TU BRAUNSCHWEIG

Publications

2017

Special Issue on Vulnerability Analysis.
Konrad Rieck.
Information Technology (IT), De Gruyter, to appear April 2017.

64-bit Migration Vulnerabilities.
Christian Wressnegger, Fabian Yamaguchi, Alwin Maier and Konrad Rieck.
Information Technology (IT), De Gruyter, to appear April 2017.

Privacy Threats through Ultrasonic Side Channels on Mobile Devices.
Daniel Arp, Erwin Quiring, Christian Wressnegger and Konrad Rieck.
Proc. of 2nd IEEE European Symposium on Security and Privacy (EuroS&P), to appear April 2017.

Efficient and Flexible Discovery of PHP Application Vulnerabilities.
Michael Backes, Konrad Rieck, Malte Skoruppa, Ben Stock and Fabian Yamaguchi.
Proc. of 2nd IEEE European Symposium on Security and Privacy (EuroS&P), to appear April 2017.

TrustJS: Trusted Client-side Execution of JavaScript.
David Goltzsche, Colin Wulf, Divya Muthukumaran, Konrad Rieck, Peter Pietzuch and Rüdiger Kapitza.
Proc. of 10th ACM European Workshop on Systems Security (EuroSec), to appear April 2017.

Looking Back on Three Years of Flash-based Malware.
Christian Wressnegger and Konrad Rieck.
Proc. of 10th ACM European Workshop on Systems Security (EuroSec), to appear April 2017.

Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks.
Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi and Konrad Rieck.
Proc. of 12th ACM Asia Conference on Computer and Communications Security (ASIA CCS), 587–598, April 2017.

Mining Attributed Graphs for Threat Intelligence.
Hugo Gascon, Bernd Grobauer, Thomas Schreck, Lukas Rist, Daniel Arp and Konrad Rieck.
Proc. of 8th ACM Conference on Data and Applications Security and Privacy (CODASPY), 15–22, March 2017.

Fraternal Twins: Unifying Attacks on Machine Learning and Digital Watermarking.
Erwin Quiring, Daniel Arp and Konrad Rieck.
Technical report, arXiv:1703.05561 March 2017.

Multi-objective Ant Colony Optimisation in Wireless Sensor Networks.
Ansgar Kellner.
Nature-Inspired Computing and Optimization, 51–78, Springer, 2017.

2016

Twice the Bits, Twice the Trouble: Vulnerabilities Induced by Migrating to 64-Bit Platforms.
Christian Wressnegger, Fabian Yamaguchi, Alwin Maier and Konrad Rieck.
Proc. of 23rd ACM Conference on Computer and Communications Security (CCS), 541–552, October 2016.

From Malware Signatures to Anti-Virus Assisted Attacks.
Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi and Konrad Rieck.
Technical report, Technische Universität Braunschweig (2016-03), October 2016.

Die Codeanalyseplattform “Octopus”.
Fabian Yamaguchi and Konrad Rieck.
Datenschutz und Datensicherheit (DuD), 40 (11), 713–717, October 2016.

Bat in the Mobile: A Study on Ultrasonic Device Tracking.
Daniel Arp, Erwin Quiring, Christian Wressnegger and Konrad Rieck.
Technical report, Technische Universität Braunschweig (2016-02), September 2016.

Towards Vulnerability Discovery Using Staged Program Analysis.
Bhargava Shastry, Fabian Yamaguchi, Konrad Rieck and Jean-Pierre Seifert.
Proc. of 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 78–97, July 2016.

Comprehensive Analysis and Detection of Flash-based Malware.
Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Proc. of 13th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 101–121, July 2016.
Best Paper Award

Monte Carlo Localization for Path-Based Mobility in Mobile Wireless Sensor Networks.
Salke Hartung, Ansgar Kellner, Konrad Rieck and Dieter Hogrefe.
Proc. of 18th IEEE Wireless Communications and Networking Conference (WCNC), 1–7, April 2016.

Harry: A Tool for Measuring String Similarity.
Konrad Rieck and Christian Wressnegger.
Journal of Machine Learning Research (JMLR), 17 (9), 1–5, March 2016.

2015

When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries.
Aylin Islam, Fabian Yamaguchi, Edwin Dauber, Richard Harang, Konrad Rieck, Rachel Greenstadt and Arvind Narayanan.
Technical report, Computing Research Repository (abs/1512.08546), December 2015.

Analyzing and Detecting Flash-based Malware using Lightweight Multi-Path Exploration.
Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Technical report, University of Göttingen (IFI-TB-2015-05), December 2015.

Pulsar: Stateful Black-Box Fuzzing of Proprietary Network Protocols.
Hugo Gascon, Christian Wressnegger, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Proc. of 11th Int. Conference on Security and Privacy in Communication Networks (SECURECOMM), 330–347, October 2015.

VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits.
Henning Perl, Daniel Arp, Sergej Dechand, Sascha Fahl, Yasemin Acar, Fabian Yamaguchi, Konrad Rieck and Matthew Smith.
Proc. of 22nd ACM Conference on Computer and Communications Security (CCS), October 2015.

Fingerprinting Mobile Devices Using Personalized Configurations.
Andreas Kurtz, Hugo Gascon, Tobias Becker, Konrad Rieck and Felix Freiling.
Proceedings on Privacy Enhancing Technologies (PETS), 2016 (1), 4–19, September 2015.

De-anonymizing Programmers via Code Stylometry.
Aylin Caliskan-Islam, Richard Harang, Andrew Liu, Arvind Narayanan, Clare Voss, Fabian Yamaguchi and Rachel Greenstadt.
Proc. of 24th USENIX Security Symposium, 255–270, August 2015.

Automatic Inference of Search Patterns for Taint-Style Vulnerabilities.
Fabian Yamaguchi, Alwin Maier, Hugo Gascon and Konrad Rieck.
Proc. of 36th IEEE Symposium on Security and Privacy (S&P), May 2015.

Torben: A Practical Side-Channel Attack for Deanonymizing Tor Communication.
Daniel Arp, Fabian Yamaguchi and Konrad Rieck.
Proc. of 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS), April 2015.

2014

Torben: Deanonymizing Tor Communication using Web Page Markers.
Daniel Arp, Fabian Yamaguchi and Konrad Rieck.
Technical report, University of Göttingen (IFI-TB-2014-01), December 2014.

Poisoning Behavioral Malware Clustering.
Battista Biggio, Konrad Rieck, Davide Ariu, Christian Wressnegger, Igino Corona, Giorgio Giacinto and Fabio Roli.
Proc. of 7th ACM Workshop on Artificial Intelligence and Security (AISEC), 1–10, November 2014.

Special Issue on Threat Detection, Analysis and Defense.
Shujun Li, Konrad Rieck and Alan Woodward.
Journal of Information Security and Applications (JISA), 19 (3), 163–164, July 2014.

Mobile-Sandbox: Combining Static and Dynamic Analysis with Machine Learning Techniques.
Michael Spreitzenbarth, Thomas Schreck, Florian Echtler, Daniel Arp and Johannes Hoffmann.
International Journal of Information Security, 1–13, Springer, July 2014.

Modeling and Discovering Vulnerabilities with Code Property Graphs.
Fabian Yamaguchi, Nico Golde, Daniel Arp and Konrad Rieck.
Proc. of 35th IEEE Symposium on Security and Privacy (S&P), May 2014.

Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior.
Hugo Gascon, Sebastian Uellenbeck, Christopher Wolf and Konrad Rieck.
Proc. of GI Conference “Sicherheit” (Sicherheit, Schutz und Verlässlichkeit), March 2014.

Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket.
Daniel Arp, Michael Spreitzenbarth, Malte Hübner, Hugo Gascon and Konrad Rieck.
Proc. of 21st Network and Distributed System Security Symposium (NDSS), February 2014.

2013

Structural Detection of Android Malware using Embedded Call Graphs.
Hugo Gascon, Fabian Yamaguchi, Daniel Arp and Konrad Rieck.
Proc. of 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 45–54, November 2013.

Off the Beaten Path: Machine Learning for Offensive Security.
Konrad Rieck.
Proc. of 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 1–2, (Keynote) November 2013.

A Close Look on n-Grams in Intrusion Detection: Anomaly Detection vs. Classification.
Christian Wressnegger, Guido Schwenk, Daniel Arp and Konrad Rieck.
Proc. of 6th ACM Workshop on Artificial Intelligence and Security (AISEC), 67–76, November 2013.

Chucky: Exposing Missing Checks in Source Code for Vulnerability Discovery.
Fabian Yamaguchi, Christian Wressnegger, Hugo Gascon, Charles Ray and Konrad Rieck.
Proc. of 20th ACM Conference on Computer and Communications Security (CCS), 499–510, November 2013.

Deobfuscating Embedded Malware using Probable-Plaintext Attacks.
Christian Wressnegger, Frank Boldewin and Konrad Rieck.
Proc. of 16th Symposium on Research in Attacks, Intrusions, and Defenses (RAID), 164–183, October 2013.

Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket.
Daniel Arp, Michael Spreitzenbarth, Malte Hübner, Hugo Gascon and Konrad Rieck.
Technical report, University of Göttingen (IFI-TB-2013-02), August 2013.

Proceedings of 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment.
Konrad Rieck, Patrick Stewin and Jean-Pierre Seifert (Eds.).
Springer, July 2013.

Toward Supervised Anomaly Detection.
Nico Görnitz, Marius Kloft, Konrad Rieck and Ulf Brefeld.
Journal of Artificial Intelligence Research (JAIR), 46 (1), 235–262, February 2013.

2012

Generalized Vulnerability Extrapolation using Abstract Syntax Trees.
Fabian Yamaguchi, Markus Lottmann and Konrad Rieck.
Proc. of 28th Annual Computer Security Applications Conference (ACSAC), 359–368, December 2012.
Outstanding Paper Award

Sally: A Tool for Embedding Strings in Vector Spaces.
Konrad Rieck, Christian Wressnegger and Alexander Bikadorov.
Journal of Machine Learning Research (JMLR), 13 (Nov), 3247–3251, November 2012.

Learning Stateful Models for Network Honeypots.
Tammo Krueger, Hugo Gascon, Nicole Kraemer and Konrad Rieck.
Proc. of 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 37–48, October 2012.

Early Detection of Malicious Behavior in JavaScript Code.
Kristof Schütt, Alexander Bikadorov, Marius Kloft and Konrad Rieck.
Proc. of 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 15–24, October 2012.

Autonomous Learning for Detection of JavaScript Attacks: Vision or Reality?.
Guido Schwenk, Alexander Bikadorov, Tammo Krueger and Konrad Rieck.
Proc. of 5th ACM Workshop on Artificial Intelligence and Security (AISEC), 93–104, October 2012.

Intelligent Defense against Malicious JavaScript Code.
Tammo Krueger and Konrad Rieck.
Praxis der Informationsverarbeitung und Kommunikation (PIK), 35 (1), 54–60, April 2012.

Support Vector Machines.
Konrad Rieck, Sören Sonnenburg, Sebastian Mika, Christian Schäfer, Pavel Laskov, David Tax and Klaus-Robert Müller.
Handbook of Computational Statistics, 2nd edition, 883–926, Springer, 2012.

2011

Smart Metering De-Pseudonymization.
Marek Jawurek, Martin Johns and Konrad Rieck.
Proc. of 27th Annual Computer Security Applications Conference (ACSAC), 227–236, December 2011.

Adaptive Detection of Covert Communication in HTTP Requests.
Guido Schwenk and Konrad Rieck.
Proc. of 7th European Conference on Network Defense (EC2ND), 25 — 32, September 2011.

Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities using Machine Learning.
Fabian Yamaguchi, Felix Lindner and Konrad Rieck.
Proc. of USENIX Workshop on Offensive Technologies (WOOT), 118–127, August 2011.

Similarity Measures for Sequential Data.
Konrad Rieck.
WIREs: Data Mining and Knowledge Discovery, 1 (4), 296–304, Wiley, July 2011.

Computer Security and Machine Learning: Worst Enemies or Best Friends?.
Konrad Rieck.
Proc. of 1st Workshop on Systems Security (SYSSEC), 107 — 110, July 2011.

Automatic Analysis of Malware Behavior using Machine Learning.
Konrad Rieck, Philipp Trinius, Carsten Willems and Thorsten Holz.
Journal of Computer Security (JCS), 19 (4), 639–668, IOSPress, June 2011.

Self-Learning Network Intrusion Detection.
Konrad Rieck.
Information Technology (IT), 53 (3), 152–156, Oldenbourg, May 2011.

Analysis of Update Delays in Signature-based Network Intrusion Detection Systems.
Hugo Gascon, Agustin Orfila and Jorge Alis.
Computers & Security, 30 (8), 613–624, 2011.

2010

Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks.
Konrad Rieck, Tammo Krueger and Andreas Dewald.
Proc. of 26th Annual Computer Security Applications Conference (ACSAC), 31–39, December 2010.

Proceedings of 6th European Conference on Computer Network Defense.
Konrad Rieck (Ed.).
IEEE Computer Society, November 2010.

A Malware Instruction Set for Behavior-based Analysis.
Philipp Trinius, Carsten Willems, Thorsten Holz and Konrad Rieck.
Proc. of GI Conference “Sicherheit” (Sicherheit, Schutz und Verlässlichkeit), 205–216, October 2010.

ASAP: Automatic Semantics-Aware Analysis of Network Payloads.
Tammo Krueger, Nicole Kraemer and Konrad Rieck.
Proc. of ECML Workshop on Privacy and Security Issues in Machine Learning, 50–63, September 2010.

Cujo: Efficient Detection and Prevention of Drive-by-Download Attacks.
Konrad Rieck, Tammo Krueger and Andreas Dewald.
Technical report, Technische Universität Berlin (2010-10), July 2010.

TokDoc: A Self-Healing Web Application Firewall.
Tammo Krueger, Christian Gehl, Konrad Rieck and Pavel Laskov.
Proc. of 25th ACM Symposium on Applied Computing (SAC), 1846–1853, March 2010.

Botzilla: Detecting the “Phoning Home” of Malicious Software.
Konrad Rieck, Guido Schwenk, Tobias Limmer, Thorsten Holz and Pavel Laskov.
Proc. of 25th ACM Symposium on Applied Computing (SAC), 1978–1984, March 2010.

Approximate Tree Kernels.
Konrad Rieck, Tammo Krueger, Ulf Brefeld and Klaus-Robert Müller.
Journal of Machine Learning Research (JMLR), 11 (Feb), 555–580, February 2010.

FIPS: FIRST Intrusion Prevention System.
Ingmar Schuster, Tammo Krueger, Christian Gehl, Konrad Rieck and Pavel Laskov.
Technical report, Fraunhofer Institute FIRST (FIRST 1/2010), February 2010.

2009

Automatic Analysis of Malware Behavior using Machine Learning.
Konrad Rieck, Philipp Trinius, Carsten Willems and Thorsten Holz.
Technical report, Technische Universität Berlin (2009-18), December 2009.

A Malware Instruction Set for Behavior-Based Analysis.
Philipp Trinius, Carsten Willems, Thorsten Holz and Konrad Rieck3.
Technical report, University of Mannheim (TR-2009-07), December 2009.

Active Learning for Network Intrusion Detection.
Nico Görnitz, Marius Kloft, Konrad Rieck and Ulf Brefeld.
Proc. of 2nd ACM Workshop on Artificial Intelligence and Security (AISEC), 47–54, November 2009.

Visualization and Explanation of Payload-Based Anomaly Detection.
Konrad Rieck and Pavel Laskov.
Proc. of 5th European Conference on Network Defense (EC2ND), November 2009.

Securing IMS against Novel Threats.
Stefan Wahl, Konrad Rieck, Pavel Laskov, Peter Domschitz and Klaus-Robert Müller.
Bell Labs Technical Journal, 14 (1), 243–257, Wiley, May 2009.

2008

Incorporation of Application Layer Protocol Syntax into Anomaly Detection.
Patrick Düssel, Christian Gehl, Pavel Laskov and Konrad Rieck..
Proc. of 4th International Conference on Information Systems Security (ICISS), 188–202, December 2008.

An Architecture for Inline Anomaly Detection.
Tammo Krueger, Christian Gehl, Konrad Rieck and Pavel Laskov.
Proc. of 4th European Conference on Network Defense (EC2ND), 11–18, December 2008.

Machine Learning for Intrusion Detection.
Pavel Laskov, Konrad Rieck and Klaus-Robert Müller.
Mining Massive Data Sets for Security, 366–373, IOS press, September 2008.

Approximate Kernels for Trees.
Konrad Rieck, Ulf Brefeld and Tammo Krueger.
Technical report, Fraunhofer Institute FIRST (FIRST 5/2008), September 2008.

Learning and Classification of Malware Behavior.
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel and Pavel Laskov.
Proc. of 5th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 108–125, July 2008.

A Self-Learning System for Detection of Anomalous SIP Messages.
Konrad Rieck, Stefan Wahl, Pavel Laskov, Peter Domschitz and Klaus-Robert Müller.
Principles, Systems and Applications of IP Telecommunications (IPTCOMM), 90–106, July 2008.

Requirements for Network Monitoring from an IDS Perspective.
Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck and James Sterbenz.
Perspectives Workshop: Network Attack Detection and Defense (Dagstuhl Proceedings), March 2008.

Attack Taxonomy.
Marc Dacier, Herve Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck and James Sterbenz.
Perspectives Workshop: Network Attack Detection and Defense (Dagstuhl Proceedings), March 2008.

Measuring and Detecting Fast-Flux Service Networks.
Thorsten Holz, Christian Gorecki, Konrad Rieck and Felix Freiling.
Proc. of 15th Network and Distributed System Security Symposium (NDSS), February 2008.

Linear-Time Computation of Similarity Measures for Sequential Data.
Konrad Rieck and Pavel Laskov.
Journal of Machine Learning Research (JMLR), 9 (Jan), 23–48, Microtome, January 2008.

2007

Computation of Similarity Measures for Sequential Data using Generalized Suffix Trees.
Konrad Rieck, Pavel Laskov and Sören Sonnenburg.
Advances in Neural Information Processing Systems (NIPS), December 2007.

Large scale learning with string kernels.
Sören Sonnenburg, Gunnar Rätsch and Konrad Rieck.
Large Scale Kernel Machines, 73–103, MIT Press, September 2007.

Language Models for Detection of Unknown Attacks in Network Traffic.
Konrad Rieck and Pavel Laskov.
Journal in Computer Virology (JICV), 2 (4), 243–256, Springer, January 2007.

2006

Efficient Algorithms for Similarity Measures over Sequential Data: A Look beyond Kernels.
Konrad Rieck, Pavel Laskov and Klaus-Robert Müller.
Proc. of DAGM Symposium on Pattern Recognition, 374–383, September 2006.

Detecting Unknown Network Attacks using Language Models.
Konrad Rieck and Pavel Laskov.
Proc. of 3rd Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 74–90, July 2006.

2005

Learning intrusion detection: supervised or unsupervised?.
Pavel Laskov, Patrick Düssel, Christin Schäfer and Konrad Rieck.
Proc. of 13th International Conference on Image Analysis and Processing (ICIAP), 50–57, September 2005.

Visualization of anomaly detection using prediction sensitivity.
Pavel Laskov, Konrad Rieck, Christin Schäfer and Klaus-Robert Müller.
Proc. of GI Conference “Sicherheit” (Sicherheit, Schutz und Verlässlichkeit), 197–208, April 2005.


  aktualisiert am 13.04.2017
TU_Icon_E_Mail_1_17x17_RGB Zum Seitenanfang