayari, ... -- NDSS 2020

"Deceptive Previews: A Study of the Link Preview Trustworthiness in Social Platforms"

Giada Stivala, Giancarlo Pellegrino, ... -- NDSS 2020

"Towards Plausible Graph Anonymization"

Yang Zhang, Bartlomiej Surma, Praveen Manoharan, Jilles Vreeken, Michael Backes, ... -- NDSS 2020

"Automatic Uncovering of Hidden Behaviors from Input Validation in Mobile Apps"

Giancarlo Pellegrino, ... -- Oakland 2020

"Automatically Detecting Bystanders in Photos to Reduce Privacy Risks"

Mario Fritz, ... -- Oakland 2020

"BIAS: Bluetooth Impersonation AttackS"

Nils Ole Tippenhauer, ... -- Oakland 2020

"Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication"

Sanam Ghorbani Lyastani, Michael Schilling, Michaela Neumayr, Michael Backes, Sven Bugiel, ... -- Oakland 2020

"I Know Where You Parked Last Summer - Automated Reverse Engineering and Privacy Analysis of Modern Cars"

Daniel Frassinelli, Sohyeon Park, Stefan Nurnberger, ... -- Oakland 2020

"VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity"

Sahar Abdelnabi, Katharina Krombholz, Mario Fritz, ... -- CCS 2020

"LEAF: A Faster Secure Search Algorithm via Localization, Extraction, and Reconstruction"

Rui Wen, Yang Zhang, ... -- CCS 2020

"GAN-Leaks: A Taxonomy of Membership Inference Attacks against Generative Models"

Dingfan Chen, Yang Zhang, Mario Fritz, ... -- CCS 2020

"Verifiable Timed Signatures Made Practical"

Nico Dottling, ... -- CCS 2020

"PMForce: Systematically Analyzing postMessage Handlers at Scale"

Marius Steffens, Ben Stock, ... -- CCS 2020

"Clone Detection in Secure Messaging: Improving Post-Compromise Security in Practice"

Cas Cremers, Jaiden Fairoze, Benjamin Kiesl, Aurora Naska, ... -- CCS 2020

"A Formal Analysis of IEEE 802.11's WPA2: Countering the Kracks Caused by Cracking the Counters"

Cas Cremers, Benjamin Kiesl, Niklas Medinger, ... -- Usenix 2020

"A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web"

Sebastian Roth, Michael Backes, Ben Stock, ... -- Usenix 2020

"SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients"

Fabian Schwarz, Christian Rossow, ... -- Usenix 2020

"Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning"

Ahmed Salem, Michael Backes, Mario Fritz, Yang Zhang, ... -- Usenix 2020

"A Spectral Analysis of Noise: A Comprehensive, Automated, Formal Analysis of Diffie-Hellman Protocols"

Cas Cremers, ... -- Usenix 2020

"Bringing Balance to the Force: Dynamic Analysis of the Android Application Framework"

Abdallah Dawoud, Sven Bugiel, ... -- NDSS 2021

"Reining in the Web’s Inconsistencies with Site Policy"

Marius Steffens, Ben Stock, ... -- NDSS 2021

"Who’s Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI"

Marius Steffens, Ben Stock, ... -- NDSS 2021

"Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding"

Sahar Abdelnabi, Mario Fritz, ... -- Oakland 2021

"An Interactive Prover for Protocol Verification in the Computational Model"

Charlie Jacomme, ... -- Oakland 2021

"BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures"

Cas Cremers, ... -- Oakland 2021

"Black Widow: Blackbox Data-driven Web Scanning"

Giancarlo Pellegrino, ... -- Oakland 2021

"PLATYPUS: Software-based Power Side-Channel Attacks on x86"

Michael Schwarz, ... -- Oakland 2021

"SoK: Computer-Aided Cryptography"

Cas Cremers, ... -- Oakland 2021

"The Provable Security of Ed25519: Theory and Practice"

Jacqueline Brendel, Cas Cremers, Mang Zhao, ... -- Oakland 2021

"They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites"

Marten Oltrogge, ... -- Oakland 2021

"Preventing Dynamic Library Compromise on Node.js via RWX-Based Privilege Reduction"

Cristian-Alexandru Staicu, ... -- CCS 2021

"AHEAD: Adaptive Hierarchical Decomposition for Range Query under Local Differential Privacy"

Zhikun Zhang, ... -- CCS 2021

"Membership Leakage in Label-Only Exposures"

Zheng Li, Yang Zhang, ... -- CCS 2021

"With a Little Help from My Friends: Constructing Practical Anonymous Credentials"

Lucjan Hanzlik, ... -- CCS 2021

"DoubleX: Statically Analyzing Browser Extensions at Scale"

Aurore Fass, Doliere Francis Some, Michael Backes, Ben Stock, ... -- CCS 2021

"Continuous Release of Data Streams under both Centralized and Local Differential Privacy"

Zhikun Zhang, ... -- CCS 2021

"When Machine Unlearning Jeopardizes Privacy"

Min Chen, Zhikun Zhang, Michael Backes, Yang Zhang, ... -- CCS 2021

"Quantifying and Mitigating Privacy Risks of Contrastive Learning"

Xinlei He, Yang Zhang, ... -- CCS 2021

"Membership Inference Attacks Against Recommender Systems"

Yang Zhang, ... -- CCS 2021

"12 Angry Developers – A Qualitative Study on Developers’ Struggles with CSP"

Sebastian Roth, Lea Theresa Grober, Michael Backes, Katharina Krombholz, Ben Stock, ... -- CCS 2021

"On the Usability of Authenticity Checks for Hardware Security Tokens"

Katharina Krombholz, ... -- Usenix 2021

"LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks"

Nils Ole Tippenhauer, ... -- Usenix 2021

"Explanation Beats Context: The Effect of Timing & Rationales on Users' Runtime Permission Decisions"

Yusra Elbitar, Michael Schilling, Trung Tin Nguyen, Michael Backes, Sven Bugiel, ... -- Usenix 2021

"PrivSyn: Differentially Private Data Synthesis"

Zhikun Zhang, Michael Backes, Yang Zhang, ... -- Usenix 2021

"A Large-Scale Interview Study on Information Security in and Attacks against Small and Medium-sized Enterprises"

Nicolas Huaman, Sascha Fahl, ... -- Usenix 2021

"Osiris: Automated Discovery of Microarchitectural Side Channels"

Daniel Weber, Ahmad Ibrahim, Hamed Nemati, Michael Schwarz, Christian Rossow, ... -- Usenix 2021

"The Complexities of Healing in Secure Group Messaging: Why Cross-Group Effects Matter"

Cas Cremers, ... -- Usenix 2021

"JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals"

Soheil Khodayari, Giancarlo Pellegrino, ... -- Usenix 2021

"Stealing Links from Graph Neural Networks"

Xinlei He, Michael Backes, Yang Zhang, ... -- Usenix 2021

"YARIX: Scalable YARA-based Malware Intelligence"

Michael Brengel, Christian Rossow, ... -- Usenix 2021

"A11y and Privacy don't have to be mutually exclusive: Constraining Accessibility Service Misuse on Android"

Jie Huang, Michael Backes, Sven Bugiel, ... -- Usenix 2021

"Share First, Ask Later (or Never?) Studying Violations of GDPR's Explicit Consent in Android Apps"

Trung Tin Nguyen, Michael Backes, Ninja Marnau, Ben Stock, ... -- Usenix 2021

"Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications"

Marten Oltrogge, Michael Backes, ... -- Usenix 2021

"V-Range: Enabling Secure Ranging in 5G Wireless Networks"

Mridula Singh, ... -- NDSS 2022

"Property Inference Attacks Against GANs"

Yang Zhang, ... -- NDSS 2022

"Get a Model! Model Hijacking Attack Against Machine Learning Models"

Ahmed Salem, Michael Backes, Yang Zhang, ... -- NDSS 2022

"27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University"

Sascha Fahl, ... -- Oakland 2022

"A Logic and an Interactive Prover for the Computational Post-Quantum Security of Protocols"

Cas Cremers, Charlie Jacomme, Cas Cremers, ... -- Oakland 2022

"Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects"

Dominik Wermke, Noah Woehler, Sascha Fahl, ... -- Oakland 2022

"Finding and Exploiting CPU Features using MSR Templating"

Daniel Weber, Michael Schwarz, ... -- Oakland 2022

"How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study"

Sascha Fahl, ... -- Oakland 2022

"Model Stealing Attacks Against Inductive Graph Neural Networks"

Xinlei He, Yang Zhang, ... -- Oakland 2022

"The State of the SameSite: Studying the Usage, Effectiveness, and Adequacy of SameSite Cookies"

Soheil Khodayari, Giancarlo Pellegrino, ... -- Oakland 2022

"Auditing Membership Leakages of Multi-Exit Networks"

Zheng Li, Yiyong Liu, Xinlei He, Michael Backes, Yang Zhang, ... -- CCS 2022

"Automatic Detection of Speculative Execution Combinations"

Xaver Fabian, ... -- CCS 2022

"FeIDo: Recoverable FIDO2 Tokens Using Electronic IDs"

Fabian Schwarz, Khue Do, Gunnar Heide, Lucjan Hanzlik, Christian Rossow, ... -- CCS 2022

"Finding MNEMON: Reviving Memories of Node Embeddings"

Zhikun Zhang, Min Chen, Michael Backes, Yang Zhang, ... -- CCS 2022

"Freely Given Consent? Studying Consent Notice of Third-Party Tracking and Its Violations of GDPR in Android Apps"

Trung Tin Nguyen, Michael Backes, Ben Stock, ... -- CCS 2022

"Graph Unlearning"

Min Chen, Zhikun Zhang, Michael Backes, Yang Zhang, ... -- CCS 2022

"Helping or Hindering? How Browser Extensions Undermine Security"

Shubham Agarwal, ... -- CCS 2022

"HyperDbg: Reinventing Hardware-Assisted Debugging"

Michael Schwarz, ... -- CCS 2022

"JIT-Picking: Differential Fuzzing of JavaScript Engines"

Thorsten Holz, ... -- CCS 2022

"Membership Inference Attacks by Exploiting Loss Trajectory"

Yiyong Liu, Zhengyu Zhao, Michael Backes, Yang Zhang, ... -- CCS 2022

"Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels"

Ahmad Ibrahim, Hamed Nemati, Till Schluter, Nils Ole Tippenhauer, Christian Rossow, ... -- CCS 2022

"NTRU-u-um: Secure Fully Homomorphic Encryption from NTRU with Small Modulus"

Kamil Kluczniak, ... -- CCS 2022

"On the Adaptive Security of the Threshold BLS Signature Scheme"

Renas Bacho, Julian Loss, ... -- CCS 2022

"On the Privacy Risks of Cell-Based NAS Architectures"

Hai Huang, Zhikun Zhang, Michael Backes, Yang Zhang, ... -- CCS 2022

"Platypus: A Central Bank Digital Currency with Unlinkable Transactions and Privacy-Preserving Regulation"

Karl Wust, ... -- CCS 2022

"ROAST: Robust Asynchronous Schnorr Threshold Signatures"

Jonas Schneider-Bensch, ... -- CCS 2022

"SSLGuard: A Watermarking Scheme for Self-supervised Learning Pre-trained Encoders"

Xinlei He, Yang Zhang, ... -- CCS 2022

"Why So Toxic? Measuring and Triggering Toxic Behavior in Open-Domain Chatbots"

Wai Man Si, Michael Backes, Yang Zhang, ... -- CCS 2022

"AMD Prefetch Attacks through Power and Time"

Michael Schwarz, ... -- Usenix 2022

"ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models"

Yugeng Liu, Rui Wen, Xinlei He, Ahmed Salem, Zhikun Zhang, Michael Backes, Mario Fritz, Yang Zhang, ... -- Usenix 2022

"Repurposing Segmentation as a Practical LVI-NULL Mitigation in SGX"

Michael Schwarz, ... -- Usenix 2022

"Rapid Prototyping for Microarchitectural Attacks"

Michael Schwarz, ... -- Usenix 2022

"Inference Attacks Against Graph Neural Networks"

Zhikun Zhang, Min Chen, Michael Backes, Yang Zhang, ... -- Usenix 2022

"Hiding in Plain Sight? On the Efficacy of Power Side Channel-Based Control Flow Monitoring"

Nils Ole Tippenhauer, ... -- Usenix 2022

"Security at the End of the Tunnel: The Anatomy of VPN Mental Models Among Experts and Non-Experts in a Corporate Context"

Katharina Krombholz, ... -- Usenix 2022

"Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks"

Michael Schwarz, ... -- Usenix 2022

"SAPIC+: protocol verifiers of the world, unite!"

Charlie Jacomme, Robert Kunnemann, ... -- Usenix 2022

"Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples"

Sabrina Amft, Sascha Fahl, ... -- Usenix 2022

"Teacher Model Fingerprinting Attacks Against Transfer Learning"

Yang Zhang, ... -- Usenix 2022

"ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture"

Michael Schwarz, ... -- Usenix 2022

"The Security Lottery: Measuring Client-Side Web Security Inconsistencies"

Sebastian Roth, Moritz Wilhelm, Ben Stock, ... -- Usenix 2022

"AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities"

Johannes Krupp, Christian Rossow, ... -- Usenix 2022

"SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing"

Thorsten Holz, ... -- Usenix 2022

"Loki: Hardening Code Obfuscation Against Automated Attacks"

Thorsten Holz, ... -- Usenix 2022

CISPA Helmholtz Center for Information Security

General Info

Activity Map

Contributors

Papers

"Isolating Intrusions by Automatic Experiments"

"Extended Abstract: Information Flow in the Peer-Reviewing Process"

"Predicting Vulnerable Software Components"

"Compromising Reflections-or-How to Read LCD Monitors around the Corner"

"Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol"

"Type-checking Zero-knowledge"

"CSAR: A Practical and Provable Technique to Make Randomized Systems Accountable"

"Automatic Discovery and Quantification of Information Leaks"

"Tempest in a Teapot: Compromising Reflections Revisited"

"CoSP: a general framework for computational soundness proofs"

"Computationally sound verification of source code"

"Acoustic Side-Channel Attacks on Printers"

"A Security API for Distributed Social Networks"

"Automated Synthesis of Secure Distributed Applications"

"ObliviAd: Provably Secure and Practical Online Behavioral Advertising"

"Computational Soundness Without Protocol Restrictions"

"Fuzzing with Code Fragments"

"Preventing Side-channel Leaks in Web Traffic: A Formal Approach"

"Verifiable Delegation of Computation on Outsourced Data"

"Relational Abstract Interpretation for the Verification of 2-Hypersafety Properties"

"Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies"

"(Nothing else) MATor(s): Monitoring the Anonymity of Tor's Path Selection"

"You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code"

"Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing"

"ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data"

"Cross-Architecture Bug Search in Binary Executables"

"Boxify: Full-fledged App Sandboxing for Stock Android"

"In the Compression Hornet's Nest: A Security Study of Data Compression in Network Services"

"How to Make ASLR Win the Clone Wars: Runtime Re-Randomization"

"SoK: Lessons Learned From Android Security Research For Appified Software Platforms"

"You Get Where You're Looking For: The Impact Of Information Sources On Code Security"

"Reliable Third-Party Library Detection in Android and its Security Applications"

"Membership Privacy in MicroRNA-based Studies"

"Efficient Cryptographic Password Hardening Services From Partially Oblivious Commitments"

"Computational Soundness of Dalvik Bytecode"

"Identifying the Scanners and Attack Infrastructure behind Amplification DDoS attacks"

"Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification"

"What Cannot be Read, Cannot be Leveraged? Revisiting Assumptions of JIT-ROP Defenses"

"An Empirical Study of Textual Key-Fingerprint Representations"

"On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis"

"Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles"

"P2P Mixing and Unlinkable Bitcoin Transactions"

"SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks"

"Dachshund: Digging for and Securing (Non-)Blinded Constants in JIT Code"

"Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying"

"Comparing the Usability of Cryptographic APIs"

"Identifying Personal DNA Methylation Profiles by Genotype Inference"

"Stack Overflow Considered Harmful? --- The Impact of Copy&Paste on Android Application Security"

"A Stitch in Time: Supporting Android Developers in Writing Secure Code"

"Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs"

"Keep me updated: An Empirical Study of Third-Party Library Updatability on Android"

"The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android"

"Verifying Security Policies in Multi-agent Workflows with Loops"

"walk2friends: Inferring Social Links from Mobility Profiles"

"How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security"

"Didn't You Hear Me? - Towards More Successful Web Vulnerability Notifications."

"Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels"

"The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators"

"On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees"

"ret2spec: Speculative Execution Using Return Stack Buffers"

"Investigating Operators' Perspective on Security Misconfigurations"

"Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse"

"teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts"

"Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild"

"The Unexpected Danger of UX Features: A Case of Sensitive Data Leakage of Drivers in Ride-Hailing Services"

"MBeacon: Privacy-Preserving Beacons for DNA Methylation Data"

"ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models"

"Nearby Threats: Reversing, Analyzing, and Attacking Google's "Nearby Connections" on Android"

"Component-Based Formal Analysis of 5G-AKA: Channel Assumptions and Session Confusion"

"DroidCap: OS Support for Capability-based Permissions in Android"

"Fidelius: Protecting User Secrets from Compromised Browsers"

""If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS"

"Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy"

"A Usability Evaluation of Let's Encrypt and Certbot - Usable Security Done Right?"

"AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning"