Research Group
Machine Learning
and Security
View from our building over Berlin.

Publications

2024

Evil from Within: Machine Learning Backdoors Through Dormant Hardware Trojans.
Alexander Warnecke, Julian Speith, Jan-Niklas Möller, Konrad Rieck and Christof Paar.
Proc. of the 40th Annual Computer Security Applications Conference (ACSAC), 2024. (to appear)

Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting.
Robin Kirchner, Jonas Möller, Marius Musch, David Klein, Konrad Rieck and Martin Johns.
Proc. of the 33rd USENIX Security Symposium, 2024.
Distinguished Paper Award

PDF Code

SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing.
Felix Weißberg, Jonas Möller, Tom Ganz, Erik Imgrund, Lukas Pirch, Lukas Seidel, Moritz Schloegel, Thorsten Eisenhofer and Konrad Rieck.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.

PDF Code Data

Cross-Language Differential Testing of JSON Parsers.
Jonas Möller, Felix Weißberg, Lukas Pirch, Thorsten Eisenhofer and Konrad Rieck.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.

PDF Code

On the Role of Pre-trained Embeddings in Binary Code Analysis.
Alwin Maier, Felix Weißberg and Konrad Rieck.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.

PDF Data

Battle of Wits: To What Extent Can Fraudsters Disguise Their Tracks in International Bypass Fraud?
Anne Kouam, Aline Viana and Alain Tchana.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.

PDF

I still know it's you! On Challenges in Anonymizing Source Code.
Micha Horlboge, Erwin Quiring, Roland Meyer and Konrad Rieck.
Proceedings on Privacy Enhancing Technologies (PETS), 2024, (3), 2024.

PDF Code Data

Listening between the Bits: Privacy Leaks in Audio Fingerprints.
Moritz Pfister, Robert Michael, Max Boll, Konrad Rieck and Daniel Arp.
Proc. of the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2024.

PDF Code

A Representative Study on Human Detection of Artificially Generated Media Across Countries.
Joel Frank, Franziska Herbert, Jonas Ricker, Lea Schönherr, Thorsten Eisenhofer, Asja Fischer, Markus Dürmuth and Thorsten Holz.
Proc. of the 45th IEEE Symposium on Security and Privacy (S&P), 2024.

Link Code

Security Viewpoints on Explainable Machine Learning.
Alexander Warnecke.
PhD thesis, Technische Universität Berlin, 2024.

PDF

Software Defect Localization Using Explainable Deep Learning.
Tom Ganz.
PhD thesis, Technische Universität Berlin, 2024.

PDF

Manipulating Feature Visualizations with Gradient Slingshots.
Dilyara Bareeva, Marina Höhne, Alexander Warnecke, Lukas Pirch, Klaus-Robert Müller, Konrad Rieck and Kirill Bykov.
Technical report, arXiv:2401.06122, 2024.

Link

2023

On the Detection of Image-Scaling Attacks in Machine Learning.
Erwin Quiring, Andreas Müller and Konrad Rieck.
Proc. of the 39th Annual Computer Security Applications Conference (ACSAC), 2023.

PDF Code

PAVUDI: Patch-based Vulnerability Discovery using Machine Learning.
Tom Ganz, Erik Imgrund, Martin Härterich and Konrad Rieck.
Proc. of the 39th Annual Computer Security Applications Conference (ACSAC), 2023.

PDF Code

Broken Promises: Measuring Confounding Effects in Learning-based Vulnerability Discovery.
Erik Imgrund, Tom Ganz, Martin Härterich, Niklas Risse, Lukas Pirch and Konrad Rieck.
Proc. of the 16th ACM Workshop on Artificial Intelligence and Security (AISEC), 2023.

PDF

Drift Forensics of Malware Classifiers.
Theo Chow, Zeliang Kan, Lorenz Linhardt, Lorenzo Cavallaro, Daniel Arp and Fabio Pierazzi.
Proc. of the 16th ACM Workshop on Artificial Intelligence and Security (AISEC), 2023.

PDF

Lazy Gatekeepers: A Large-Scale Study on SPF Configuration in the Wild.
Stefan Czybik, Micha Horlboge and Konrad Rieck.
Proc. of the 23rd ACM Internet Measurement Conference (IMC), 2023.

PDF Code

Learning Type Inference for Enhanced Dataflow Analysis.
Lukas Seidel, Sedick Effendi, Xavier Pinho, Konrad Rieck, Brink Merwe and Fabian Yamaguchi.
Proc. of the 28th European Symposium on Research in Computer Security (ESORICS), 2023.

PDF Code

Lessons Learned on Machine Learning for Computer Security.
Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro and Konrad Rieck.
IEEE Security & Privacy, 21, (4), 2023.

PDF Link

No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning.
Thorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz and Konrad Rieck.
Proc. of the 32nd USENIX Security Symposium, 2023.

PDF Code

Hunting for Truth: Analyzing Explanation Methods in Learning-based Vulnerability Discovery.
Tom Ganz, Philipp Rall, Martin Härterich and Konrad Rieck.
Proc. of the 8th IEEE European Symposium on Security and Privacy (EuroS&P), 2023.

PDF

CodeGraphSMOTE: Data Augmentation for Vulnerability Discovery.
Tom Ganz, Erik Imgrund, Martin Härterich and Konrad Rieck.
Proc. of the IFIP Conference on Data and Applications Security and Privacy (DBSEC), 2023.

PDF Link

Evil from Within: Machine Learning Backdoor through Hardware Trojans.
Alexander Warnecke, Julian Speith, Jan-Niklas Möller, Konrad Rieck and Christof Paar.
Technical report, arXiv:2304.08411, 2023.

PDF Link

Detecting Backdoors in Collaboration Graphs of Software Repositories.
Tom Ganz, Inaam Ashraf, Martin Härterich and Konrad Rieck.
Proc. of the 14th ACM Conference on Data and Applications Security and Privacy (CODASPY), 2023.

PDF Link

Machine Unlearning of Features and Labels.
Alexander Warnecke, Lukas Pirch, Christian Wressnegger and Konrad Rieck.
Proc. of the 30th Network and Distributed System Security Symposium (NDSS), 2023.

PDF Code

Improving Malware Detection with Explainable Machine Learning.
Michele Scalas, Konrad Rieck and Giorgio Giacinto.
Explainable Deep Learning AI: Methods and Challenges, Elsevier, 2023.

Link

Möglichkeiten und Grenzen KI-gestützter Analyse digitaler Spuren.
Andreas Dewald, Felix Freiling, Tobias Gross, Dennis Kniel, Robert Michael and Konrad Rieck.
Kriminalistik, Jan, 2023.

Link

Security of Machine Learning.
Battista Biggio, Nicholas Carlini, Pavel Laskov, Konrad Rieck and Antonio Cina.
Technical report, Dagstuhl, 12, (7), 41–61, 2023.

PDF Link

2022

I still know it's you! On Challenges in Anonymizing Source Code.
Micha Horlboge, Erwin Quiring, Roland Meyer and Konrad Rieck.
Technical report, arXiv:2208.12553, 2022.

PDF Link Code Data

Dos and Don'ts of Machine Learning in Computer Security.
Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro and Konrad Rieck.
Proc. of the 31st USENIX Security Symposium, 2022.
Distinguished Paper Award

PDF Project

Quantifying the Risk of Wormhole Attacks on Bluetooth Contact Tracing.
Stefan Czybik, Daniel Arp and Konrad Rieck.
Proc. of the 13th ACM Conference on Data and Applications Security and Privacy (CODASPY), 264–275, 2022.

PDF

Misleading Deep-Fake Detection with GAN Fingerprints.
Vera Wesselkamp, Konrad Rieck, Daniel Arp and Erwin Quiring.
Proc. of the 5th IEEE Workshop on Deep Learning and Security (DLS), 2022.

PDF Code

2021

LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems.
Niclas Kühnapfel, Stefan Preußler, Maximilian Noppel, Thomas Schneider, Konrad Rieck and Christian Wressnegger.
Proc. of the 37th Annual Computer Security Applications Conference (ACSAC), 2021.

PDF Project Code

Spying through Virtual Backgrounds of Video Calls.
Jan Hilgefort, Daniel Arp and Konrad Rieck.
Proc. of the 14th ACM Workshop on Artificial Intelligence and Security (AISEC), 2021.

PDF

Explaining Graph Neural Networks for Vulnerability Discovery.
Tom Ganz, Martin Härterich, Alexander Warnecke and Konrad Rieck.
Proc. of the 14th ACM Workshop on Artificial Intelligence and Security (AISEC), 2021.
Best Paper Award

PDF

On the Security of Machine Learning Beyond the Feature Space.
Erwin Quiring.
PhD thesis, Technische Universität Braunschweig, 2021.

PDF

Machine Unlearning of Features and Labels.
Alexander Warnecke, Lukas Pirch, Christian Wressnegger and Konrad Rieck.
Technical report, arXiv:2108.11577, 2021.

PDF Link Code

LogPicker: Strengthening Certificate Transparency Against Covert Adversaries.
Alexandra Dirksen, David Klein, Robert Michael, Tilman Stehr, Konrad Rieck and Martin Johns.
Proceedings on Privacy Enhancing Technologies (PETS), 2021, (4), 184–202, 2021.

PDF Project Code

TagVet: Vetting Malware Tags using Explainable Machine Learning.
Lukas Pirch, Alexander Warnecke, Christian Wressnegger and Konrad Rieck.
Proc. of the 14th ACM European Workshop on Systems Security (EuroSec), 2021.

PDF

2020

Explanation-driven Characterisation of Android Ransomware.
Michele Scalas, Konrad Rieck and Giorgio Giacinto.
Proc. of Workshop on Explainable Deep Learning/AI, 2020.

Link

Against All Odds: Winning the Defense Challenge in an Evasion Competition with Diversification.
Erwin Quiring, Lukas Pirch, Michael Reimsbach, Daniel Arp and Konrad Rieck.
Technical report, arXiv:2010.09569, 2020.

PDF Link Code

Dos and Don'ts of Machine Learning in Computer Security.
Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro and Konrad Rieck.
Technical report, arXiv:2010.09470, 2020.

PDF Link Project

Evaluating Explanation Methods for Deep Learning in Security.
Alexander Warnecke, Daniel Arp, Christian Wressnegger and Konrad Rieck.
Proc. of the 5th IEEE European Symposium on Security and Privacy (EuroS&P), 2020.

PDF Project Code

Adversarial Preprocessing: Understanding and Preventing Image-Scaling Attacks in Machine Learning.
Erwin Quiring, David Klein, Daniel Arp, Martin Johns and Konrad Rieck.
Proc. of the 29th USENIX Security Symposium, 2020.

PDF Project Code

Backdooring and Poisoning Neural Networks with Image-Scaling Attacks.
Erwin Quiring and Konrad Rieck.
Proc. of the 3rd IEEE Workshop on Deep Learning and Security (DLS), 2020.

PDF Project Code

What's All That Noise: Analysis and Detection of Propaganda on Twitter.
Ansgar Kellner, Christian Wressnegger and Konrad Rieck.
Proc. of the 13th ACM European Workshop on Systems Security (EuroSec), 2020.

PDF

2019

Political Elections Under (Social) Fire? Analysis and Detection of Propaganda on Twitter.
Ansgar Kellner, Lisa Rangosch, Christian Wressnegger and Konrad Rieck.
Technical report, arXiv:1912.04143, 2019.

PDF

Evaluating Explanation Methods for Deep Learning in Security.
Alexander Warnecke, Daniel Arp, Christian Wressnegger and Konrad Rieck.
Technical report, arXiv:1906.02108, 2019.

PDF Link Project Code

On the Security and Applicability of Fragile Camera Fingerprints.
Erwin Quiring, Matthias Kirchner and Konrad Rieck.
Proc. of the 24th European Symposium on Research in Computer Security (ESORICS), 450–470, 2019.

PDF

Misleading Authorship Attribution of Source Code using Adversarial Learning.
Erwin Quiring, Alwin Maier and Konrad Rieck.
Proc. of the 28th USENIX Security Symposium, 2019.

PDF Code

Thieves in the Browser: Web-based Cryptojacking in the Wild.
Marius Musch, Christian Wressnegger, Martin Johns and Konrad Rieck.
Proc. of 14th International Conference on Availability, Reliability and Security (ARES), 2019.
Best Paper Award Runner-Up

PDF

New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild.
Marius Musch, Christian Wressnegger, Martin Johns and Konrad Rieck.
Proc. of the 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 23–42, 2019.
Best Paper Award Runner-Up

PDF

TypeMiner: Recovering Types in Binary Programs using Machine Learning.
Alwin Maier, Hugo Gascon, Christian Wressnegger and Konrad Rieck.
Proc. of the 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 288–308, 2019.

PDF

False Sense of Security: A Study on the Effectivity of Jailbreak Detection in Banking Apps.
Ansgar Kellner, Micha Horlboge, Konrad Rieck and Christian Wressnegger.
Proc. of the 4th IEEE European Symposium on Security and Privacy (EuroS&P), 2019.

PDF Code

Efficient and Explainable Detection of Mobile Malware with Machine Learning.
Daniel Arp.
PhD thesis, Technische Universität Braunschweig, 2019.

PDF

2nd IEEE Deep Learning and Security Workshop (DLS).
Konrad Rieck and Battista Biggio (Ed.).
Workshop proceedings, IEEE, 2019.

Link

Defending Against Targeted Attacks with Pattern Recognition.
Hugo Gascon.
PhD thesis, Technische Universität Braunschweig, 2019.

PDF

Security Analysis of Devolo HomePlug Devices.
Rouven Scholz and Christian Wressnegger.
Proc. of the 12th ACM European Workshop on Systems Security (EuroSec), 2019.

PDF

Features and Machine Learning Systems for Structured and Sequential Data.
Guido Schwenk.
PhD thesis, Technische Universität Berlin, 2019.

PDF

12th ACM European Workshop on Systems Security (EuroSec).
Konrad Rieck and Lorenzo Cavallaro (Ed.).
Workshop proceedings, ACM, 2019.

Link

2018

Efficient Machine Learning for Attack Detection.
Christian Wressnegger.
PhD thesis, Technische Universität Braunschweig, 2018.

PDF

Adversarial Machine Learning Against Digital Watermarking.
Erwin Quiring and Konrad Rieck.
Proc. of the 26th European Signal Processing Conference (EUSIPCO), 2018.

PDF

Reading Between The Lines: Content-Agnostic Detection of Spear-Phishing Emails.
Hugo Gascon, Steffen Ullrich, Benjamin Stritter and Konrad Rieck.
Proc. of the 21st Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2018.

PDF

Web-based Cryptojacking in the Wild.
Marius Musch, Christian Wressnegger, Martin Johns and Konrad Rieck.
Technical report, arXiv:1808.09474, 2018.

PDF Link

Privacy-Enhanced Fraud Detection with Bloom filters.
Daniel Arp, Erwin Quiring, Tammo Krueger, Stanimir Dragiev and Konrad Rieck.
Proc. of the 14th International Conference on Security and Privacy in Communication Networks (SECURECOMM), 2018.

PDF

ZOE: Content-based Anomaly Detection for Industrial Control Systems.
Christian Wressnegger, Ansgar Kellner and Konrad Rieck.
Proc. of the 48th Conference on Dependable Systems and Networks (DSN), 127–138, 2018.

PDF

11th ACM European Workshop on Systems Security (EuroSec).
Angelos Stavrou and Konrad Rieck (Ed.).
Workshop proceedings, ACM, 2018.

Link

Forgotten Siblings: Unifying Attacks on Machine Learning and Digital Watermarking.
Erwin Quiring, Daniel Arp and Konrad Rieck.
Proc. of the 3rd IEEE European Symposium on Security and Privacy (EuroS&P), 2018.

PDF Code

When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries.
Aylin Caliskan, Fabian Yamaguchi, Edwin Tauber, Richard Harang, Konrad Rieck, Rachel Greenstadt and Arvind Narayanan.
Proc. of the 25th Network and Distributed System Security Symposium (NDSS), 2018.

PDF Code

2017

Static Program Analysis as a Fuzzing Aid.
Bhargava Shastry, Markus Leutner, Tobias Fiebig, Kashyap Thimmaraju, Fabian Yamaguchi, Konrad Rieck, Stefan Schmid, Jean-Pierre Seifert and Anja Feldmann.
Proc. of the 20th Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2017.

PDF Code

Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery.
Tommi Unruh, Bhargava Shastry, Malte Skoruppa, Federico Maggi, Konrad Rieck, Jean-Pierre Seifert and Fabian Yamaguchi.
Proc. of the USENIX Workshop on Offensive Technologies (WOOT), 2017.

PDF

Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing.
Bhargava Shastry, Federico Maggi, Fabian Yamaguchi, Konrad Rieck and Jean-Pierre Seifert.
Proc. of the USENIX Workshop on Offensive Technologies (WOOT), 2017.

PDF

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection.
Ambra Demontis, Marco Melis, Battista Biggio, Davide Maiorca, Daniel Arp, Konrad Rieck, Igino Corona, Giorgio Giacinto and Fabio Roli.
IEEE Transactions on Dependable and Secure Computing (TDSC), 2017.

PDF

64-bit Migration Vulnerabilities.
Christian Wressnegger, Fabian Yamaguchi, Alwin Maier and Konrad Rieck.
Information Technology (IT), 59, (2), 73–82, De Gruyter, 2017.

PDF Link

Looking Back on Three Years of Flash-based Malware.
Christian Wressnegger and Konrad Rieck.
Proc. of the 10th ACM European Workshop on Systems Security (EuroSec), 2017.

PDF

Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks.
Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi and Konrad Rieck.
Proc. of the 12th ACM Asia Conference on Computer and Communications Security (ASIACCS), 587–598, 2017.

PDF

Special Issue on Vulnerability Analysis.
Konrad Rieck.
Information Technology (IT), 59, (2), 57–58, De Gruyter, 2017.

Link

TrustJS: Trusted Client-side Execution of JavaScript.
David Goltzsche, Colin Wulf, Divya Muthukumaran, Konrad Rieck, Peter Pietzuch and Rüdiger Kapitza.
Proc. of the 10th ACM European Workshop on Systems Security (EuroSec), 2017.

PDF

Efficient and Flexible Discovery of PHP Application Vulnerabilities.
Michael Backes, Konrad Rieck, Malte Skoruppa, Ben Stock and Fabian Yamaguchi.
Proc. of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P), 2017.

PDF Code

Privacy Threats through Ultrasonic Side Channels on Mobile Devices.
Daniel Arp, Erwin Quiring, Christian Wressnegger and Konrad Rieck.
Proc. of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P), 35–47, 2017.

PDF

Fraternal Twins: Unifying Attacks on Machine Learning and Digital Watermarking.
Erwin Quiring, Daniel Arp and Konrad Rieck.
Technical report, arXiv:1703.05561, 2017.

PDF Link Code

Mining Attributed Graphs for Threat Intelligence.
Hugo Gascon, Bernd Grobauer, Thomas Schreck, Lukas Rist, Daniel Arp and Konrad Rieck.
Proc. of the 8th ACM Conference on Data and Applications Security and Privacy (CODASPY), 15–22, 2017.

PDF Code

Multi-objective Ant Colony Optimisation in Wireless Sensor Networks.
Ansgar Kellner.
Nature-Inspired Computing and Optimization, 51–78, Springer, 2017.

Link

2016

Die Codeanalyseplattform “Octopus”.
Fabian Yamaguchi and Konrad Rieck.
Datenschutz und Datensicherheit (DuD), 40, (11), 713–717, 2016.

Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms.
Christian Wressnegger, Fabian Yamaguchi, Alwin Maier and Konrad Rieck.
Proc. of the 23rd ACM Conference on Computer and Communications Security (CCS), 541–552, 2016.

PDF

From Malware Signatures to Anti-Virus Assisted Attacks.
Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi and Konrad Rieck.
Technical report, Technische Universität Braunschweig, (2016-03), 2016.

PDF

Bat in the Mobile: A Study on Ultrasonic Device Tracking.
Daniel Arp, Erwin Quiring, Christian Wressnegger and Konrad Rieck.
Technical report, Technische Universität Braunschweig, (2016-02), 2016.

PDF

Comprehensive Analysis and Detection of Flash-based Malware.
Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Proc. of the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 101–121, 2016.
Best Paper Award

PDF

Towards Vulnerability Discovery Using Staged Program Analysis.
Bhargava Shastry, Fabian Yamaguchi, Konrad Rieck and Jean-Pierre Seifert.
Proc. of the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 78–97, 2016.

PDF Code

Monte Carlo Localization for Path-Based Mobility in Mobile Wireless Sensor Networks.
Salke Hartung, Ansgar Kellner, Konrad Rieck and Dieter Hogrefe.
Proc. of the 18th IEEE Wireless Communications and Networking Conference (WCNC), 1–7, 2016.

PDF

Harry: A Tool for Measuring String Similarity.
Konrad Rieck and Christian Wressnegger.
Journal of Machine Learning Research (JMLR), 17, (9), 1–5, 2016.

PDF Code

2015

Analyzing and Detecting Flash-based Malware using Lightweight Multi-Path Exploration.
Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Technical report, University of Göttingen, (IFI-TB-2015-05), 2015.

PDF

When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries.
Aylin Caliskan, Fabian Yamaguchi, Edwin Dauber, Richard Harang, Konrad Rieck, Rachel Greenstadt and Arvind Narayanan.
Technical report, arXiv:1512.08546, 2015.

PDF

Pattern-Based Vulnerability Discovery.
Fabian Yamaguchi.
PhD thesis, University of Göttingen, 2015.

PDF

VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits.
Henning Perl, Daniel Arp, Sergej Dechand, Sascha Fahl, Yasemin Acar, Fabian Yamaguchi, Konrad Rieck and Matthew Smith.
Proc. of the 22nd ACM Conference on Computer and Communications Security (CCS), 2015.

PDF

Pulsar: Stateful Black-Box Fuzzing of Proprietary Network Protocols.
Hugo Gascon, Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Proc. of the 11th International Conference on Security and Privacy in Communication Networks (SECURECOMM), 330–347, 2015.

PDF Code

Fingerprinting Mobile Devices Using Personalized Configurations.
Andreas Kurtz, Hugo Gascon, Tobias Becker, Konrad Rieck and Felix Freiling.
Proceedings on Privacy Enhancing Technologies (PETS), 2016, (1), 4–19, 2015.

PDF Code

De-anonymizing Programmers via Code Stylometry.
Aylin Caliskan-Islam, Richard Harang, Andrew Liu, Arvind Narayanan, Clare Voss, Fabian Yamaguchi and Rachel Greenstadt.
Proc. of the 24th USENIX Security Symposium, 255–270, 2015.

PDF Code

Automatic Inference of Search Patterns for Taint-Style Vulnerabilities.
Fabian Yamaguchi, Alwin Maier, Hugo Gascon and Konrad Rieck.
Proc. of the 36th IEEE Symposium on Security and Privacy (S&P), 2015.

PDF Project Code

Torben: A Practical Side-Channel Attack for Deanonymizing Tor Communication.
Daniel Arp, Fabian Yamaguchi and Konrad Rieck.
Proc. of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2015.

PDF

2014

Torben: Deanonymizing Tor Communication using Web Page Markers.
Daniel Arp, Fabian Yamaguchi and Konrad Rieck.
Technical report, University of Göttingen, (IFI-TB-2014-01), 2014.

PDF

Poisoning Behavioral Malware Clustering.
Battista Biggio, Konrad Rieck, Davide Ariu, Christian Wressnegger, Igino Corona, Giorgio Giacinto and Fabio Roli.
Proc. of the 7th ACM Workshop on Artificial Intelligence and Security (AISEC), 1–10, 2014.

PDF

Mobile-Sandbox: Combining Static and Dynamic Analysis with Machine Learning Techniques.
Michael Spreitzenbarth, Thomas Schreck, Florian Echtler, Daniel Arp and Johannes Hoffmann.
International Journal of Information Security, 1–13, Springer, 2014.

Special Issue on Threat Detection, Analysis and Defense.
Shujun Li, Konrad Rieck and Alan Woodward.
Journal of Information Security and Applications (JISA), 19, (3), 163–164, 2014.

Link

Modeling and Discovering Vulnerabilities with Code Property Graphs.
Fabian Yamaguchi, Nico Golde, Daniel Arp and Konrad Rieck.
Proc. of the 35th IEEE Symposium on Security and Privacy (S&P), 2014.
Test-of-Time Award

PDF Project Code

Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior.
Hugo Gascon, Sebastian Uellenbeck, Christopher Wolf and Konrad Rieck.
Proc. of the GI Conference “Sicherheit, Schutz und Zuverlässigkeit” (SICHERHEIT), 2014.

PDF

Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket.
Daniel Arp, Michael Spreitzenbarth, Malte Hübner, Hugo Gascon and Konrad Rieck.
Proc. of the 21st Network and Distributed System Security Symposium (NDSS), 2014.

PDF Project

2013

Chucky: Exposing Missing Checks in Source Code for Vulnerability Discovery.
Fabian Yamaguchi, Christian Wressnegger, Hugo Gascon, Charles Ray and Konrad Rieck.
Proc. of the 20th ACM Conference on Computer and Communications Security (CCS), 499–510, 2013.

PDF

A Close Look on n-Grams in Intrusion Detection: Anomaly Detection vs. Classification.
Christian Wressnegger, Guido Schwenk, Daniel Arp and Konrad Rieck.
Proc. of the 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 67–76, 2013.

PDF Code

Off the Beaten Path: Machine Learning for Offensive Security.
Konrad Rieck.
Proc. of the 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 1–2, 2013. (Keynote)

Structural Detection of Android Malware using Embedded Call Graphs.
Hugo Gascon, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Proc. of the 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 45–54, 2013.

PDF Code

Deobfuscating Embedded Malware using Probable-Plaintext Attacks.
Christian Wressnegger, Frank Boldewin and Konrad Rieck.
Proc. of the 16th Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 164–183, 2013.

PDF

Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket.
Daniel Arp, Michael Spreitzenbarth, Malte Hübner, Hugo Gascon and Konrad Rieck.
Technical report, University of Göttingen, (IFI-TB-2013-02), 2013.

PDF Project

10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment.
Konrad Rieck, Patrick Stewin and Jean-Pierre Seifert (Ed.).
Conference proceedings, Springer, 2013.

Link

Probabilistic Methods for Network Security: From Analysis to Response.
Tammo Krüger.
PhD thesis, Technische Universität Berlin, 2013.

PDF

Toward Supervised Anomaly Detection.
Nico Görnitz, Marius Kloft, Konrad Rieck and Ulf Brefeld.
Journal of Artificial Intelligence Research (JAIR), 46, (1), 235–262, 2013.

PDF

2012

Generalized Vulnerability Extrapolation using Abstract Syntax Trees.
Fabian Yamaguchi, Markus Lottmann and Konrad Rieck.
Proc. of the 28th Annual Computer Security Applications Conference (ACSAC), 359–368, 2012.
Outstanding Paper Award

PDF

Sally: A Tool for Embedding Strings in Vector Spaces.
Konrad Rieck, Christian Wressnegger and Alexander Bikadorov.
Journal of Machine Learning Research (JMLR), 13, (Nov), 3247–3251, 2012.

PDF Code

Autonomous Learning for Detection of JavaScript Attacks: Vision or Reality?
Guido Schwenk, Alexander Bikadorov, Tammo Krueger and Konrad Rieck.
Proc. of the 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 93–104, 2012.

PDF

Early Detection of Malicious Behavior in JavaScript Code.
Kristof Schütt, Alexander Bikadorov, Marius Kloft and Konrad Rieck.
Proc. of the 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 15–24, 2012.

PDF

Learning Stateful Models for Network Honeypots.
Tammo Krueger, Hugo Gascon, Nicole Kraemer and Konrad Rieck.
Proc. of the 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 37–48, 2012.

PDF Code

Intelligent Defense against Malicious JavaScript Code.
Tammo Krueger and Konrad Rieck.
Praxis der Informationsverarbeitung und Kommunikation (PIK), 35, (1), 54–60, 2012.

PDF Link

Support Vector Machines.
Konrad Rieck, Sören Sonnenburg, Sebastian Mika, Christian Schäfer, Pavel Laskov, David Tax and Klaus-Robert Müller.
Handbook of Computational Statistics, 883–926, Springer, 2012.

2011

Smart Metering De-Pseudonymization.
Marek Jawurek, Martin Johns and Konrad Rieck.
Proc. of the 27th Annual Computer Security Applications Conference (ACSAC), 227–236, 2011.

PDF

Adaptive Detection of Covert Communication in HTTP Requests.
Guido Schwenk and Konrad Rieck.
Proc. of the 7th European Conference on Network Defense (EC2ND), 25–32, 2011.

PDF

Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities using Machine Learning.
Fabian Yamaguchi, Felix Lindner and Konrad Rieck.
Proc. of the USENIX Workshop on Offensive Technologies (WOOT), 118–127, 2011.

PDF

Computer Security and Machine Learning: Worst Enemies or Best Friends?
Konrad Rieck.
Proc. of the 1st Workshop on Systems Security (SYSSEC), 107–110, 2011.

PDF

Similarity Measures for Sequential Data.
Konrad Rieck.
WIREs: Data Mining and Knowledge Discovery, 1, (4), 296–304, Wiley, 2011.

PDF Link

Automatic Analysis of Malware Behavior using Machine Learning.
Konrad Rieck, Philipp Trinius, Carsten Willems and Thorsten Holz.
Journal of Computer Security (JCS), 19, (4), 639–668, IOSPress, 2011.

PDF Link Code

Self-Learning Network Intrusion Detection.
Konrad Rieck.
Information Technology (IT), 53, (3), 152–156, Oldenbourg, 2011.

PDF Link

2010

Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks.
Konrad Rieck, Tammo Krueger and Andreas Dewald.
Proc. of the 26th Annual Computer Security Applications Conference (ACSAC), 31–39, 2010.

PDF Link

6th European Conference on Computer Network Defense.
Konrad Rieck (Ed.).
Conference proceedings, IEEE Computer Society, 2010.

Link

A Malware Instruction Set for Behavior-based Analysis.
Philipp Trinius, Carsten Willems, Thorsten Holz and Konrad Rieck.
Proc. of the GI Conference “Sicherheit, Schutz und Zuverlässigkeit” (SICHERHEIT), 205–216, 2010.

PDF

ASAP: Automatic Semantics-Aware Analysis of Network Payloads.
Tammo Krueger, Nicole Kraemer and Konrad Rieck.
Proc. of the ECML Workshop on Privacy and Security Issues in Machine Learning, 50–63, 2010.

PDF

Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks.
Konrad Rieck, Tammo Krueger and Andreas Dewald.
Technical report, Technische Universität Berlin, (2010-10), 2010.

PDF

Botzilla: Detecting the “Phoning Home” of Malicious Software.
Konrad Rieck, Guido Schwenk, Tobias Limmer, Thorsten Holz and Pavel Laskov.
Proc. of the 25th ACM Symposium on Applied Computing (SAC), 1978–1984, 2010.

PDF Link

TokDoc: A Self-Healing Web Application Firewall.
Tammo Krueger, Christian Gehl, Konrad Rieck and Pavel Laskov.
Proc. of the 25th ACM Symposium on Applied Computing (SAC), 1846–1853, 2010.

PDF Link

FIPS: FIRST Intrusion Prevention System.
Ingmar Schuster, Tammo Krueger, Christian Gehl, Konrad Rieck and Pavel Laskov.
Technical report, Fraunhofer Institute FIRST, (FIRST 1/2010), 2010.

PDF

Approximate Tree Kernels.
Konrad Rieck, Tammo Krueger, Ulf Brefeld and Klaus-Robert Müller.
Journal of Machine Learning Research (JMLR), 11, (Feb), 555–580, Microtome, 2010.

PDF Link

2009

A Malware Instruction Set for Behavior-Based Analysis.
Philipp Trinius, Carsten Willems, Thorsten Holz and Konrad Rieck3.
Technical report, University of Mannheim, (TR-2009-07), 2009.

PDF

Automatic Analysis of Malware Behavior using Machine Learning.
Konrad Rieck, Philipp Trinius, Carsten Willems and Thorsten Holz.
Technical report, Technische Universität Berlin, (2009-18), 2009.

PDF Code

Visualization and Explanation of Payload-Based Anomaly Detection.
Konrad Rieck and Pavel Laskov.
Proc. of the 5th European Conference on Network Defense (EC2ND), 2009.

PDF Link

Active Learning for Network Intrusion Detection.
Nico Görnitz, Marius Kloft, Konrad Rieck and Ulf Brefeld.
Proc. of the 2nd ACM Workshop on Artificial Intelligence and Security (AISEC), 47–54, 2009.

PDF Link

Securing IMS against Novel Threats.
Stefan Wahl, Konrad Rieck, Pavel Laskov, Peter Domschitz and Klaus-Robert Müller.
Bell Labs Technical Journal, 14, (1), 243–257, Wiley, 2009.

PDF Link

Machine Learning for Application-Layer Intrusion Detection.
Konrad Rieck.
PhD thesis, Technische Universität Berlin, 2009.

PDF

2008

An Architecture for Inline Anomaly Detection.
Tammo Krueger, Christian Gehl, Konrad Rieck and Pavel Laskov.
Proc. of the 4th European Conference on Network Defense (EC2ND), 11–18, 2008.

PDF Link

Incorporation of Application Layer Protocol Syntax into Anomaly Detection.
Patrick Düssel, Christian Gehl, Pavel Laskov and Konrad Rieck..
Proc. of the 4th International Conference on Information Systems Security (ICISS), 188–202, 2008.

PDF Link

Approximate Kernels for Trees.
Konrad Rieck, Ulf Brefeld and Tammo Krueger.
Technical report, Fraunhofer Institute FIRST, (FIRST 5/2008), 2008.

PDF

Machine Learning for Intrusion Detection.
Pavel Laskov, Konrad Rieck and Klaus-Robert Müller.
Mining Massive Data Sets for Security, 366–373, IOS press, 2008.

Link

A Self-Learning System for Detection of Anomalous SIP Messages.
Konrad Rieck, Stefan Wahl, Pavel Laskov, Peter Domschitz and Klaus-Robert Müller.
Principles, Systems and Applications of IP Telecommunications (IPTCOMM), 90–106, 2008.

PDF Link

Learning and Classification of Malware Behavior.
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel and Pavel Laskov.
Proc. of the 5th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 108–125, 2008.

PDF Link

Attack Taxonomy.
Marc Dacier, Herve Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck and James Sterbenz.
Perspectives Workshop: Network Attack Detection and Defense (Dagstuhl Proceedings), 2008.

PDF

Requirements for Network Monitoring from an IDS Perspective.
Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck and James Sterbenz.
Perspectives Workshop: Network Attack Detection and Defense (Dagstuhl Proceedings), 2008.

PDF

Measuring and Detecting Fast-Flux Service Networks.
Thorsten Holz, Christian Gorecki, Konrad Rieck and Felix Freiling.
Proc. of the 15th Network and Distributed System Security Symposium (NDSS), 2008.

PDF

Linear-Time Computation of Similarity Measures for Sequential Data.
Konrad Rieck and Pavel Laskov.
Journal of Machine Learning Research (JMLR), 9, (Jan), 23–48, Microtome, 2008.

PDF Link

2007

Computation of Similarity Measures for Sequential Data using Generalized Suffix Trees.
Konrad Rieck, Pavel Laskov and Sören Sonnenburg.
Advances in Neural Information Processing Systems (NeurIPS), 2007.

PDF

Large scale learning with string kernels.
Sören Sonnenburg, Gunnar Rätsch and Konrad Rieck.
Large Scale Kernel Machines, 73–103, MIT Press, 2007.

PDF Link

Language Models for Detection of Unknown Attacks in Network Traffic.
Konrad Rieck and Pavel Laskov.
Journal in Computer Virology (JICV), 2, (4), 243–256, Springer, 2007.

PDF Link

2006

Efficient Algorithms for Similarity Measures over Sequential Data: A Look beyond Kernels.
Konrad Rieck, Pavel Laskov and Klaus-Robert Müller.
Proc. of the DAGM Symposium on Pattern Recognition, 374–383, 2006.

PDF Link

Detecting Unknown Network Attacks using Language Models.
Konrad Rieck and Pavel Laskov.
Proc. of the 3rd Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 74–90, 2006.

PDF Link

2005

Learning intrusion detection: supervised or unsupervised?
Pavel Laskov, Patrick Düssel, Christin Schäfer and Konrad Rieck.
Proc. of the 13th International Conference on Image Analysis and Processing (ICIAP), 50–57, 2005.

PDF Link

Visualization of anomaly detection using prediction sensitivity.
Pavel Laskov, Konrad Rieck, Christin Schäfer and Klaus-Robert Müller.
Proc. of the GI Conference “Sicherheit, Schutz und Zuverlässigkeit” (SICHERHEIT), 197–208, 2005.

PDF