Publications of team 'Secure Software Systems'

Grouping:  Types [Years]
Kind: [PaperTalk  Press 
Type:  Peer-Reviewed Journal and Magazine Articles  Peer-Reviewed International Conference, Workshop Papers, and Book Chapters  Manuals  Other  Technical Reports  Theses 
Year:  2020  2019  2018  2017  2016  2015  2014  2013  2012  2011  2010  2009  2008  2007  2006  2005  2004  2003  2002  2001  2000  1999  1998  1997  1996  1995  1994  1993  1992  1991  1990  1989  1988  1987  1986  1985  1984  1983  1982  1981  1980 
 clear all selections 

2019

[2] Ferdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen, and Ahmad-Reza Sadeghi. DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization. In Annual Computer Security Applications Conference (ACSAC), December 2019. ACM. December 2019. [ bib ]
[1] Lukas Iffländer, Alexandra Dmitrienko, Christoph Hagen, Michael Jobst, and Samuel Kounev. Hands Off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Technical report, Universität Würzburg, Jul 2019. [ bib | pdf  | http  ]

2018

[2] Christoph Hagen, Alexandra Dmitrienko, Lukas Iffländer, Michael Jobst, and Samuel Kounev. Efficient and Effective Ransomware Detection in Databases (Poster Paper). In 34th Annual Computer Security Applications Conference (ACSAC), December 2018. ACM. [ bib | pdf  ]
[1] Andre Greubel, Alexandra Dmitrienko, and Samuel Kounev. SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. In Proceedings of the 34th Annual Computer Security Applications Conference, San Juan, PR, USA, December 3-7, 2018, ACSAC '18. ACM, New York, NY, USA. Acceptance Rate (Full Paper): 20.1% (60/299). [ bib | pdf  ]

2017

[8] Alexandra Dmitrienko, and Christian Plappert. POSTER: Secure free-floating car sharing for offline cars (an outstanding poster award). In ACM Conference on Data and Application Security and Privacy, March 2017. [ bib | slides  ]
[7] Ferdinand Brasser, Urs Müller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. Software grand exposure: SGX cache attacks are practical. Technical Report arXiv:1702.07521v1, arXiv.org, 2017. [ bib | pdf  ]
[6] Stephan Heuser, Bradley Reaves, Praveen Kumar Pendyala, Henry Carter, Alexandra Dmitrienko, William Enck, Negar Kiyavash, Ahmad-Reza Sadeghi, and Patrick Traynor. Phonion: Practical protection of metadata in telephony networks. Journal Proceedings on Privacy Enhancing Technologies (PoPETs), 2017. [ bib | pdf  ]
[5] Ivan Puddu, Alexandra Dmitrienko, and Srdjan Capkun. Mutable blockchain: How to forget without hard forks. Technical Report Report 2017/106, Cryptology ePrint Archive, 2017. [ bib | pdf  ]
[4] Ferdinand Brasser, Srdjan Capkun, Alexandra Dmitrienko, Tommaso Frassetto, Kari Kostiainen, Urs Müller, and Ahmad-Reza Sadeghi. DR.SGX: Hardening SGX enclaves against cache attacks with data location randomization. Technical Report arXiv:1709.09917, arXiv.org, 2017. [ bib | pdf  ]
[3] Alexandra Dmitrienko, and Christian Plappert. Secure free-floating car sharing for offline cars. In ACM Conference on Data and Application Security and Privacy, 2017. [ bib | pdf  ]
[2] Alexandra Dmitrienko, David Noack, and Moti Yung. Secure wallet-assisted offline Bitcoin payments with double-spender revocation (distinguished paper award). In ACM Conference on Information, Computer and Communications Security (AsiaCCS), 2017. [ bib | pdf  ]
[1] Ferdinand Brasser, Urs Müller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. Software grand exposure: SGX cache attacks are practical. In 11th USENIX Workshop on Offensive Technologies (WOOT 17), 2017. USENIX Association, Vancouver, BC. 2017. [ bib | pdf  ]

2016

[1] Stephan Heuser, Bradley Reaves, Praveen Kumar Pendyala, Henry Carter, Alexandra Dmitrienko, William Enck, Ahmad-Reza Sadeghi, and Patrick Traynor. POSTER: Phonion: Frustrating telephony metadata analysis. In Network and Distributed System Security Symposium (NDSS), February 2016. [ bib | pdf  | slides  ]

2015

[2] Alexandra Dmitrienko. Security and Privacy Aspects of Mobile Platforms and Applications. PhD thesis, TU Darmstadt, April 2015. [ bib | pdf  ]
[1] Alexandra Dmitrienko, Stephan Heuser, Thien Duc Nguyen, Marcos da Silva Ramos, Andre Rein, and Ahmad-Reza Sadeghi. Market-driven code provisioning to mobile secure hardware. In Financial Cryptography and Data Security, January 2015. [ bib | pdf  ]

2014

[6] Alexandra Dmitrienko, David Noack, Ahmad-Reza Sadeghi, and Moti Yung. On offline payments with Bitcoin. Poster abstract. In Workshop on Bitcoin Research, Barbados, March 2014. [ bib | pdf  ]
[5] Alexandra Dmitrienko, David Noack, Ahmad-Reza Sadeghi, and Moti Yung. POSTER. Bitcoin2Go: secure offline and fast payments with Bitcoins. In Financial Cryptography and Data Security Conference, Barbados, March 2014. [ bib | slides  ]
[4] Alexandra Dmitrienko, Christopher Liebchen, Christian Rossow, and Ahmad-Reza Sadeghi. On the (in)security of mobile two-factor authentication. In Financial Cryptography and Data Security Conference, Barbados, March 2014. [ bib | pdf  ]
[3] Christoph Busold, Alexandra Dmitrienko, and Christian Wachsmann. Key2Share for authentication services. In SmartCard Workshop, February 2014. [ bib ]
[2] Alexandra Dmitrienko, Christopher Liebchen, Christian Rossow, and Ahmad-Reza Sadeghi. On the (in)security of mobile two-factor authentication. Technical Report TUD-CS-2014-0029, CASED, 2014. [ bib | pdf  ]
[1] Alexandra Dmitrienko, Christopher Liebchen, Christian Rossow, and Ahmad-Reza Sadeghi. Security analysis of mobile two-factor authentication schemes. Intel Technology Journal, ITJ66 Identity, Biometrics, and Authentication Edition, 18, 2014. [ bib | pdf  ]

2013

[10] N. Asokan, Lucas Davi, Alexandra Dmitrienko, Stephan Heuser, Kari Kostiainen, Elena Reshetova, and Ahmad-Reza Sadeghi. Mobile Platform Security, volume 4 of Synthesis Lectures on Information Security, Privacy, and Trust. Morgan & Claypool, December 2013. [ bib | pdf  ]
[9] Marcin Nagy, Emiliano De Cristofaro, Alexandra Dmitrienko, N. Asokan, and Ahmad-Reza Sadeghi. Do I know you? - Efficient and privacy-preserving common friend-finder protocols and applications. In Annual Computer Security Applications Conference, New Orleans, Loouisiana, USA, December 2013. [ bib | pdf  ]
[8] Marcin Nagy, Emiliano De Cristofaro, Alexandra Dmitrienko, N. Asokan, and Ahmad-Reza Sadeghi. Do I know you? - Efficient and privacy-preserving common friend-finder protocols and applications (full version). Technical Report 2013/620, Cryptology ePrint Archive, September 2013. [ bib | pdf  ]
[7] Kevin Z. Snow, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, Fabian Monrose, and Ahmad-Reza Sadeghi. Just-In-Time code reuse: The more things change, the more they stay the same. In BlackHat USA, August 2013. [ bib | slides  ]
[6] N. Asokan, Alexandra Dmitrienko, Marcin Nagy, Elena Reshetova, Ahmad-Reza Sadeghi, Thomas Schneider, and Stanislaus Stelle. CrowdShare: Secure mobile resource sharing. In International Conference on Applied Cryptography and Network Security (ACNS), June 2013. [ bib | pdf  ]
[5] Lucas Davi, Alexandra Dmitrienko, Stefan Nürnberger, and Ahmad-Reza Sadeghi. Gadge me if you can -- secure and efficient ad-hoc instruction-level randomization for x86 and ARM. In ACM Conference on Information, Computer and Communications Security (AsiaCCS), May 2013. [ bib | pdf  ]
[4] Kevin Z. Snow, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, Fabian Monrose, and Ahmad-Reza Sadeghi. Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization (best student paper award). In IEEE Symposium on Security and Privacy, May 2013. [ bib | pdf  ]
[3] N. Asokan, Alexandra Dmitrienko, Marcin Nagy, Elena Reshetova, Ahmad-Reza Sadeghi, Thomas Schneider, and Stanislaus Stelle. CrowdShare: Secure mobile resource sharing. Technical Report TUD-CS-2013-0084, TU Darmstadt, April 2013. [ bib | pdf  ]
[2] Christoph Busold, Alexandra Dmitrienko, Herve Seudie, Ahmed Taha, Majid Sobhani, Christian Wachsmann, and Ahmad-Reza Sadeghi. POSTER: Secure smartphone-based NFC-enabled car immobilizer (an outstanding poster award). In ACM Conference on Data and Application Security and Privacy, February 2013. [ bib | slides  ]
[1] Christoph Busold, Alexandra Dmitrienko, Herve Seudie, Ahmed Taha, Majid Sobhani, Christian Wachsmann, and Ahmad-Reza Sadeghi. Smart keys for cyber-cars: Secure smartphone-based NFC-enabled car immobilizer. In ACM Conference on Data and Application Security and Privacy, February 2013. [ bib | pdf  ]

2012

[6] Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. Over-the-air cross-platform infection for breaking mTAN-based online banking authentication (white paper). In BlackHat Abu Dhabi, December 2012. [ bib | pdf  ]
[5] Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Sandeep Tamrakar, and Christian Wachsmann. SmartTokens: Delegable access control with NFC-enabled smartphones (full version). Technical Report 2012/187, Cryptology ePrint Archive, September 2012. [ bib | pdf  ]
[4] Lucas Davi, Alexandra Dmitrienko, Stefan Nürnberger, and Ahmad-Reza Sadeghi. XIFER: A software diversity tool against code-reuse attacks. In ACM International Workshop on Wireless of the Students, by the Students, for the Students, August 2012. [ bib | pdf  ]
[3] Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Sandeep Tamrakar, and Christian Wachsmann. SmartTokens: Delegable access control with NFC-enabled smartphones. In International Conference on Trust and Trustworthy Computing, June 2012. Springer. June 2012. [ bib | pdf  ]
[2] Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, and Bhargava Shastry. Towards taming privilege-escalation attacks on Android. In Network and Distributed System Security Symposium (NDSS), February 2012. [ bib | pdf  ]
[1] Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, and Ahmad-Reza Sadeghi. MoCFI: A framework to mitigate control-flow attacks on smartphones. In Network and Distributed System Security Symposium (NDSS), February 2012. [ bib | pdf  ]

2011

[9] Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Stephan Heuser, Ahmad-Reza Sadeghi, and Bhargava Shastry. Practical and lightweight domain isolation on Android. In ACM Workshop on Security and Privacy in Mobile Devices, October 2011. ACM Press. October 2011. [ bib | pdf  ]
[8] Lucas Davi, Alexandra Dmitrienko, Christoph Kowalski, and Marcel Winandy. Trusted virtual domains on OKL4: Secure information sharing on smartphones. In ACM Workshop on Scalable Trusted Computing, October 2011. ACM Press. October 2011. [ bib | pdf  ]
[7] Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, Ahmad-Reza Sadeghi, and Bhargava Shastry. POSTER: The quest for security against privilege escalation attacks on Android. In ACM Conference on Computer and Communications Security (CCS), October 2011. ACM. October 2011. [ bib | pdf  | slides  ]
[6] Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, and Ahmad-Reza Sadeghi. POSTER: Control-flow integrity for smartphones. In ACM Conference on Computer and Communications Security (CCS), October 2011. ACM. October 2011. [ bib | pdf  | slides  ]
[5] Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, and Marcel Winandy. A security architecture for accessing health records on mobile phones. In International Conference on Health Informatics, Rome, Italy, October 2011. [ bib | pdf  ]
[4] Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, and Ahmad-Reza Sadeghi. CFI goes mobile: Control-flow integrity for smartphones. In International Workshop on Trustworthy Embedded Devices. September 2011. Extended Abstract. [ bib | pdf  ]
[3] Alexandra Dmitrienko, Dennis Gessner, Ahmad-Reza Sadeghi, Steffen Schulz, Christian Stueble, and Markus Ullmann. Trusted embedded system operating system (TeSOS) -- study and design. Technical Report HGI-TR-2011-004, Ruhr-University Bochum, System Security Lab, April 2011. [ bib | pdf  ]
[2] Sven Bugiel, Lucas Davi, Alexandra Dmitrienko, Thomas Fischer, and Ahmad-Reza Sadeghi. XManDroid: A new Android evolution to mitigate privilege escalation attacks. Technical Report TR-2011-04, Ruhr-University Bochum, System Security Lab, April 2011. [ bib | pdf  ]
[1] Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr, Ahmad-Reza Sadeghi, and Marcel Winandy. Securing the access to electronic health records on mobile phones. In Biomedical Engineering Systems and Technologies 2011 - Revised Selected Papers, 2011. Springer-Verlag. 2011. [ bib | pdf  ]

2010

[5] Sven Bugiel, Alexandra Dmitrienko, Kari Kostiainen, Ahmad-Reza Sadeghi, and Marcel Winandy. TruWalletM: Secure web authentication on mobile platforms. In International Conference on Trusted Systems, Beijing, China, December 2010. [ bib | pdf  ]
[4] Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, and Marcel Winandy. Privilege escalation attacks on Android. In Information Security Conference, Boca Raton, Florida, October 2010. [ bib | pdf  ]
[3] Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. Return-oriented programming without returns. In ACM Conference on Computer and Communications Security (CCS), Chicago, USA, October 2010. [ bib | pdf  ]
[2] Kari Kostiainen, Alexandra Dmitrienko, Jan-Erik Ekberg, Ahmad-Reza Sadeghi, and N. Asokan. Key attestation from trusted execution environments. In International Conference on Trust and Trustworthy Computing (TRUST), Berlin, June 2010. [ bib | pdf  ]
[1] Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, and Marcel Winandy. Return-oriented programming without returns on ARM. Technical Report HGI-TR-2010-002, Ruhr-University Bochum, System Security Lab, April 2010. [ bib | pdf  ]

2009

[1] Luigi Catuogno, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Steffen Schulz, Marcel Winandy, Jing Zhan, Konrad Eriksson, Dirk Kuhlmann, Gianluca Ramunno, and Matthias Schunter. Trusted virtual domains - design, implementation and lessons learned. In International Conference on Trusted Systems, Beijing, China, December 2009. [ bib | pdf  ]

2007

[1] Alexandra Dmitrienko. Zigbee-to-TCP/IP gateway: New opportunities for ZigBee-based sensor networks. In International Workshop on Ambient Intelligence and Embedded Systems, Vaasa, Finland, September 2007. [ bib ]

2006

[1] Alexandra Dmitrienko. Wiznet W3150A network co-processor: New features for embedded devices. Components and Technologies, 12(7), 2006. [ bib ]

2005

[2] Alexandra Dmitrienko, and Alexey Naumov. Passive infrared detectors Sencera: New name at the market. Electronic Components, 12(11), 2005. [ bib ]
[1] Alexandra Dmitrienko. TDK components for electromagnetic compatibility. Electronic Components, 12(4), 2005. [ bib ]

2004

[2] Alexandra Dmitrienko, and Igor Krivchenko. Humidity sensors Sencera. Electronic Components, 12(8), 2004. [ bib ]
[1] Alexandra Dmitrienko, and Igor Krivchenko. Sensors and detectors Sencera. Components and Technologies, 12(8), 2004. [ bib ]