Seeing through: Analyzing and Attacking Virtual Backgrounds in Video Calls.
Proc. of the 34th USENIX Security Symposium, 2025. (to appear)
Evil from Within: Machine Learning Backdoors Through Dormant Hardware Trojans.
Proc. of the 40th Annual Computer Security Applications Conference (ACSAC), 2024.
Pitfalls in Machine Learning for Computer Security.
Communications of the ACM, 67, (11), 2024.
Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting.
Proc. of the 33rd USENIX Security Symposium, 2024.
Distinguished Paper Award
SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.
Cross-Language Differential Testing of JSON Parsers.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.
On the Role of Pre-trained Embeddings in Binary Code Analysis.
Proc. of the 19th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024.
I still know it's you! On Challenges in Anonymizing Source Code.
Proceedings on Privacy Enhancing Technologies (PETS), 2024, (3), 2024.
Listening between the Bits: Privacy Leaks in Audio Fingerprints.
Proc. of the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2024.
Manipulating Feature Visualizations with Gradient Slingshots.
Technical report, arXiv:2401.06122, 2024.
On the Detection of Image-Scaling Attacks in Machine Learning.
Proc. of the 39th Annual Computer Security Applications Conference (ACSAC), 2023.
PAVUDI: Patch-based Vulnerability Discovery using Machine Learning.
Proc. of the 39th Annual Computer Security Applications Conference (ACSAC), 2023.
Broken Promises: Measuring Confounding Effects in Learning-based Vulnerability Discovery.
Proc. of the 16th ACM Workshop on Artificial Intelligence and Security (AISEC), 2023.
Lazy Gatekeepers: A Large-Scale Study on SPF Configuration in the Wild.
Proc. of the 23rd ACM Internet Measurement Conference (IMC), 2023.
Learning Type Inference for Enhanced Dataflow Analysis.
Proc. of the 28th European Symposium on Research in Computer Security (ESORICS), 2023.
Lessons Learned on Machine Learning for Computer Security.
IEEE Security & Privacy, 21, (4), 2023.
No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning.
Proc. of the 32nd USENIX Security Symposium, 2023.
Hunting for Truth: Analyzing Explanation Methods in Learning-based Vulnerability Discovery.
Proc. of the 8th IEEE European Symposium on Security and Privacy (EuroS&P), 2023.
CodeGraphSMOTE: Data Augmentation for Vulnerability Discovery.
Proc. of the IFIP Conference on Data and Applications Security and Privacy (DBSEC), 2023.
Evil from Within: Machine Learning Backdoor through Hardware Trojans.
Technical report, arXiv:2304.08411, 2023.
Detecting Backdoors in Collaboration Graphs of Software Repositories.
Proc. of the 14th ACM Conference on Data and Applications Security and Privacy (CODASPY), 2023.
Machine Unlearning of Features and Labels.
Proc. of the 30th Network and Distributed System Security Symposium (NDSS), 2023.
Improving Malware Detection with Explainable Machine Learning.
Explainable Deep Learning AI: Methods and Challenges, Elsevier, 2023.
Möglichkeiten und Grenzen KI-gestützter Analyse digitaler Spuren.
Kriminalistik, Jan, 2023.
Security of Machine Learning.
Technical report, Dagstuhl, 12, (7), 41–61, 2023.
I still know it's you! On Challenges in Anonymizing Source Code.
Technical report, arXiv:2208.12553, 2022.
Dos and Don'ts of Machine Learning in Computer Security.
Proc. of the 31st USENIX Security Symposium, 2022.
Distinguished Paper Award
Quantifying the Risk of Wormhole Attacks on Bluetooth Contact Tracing.
Proc. of the 13th ACM Conference on Data and Applications Security and Privacy (CODASPY), 264–275, 2022.
Misleading Deep-Fake Detection with GAN Fingerprints.
Proc. of the 5th IEEE Workshop on Deep Learning and Security (DLS), 2022.
LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems.
Proc. of the 37th Annual Computer Security Applications Conference (ACSAC), 2021.
Spying through Virtual Backgrounds of Video Calls.
Proc. of the 14th ACM Workshop on Artificial Intelligence and Security (AISEC), 2021.
Explaining Graph Neural Networks for Vulnerability Discovery.
Proc. of the 14th ACM Workshop on Artificial Intelligence and Security (AISEC), 2021.
Best Paper Award
Machine Unlearning of Features and Labels.
Technical report, arXiv:2108.11577, 2021.
LogPicker: Strengthening Certificate Transparency Against Covert Adversaries.
Proceedings on Privacy Enhancing Technologies (PETS), 2021, (4), 184–202, 2021.
TagVet: Vetting Malware Tags using Explainable Machine Learning.
Proc. of the 14th ACM European Workshop on Systems Security (EuroSec), 2021.
Explanation-driven Characterisation of Android Ransomware.
Proc. of Workshop on Explainable Deep Learning/AI, 2020.
Against All Odds: Winning the Defense Challenge in an Evasion Competition with Diversification.
Technical report, arXiv:2010.09569, 2020.
Dos and Don'ts of Machine Learning in Computer Security.
Technical report, arXiv:2010.09470, 2020.
Evaluating Explanation Methods for Deep Learning in Security.
Proc. of the 5th IEEE European Symposium on Security and Privacy (EuroS&P), 2020.
Adversarial Preprocessing: Understanding and Preventing Image-Scaling Attacks in Machine Learning.
Proc. of the 29th USENIX Security Symposium, 2020.
Backdooring and Poisoning Neural Networks with Image-Scaling Attacks.
Proc. of the 3rd IEEE Workshop on Deep Learning and Security (DLS), 2020.
What's All That Noise: Analysis and Detection of Propaganda on Twitter.
Proc. of the 13th ACM European Workshop on Systems Security (EuroSec), 2020.
Political Elections Under (Social) Fire? Analysis and Detection of Propaganda on Twitter.
Technical report, arXiv:1912.04143, 2019.
Evaluating Explanation Methods for Deep Learning in Security.
Technical report, arXiv:1906.02108, 2019.
On the Security and Applicability of Fragile Camera Fingerprints.
Proc. of the 24th European Symposium on Research in Computer Security (ESORICS), 450–470, 2019.
Misleading Authorship Attribution of Source Code using Adversarial Learning.
Proc. of the 28th USENIX Security Symposium, 2019.
Thieves in the Browser: Web-based Cryptojacking in the Wild.
Proc. of 14th International Conference on Availability, Reliability and Security (ARES), 2019.
Best Paper Award Runner-Up
New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild.
Proc. of the 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 23–42, 2019.
Best Paper Award Runner-Up
TypeMiner: Recovering Types in Binary Programs using Machine Learning.
Proc. of the 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 288–308, 2019.
False Sense of Security: A Study on the Effectivity of Jailbreak Detection in Banking Apps.
Proc. of the 4th IEEE European Symposium on Security and Privacy (EuroS&P), 2019.
2nd IEEE Deep Learning and Security Workshop (DLS).
Workshop proceedings, IEEE, 2019.
12th ACM European Workshop on Systems Security (EuroSec).
Workshop proceedings, ACM, 2019.
Adversarial Machine Learning Against Digital Watermarking.
Proc. of the 26th European Signal Processing Conference (EUSIPCO), 2018.
Reading Between The Lines: Content-Agnostic Detection of Spear-Phishing Emails.
Proc. of the 21st Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2018.
Web-based Cryptojacking in the Wild.
Technical report, arXiv:1808.09474, 2018.
Privacy-Enhanced Fraud Detection with Bloom filters.
Proc. of the 14th International Conference on Security and Privacy in Communication Networks (SECURECOMM), 2018.
ZOE: Content-based Anomaly Detection for Industrial Control Systems.
Proc. of the 48th Conference on Dependable Systems and Networks (DSN), 127–138, 2018.
11th ACM European Workshop on Systems Security (EuroSec).
Workshop proceedings, ACM, 2018.
Forgotten Siblings: Unifying Attacks on Machine Learning and Digital Watermarking.
Proc. of the 3rd IEEE European Symposium on Security and Privacy (EuroS&P), 2018.
When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries.
Proc. of the 25th Network and Distributed System Security Symposium (NDSS), 2018.
Static Program Analysis as a Fuzzing Aid.
Proc. of the 20th Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 2017.
Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery.
Proc. of the USENIX Workshop on Offensive Technologies (WOOT), 2017.
Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing.
Proc. of the USENIX Workshop on Offensive Technologies (WOOT), 2017.
Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection.
IEEE Transactions on Dependable and Secure Computing (TDSC), 2017.
64-bit Migration Vulnerabilities.
Information Technology (IT), 59, (2), 73–82, De Gruyter, 2017.
Looking Back on Three Years of Flash-based Malware.
Proc. of the 10th ACM European Workshop on Systems Security (EuroSec), 2017.
Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks.
Proc. of the 12th ACM Asia Conference on Computer and Communications Security (ASIACCS), 587–598, 2017.
Special Issue on Vulnerability Analysis.
Information Technology (IT), 59, (2), 57–58, De Gruyter, 2017.
TrustJS: Trusted Client-side Execution of JavaScript.
Proc. of the 10th ACM European Workshop on Systems Security (EuroSec), 2017.
Efficient and Flexible Discovery of PHP Application Vulnerabilities.
Proc. of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P), 2017.
Privacy Threats through Ultrasonic Side Channels on Mobile Devices.
Proc. of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P), 35–47, 2017.
Fraternal Twins: Unifying Attacks on Machine Learning and Digital Watermarking.
Technical report, arXiv:1703.05561, 2017.
Mining Attributed Graphs for Threat Intelligence.
Proc. of the 8th ACM Conference on Data and Applications Security and Privacy (CODASPY), 15–22, 2017.
Die Codeanalyseplattform “Octopus”.
Datenschutz und Datensicherheit (DuD), 40, (11), 713–717, 2016.
Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms.
Proc. of the 23rd ACM Conference on Computer and Communications Security (CCS), 541–552, 2016.
From Malware Signatures to Anti-Virus Assisted Attacks.
Technical report, Technische Universität Braunschweig, (2016-03), 2016.
Bat in the Mobile: A Study on Ultrasonic Device Tracking.
Technical report, Technische Universität Braunschweig, (2016-02), 2016.
Comprehensive Analysis and Detection of Flash-based Malware.
Proc. of the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 101–121, 2016.
Best Paper Award
Towards Vulnerability Discovery Using Staged Program Analysis.
Proc. of the 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 78–97, 2016.
Monte Carlo Localization for Path-Based Mobility in Mobile Wireless Sensor Networks.
Proc. of the 18th IEEE Wireless Communications and Networking Conference (WCNC), 1–7, 2016.
Harry: A Tool for Measuring String Similarity.
Journal of Machine Learning Research (JMLR), 17, (9), 1–5, 2016.
Analyzing and Detecting Flash-based Malware using Lightweight Multi-Path Exploration.
Technical report, University of Göttingen, (IFI-TB-2015-05), 2015.
When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries.
Technical report, arXiv:1512.08546, 2015.
VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits.
Proc. of the 22nd ACM Conference on Computer and Communications Security (CCS), 2015.
Pulsar: Stateful Black-Box Fuzzing of Proprietary Network Protocols.
Proc. of the 11th International Conference on Security and Privacy in Communication Networks (SECURECOMM), 330–347, 2015.
Fingerprinting Mobile Devices Using Personalized Configurations.
Proceedings on Privacy Enhancing Technologies (PETS), 2016, (1), 4–19, 2015.
Automatic Inference of Search Patterns for Taint-Style Vulnerabilities.
Proc. of the 36th IEEE Symposium on Security and Privacy (S&P), 2015.
Torben: A Practical Side-Channel Attack for Deanonymizing Tor Communication.
Proc. of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2015.
Torben: Deanonymizing Tor Communication using Web Page Markers.
Technical report, University of Göttingen, (IFI-TB-2014-01), 2014.
Poisoning Behavioral Malware Clustering.
Proc. of the 7th ACM Workshop on Artificial Intelligence and Security (AISEC), 1–10, 2014.
Special Issue on Threat Detection, Analysis and Defense.
Journal of Information Security and Applications (JISA), 19, (3), 163–164, 2014.
Modeling and Discovering Vulnerabilities with Code Property Graphs.
Proc. of the 35th IEEE Symposium on Security and Privacy (S&P), 2014.
Test-of-Time Award
Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior.
Proc. of the GI Conference “Sicherheit, Schutz und Zuverlässigkeit” (SICHERHEIT), 2014.
Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket.
Proc. of the 21st Network and Distributed System Security Symposium (NDSS), 2014.
Chucky: Exposing Missing Checks in Source Code for Vulnerability Discovery.
Proc. of the 20th ACM Conference on Computer and Communications Security (CCS), 499–510, 2013.
A Close Look on n-Grams in Intrusion Detection: Anomaly Detection vs. Classification.
Proc. of the 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 67–76, 2013.
Off the Beaten Path: Machine Learning for Offensive Security.
Proc. of the 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 1–2, 2013. (Keynote)
Structural Detection of Android Malware using Embedded Call Graphs.
Proc. of the 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 45–54, 2013.
Deobfuscating Embedded Malware using Probable-Plaintext Attacks.
Proc. of the 16th Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 164–183, 2013.
Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket.
Technical report, University of Göttingen, (IFI-TB-2013-02), 2013.
10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment.
Conference proceedings, Springer, 2013.
Toward Supervised Anomaly Detection.
Journal of Artificial Intelligence Research (JAIR), 46, (1), 235–262, 2013.
Generalized Vulnerability Extrapolation using Abstract Syntax Trees.
Proc. of the 28th Annual Computer Security Applications Conference (ACSAC), 359–368, 2012.
Outstanding Paper Award
Sally: A Tool for Embedding Strings in Vector Spaces.
Journal of Machine Learning Research (JMLR), 13, (Nov), 3247–3251, 2012.
Autonomous Learning for Detection of JavaScript Attacks: Vision or Reality?
Proc. of the 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 93–104, 2012.
Early Detection of Malicious Behavior in JavaScript Code.
Proc. of the 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 15–24, 2012.
Learning Stateful Models for Network Honeypots.
Proc. of the 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 37–48, 2012.
Intelligent Defense against Malicious JavaScript Code.
Praxis der Informationsverarbeitung und Kommunikation (PIK), 35, (1), 54–60, 2012.
Support Vector Machines.
Handbook of Computational Statistics, 883–926, Springer, 2012.
Smart Metering De-Pseudonymization.
Proc. of the 27th Annual Computer Security Applications Conference (ACSAC), 227–236, 2011.
Adaptive Detection of Covert Communication in HTTP Requests.
Proc. of the 7th European Conference on Network Defense (EC2ND), 25–32, 2011.
Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities using Machine Learning.
Proc. of the USENIX Workshop on Offensive Technologies (WOOT), 118–127, 2011.
Computer Security and Machine Learning: Worst Enemies or Best Friends?
Proc. of the 1st Workshop on Systems Security (SYSSEC), 107–110, 2011.
Similarity Measures for Sequential Data.
WIREs: Data Mining and Knowledge Discovery, 1, (4), 296–304, Wiley, 2011.
Automatic Analysis of Malware Behavior using Machine Learning.
Journal of Computer Security (JCS), 19, (4), 639–668, IOSPress, 2011.
Self-Learning Network Intrusion Detection.
Information Technology (IT), 53, (3), 152–156, Oldenbourg, 2011.
Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks.
Proc. of the 26th Annual Computer Security Applications Conference (ACSAC), 31–39, 2010.
6th European Conference on Computer Network Defense.
Conference proceedings, IEEE Computer Society, 2010.
A Malware Instruction Set for Behavior-based Analysis.
Proc. of the GI Conference “Sicherheit, Schutz und Zuverlässigkeit” (SICHERHEIT), 205–216, 2010.
ASAP: Automatic Semantics-Aware Analysis of Network Payloads.
Proc. of the ECML Workshop on Privacy and Security Issues in Machine Learning, 50–63, 2010.
Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks.
Technical report, Technische Universität Berlin, (2010-10), 2010.
Botzilla: Detecting the “Phoning Home” of Malicious Software.
Proc. of the 25th ACM Symposium on Applied Computing (SAC), 1978–1984, 2010.
TokDoc: A Self-Healing Web Application Firewall.
Proc. of the 25th ACM Symposium on Applied Computing (SAC), 1846–1853, 2010.
FIPS: FIRST Intrusion Prevention System.
Technical report, Fraunhofer Institute FIRST, (FIRST 1/2010), 2010.
Approximate Tree Kernels.
Journal of Machine Learning Research (JMLR), 11, (Feb), 555–580, Microtome, 2010.
A Malware Instruction Set for Behavior-Based Analysis.
Technical report, University of Mannheim, (TR-2009-07), 2009.
Automatic Analysis of Malware Behavior using Machine Learning.
Technical report, Technische Universität Berlin, (2009-18), 2009.
Visualization and Explanation of Payload-Based Anomaly Detection.
Proc. of the 5th European Conference on Network Defense (EC2ND), 2009.
Active Learning for Network Intrusion Detection.
Proc. of the 2nd ACM Workshop on Artificial Intelligence and Security (AISEC), 47–54, 2009.
Securing IMS against Novel Threats.
Bell Labs Technical Journal, 14, (1), 243–257, Wiley, 2009.
Machine Learning for Application-Layer Intrusion Detection.
PhD thesis, Technische Universität Berlin, 2009.
An Architecture for Inline Anomaly Detection.
Proc. of the 4th European Conference on Network Defense (EC2ND), 11–18, 2008.
Incorporation of Application Layer Protocol Syntax into Anomaly Detection.
Proc. of the 4th International Conference on Information Systems Security (ICISS), 188–202, 2008.
Approximate Kernels for Trees.
Technical report, Fraunhofer Institute FIRST, (FIRST 5/2008), 2008.
Machine Learning for Intrusion Detection.
Mining Massive Data Sets for Security, 366–373, IOS press, 2008.
A Self-Learning System for Detection of Anomalous SIP Messages.
Principles, Systems and Applications of IP Telecommunications (IPTCOMM), 90–106, 2008.
Learning and Classification of Malware Behavior.
Proc. of the 5th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 108–125, 2008.
Attack Taxonomy.
Perspectives Workshop: Network Attack Detection and Defense (Dagstuhl Proceedings), 2008.
Requirements for Network Monitoring from an IDS Perspective.
Perspectives Workshop: Network Attack Detection and Defense (Dagstuhl Proceedings), 2008.
Measuring and Detecting Fast-Flux Service Networks.
Proc. of the 15th Network and Distributed System Security Symposium (NDSS), 2008.
Linear-Time Computation of Similarity Measures for Sequential Data.
Journal of Machine Learning Research (JMLR), 9, (Jan), 23–48, Microtome, 2008.
Computation of Similarity Measures for Sequential Data using Generalized Suffix Trees.
Advances in Neural Information Processing Systems (NeurIPS), 2007.
Large scale learning with string kernels.
Large Scale Kernel Machines, 73–103, MIT Press, 2007.
Language Models for Detection of Unknown Attacks in Network Traffic.
Journal in Computer Virology (JICV), 2, (4), 243–256, Springer, 2007.
Efficient Algorithms for Similarity Measures over Sequential Data: A Look beyond Kernels.
Proc. of the DAGM Symposium on Pattern Recognition, 374–383, 2006.
Detecting Unknown Network Attacks using Language Models.
Proc. of the 3rd Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 74–90, 2006.
Learning intrusion detection: supervised or unsupervised?
Proc. of the 13th International Conference on Image Analysis and Processing (ICIAP), 50–57, 2005.
Visualization of anomaly detection using prediction sensitivity.
Proc. of the GI Conference “Sicherheit, Schutz und Zuverlässigkeit” (SICHERHEIT), 197–208, 2005.