Security & Privacy TU Wien

Publications

2022

Systematic Analysis of Programming Languages and Their Execution Environments for Spectre Attacks / A. Naseredini, S. Gast, M. Schwarzl, Pedro Sousa Bernardo, A. Smajic, C. Canella, D. Gruss / in: "Proceedings of the 8th International Conference on Information Systems Security and Privacy", SciTePress, 2022, ISBN: 978-989-758-553-1, 48 - 59

2021

Not All Bugs Are Created Equal, But Robust Reachability Can Tell The Difference / G. Girol, B. Farinier, S. Bardin / in: "Computer Aided Verification - 33rd International Conference", vol 12759; Springer LNCS, 2021, ISBN: 978-3-030-81684-1, 669 - 693
Tarnhelm: Isolated, Transparent & Confidential Execution of Arbitrary Code in ARM´s TrustZone / D. Quarta, M. Ianni, A. Machiry, Y. Fratantonio, E. Gustafson, D. Balzarotti, M. Lindorfer, G. Vigna, C. Krügel / in: "Research on offensive and defensive techniques in the Context of Man At The End (MATE) Attacks (Checkmate ´21)", ACM (ed.); issued by: ACM; ACM, New York, 2021, ISBN: 978-1-4503-8552-7
Generalized Channels from Limited Blockchain Scripts and Adaptor Signatures / L. Aumayr, O. Ersoy, A. Erwig, S. Faust, K. Hostáková, M. Maffei, P. Moreno-Sanchez, S. Riahi / Talk: Asiacrypt 2021, the 27th Annual International Conference on the Theory and Application of Cryptology and Information Security, Singapore; 2021-12-06 - 2021-12-10; in: "Advances in Cryptology - ASIACRYPT 2021", Springer, (2021), ISBN: 978-3-030-92074-6; 635 - 664
Blitz: Secure Multi-Hop Payments Without Two-Phase Commits / L. Aumayr, P. Moreno-Sanchez, A. Kate, M. Maffei / Talk: Usenix Security Symposium, Vancouver, B.C., Canada; 2021-08-11 - 2021-08-13; in: "30th USENIX Security Symposium", USENIX: The Advanced Computing Systems Association, (2021), ISBN: 978-1-939133-24-3; 4043 - 4060
Static Analysis of Low-Level Code / I. Grishchenko / Supervisor, Reviewer: M. Maffei, G. Weissenbacher, A. Sabelfeld, K. Bhargavan; Institut of Logic and Computation, Security and Privacy, 2021; oral examination: 2021-01-25
Static and Dynamic Enforcement of Security via Relational Reasoning / N. Grimm / Supervisor, Reviewer: M. Maffei, F. Piessens, G. Barthe; Institut of Logic and Computation, Security and Privacy, 2021; oral examination: 2021-03-15
Foundations for the Security Analysis of Distributed Blockchain Applications / C. Schneidewind / Supervisor, Reviewer: M. Maffei, A. Gervais, B. Scholz; Institut of Logic and Computation, Security and Privacy, 2021; oral examination: 2021-05-28
Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments / E. Tairi, P. Moreno-Sanchez, M. Maffei / Talk: International Conference on Financial Cryptography and Data Security (FC), Grenada; 2021-03-01 - 2021-03-05; in: "Proceedings of the 25th International Conference on Financial Cryptography and Data Security", (2021)
Adaptor Signature Based Atomic Swaps Between Bitcoin and a Mimblewimble Based Cryptocurrency / J. Abfalter / Supervisor: M. Maffei, P. Moreno-Sanchez; Institut of Logic and Computation, Security and Privacy, 2021; final examination: 2021-07-01
A2L: Anonymous Atomic Locks for Scalability in Payment Channel Hubs / E. Tairi, P. Moreno-Sanchez, M. Maffei / Talk: IEEE Symposium on Security and Privacy, Oakland, USA; 2021-05-23 - 2021-05-27; in: "42nd IEEE Symposium on Security and Privacy", (2021)
Analysis of Decentralized Mixing Services in the Greater Bitcoin Ecosystem / J. Stockinger / Supervisor: M. Maffei, B. Haslhofer; Institut of Logic and Computation, Security and Privacy, 2021; final examination: 2021-10-07
Bitcoin-Compatible Virtual Channels / L. Aumayr, O. Ersoy, A. Erwig, S. Faust, K. Hostáková, M. Maffei, P. Moreno-Sanchez, S. Riahi / Talk: IEEE Symposium on Security and Privacy, Oakland, USA; 2021-05-23 - 2021-05-27; in: "42nd IEEE Symposium on Security and Privacy", IEEE Computer Society, (2021), 901 - 918
Cross-Layer Deanonymization Methods in the Lightning Protocol / M. Romiti, F. Victor, P. Moreno-Sanchez, P. Nordholt, B. Haslhofer, M. Maffei / in: "Financial Cryptography and Data Security", LNCS, volume 12674; issued by: Springer Verlag; Springer LNCS, Berlin Heidelberg, 2021, ISBN: 978-3-662-64321-1, 187 - 204
FWS: Analyzing, Maintaining and Transcompiling Firewalls / C. Bodei, L. Ceragioli, P. Degano, R. Focardi, L. Galletta, F. Luccio, M. Tempesta, L. Veronese / Journal of Computer Security, 29 (2021), 1; 77 - 134
Nonce-Misuse Security of the SAEF Authenticated Encryption Mode / E. Andreeva, A. Bhati, D. Vizár / in: "27th International Conference, Halifax, NS, Canada (Virtual Event), October 21-23, 2020", Lecture Notes in Computer Science, vol 12804; issued by: Springer; Springer LNCS, Cham, 2021, ISBN: 978-3-030-81651-3, 512 - 534
Interpolation Cryptanalysis of Unbalanced Feistel Networks with Low Degree Round Functions / E. Andreeva, A. Roy, J. Sauer / in: "27th International Conference, Halifax, NS, Canada (Virtual Event), October 21-23, 2020", LNCS, volume 12804; issued by: Springer; Springer LNCS, Cham, 2021, ISBN: 978-3-030-81651-3, 273 - 300
Optimized Software Implementations for the Lightweight Encryption Scheme ForkAE / E. Andreeva, A. Deprez, J. Bermudo Mera, A. Karmakar, A. Purnal / in: "CARDIS: International Conference on Smart Card Research and Advanced Applications", LNCS, volume 12609; issued by: Springer; Springer, Cham, 2021, ISBN: 978-3-030-68486-0, 68 - 83
Compactness of Hashing Modes and Efficiency Beyond Merkle Tree / E. Andreeva, R. Bhattacharyya, A. Roy / in: "Advances in Cryptology - EUROCRYPT 2021", LNCS, volume 12697; issued by: Springer; Springer, Cham, 2021, ISBN: 978-3-030-77885-9, 92 - 123
The One-More Discrete Logarithm Assumption in the Generic Group Model / B. Bauer, G. Fuchsbauer, A. Plouviez / in: "Advances in Cryptology - ASIACRYPT 2021", Lecture Notes in Computer Science, vol 13093; Springer, Springer Link, 2021, ISBN: 978-3-030-92067-8, 587 - 617
Transferable E-cash: A Cleaner Model and the First Practical Instantiation / B. Bauer, G. Fuchsbauer, C. Qian / in: "Public-Key Cryptography - PKC 2021", 2; Springer, 2021, 559 - 590
The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches / M. Squarcina, S. Calzavara, M. Maffei / Talk: 15th IEEE Workshop on Offensive Technologies, San Francisco, CA, USA; 2021-05-27; in: "IEEE Security and Privacy Workshops", (2021), 432 - 443
Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web / M. Squarcina, M. Tempesta, L. Veronese, S. Calzavara, M. Maffei / Talk: 30th USENIX Security Symposium, Online; 2021-08-11 - 2021-08-13; in: "30th USENIX Security Symposium", 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021, (2021), 2917 - 2934
Updatable Signatures and Message Authentication Codes / V. Cini, S. Ramacher, D. Slamanig, C. Striecks, E. Tairi / Talk: International Conference on Practice and Theory of Public-Key Cryptography (PKC), Edinburgh, Scotland; 2021-05-09 - 2021-05-13; in: "Proceedings of the 24rd IACR International Conference on the Practice and Theory of Public-Key Cryptography", Springer, Cham, Lecture Notes in Computer Science, vol 12710 (2021), ISBN: 978-3-030-75244-6; 691 - 723
EssentialFP: Exposing the Essence of Browser Fingerprinting / A. Sjösten, D. Hedin, A. Sabelfeld / Talk: EuroS&P 2021 SecWeb Workshop, Vienna; 2021-09-06; in: "IEEE European Symposium on Security and Privacy Workshops", (2021), 32 - 48
Privacy Preserving Authenticated Key Exchange - Modelling, Constructions, Proofs and Veriﬁcation using Tamarin / A Weninger / Supervisor: M. Maffei, D. Slamanig; Institut of Logic and Computation, Security and Privacy, 2021; final examination: 2021-08-27

2020

Filter List Generation for Underserved Regions / A. Sjösten, P. Snyder, A. Pastor, P. Papadopoulos, B. Livshits / in: "The Web Conference 2020", ACM/IW3C2, 2020, ISBN: 978-1-4503-7023-3, 1682 - 1692
Language-Based Web Session Integrity / S. Calzavara, R. Focardi, N. Grimm, M. Maffei, M. Tempesta / Talk: IEEE Computer Security Foundations Symposium, New York; 2020-06-22 - 2020-06-25; in: "33rd IEEE Computer Security Foundations Symposium", IEEE Computer Society, Washington DC (2020), ISBN: 978-1-5386-3217-8; 107 - 122
Blind Schnorr Signatures and Signed ElGamal Encryption in the Algebraic Group Model / G. Fuchsbauer, A. Plouviez, Y. Seurin / in: "Advances in Cryptology - EUROCRYPT 2020", Springer, 2020, 63 - 95
A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network / S. Tikhomirov, P. Moreno-Sanchez, M. Maffei / Talk: IEEE Security & Privacy On The Blockchain, Genova; 2020-11-07 - 2020-11-11; in: "2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)", IEEE, (2020), ISBN: 978-1-7281-8598-9; 387 - 396
The Good, the Bad and the Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts / C. Schneidewind, M. Scherer, M. Maffei / Talk: International Symposium on Leveraging Applications of Formal Methods (ISoLA), Rhodes; 2020-10-20 - 2020-10-30; in: "International Symposium On Leveraging Applications of Formal Methods, Verification and Validation", Springer, 7609 (2020), ISBN: 978-3-642-34025-3; 1 - 20
Payment Channel Network Analysis with Focus on Lightning Network / P. Holzer / Supervisor: M. Maffei, B. Haslhofer; Institut of Logic and Computation, Security and Privacy, 2020; final examination: 2020-05-29
A Voting-Based Blockchain Interoperability Oracle / G. Scaffino, S. Schulte, M. Sober, C. Spanring / in: "4th IEEE Blockchain 2021", IEEE, 2020
Simpler Constructions of Asymmetric Primitives from Obfuscation / P. Farshim, G. Fuchsbauer, A. Passelegue / in: "Progress in Cryptology - INDOCRYPT 2020", Springer, 2020, 715 - 738
A Classification of Computational Assumptions in the Algebraic Group Model / B. Bauer, G. Fuchsbauer, J. Loss / in: "Advances in Cryptology - CRYPTO 2020", Springer, 2020, 121 - 151
Double-Authentication-Preventing Signatures in the Standard Model / D. Catalano, G. Fuchsbauer, A. Soleimanian / in: "Security and Cryptography for Networks - SCN 2020", Springer, 2020, 338 - 358
Efficient Signatures on Randomizable Ciphertexts / B. Bauer, G. Fuchsbauer / in: "Security and Cryptography for Networks - SCN 2020", Springer, 2020, 359 - 381
eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts / C. Schneidewind, I. Grishchenko, M. Scherer, M. Maffei / Talk: ACM Conference on Computer and Communications Security (CCS), Orlando; 2020-11-09 - 2020-11-13; in: "CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security", Association for Computing Machinery ACM, (2020), ISBN: 978-1-4503-7089-9; 621 - 640
TXTing 101: Finding Security Issues in the Long Tail of DNS TXT Records / O. van der Toorn, R. van Rijswijk-Deij, T. Fiebig, M. Lindorfer, A. Sperotto / in: "International Workshop on Traffic Measurements for Cybersecurity (WTMC)", IEEE, 2020, ISBN: 978-1-7281-8598-9
When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features / H. Aghakhani, F. Gritti, F. Mecca, M. Lindorfer, S. Ortolani, D. Balzarotti, G. Vigna, C. Krügel / in: "Network and Distributed System Security Symposium (NDSS)", Internet Society, 2020, ISBN: 1-891562-61-4
Static Amalysis of eWASM Contracts / A. Schwarz / Supervisor: C. Schneidewind, M. Maffei; Institut of Logic and Computation, Security and Privacy, 2020; final examination: 2020-01-15
Secrets in Source Code: Reducing False Positives using Machine Learning / A. Saha, T. Denning, V. Srikumar, S.K. Kasera / in: "2020 International Conference on COMmunication Systems & NETworkS (COMSNETS)", IEEE Xplore Digital Library, 2020, ISBN: 978-1-7281-3187-0, 168 - 175
Generalized Bitcoin-Compatible Channels / L. Aumayr, O. Ersoy, A. Erwig, S. Faust, K. Hostáková, M. Maffei, P. Moreno-Sanchez, S. Riahi / Report for Cryptology ePrint Archive; Report No. 2020/476, 2020; 35 pages
FlowPrint: Semi-Supervised Mobile-App Fingerprinting on Encrypted Network Traffic / T. van Ede, R. Bortolameotti, A. Continella, J. Ren, D. Dubois, M. Lindorfer, D. Choffnes, M. van Steen, A. Peter / in: "Network and Distributed System Security Symposium (NDSS)", Internet Society, 2020, ISBN: 1-891562-61-4
Formalizing Graph Trail Properties in Isabelle/HOL / L. Kovacs, Hanna Lachnitt, S. Szeider / Talk: International Conference on Intelligent Computer Mathematics (CICM), Bertinoro, Forli, Italy; 2020-07-26 - 2020-07-31; in: "CICM 2020: Intelligent Computer Mathematics", LNCS, 12236 (2020), ISBN: 978-3-030-53518-6; 190 - 205
The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches in Progressive Web Applications / D. Somé, M. Squarcina, S. Calzavara, M. Maffei / Talk: EuroS&P 2020 SecWeb Workshop, Genova, IT; 2020-09-11
Bulwark: Holistic and Verified Security Monitoring of Web Protocols / L. Veronese, S. Calzavara, L. Compagna / Talk: European Symposium on Research in Computer Security (ESORICS), Guildford, United Kingdom; 2020-09-14 - 2020-09-18; in: "ESORICS 2020: Computer Security", Springer, Lecture Notes in Computer Science, vol 12308 (2020), ISBN: 978-3-030-58950-9; 23 - 41

2019

Latex Gloves: Protecting Browser Extensions from Probing and Revelation Attacks / A. Sjösten, S. Van Acker, P. Picazo-Sanchez, A. Sabelfeld / in: "26th Annual Network and Distributed System Security Symposium", The Internet Society, 2019, ISBN: 1-891562-55-x, 1 - 15
Group ORAM for Privacy and AccessControl in Outsourced Personal Records / M. Maffei, G. Malavolta, M. Reinert, D. Schröder / Journal of Computer Security, vol. 27 (2019), no. 1; 1 - 47
Verifying Relational Properties using Trace Logic / G. Barthe, R. Eilers, P. Georgiou, B. Gleiss, L. Kovacs, M. Maffei / Talk: International Conference on Formal Methods in Computer Aided Design (FMCAD) 2019, San Jose, US; 2019-10-22 - 2019-10-25; in: "Proceedings of Formal Methods in Computer Aided Design (FMCAD)", B. Clark, J. Yang (ed.); IEEE, https://ieeexplore.ieee.org/xpl/conhome/8891869/proceeding (2019), ISBN: 978-0-9835678-9-9; 170 - 178
Trace Reasoning for Formal Verification using the First-Order Superposition Calculus / P. Georgiou, B. Gleiss, L. Kovacs, M. Maffei / Poster: FMCAD 2019 Student Forum, San Jose, US; 2019-10-22 - 2019-10-25
Reducing Automotive Counterfeiting usingBlockchain: Benefits and Challenges / D. Lu, P. Moreno-Sanchez, A. Zeryihun, S. Bajpayi, S. Yin, K. Feldman, J. Kosofsky, P. Mitra, A. Kate / in: "2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON)", issued by: IEEE; IEEE Computer Society, USA, 2019, ISBN: 978-1-7281-1264-0, 39 - 48
From Firewalls to Functions and Back / L. Ceragioli, L. Galletta, M. Tempesta / in: "Proceedings of the Third Italian Conference on Cyber Security", 2315; issued by: CEUR-WS.org; CEUR-Proceedings, Aachen, 2019, ISSN: 1613-0073, Paper ID 4, 13 pages
Atomic Multi-Channel Updates with Constant Collateral in Bitcoin-Compatible Payment-Channel Networks / C. Egger, M. Maffei, P. Moreno-Sanchez / Talk: ACM Conference on Computer and Communications Security (CCS), London; 2019-11-11 - 2019-11-15; in: "ACM Conference on Computer and Communications Security", ACM (ed.); ACM, (2019), ISBN: 978-1-4503-6747-9; 801 - 815
Postcards from the Post-HTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem / S. Calzavara, R. Focardi, M. Nemec, A. Rabitti, M. Squarcina / in: "2019 IEEE Symposium on Security and Privacy (SP)", issued by: IEEE; IEEE, 2019, ISBN: 978-1-5386-6661-6, 281 - 298
Atomic Multi-Channel Updates with Constant Collateralin Bitcoin-Compatible Payment-Channel Networks / C. Egger, P. Moreno-Sanchez, M. Maffei / Talk: Scaling Bitcoin, Israel, Tel Aviv (invited); 2019-09-11 - 2019-09-12; in: "Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security", New York (2019), ISBN: 978-1-4503-6747-9; 801 - 815
Automated Prognosis of the Development of Cryptocurrency Prices / L. Aumayr / Supervisor: H. Eidenberger; Visual Computing and Human-Centered Technology, 2019; final examination: 2019-06
Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability / G. Malavolta, P. Moreno-Sanchez, C. Schneidewind, A. Kate, M. Maffei / Talk: Network and Distributed System Security Symposium (NDSS), San Diego, CA, US; 2019-02-24 - 2019-02-27; in: "Proceedings of 2019 Network and Distributed System Security Symposium", Reston (2019), ISBN: 1-891562-55-x; 1 - 15
Forkcipher: A New Primitive for Authenticated Encryption of Very Short Messages / E. Andreeva, J. Lallemand, A. Purnal, R. Reyhanitabar, A. Roy, D. Vizár / in: "Advances in Cryptology - ASIACRYPT 2019", issued by: Springer; Springer LNCS, Cham, 2019, ISBN: 978-3-030-34620-1, 153 - 182
Reversible Proofs of Sequential Work / K. Pietrzak, M. Walter, K. Klein, C. Kamath, H. Abusalah / in: "Advances in Cryptology - EUROCRYPT 2019", volume 11476; issued by: Springer; Springer LNCS, 2019, ISBN: 978-3-030-17652-5, 277 - 291
Gathering of robots in a ring with mobile faults / S. Das, R. Focardi, F. Luccio, E. Markou, M. Squarcina / Theoretical Computer Science, Volume 764 (2019), Volume 764; 42 pages
Anonymous Multi-Hop Locks for Blockchain Scalability and Interoperability / G. Malavolta, P. Moreno-Sanchez, C. Schneidewind, A. Kate, M. Maffei / Talk: ACM Advances in Financial Technologies AFT 2019, Zurich, Switzerland (invited); 2019-10-21 - 2019-10-23

2018

A Monadic Framework for Relational Verification: Applied to Information Security, Program Equivalence, and Optimization. / N. Grimm, K. Maillard, C. Fournet, C. Hritcu, M. Maffei, J. Protzenko, T. Ramananandro, N. Swamy, S. Zanella-Béguelin / in: "Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs", ACM Digital Library, New York, 2018, ISBN: 978-1-4503-5586-5, 130 - 145
ClearChart: Ensuring integrity of consumer ratings in online marketplaces / P. Moreno-Sanchez, U. Mahmood, A. Kate / Computers & Security, Computers & Security 78 (2018), Volume 78; 90 - 102
Settling Payments Fast and Private: Efficient Decentralized Routing for Path-Based Transactions / S. Roos, P. Moreno-Sanchez, A. Kate, I. Goldberg / Talk: Network and Distributed System Security Symposium (NDSS), San Diego; 2018-02-18 - 2018-02-21; in: "25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018", Reston (2018), ISBN: 1-1891562-49-5; 1 - 15
Theoretical and Practical Smart Contracts Realization of an Investment Fund / J. Schneider / Supervisor: M. Maffei, C. Schneidewind, I. Grishchenko; Institut of Logic and Computation, Security and Privacy, 2018; final examination: 2018-08-31
Language-Independent Synthesis of Firewall Policies / C. Bodei, P. Degano, L. Galletta, R. Focardi, M. Tempesta, L. Veronese / in: "2018 IEEE European Symposium on Security and Privacy (EuroS&P 2018)", issued by: Institute of Electrical and Electronics Engineers ( IEEE ); IEEE, 2018, ISBN: 978-1-5386-4228-3, 92 - 106
Transcompiling Firewalls / C. Bodei, P. Degano, R. Focardi, L. Galletta, M. Tempesta / in: "Principles of Security and Trust: 7th International Conference, POST 2018 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018 Thessaloniki, Greece, April 14-20, 2018, Proceedings", LNCS 10804; issued by: ETAPS; Springer International Publishing AG, Cham, 2018, ISBN: 978-3-319-89721-9, 303 - 324
Mind Your Keys? A Security Evaluation of Java Keystores / R. Focardi, M. Squarcina, G. Steel, M. Palmarini, M. Tempesta / Talk: Network and Distributed System Security Symposium (NDSS), San Diego; 2018-02-18 - 2018-02-21; in: "Proceedings of 2019 Network and Distributed System Security Symposium", (2018), ISBN: 1-891562-49-5; 1 - 15
Subset Predicate Encryption and its Applications / J. Katz, M. Maffei, G. Malavolta, D. Schröder / in: "Cryptology and Network Security", LNCS 11261; Springer International Publishing, Cham, Switzerland, 2018, ISBN: 978-3-030-02640-0, 115 - 134
UniTraX: Protecting Data Privacy with Discoverable Biases / M. Maffei, R. Munz, F. Eigner, P. Francis, D. Garg / in: "Principles of Security and Trust", LNCS 10804; Springer, Lecture Notes in Computer Science, Schwitzerland, 2018, ISBN: 978-3-319-89721-9, 278 - 299
Surviving the Web: A Journey into Web Session Security (Extended Abstract) / S. Calzavara, M. Squarcina, R. Focardi, M. Tempesta / in: "Proceedings of the 2018 World Wide Web Conference", issued by: International World Wide Web Conferences Steering Committee Republic and Canton of Geneva, Switzerland ©2018; ACM, Schwitzerland, 2018, ISBN: 978-1-4503-5640-4, 451 - 455
Firewall Management With FireWall Synthesizer / M. Tempesta, C. Bodei, P. Degano, R. Forcardi, L. Galletta, L. Veronese / in: "keiner", issued by: Italian Conference on CyberSecurity (ITASEC); ITASEC, 2018, 1 pages
Equivalence Properties by Typing in Cryptographic Branching Protocols / V. Cortier, N. Grimm, J. Lallemand, M. Maffei / in: "Principles of Security and Trust", LNCS 10804; issued by: Springer, Cham; Springer LNCS, Schwitzerland, 2018, ISBN: 978-3-319-89721-9, 160 - 187
A Semantic Framework for the Security Analysis of Ethereum smart contracts. / I. Grishchenko, C. Schneidewind, M. Maffei / in: "Principles of Security and Trust", LNCS 10804; issued by: Springer Link; Springer Open, Schwitzerland, 2018, ISBN: 978-3-319-89721-9, 243 - 269
Functional Credentials / D. Deuber, M. Maffei, G. Malavolta, M. Rabkin, D. Schröder, M. Simkin / in: "Proceedings on Privacy Enhancing Technologies", Volume 2018: Issue 2; issued by: De Gruyter Open; Walter de Gruyter GmbH, Berlin, 2018, 64 - 84
Simple Password Hardened Encryption Services / M. Maffei, M. Reinert, R. Lai, C. Egger, S. Chow, D. Schröder / in: "Proceedings of the 27th USENIX Security Symposium", 27th; issued by: USENIX Association Berkley, CA, USA; USENIX, 2018, ISBN: 978-1-931971-46-1, 1405 - 1421
Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions / J. Ren, M. Lindorfer, D. Dubois, A. Rao, D. Choffnes, N. Vallina-Rodriguez / in: "Network and Distributed System Security Symposium (NDSS)", Internet Society, 2018
GuardION: Practical Mitigation of DMA-based Rowhammer Attacks on ARM / V. van der Veen, M. Lindorfer, Y. Fratantonio, H. Padmanabha Pillai, G. Vigna, C. Krügel, H. Bos, K. Razavi / in: "Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA)", Springer, 2018, ISBN: 978-3-319-93410-5, 92 - 113
Panoptispy: Characterizing Audio and Video Exfiltration from Android Applications / E. Pan, J. Ren, M. Lindorfer, C. Wilson, D. Choffnes / in: "Privacy Enhancing Technologies Symposium (PETS)", DeGruyter, 4, 2018, 33 - 50
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring / S. Calzavara, M. Maffei, C. Schneidewind, M. Tempesta, M. Squarcina / in: "Proceedings of the 27th USENIX Security Symposium", 27th; issued by: USENIX Association Berkley, CA, USA; USENIX, 2018, ISBN: 978-1-931971-46-1, 1493 - 1510
Foundations and Tools for the Static Analysis of Ethereum Smart Contracts / I. Gishchenko, M. Maffei, C. Schneidewind / in: "Proceedings of the 30th International Conference on Computer-Aided Verification", LNCS 10981; G. Weissenbacher, H. Chockler (ed.); issued by: Springer, Cham; Springer Open, 2018, ISBN: 978-3-319-96145-3, 51 - 78
Information Flow Tracking for Side-Effectful Libraries / A. Sjösten, D. Hedin, A. Sabelfeld / in: "International Conference on Formal Techniques for Distributed Objects, Components, and Systems", Springer, 2018, ISBN: 978-3-319-92611-7, 141 - 160
MineSweeper: An In-depth Look into Drive-by Cryptocurrency Mining and Its Defense / R. Konoth, E. Vineti, V. Moonsamy, M. Lindorfer, C. Krügel, H. Bos, G. Vigna / in: "Proceedings of the 2018 ACM Conference on Computer and Communications Security (CCS)", ACM (ed.); ACM, 2018, ISBN: 978-1-4503-5693-0, 1714 - 1730
Mind Your Credit: Assessing the Health of the Ripple Credit Network / P. Moreno-Sanchez, N. Modi, R. Songhela, A. Kate, S. Fahmy / in: "Proceedings of the 2018 World Wide Web Conference", Volume 2018; issued by: International World Wide Web Conferences Steering Committee Republic and Canton of Geneva, Switzerland ©2018; ACM Digital Library, Schwitzerland, 2018, ISBN: 978-1-4503-5639-8, 329 - 338

2017

A Type System for Privacy Properties / M. Maffei, J. Lallemand, V. Cortier, N. Grimm / Talk: ACM CCS 2017 Conference on Computer and Communications Security, Dallas, USA; 2017-10-30 - 2017-11-03; in: "CCS '17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security", ACM Digital Library, New York (2017), ISBN: 978-1-4503-4946-8; 409 - 423
A Principled Approach to Tracking Information Flow in the Presence of Libraries / D. Hedin, A. Sjösten, F. Piessens, A. Sabelfeld / in: "6th International Conference on Principles of Security and Trust", Springer, 2017, ISBN: 978-3-662-54454-9, 49 - 70
Discovering Browser Extensions via Web Accessible Resources / A. Sjösten, S. Van Acker, A. Sabelfeld / in: "7th ACM Conference on Data and Application Security and Privacy", ACM, 2017, ISBN: 978-1-4503-4523-1, 329 - 336
Run-Time Attack Detection in Cryptographic APIs / M. Squarcina, R. Focardi / Talk: IEEE Computer Security Foundations Symposium, Santa Barbara, USA; 2017-08-21 - 2017-08-25; in: "Run-Time Attack Detection in Cryptographic APIs", IEEE Xplore Digital Library, (2017), ISBN: 978-1-5386-3217-8; 176 - 188
SilentWhispers: Enforcing Security and Privacy in Decentralized Credit Networks / M. Maffei, P. Moreno-Sanchez, A. Kate, G. Malavolta / in: "2017 Network and Distributed System Security Symposium", Internet Society, Reston, Virginia, USA, 2017, ISBN: 1-891562-46-0, 1 - 15
A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications / M. Maffei, S. Calzavara, I. Grishchenko, A. Koutsos / Talk: IEEE Computer Security Foundations Symposium, Santa Barbara, USA; 2017-08-21 - 2017-08-25; in: "IEEE 30th Computer Security Foundations Symposium CSF 2017", IEEE Xplore Digital Library, (2017), ISBN: 978-1-5386-3217-8; Paper ID 3, 15 pages
Maliciously Secure Multi-Client ORAM / G. Malavolta, M. Reinert, D. Schröder, M. Maffei / in: "Applied Cryptography and Network Security", LNCS 10355; D. Gollmann, A. Miyaji, H. Kikuchi (ed.); © Springer International Publishing AG 2017, Cham, 2017, ISBN: 978-3-319-61203-4, 645 - 664
Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis / A. Continella, Y. Fratantonio, M. Lindorfer, A. Puccetti, A. Zand, C. Krügel, G. Vigna / in: "Network and Distributed System Security Symposium (NDSS)", Internet Society, 2017
Concurrency and Privacy with Payment-Channel Networks / M. Maffei, A. Kate, G. Malavolta, P. Moreno-Sanchez, S. Ravi / in: "CCS '17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security", ACM Digital Library, New York, 2017, ISBN: 978-1-4503-4946-8, 455 - 471
Surviving the Web: A Journey into Web Session Security / S. Calzavara, M. Squarcina, M. Tempesta, R. Focardi / Acm Computing Surveys, Volume 50 Issue 1 (2017), 13; 1 - 34
Principles of Security and Trust / M. Maffei, M. Ryan, P. Ah-Fat, M. Alabbad, M. Alvim, Z. Aslanyan, N. Atzei, K. Babel, M. Bartoletti, L. Bauer, A. Blot, S. Bursuc, P. Cañones, G. Casini, V. Cheval, T. Cimoli, M. Cramer, J. Dreier, C. Duménil, D. Hedin, M. Hicks, M. Huth, L. Jia, C. Johansen, O. Jones, R. Khedri, B. Köpf, S. Kremer, P. Laud, P. Mardziel, F. Nielson, M. Pettai, F. Piessens, W. Rafnsson, J. Reineke, A. Sabelfeld, R. Sasse, T. Terauchi, S. Xu, M. Yamamoto, A. Sjösten / Springer-Verlag, Berlin, Heidelberg, 2017, ISBN: 978-3-662-54454-9; 321 pages
On the Security of Frequency-Hiding Order-Preserving Encryption / M. Reinert, D. Schröder, M. Maffei / in: "Cryptology and Network Security", Lecture Notes in Computer Science, vol 11261; Springer International Publishing, Cham, Switzerland, 2017, ISBN: 978-3-030-02640-0, 51 - 70

2016

CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes / P. Carter, C. Mulliner, M. Lindorfer, W. Robertson, E. Kirda / in: "International Conference on Financial Cryptography and Data Security (FC)", Springer, 2016, ISBN: 978-3-662-54969-8, 231 - 249
Malware Through the Looking Glass: Malware Analysis in an Evolving Threat Landscape / M. Lindorfer / Supervisor, Reviewer: E. Weippl, T. Holz, E. Kirda; Institut für Rechnergestützte Automation, 2016; oral examination: 2016-02-02
Drammer: Deterministic Rowhammer Attacks on Mobile Platforms / V. van der Veen, Y. Fratantonio, M. Lindorfer, D. Gruss, C. Maurice, G. Vigna, H. Bos, K. Razavi, C. Giuffrida / in: "ACM Conference on Computer and Communications Security (CCS)", ACM, 2016, ISBN: 978-1-4503-4139-4, 1675 - 1689
ReCon: Revealing and Controlling PII Leaks in Mobile Network Traffic / J. Ren, A. Rao, M. Lindorfer, A. Legout, D. Choffnes / in: "International Conference on Mobile Systems, Applications and Services (MobiSys)", ACM, 2016, 361 - 374

2015

Marvin: Efficient and Comprehensive Mobile App Classification Through Static and Dynamic Analysis / M. Lindorfer, M. Neugschwandtner, Ch. Platzer / in: "Proceedings of the IEEE 39th Annual Computer Software and Applications Conference (COMPSAC)", IEEE, 2015, ISBN: 978-1-4673-6564-2, 422 - 433
Open problems in hash function security / E. Andreeva, B. Mennink, B. Preneel / Designs Codes and Cryptography, 77 (2015), 611 - 631
Current State of Browser Extension Security and Extension-based Malware / M. Neumayr / Supervisor: W. Kastner, M. Lindorfer; Rechnergestützte Automation, 2015; final examination: 2015-04-14

2014

Provably Sound Browser-Based Enforcement of Web Session Integrity / S. Calzavara, R. Focardi, W. Khan, M. Tempesta / in: "2014 IEEE 27th Computer Security Foundations Symposium", IEEE Computer Society, 2014, ISBN: 978-1-4799-4290-9, 366 - 380
Andrubis - 1,000,000 Apps Later: A View on Current Android Malware Behaviors / M. Lindorfer, M. Neugschwandtner, L. Weichselbaum, Y. Fratantonio, V. van der Veen, Ch. Platzer / in: "Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)", IEEE, 2014, ISBN: 978-1-4799-8308-7, 3 - 17
AndRadar: Fast Discovery of Android Applications in Alternative Markets / M. Lindorfer, V. Volanis, A. Sisto, M. Neugschwandtner, E. Athanasopoulos, F. Maggi, Ch. Platzer, S. Zanero, S. Ioannidis / in: "Proceedings of the 11th Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)", Springer, LNCS 8550, 2014, ISBN: 978-3-319-08508-1, 51 - 71
Skin Sheriff: A Machine Learning Solution for Detecting Explicit Images / Ch. Platzer, M. Stütz, M. Lindorfer / in: "Proceedings of the 2nd International Workshop on Security and Forensics in Communication Systems (ASIACCS-SFCS)", IEEE, 2014, ISBN: 978-1-4503-2802-9, 45 - 56
Enter Sandbox: Android Sandbox Comparison / S. Neuner, v. Victor, M. Lindorfer, M. Huber, M. Georg, M. Mulazzani, E. Weippl / in: "Proceedings of the IEEE Mobile Security Technologies Workshop (MoST)", IEEE, 2014

2013

Take a Bite - Finding the Worm in the Apple / M. Lindorfer, B. Miller, M. Neugschwandtner, Ch. Platzer / in: "International Conference on Information, Communications and Signal Processing (ICICS)", IEEE, 2013
POSTER: Cross-Platform Malware: Write Once, Infect Everywhere / M. Lindorfer, M. Neumayr, J. Caballero, Ch. Platzer / Poster: ACM Conference on Computer and Communications Security (CCS), Berlin; 2013-11-04 - 2013-11-08; in: "ACM Conference on Computer and Communications Security (CCS)", (2013)
A View to a Kill: WebView Exploitation / M. Neugschwandtner, M. Lindorfer, Ch. Platzer / in: "USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)", USENIX, 2013

2012

Lines of Malicious Code: Insights Into the Malicious Software Industry / M. Lindorfer, A. Di Federico, F. Maggi, P. Milani Comparetti, S. Zanero / in: "Proceedings of the 28th Annual Computer Security Applications Conference", ACM, New York, 2012, ISBN: 978-1-4503-1312-4, 349 - 358

2011

Detecting Environment-Sensitive Malware / M. Lindorfer / Supervisor: E. Kirda, P. Milani Comparetti, C. Kolbitsch; Institut für Rechnergestützte Automation, 2011
Detecting Environment-Sensitive Malware / M. Lindorfer, C. Kolbitsch, P. Milani Comparetti / in: "Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (2011)", Springer, 2011, ISBN: 978-3-642-23643-3