@inproceedings {285357, author = {Nils Bars and Moritz Schloegel and Tobias Scharnowski and Nico Schiller and Thorsten Holz}, title = {Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {1847--1864}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/bars}, publisher = {USENIX Association}, month = aug } @inproceedings {287115, author = {Thorsten Eisenhofer and Erwin Quiring and Jonas M{\"o}ller and Doreen Riepel and Thorsten Holz and Konrad Rieck}, title = {No more Reviewer $\#$2: Subverting Automatic {Paper-Reviewer} Assignment using Adversarial Learning}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {5109--5126}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/eisenhofer}, publisher = {USENIX Association}, month = aug } @inproceedings {291011, author = {Philipp G{\"o}rz and Bj{\"o}rn Mathis and Keno Hassler and Emre G{\"u}ler and Thorsten Holz and Andreas Zeller and Rahul Gopinath}, title = {Systematic Assessment of Fuzzers using Mutation Analysis}, booktitle = {32nd USENIX Security Symposium (USENIX Security 23)}, year = {2023}, isbn = {978-1-939133-37-3}, address = {Anaheim, CA}, pages = {4535--4552}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/gorz}, publisher = {USENIX Association}, month = aug } @inproceedings {277252, author = {Tobias Scharnowski and Nils Bars and Moritz Schloegel and Eric Gustafson and Marius Muench and Giovanni Vigna and Christopher Kruegel and Thorsten Holz and Ali Abbasi}, title = {Fuzzware: Using Precise {MMIO} Modeling for Effective Firmware Fuzzing}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {1239--1256}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/scharnowski}, publisher = {USENIX Association}, month = aug } @inproceedings {281380, author = {Moritz Schloegel and Tim Blazytko and Moritz Contag and Cornelius Aschermann and Julius Basler and Thorsten Holz and Ali Abbasi}, title = {Loki: Hardening Code Obfuscation Against Automated Attacks}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {3055--3073}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/schloegel}, publisher = {USENIX Association}, month = aug } @inproceedings {281378, author = {Tobias Cloosters and Johannes Willbold and Thorsten Holz and Lucas Davi}, title = {{SGXFuzz}: Efficiently Synthesizing Nested Structures for {SGX} Enclave Fuzzing}, booktitle = {31st USENIX Security Symposium (USENIX Security 22)}, year = {2022}, isbn = {978-1-939133-31-1}, address = {Boston, MA}, pages = {3147--3164}, url = {https://www.usenix.org/conference/usenixsecurity22/presentation/cloosters}, publisher = {USENIX Association}, month = aug } @inproceedings {274689, author = {Thorsten Eisenhofer and Lea Sch{\"o}nherr and Joel Frank and Lars Speckemeier and Dorothea Kolossa and Thorsten Holz}, title = {Dompteur: Taming Audio Adversarial Examples}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {2309--2326}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/eisenhofer}, publisher = {USENIX Association}, month = aug } @inproceedings {263866, author = {Sergej Schumilo and Cornelius Aschermann and Ali Abbasi and Simon W{\"o}r-ner and Thorsten Holz}, title = {Nyx: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types}, booktitle = {30th USENIX Security Symposium (USENIX Security 21)}, year = {2021}, isbn = {978-1-939133-24-3}, pages = {2597--2614}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/schumilo}, publisher = {USENIX Association}, month = aug } @inproceedings {251598, author = {Tim Blazytko and Moritz Schl{\"o}gel and Cornelius Aschermann and Ali Abbasi and Joel Frank and Simon W{\"o}rner and Thorsten Holz}, title = {{AURORA}: Statistical Crash Analysis for Automated Root Cause Explanation}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {235--252}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/blazytko}, publisher = {USENIX Association}, month = aug } @inproceedings {251578, author = {David Rupprecht and Katharina Kohls and Thorsten Holz and Christina P{\"o}pper}, title = {Call Me Maybe: Eavesdropping Encrypted {LTE} Calls With {ReVoLTE}}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {73--88}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/rupprecht}, publisher = {USENIX Association}, month = aug } @inproceedings {251546, author = {Joel Frank and Cornelius Aschermann and Thorsten Holz}, title = {{ETHBMC}: A Bounded Model Checker for Smart Contracts}, booktitle = {29th USENIX Security Symposium (USENIX Security 20)}, year = {2020}, isbn = {978-1-939133-17-5}, pages = {2757--2774}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/frank}, publisher = {USENIX Association}, month = aug } @inproceedings {235499, author = {Emre G{\"u}ler and Cornelius Aschermann and Ali Abbasi and Thorsten Holz}, title = {{AntiFuzz}: Impeding Fuzzing Audits of Binary Executables}, booktitle = {28th USENIX Security Symposium (USENIX Security 19)}, year = {2019}, isbn = {978-1-939133-06-9}, address = {Santa Clara, CA}, pages = {1931--1947}, url = {https://www.usenix.org/conference/usenixsecurity19/presentation/guler}, publisher = {USENIX Association}, month = aug } @inproceedings {236210, author = {Tim Blazytko and Cornelius Aschermann and Moritz Schl{\"o}gel and Ali Abbasi and Sergej Schumilo and Simon W{\"o}rner and Thorsten Holz}, title = {{GRIMOIRE}: Synthesizing Structure while Fuzzing}, booktitle = {28th USENIX Security Symposium (USENIX Security 19)}, year = {2019}, isbn = {978-1-939133-06-9}, address = {Santa Clara, CA}, pages = {1985--2002}, url = {https://www.usenix.org/conference/usenixsecurity19/presentation/blazytko}, publisher = {USENIX Association}, month = aug } @inproceedings {220582, author = {Robert Gawlik and Thorsten Holz}, title = {{SoK}: Make {JIT-Spray} Great Again}, booktitle = {12th USENIX Workshop on Offensive Technologies (WOOT 18)}, year = {2018}, address = {Baltimore, MD}, url = {https://www.usenix.org/conference/woot18/presentation/gawlik}, publisher = {USENIX Association}, month = aug } @inproceedings {203848, author = {Sergej Schumilo and Cornelius Aschermann and Robert Gawlik and Sebastian Schinzel and Thorsten Holz}, title = {{kAFL}: {Hardware-Assisted} Feedback Fuzzing for {OS} Kernels}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {167--182}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/schumilo}, publisher = {USENIX Association}, month = aug } @inproceedings {203688, author = {Philipp Koppe and Benjamin Kollenda and Marc Fyrbiak and Christian Kison and Robert Gawlik and Christof Paar and Thorsten Holz}, title = {Reverse Engineering x86 Processor Microcode}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {1163--1180}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/koppe}, publisher = {USENIX Association}, month = aug } @inproceedings {203640, author = {Tim Blazytko and Moritz Contag and Cornelius Aschermann and Thorsten Holz}, title = {Syntia: Synthesizing the Semantics of Obfuscated Code}, booktitle = {26th USENIX Security Symposium (USENIX Security 17)}, year = {2017}, isbn = {978-1-931971-40-9}, address = {Vancouver, BC}, pages = {643--659}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/blazytko}, publisher = {USENIX Association}, month = aug } @inproceedings {196212, author = {Julian Lettner and Benjamin Kollenda and Andrei Homescu and Per Larsen and Felix Schuster and Lucas Davi and Ahmad-Reza Sadeghi and Thorsten Holz and Michael Franz}, title = {{Subversive-C}: Abusing and Protecting Dynamic Message Dispatch}, booktitle = {2016 USENIX Annual Technical Conference (USENIX ATC 16)}, year = {2016}, isbn = {978-1-931971-30-0}, address = {Denver, CO}, pages = {209--221}, url = {https://www.usenix.org/conference/atc16/technical-sessions/presentation/lettner}, publisher = {USENIX Association}, month = jun } @inproceedings {197312, author = {Katharina Krombholz and Thomas Hupperich and Thorsten Holz}, title = {Use the Force: Evaluating {Force-Sensitive} Authentication for Mobile Devices}, booktitle = {Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)}, year = {2016}, isbn = {978-1-931971-31-7}, address = {Denver, CO}, pages = {207--219}, url = {https://www.usenix.org/conference/soups2016/technical-sessions/presentation/krombholz}, publisher = {USENIX Association}, month = jun } @inproceedings {184403, author = {Sebastian Vogl and Robert Gawlik and Behrad Garmany and Thomas Kittel and Jonas Pfoh and Claudia Eckert and Thorsten Holz}, title = {Dynamic Hooks: Hiding Control Flow Changes within {Non-Control} Data}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {813--328}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/vogl}, publisher = {USENIX Association}, month = aug } @inproceedings {184411, author = {Marc K{\"u}hrer and Thomas Hupperich and Christian Rossow and Thorsten Holz}, title = {Exit from Hell? Reducing the Impact of {Amplification} {DDoS} Attacks}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {111--125}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/kuhrer}, publisher = {USENIX Association}, month = aug } @inproceedings {185130, author = {Marc K{\"u}hrer and Thomas Hupperich and Christian Rossow and Thorsten Holz}, title = {Hell of a Handshake: Abusing {TCP} for Reflective Amplification {DDoS} Attacks}, booktitle = {8th USENIX Workshop on Offensive Technologies (WOOT 14)}, year = {2014}, address = {San Diego, CA}, url = {https://www.usenix.org/conference/woot14/workshop-program/presentation/kuhrer}, publisher = {USENIX Association}, month = aug } @inproceedings {184419, author = {Johannes Dahse and Thorsten Holz}, title = {Static Detection of {Second-Order} Vulnerabilities in Web Applications}, booktitle = {23rd USENIX Security Symposium (USENIX Security 14)}, year = {2014}, isbn = {978-1-931971-15-7}, address = {San Diego, CA}, pages = {989--1003}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/dahse}, publisher = {USENIX Association}, month = aug } @inproceedings {180201, author = {Gianluca Stringhini and Manuel Egele and Apostolis Zarras and Thorsten Holz and Christopher Kruegel and Giovanni Vigna}, title = {{B@bel}: Leveraging Email Delivery for Spam Mitigation}, booktitle = {21st USENIX Security Symposium (USENIX Security 12)}, year = {2012}, isbn = {978-931971-95-9}, address = {Bellevue, WA}, pages = {16--32}, url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/stringhini}, publisher = {USENIX Association}, month = aug } @inproceedings {181304, author = {Armin B{\"u}scher and Thorsten Holz}, title = {Tracking {DDoS} Attacks: Insights into the Business of Disrupting the Web}, booktitle = {5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12)}, year = {2012}, address = {San Jose, CA}, url = {https://www.usenix.org/conference/leet12/workshop-program/presentation/buscher}, publisher = {USENIX Association}, month = apr } @inproceedings {266509, author = {Gianluca Stringhini and Thorsten Holz and Brett Stone-Gross and Christopher Kruegel and Giovanni Vigna}, title = {{BOTMAGNIFIER}: Locating Spambots on the Internet}, booktitle = {20th USENIX Security Symposium (USENIX Security 11)}, year = {2011}, address = {San Francisco, CA}, url = {https://www.usenix.org/conference/usenix-security-11/botmagnifier-locating-spambots-internet}, publisher = {USENIX Association}, month = aug } @inproceedings {266510, author = {Gregoire Jacob and Ralf Hund and Christopher Kruegel and Thorsten Holz}, title = {{JACKSTRAWS}: Picking Command and Control Connections from Bot Traffic}, booktitle = {20th USENIX Security Symposium (USENIX Security 11)}, year = {2011}, address = {San Francisco, CA}, url = {https://www.usenix.org/conference/usenix-security-11/jackstraws-picking-command-and-control-connections-bot-traffic}, publisher = {USENIX Association}, month = aug } @inproceedings {266986, author = {Brett Stone-Gross and Thorsten Holz and Gianluca Stringhini and Giovanni Vigna}, title = {The Underground Economy of Spam: A Botmaster{\textquoteright}s Perspective of Coordinating {Large-Scale} Spam Campaigns}, booktitle = {4th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 11)}, year = {2011}, address = {Boston, MA}, url = {https://www.usenix.org/conference/leet11/underground-economy-spam-botmasters-perspective-coordinating-large-scale-spam}, publisher = {USENIX Association}, month = mar } @inproceedings {268304, author = {Thorsten Holz and Moritz Steiner and Frederic Dahl and Ernst Biersack and Felix Freiling}, title = {Measurements and Mitigation of {Peer-to-Peer-based} Botnets: A Case Study on Storm Worm}, booktitle = {First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 08)}, year = {2008}, address = {San Francisco, CA}, url = {https://www.usenix.org/conference/leet-08/measurements-and-mitigation-peer-peer-based-botnets-case-study-storm-worm}, publisher = {USENIX Association}, month = apr } @inproceedings {268675, author = {Jan Goebel and Thorsten Holz}, title = {Rishi: Identify Bot Contaminated Hosts by {IRC} Nickname Evaluation}, booktitle = {First Workshop on Hot Topics in Understanding Botnets (HotBots 07)}, year = {2007}, address = {Cambridge, MA}, url = {https://www.usenix.org/conference/hotbots-07/rishi-identify-bot-contaminated-hosts-irc-nickname-evaluation}, publisher = {USENIX Association}, month = apr }