Publikationen

Informationssystem der Friedrich-Alexander-Universität Erlangen-Nürnberg

© Config eG

Sammlung/Stundenplan Modulbelegung

Home | Rechtliches | Kontakt | Hilfe

Suche:

Lehr-
veranstaltungen

Personen/
Einrichtungen

Forschungs-
bericht

Publi-
kationen

Internat.
Kontakte

Examens-
arbeiten

Telefon &
E-Mail



	Darstellung
		Druckansicht ausführliche Fassung

Einrichtungen >> Technische Fakultät (TF) >> Department Informatik (INF) >>

Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)

	2019 Analyzing Android’s File-Based Encryption Evaluating Spread of 'Gasless Send' in Ethereum Smart Contracts Investigating Characteristics of Attacks on Public Cloud Systems
	2018 A standardized corpus for SQLite database forensics Advances in Forensic Data Acquisition An Inquiry into Perception and Usage of Smartphone Permission Models Atlas: Application Confidentiality in Compromised Embedded Systems Controlled experiments in digital evidence tampering Defeating the Secrets of OTP Apps ERNW Whitepaper 64: Incident Analysis and Forensics in Docker ERNW Whitepaper 65: APFS Internals for Forensic Analysis ERNW Whitepaper 66: Medical Device Security: A Survey of the Current State Exploring Security Economics in IoT Standardization Efforts Forensic APFS File Recovery Honey, I Shrunk Your App Security: The State of Android App Hardening How Android's UI Security is Undermined by Accessibility Ich sehe was, das du nicht siehst: Die Realität von Mobilebanking zwischen allgemeinen und rechtlichen Anforderungen Introducing Anti-Forensics to SQLite Corpora and Tool Testing Introducing DINGfest: An architecture for next generation SIEM systems Linux Memory Forensics: Expanding Rekall for Userland Investigation Lumus: Dynamically Uncovering Evasive Android Applications Malicious IoT Implants: Tampering with Serial Communication over the Internet On App-based Matrix Code Authentication in Online Banking Opinion: Security Lifetime Labels -- Overcoming Information Asymmetry in Security of IoT Consumer Products Principles of Secure Logging for Safekeeping Digital Evidence Programming Experience Might Not Help in Comprehending Obfuscated Source Code Efficiently Quellen-TKÜ und Online-Durchsuchung als neue Maßnahmen für die Strafverfolgung: Rechtliche und technische Herausforderungen RAM-Schranke: RAM-Verschlüsselung bei AMD und Intel Secure Remote Computation using Intel SGX Styx: Countering robust memory acquisition Tackling Android's Native Library Malware with Robust, Efficient and Accurate Similarity Measures TEEshift: Protecting Code Confidentiality by Selectively Shifting Functions into TEEs The beta-Time-to-Compromise Metric for Practical Cyber Security Risk Estimation The performance cost of software obfuscation for Android applications The Swift Language from a Reverse Engineering Perspective Trusted Systems in Untrusted Environments: Protecting against Strong Attackers Universal Trusted Execution Environments for Securing SDN/NFV Operations
	2017 A Cloud-Based Compilation and Hardening Platform for Android Apps A forensic email analysis tool using dynamic visualization AFEIC: Advanced Forensic Ext4 Inode Carving Anscheinsbeweis und Kundenhaftung beim Online-Banking Anti-ProGuard: Towards Automated Deobfuscation of Android Apps Auf der Spur digital terrestrischer Fußabdrücke Cache Attacks on Intel SGX Die fabelhafte Welt des Mobilebankings Do digital investigators have to program? A controlled experiment in digital investigation ERNW Whitepaper 58: Incident Handling: First Steps, Preparation Plans, and Process Models ERNW Whitepaper 59: Email Communication Visualization in (forensic) incident analysis ERNW Whitepaper 61: What is new in Ext4 from an Incident Analysis Perspective Exploring Security Processes in Organizations: the Case of Smartphones Forensic limbo: Towards subverting hard disk firmware bootkits Forensisches Reverse Engineering Hardware-Based Trusted Computing Architectures for Isolation and Attestation Illumination Analysis in Physics-based Image Forensics: A Joint Discussion of Illumination Direction and Color Incident Analyse und Forensik in Docker-Umgebungen Insecure to the Touch: Attacking ZigBee 3.0 via Touchlink Commissioning Linux Memory Forensics: Dissecting the User Space Process Heap Linux Memory Forensics: Dissecting the User Space Process Heap Paying the Price for Disruption: How a FinTech Allowed Account Takeover Privacy Implications of Room Climate Data Protecting JavaScript Apps from Code Analysis Residual-based Forensic Comparison of Video Sequences Rest In Protection: A Kernel-Level Approach to Mitigate RIP Tampering Sancus 2.0: A Low-Cost Security Architecture for IoT Devices SOFIA: Software and Control Flow Integrity Architecture Überblick über staatliche Spähsoftware Unpacking Spear Phishing Susceptibility VMAttack: Deobfuscating Virtualization-Based Packed Binaries Zur Authentizität und Integrität bei (digitalen) Beweismitteln
	2016 A forensic email analysis tool using dynamic visualization A Literature Review on Smartphone Security in Organizations using a new Theoretical Model – The Dynamic Security Success Model All Your Bulbs Are Belong to Us: Investigating the Current State of Security in Connected Lighting Systems ARTIST: The Android Runtime Instrumentation Toolkit Auf dem Weg verTAN: Über die Sicherheit App-basierter TAN-Verfahren Cleaning up Web 2.0's Security Mess-at Least Partly Comparative Evaluation of Machine Learning-based Malware Detection on Android Das Smartphone als sichere Besitzkomponente in der Zwei-Faktor-Authentifizierung? Design-Time/Run-Time Mapping of Security-Critical Applications in Heterogeneous MPSoCs Evaluating Atomicity, and Integrity of Correct Memory Acquisition Methods Exploiting Curiosity and Context: How to Make People Click on a Dangerous Link Despite Their Security Awareness Exzess: Hardware-based RAM Encryption against Physical Memory Disclosure Fingerprinting Mobile Devices Using Personalized Configurations Firewalls for the Web 2.0 Forensically Sound Data Acquisition in the Age of Anti-Forensic Innocence Generic RAID Reassembly using Block-Level Entropy HyperCrypt: Hypervisor-based Encryption of Kernel and User Space Information Leakage behind the Curtain: Abusing Anti-EMI Features for Covert Communication Information Leakage behind the Curtain: Abusing Anti-EMI Features for Covert Communication ISO, BSI and NIST versus organizational reality: Why guidelines are not enough Isolating Operating System Components with Intel SGX Lest We Forget: Cold-Boot Attacks on Scrambled DDR3 Memory Look Before You Leap: Improving the Users’ Ability to Detect Fraud in Electronic Marketplaces On the Security of the ZigBee Light Link Touchlink Commissioning Procedure Providing security on demand using invasive computing RamCrypt: Kernel-based Address Space Encryption for User-mode Processes Shut Up and Take My Money! The Red Pill of N26 Security Towards Cycle-Accurate Emulation of Cortex-M Code to Detect Timing Side Channels
	2015 (Un)Sicherheit von App-basierten TAN-Verfahren im Onlinebanking A Bytecode Interpreter for Secure Program Execution in Untrusted Main Memory A Game of Droid and Mouse: The Threat of Split-Personality Malware on Android Acquisition and Analysis of Compromised Firmware Using Memory Forensics Approximating Optimal Software Obfuscation for Android Applications Automated Malware Analysis for Android: A Comparative Evaluation Characteristic Evidence, Counter Evidence and Reconstruction Problems in Forensic Computing Characteristic evidence, counter evidence and reconstruction problems in forensic computing Client-side protection against DOM-based XSS done right Client-side protection against DOM-based XSS done right (tm) CloudIDEA: A Malware Defense Architecture for Cloud Data Centers Cyberkriminalität - Erscheinungsformen, Entwicklungslinien, Herausforderungen Design Space of Smart Home Networks from a Security Perspective Design, Implementation and Evaluation of the ULIX Teaching Operating System Dynamic Self-Protection and Tamperproofing for Android Apps using Native Code Forensische Informatik From Facepalm to Brain Bender: Exploring Client-Side Cross-Site Scripting Google Verify Apps: The Illusion of Security? Improving the Detection of Encrypted Data on Storage Devices Master's Degree Course: Human Factors in Security and Privacy Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security Mental Models of Android Permissions and their Connection to Users' Emotional Attitudes Offener und verdeckter Einsatz technischer Ermittlungswerkzeuge zwischen Theorie und Praxis Physically Secure Code and Data Storage in Autonomously Booting Systems (Short Paper) Practicability Study of Android Volatile Memory Forensic Research Privacy-ABCs as a Case for Studying the Adoption of PETs by Users and Service Providers Privacy-Preserving Email Forensics Privacy-Preserving Email Forensics Protecting Android Apps against Reverse Engineering by the Use of the Native Code Schutz eingebetteter Systeme gegen physische Angriffe Secure garbage collection: Preventing malicious data harvesting from deallocated Java objects inside the Dalvik VM Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits Single-cycle implementations of block ciphers Soteria: Offline Software Protection within Low-cost Embedded Devices Staatliche Spähsoftware zur Strafverfolgung The Unexpected Dangers of Dynamic JavaScript Transnationale Cyberkriminalität vs. nationale Strafverfolgung: Mögliche Auswege aus einem grundsätzlichen Dilemma User acceptance factors for anonymous credentials: An empirical investigation Web tracking: Overview and applicability in digital investigations What is essential data in digital forensic analysis? What is essential data in digital forensic analysis? Windows NT pagefile.sys Virtual Memory Analysis Your Scripts in My Page - What Could Possibly Go Wrong?
	2014 A Systematic Assessment of the Security of Full Disk Encryption An Empirical Evaluation of Software Obfuscation Techniques applied to Android APKs Analysing Android's Full Disk Encryption Feature Android Malware Detection based on Software Complexity Metrics Call to arms: A tale of the weaknesses of current client-side XSS filtering Differences between Android and iPhone users in their security and privacy awareness DiOS: Dynamic Privacy Analysis of iOS Applications Divide-and-Conquer: Why Android Malware cannot be stopped DOM-basiertes Cross-Site Scripting im Web: Reise in ein unerforschtes Land Drei Jahre Master Online Digitale Forensik: Ergebnisse und Erfahrungen Forensic Zero-Knowledge Event Reconstruction on Filesystem Metadata From Computer Forensics to Forensic Computing: Investigators Investigate, Scientists Associate Measuring the Strength of Source Code Obfuscation Revisited Mutual Authentication and Trust Bootstrapping towards Secure Disk Encryption Phishing still works: Erfahrungen und Lehren aus der Durchführung von Phishing-Experimenten Post-Mortem Memory Analysis of Cold-Booted Android Devices Precise Client-side Protection against DOM-based Cross-Site Scripting Protecting Users Against XSS-based Password Manager Abuse Robust Linux memory acquisition with minimal target impact SCADS: Separated Control- and Data-Stacks (Best Student Paper Award) Selektive Datensicherungen in der IT-Forensik Session Identifiers are for now, Passwords are forever - XSS-based abuse of browser password managers Snoop-it: Dynamische Analyse und Manipulation von Apple iOS Apps Specifying IT security awareness Susceptibility to URL-based Internet Attacks: Facebook vs. Email Technische Sicherheit und Informationssicherheit: Unterschiede und Gemeinsamkeiten User Acceptance of Privacy-ABCs: An Exploratory Study Verwendung von Festplattenvollverschlüsselung im privaten und geschäftlichen Umfeld Wahrnehmung der Nutzungsbedingungen und Datenverwendungsrichtlinien von Facebook
	2013 25 Million Flows Later - Large-scale Detection of DOM-based XSS An Evaluation Platform for Forensic Memory Acquisition Software Android and iOS users' differences concerning security and privacy Anti-Forensic Resilient Memory Acquisition Anti-forensics: The Next Step in Digital Forensics Tool Testing ARMORED: CPU-bound Encryption for Android-driven ARM Devices Consequence-based Privacy Decisions: a New Way to Better Privacy Management Differences between Android and iPhone users in their security and privacy attitudes and risk perception Eradicating DNS Rebinding with the Extended Same-Origin Policy Eradicating DNS Rebinding with the Extended Same-Origin Policy Exploring Interaction between Smartphone Choice and Human Aspects of Security and Privacy Faktoren des datenschutzbewussten Verhaltens in Facebook Fast Software Encryption with SIMD (How to speed up symmetric block ciphers with the AVX/AVX2 instruction set) Forensic Application-Fingerprinting based on file system Metadata FROST - Forensic Recovery of Scrambled Telephones LiPPGen: A presentation generator for literate-programming-based teaching MobileSandbox: Ein Analyseframework für Android Applikationen MobileSandbox: Looking Deeper into Android Applications On the Practicability of Cold Boot Attacks On the Security of Full Disk Encryption (dt. Zur Sicherheit von Festplattenvollverschlüsselungen) PANDORA Applies Non-Deterministic Obfuscation Randomly to Android Pentesting iOS Apps PRIME: Private RSA Infrastructure for Memory-less Encryption (Outstanding Paper Award) Selective Imaging Revisited Seventh International Conference on IT Security Incident Management and IT Forensics Should the Users be Informed? On Differences in Risk Perception between Android and iPhone Users Slicing Droids: Program Slicing for Smali Code STARK Tamperproof Authentication to Resist Keylogging Systematische Probleme und Grenzen der forensischen Informatik Tools and Processes for Forensic Analyses of Smartphones and Mobile Applications Understanding and Using Anonymous Credentials Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots Visualizing Indicators of Rootkit Infections in Memory Forensics
	2012 (Un)Sicherheit Hardware-basierter Festplattenverschlüsselung Analyse und Vergleich von BckR2D2-I und II Android Malware on the Rise Attitudes to IT Security when Using a Smartphone Attitudes to IT-Security When Using a Smartphone Bleichenbacher's Attack Strinkes Again: Breaking PKCS#1 v1.5 in XML Encryption Comparing Sources of Location Data from Android Smartphones Correctness, Atomicity, and Integrity: Defining Criteria for Forensically-Sound Memory Acquisition Forensic Acquisition of Location Data on Android Smartphones Forensic Analysis of YAFFS2 Forensic Computing (Dagstuhl Seminar 11401) Formalisierung digitaler Spuren und ihre Einbettung in die Forensische Informatik Friendship in German Online Social Networks Information Security Is Computer Forensics a Forensic Science? Kriterien für die Priorisierung bei der Sicherung und Analyse digitaler Spuren Laufzeitanalyse & Manipulation von Apple iOS Apps Mentale Modelle der IT-Sicherheit bei der Nutzung mobiler Endgeräte Pentesting iOS Apps – Runtime Analysis and Manipulation Reducing the Incidence of Unintended, Human-Caused Information Flows in Enterprise Systems RetroShare - Sicher chatten Reverse Code Engineering - State of the Art and Countermeasures Secure Failure Detection and Consensus in TrustedPals Self-Encrypting Disks pose Self-Decrypting Risks: How to break Hardware-based Full Disk Encryption The Evil Inside a Droid - Android Malware: Past, Present and Future TreVisor -- OS-Independent Software-Based Full Disk Encryption Secure Against Main Memory Attacks Vertraulich - Grundlagen der Verschlüsselung WAFFle: Fingerprinting Filter Rules of Web Application Firewalls Was ist eine Quellentelekommunikationsüberwachung?
	2011 A Case Study in Practical Security of Cable Networks A Survey of Main Memory Acquisition and Analysis Techniques for the Windows Operating System An Efficient Mitigation Method for Timing Side Channels on the Web Analyse und Vergleich von BckR2D2-I und II Combining Memory Management and Filesystems in an Operating Systems Course Communication-efficient failure detection and consensus in omission environments Cyberkriminalität, Computerstrafrecht und die digitale Schattenwirtschaft Das Internet-Malware-Analyse-System (InMAS) Design and Implementation of a Documentation Tool for interactive Commandline Sessions Detecting Hidden Storage Side Channel Vulnerabilities in Networked Applications Evaluating the Forensic Image Generator Generator Exploring the Landscape of Cybercrime Forensic Analysis of Smartphones: The Android Data Extractor Lite (ADEL) Forensische Informatik Reverse Engineering of the Android File System (YAFFS2) Säuberung eines infizierten Windows-Betriebssystems auf Basis von Malware-Analyse-Berichten Sicherheit mobiler Apps The Failure Detector Abstraction Tools and Processes for Forensic Analyses of Smartphones and Mobile Malware Treating Memory Management and Filesystems as One Topic TRESOR Runs Encryption Securely Outside RAM TRESOR: Festplatten sicher verschlüsseln TrumanBox: Improving Dynamic Malware Analysis by Emulating the Internet
	2010 A Malware Instruction Set for Behavior-Based Analysis ADSandbox: Sandboxing JavaScript to fight Malicious Websites AESSE: A Cold-boot Resistant Implementation of AES Amun: Automatic Capturing of Malicious Software Attacker models for wireless sensor networks Automatic Analysis of Malware Behavior using Machine Learning Client-Honeypots, Exploring Malicious Websites Cold-Boot Resistant Implementation of AES in the Linux Kernel Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks I'd Like to Pay with Your Visa Card : An Illustration of Illicit Online Trading Activity in the Underground Economy Improved Primitives for Secure Multiparty Integer Computation Query Dissemination in Sensor Networks - Predicting Reachability and Energy Consumption Secure Multiparty Linear Programming Using Fixed-Point Arithmetic Selektion vor der Sicherung Towards Optimal Sensor Placement Strategies for Early Warning Systems Towards Secure Deletion on Smartphones.
	2009 A framework for probabilistic, authentic aggregation in wireless sensor networks Authentic Query Dissemination and Data Aggregation in Wireless Sensor Networks Cooperative Intrusion Detection in Wireless Sensor Networks Datenschutz in digital-forensischen Lehrveranstaltungen Dependability Metrics Research Workshop Proceedings Formally Verified Authenticated Query Dissemination in Sensor Networks Frühe Warnung durch Beobachten und Verfolgen von bösartiger Software im Deutschen Internet: Das Internet-Malware-Analyse System (InMAS) Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones Message-efficient omission-tolerant consensus with limited synchrony Modular Consensus Algorithms for the Crash-Recovery Model Multimedia Forensics is not Computer Forensics Multimedia-Forensik als Teildisziplin der digitalen Forensik Presence, Intervention, Insertion: Unifying Attack and Failure Models in Wireless Sensor Networks Probleme des Verkehrsdatenbegriffs im Rahmen der Vorratsdatenspeicherung Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms Safe termination detection in an asynchronous distributed system when processes may crash and recover The Forensic Image Generator Generator Visual Analysis of Malware Behavior (Short paper) Vom Wert offensiver Methoden. Ein Blick auf IT-Sicherheit aus Angreiferperspektive Walowdac - Analysis of a Peer-to-Peer Botnet Zur Nutzung von Verkehrsdaten im Rahmen der Vorratsdatenspeicherung
	2008 Access control in wireless sensor networks Address Space Layout Randomization: Exploit-Techniken zur Umgehung des ASLR-Schutzes ASLR Smack & Laugh Reference Entwicklung einer OSEK/VDX-kompatiblen Systemschnittstelle für Linux Query Dissemination with Predictable Reachability and Energy Usage in Sensor Networks Vulnerabilities and attacks in wireless sensor networks
	2007 Advanced Evasive Data Storage in Sensor Networks Lower Bounds Topology-based Clusterhead Candidate Selection in Wireless Ad-hoc and Sensor Networks
	2006 Authenticated Query Flooding in Sensor Networks Implementing Agreement Protocols in Sensor Networks Safety, Liveness, and Information Flow: Dependability Revisited Tampering with Motes: Real-World Physical Attacks on Wireless Sensor Networks TrustedPals: Secure Multiparty Computation Implemented with Smart Cards Verifiable Agreement: Limits of Non-repudiation in Mobile Peer-to-Peer Ad Hoc Networks
	2005 An algorithmic framework for robust access control in wireless sensor networks Authenticated Queries in Sensor Networks Cryptographic Attack Metrics Realizing Robust User Authentication in Sensor Networks Secure Multi-Party Computation with Security Modules Simple Evasive Data Storage in Sensor Networks
	2004 User Authentication in Sensor Networks



	UnivIS ist ein Produkt der Config eG, Buckenhof