Deutsch Intern
Secure Software Systems Group

Alexandra Dmitrienko

Prof. Dr.-Ing. Alexandra Dmitrienko

Head of Secure Software Systems Research Group

Chair of Software Engineering (Informatik II)
Department of Computer Science
University of Würzburg

Am Hubland, 97074, Würzburg, Germany 
Informatikgebäude, 1.OG, Room A115

Phone: +49 (931) 31 81667
Fax.: +49 (931) 31 86603 
Email: alexandra.dmitrienko@uni-wuerzburg.de

 

Research Statement

In today's world of ubiquitous digitization, many physical objects, such as our homes, production facilities and even critical infrastructure get connected to networks, and become smarter through data collection and application of artificial intelligence (AI) and machine learning (ML) methods. This unavoidably poses new challenges to security and privacy. In my research, I aim to address new challenges and relevant research questions, such as:

  • How to secure new systems, while facing ever growing complexity of software and protocols, large-scale deployments, cost requirements and absence of common standards?
  • How to improve security of systems and networks using employment of AI and ML methods, while preserving privacy-friendly collection of training data?
  • How to develop sustainable security methods that would be capable of adjusting to new security risks in the future, even in 20 years (typical life span of a car)?

Publications

2024[ to top ]
  • PUF-based Authentication in IoT against Strong Physical Adversary using Zero-Knowledge Proofs. Petzi, Lukas; Dmitrienko, Alexandra; Visconti, Ivan; in SafeThings (2024).
  • Large-Scale Study of Vulnerability Scanners for Ethereum Smart Contracts. Sendner, Christoph; Petzi, Lukas; Stang, Jasper; Dmitrienko, Alexandra; in To appear in the IEEE Symposium on Security & Privacy (2024).
  • Verify your Labels! Trustworthy Predictions and Datasets via Confidence Scores. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 33rd USENIX Security Symposium (USENIX Security 2024) (2024).
  • Time-Aware Face Anti-Spoofing with Rotation Invariant Local Binary Patterns and Deep Learning. Finke, Moritz; Dmitrienko, Alexandra; in ArXiv | arXiv:2408.14829 (2024).
  • FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning. Fereidooni, Hossein; Pegoraro, Alessandro; Rieger, Phillip; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:2312.04432v2 (2024).
  • ClearStamp: A Human-Visible and Robust Model-Ownership Proof based on Transposed Model Training. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 33rd USENIX Security Symposium (USENIX Security 2024) (2024).
  • Triple-S: Security Scoring System for IoT Devices. Finke, Moritz; Dmitrienko, Alexandra; in IEEE International Conference on Omni-layer Intelligent Systems (COINS) (2024).
  • Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated Learning. Krauß, Torsten; König, Jan; Dmitrienko, Alexandra; Kanzow, Christian; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • CrowdGuard: Federated Backdoor Detection in Federated Learning. Rieger, Phillip; Krauß, Torsten; Miettinen, Markus; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • Cloud-Based Machine Learning Models as Covert Communication Channels. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in the 19th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2024) (2024).
  • FreqFed: A Frequency Analysis-Based Approach for Mitigating Poisoning Attacks in Federated Learning. Fereidooni, Hossein; Pegoraro, Alessandro; Rieger, Phillip; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • MirageFlow: A New Bandwidth Inflation Attack on Tor. Sendner, Christoph; Stang, Jasper; Dmitrienko, Alexandra; Wijewickrama, Raveen; Jadliwala, Murtuza; in the Network and Distributed System Security Symposium (NDSS) (2024).
  • SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection. Finke, Moritz; Dmitrienko, Alexandra; Stang, Jasper; in ArXiv | arXiv:2408.17049 (2024).
  • DNNShield: Embedding Identifiers for Deep Neural Network Ownership Verification. Stang, Jasper; Krauß, Torsten; Dmitrienko, Alexandra; in ArXiv | arXiv:2403.06581 (2024).
2023[ to top ]
  • TorMult: Introducing a Novel Tor Bandwidth Inflation Attack. Sendner, Christoph; Stang, Jasper; Dmitrienko, Alexandra; Wijewickrama, Raveen; Jadliwala, Murtuza; in ArXiv | arXiv.2307.08550 (2023).
  • Avoid Adversarial Adaption in Federated Learning by Multi-Metric Investigations. Krauß, Torsten; Dmitrienko, Alexandra; in ArXiv | arXiv.2306.03600 (2023).
  • Security of NVMe Offloaded Data in Large-Scale Machine Learning. Krauß, Torsten; Götz, Raphael; Dmitrienko, Alexandra; in European Symposium on Research in Computer Security (ESORICS) (2023).
  • Metadata-based Malware Detection on Android using Machine Learning. Hefter, Alexander; Sendner, Christoph; Dmitrienko, Alexandra; in ArXiv | arXiv.2307.08547 (2023).
  • AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms. Fereidooni, Hossein; König, Jan; Rieger, Philipp; Chilese, Markus; Finke, Moritz; Goekbakan, Bora; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in Network and Distributed System Security Symposium (NDSS) (2023).
  • G-Scan: Graph Neural Networks for Line-Level Vulnerability Identification in Smart Contracts. Sendner, Christoph; Zhang, Ruisi; Hefter, Alexander; Dmitrienko, Alexandra; Koushanfar, Farinaz; in arXiv:2307.08549 (2023).
  • ClearMark: Intuitive and Robust Model Watermarking via Transposed Model Training. Krauß, Torsten; Stang, Jasper; Dmitrienko, Alexandra; in ArXiv | arXiv:2310.16453v1 (2023).
  • MESAS: Poisoning Defense for Federated Learning Resilient against Adaptive Attackers. Torsten, Krauß; Alexandra, Dmitrienko; in ACM Conference on Computer and Communications Security (CCS) (2023).
  • Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study. Sendner, Christoph; Petzi, Lukas; Stang, Jasper; Dmitrienko, Alexandra; in ArXiv | arXiv:2312.16533 (2023).
  • CROSSCON: Interoperable IoT Security Stack - The RISC-V Opportunity. Pinto, Sandro; Breskvar, Matjaz; Gomes, Tiago; Koshutanski, Hristo; Pasic, Aljosa; Krol, Piotr; Amri, Emna; Puron, David; Hornak, Zoltan; Rovieri, Marco; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Crispo, Bruno; in RISC-V Summit Europe, Barcelona (2023).
  • Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning. Sendner, Christoph; Chen, Huili; Fereidooni, Hossein; Petzi, Lukas; König, Jan; Stang, Jasper; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Koushanfar, Farinaz; in Network and Distributed System Security Symposium (NDSS) (2023).
2022[ to top ]
  • Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges. Thien Duc, Nguyen; Markus, Miettinen; Alexandra, Dmitrienko; Ahmad-Reza, Sadeghi; Ivan, Visconti; in Cryptology ePrint Archive (2022).
  • Towards a Cryptography Benchmark: A View on Attribute Based Encryption Schemes. Prantl, Thomas; Zeck, Timo; Iffländer, Lukas; Beierlieb, Lukas; Dmitrenko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in 2022 5th Conference on Cloud and Internet of Things (CIoT) (2022).
  • Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Cryptology ePrint Archive, Report 2022/875 (2022). (2022/875)
  • Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges. Thien Duc, Nguyen; Markus, Miettinen; Alexandra, Dmitrienko; Ahmad-Reza, Sadeghi; Ivan, Visconti; in IEEE Transactions on Emerging Topics in Computing (2022).
  • Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Sendner, Christoph; Iffländer, Lukas; Schindler, Sebastian; Jobst, Michael; Dmitrienko, Alexandra; Kounev, Samuel; in IEEE Conference on Communications and Network Security (CNS) (2022).
  • FedCRI: Federated Mobile Cyber-Risk Intelligence. Fereidooni, Hossein; Dmitrienko, Alexandra; Madlener, Felix; Rieger, Phillip; Miettinen, Markus; Sadeghi, Ahmad-Reza; in The Network and Distributed System Security Symposium (NDSS) (2022).
  • Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in ACM Transactions on Privacy and Security (TOPS) (2022).
  • An Experience Report on the Suitability of a Distributed Group Encryption Scheme for an IoT Use Case. Prantl, Thomas; Engel, Simon; Bauer, Andre; Ben Yahya, Ala Eddine; Herrnleben, Stefan; Iffländer, Lukas; Dmitrienko, Alexandra; Kounev, Samuel; in IEEE 95th Vehicular Technology Conference (VTC) (2022).
  • SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier. Petzi, Lukas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Tsudik, Gene; Prantl, Thomas; Kounev, Samuel; in USENIX Security (2022).
  • A Survey on Secure Group Communication Schemes with Focus on IoT Communication. Prantl, Thomas; Zeck, Timo; Bauer, André; Ten, Peter; Prantl, Dominik; Ben Yahya, Ala Eddine; Iffländer, Lukas; Dmitrienko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE Access (2022).
  • Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis. Rieger, Phillip; Krauß, Torsten; Miettinen, Markus; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:2210.07714 (2022).
  • Digital contact Tracing solutions: Promises, Pitfalls and Challenges. Thien Duc, Nguyen; Markus, Miettinen; Alexandra, Dmitrienko; Ahmad-Reza, Sadeghi; Ivan, Visconti; in ArXiv I arXiv 2202.06698v2 (October 2022) (2022).
2021[ to top ]
  • Security and Privacy Aspects of Digital Contact Tracing. Roos, Filipp; Thesis; Master Thesis. (2021, October).
  • ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning. Lutz, Oliver; Chen, Huili; Fereidooni, Hossein; Sendner, Christoph; Dmitrienko, Alexandra; Sadeghi, Ahmad Reza; Koushanfar, Farinaz; in ArXiv | arXiv:2103.12607v1 (2021).
  • Sound Smart Contract Security Testing with Just One Tool. Dmitrienko, Alexandra; Chen, Huili; Fereidooni, Hossein; Sendner, Christoph; Sadeghi, Ahmad-Reza; Koushanfar, Farinaz; in CyberSec&AI 2021 (2021).
  • Benchmarking of Pre- and Post-Quantum Group Encryption Schemes with Focus on IoT. Prantl, Thomas; Prantl, Dominik; Bauer, André; Iffländer, Lukas; Dmitrenko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
  • RIP StrandHogg: A Practical StrandHogg Attack Detection Method on Android. Stang, Jasper; Dmitrienko, Alexandra; Roth, Sascha; in 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) (2021).
  • All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Network and Distributed System Security Symposium (NDSS) (2021).
  • Performance Evaluation for a Post-Quantum Public-Key Cryptosystem. Prantl, Thomas; Prantl, Dominik; Beierlieb, Lukas; Iffländer, Lukas; Dmitrienko, Alexandra; Krupitzer, Christian; Kounev, Samuel; in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
  • Increasing Security in Satellite Networks. Schilling, Klaus; Dmitrienko, Alexandra; in 72nd International Astronautical Congress (IAC) (2021).
  • Vision: Challenges & Opportunities. Annaaram, Murali; Asokan, N.; Atli, Buse Gül; Avestimeh, Salman; Brasser, Ferdinand; Cammarota, Rosario; Dmitrienko, Alexandra; Dziedzic, Adam; Given-Wilson, Thomas; Gunn, Lachlan J.; Kerschbaum, Florian; Koushanfar, Farinaz; Legay, Axel; Miettinen, Markus; Nguyen, Thien Duc; Papernot, Nicolas; Sadeghi, Ahmad-Reza; Schunter, Matthias; Shokri, Reza; Smith, Virginia; in Vision Paper of the Private AI Collaborative Research Institute (2021).
  • Towards a Group Encryption Scheme Benchmark: A View on Centralized Schemes with focus on IoT. Prantl, Thomas; Ten, Peter; Iffländer, Lukas; Herrnleben, Stefan; Dmitrenko, Alexandra; Kounev, Samuel; Krupitzer, Christian; in ACM/SPEC International Conference on Performance Engineering (ICPE) (2021).
2020[ to top ]
  • Contact Tracing by Giant Data Collectors: Opening Pandora’s Box of Threats to Privacy, Sovereignty and National Security. Boutet, Antoine; Castelluccia, Claude; Cunche, Mathieu; Dmitrienko, Alexandra; Iovino, Vincenzo; Miettinen, Markus; Nguyen, Thien Duc; Roca, Vincent; Sadeghi, Ahmad-Reza; Vaudenay, Serge; Visconti, Ivan; Vuagnoux, Martin; (2020).
  • Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in TrustCom, Security Track (2020).
  • All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers. Hagen, Christoph; Weinert, Christian; Sendner, Christoph; Dmitrienko, Alexandra; Schneider, Thomas; in Cryptology ePrint Archive, Report 2020/1119 (2020).
  • LegIoT: Ledgered Trust Management Platform for IoT. Neureither, Jens; Dmitrienko, Alexandra; Koisser, David; Brasser, Ferdinand; Sadeghi, Ahmad-Reza; in European Symposium on Research in Computer Security (ESORICS) (2020).
  • Evaluating the Performance of a State-of-the-Art Group-oriented Encryption Scheme for Dynamic Groups in an IoT Scenario. Prantl, Thomas; Ten, Peter; Iffländer, Lukas; Dmitrenko, Alexandra; Kounev, Samuel; Krupitzer, Christian; in IEEE 28th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS) (2020).
    Acceptance Rate: 27%
  • SIMPL: Secure IoT Management Platform. Prantl, Thomas; Ben Yahya, Ala Eddine; Dmitrienko, Alexandra; Kounev, Samuel; Lipp, Fabian; Hock, David; Rathfelder, Christoph; Hofherr, Martin; in ITG Workshop on IT Security (ITSec) (2020).
  • Mind the GAP: Security & Privacy Risks of Contact Tracing Apps. Baumgärtner, Lars; Dmitrienko, Alexandra; Freisleben, Bernd; Gruler, Alexander; Höchst, Jonas; Kühlberg, Joshua; Mezini, Mira; Mitev, Richard; Miettinen, Markus; Muhamedagic, Anel; Nguyen, Thien Duc; Penning, Alvar; Pustelnik, Dermot Frederik; Roos, Filipp; Sadeghi, Ahmad-Reza; Schwarz, Michael; Uhl, Christian; in ArXiv | arXiv:2006.05914v2 (2020).
2019[ to top ]
  • DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2019).
  • Hands off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences. Iffländer, Lukas; Dmitrienko, Alexandra; Hagen, Christoph; Jobst, Michael; Kounev, Samuel; in ArXiv | arXiv:1907.06775v1 (2019).
2018[ to top ]
  • POSTER: Efficient and Effective Ransomware Detection in Databases. Hagen, Christoph; Dmitrienko, Alexandra; Iffländer, Lukas; Jobst, Michael; Kounev, Samuel; in 34th Annual Computer Security Applications Conference (ACSAC) (2018).
  • SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. Greubel, Andre; Dmitrienko, Alexandra; Kounev, Samuel; in Annual Computer Security Applications Conference (ACSAC) (2018).
2017[ to top ]
  • Secure Free-Floating Car Sharing for Offline Cars. Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
  • Phonion: Practical Protection of Metadata in Telephony Networks. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Kiyavash, Negar; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Proceedings on Privacy Enhancing Technologies (PoPETs) (2017).
  • DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization. Brasser, Ferdinand; Capkun, Srdjan; Dmitrienko, Alexandra; Frassetto, Tommaso; Kostiainen, Kari; Müller, Urs; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:1709.09917v2 (2017).
  • Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award). Dmitrienko, Alexandra; Noack, David; Yung, Moti; in ACM Conference on Information, Computer and Communications Security (AsiaCCS) (2017).
  • Software grand exposure: SGX cache attacks are practical. Brasser, Ferdinand; Mller, Urs; Dmitrienko, Alexandra; Kostiainen, Kari; Capkun, Srdjan; Sadeghi, Ahmad-Reza; in In 11th USENIX Workshop on Offensive Technologies (WOOT 17) (2017).
  • Software Grand Exposure: SGX Cache Attacks Are Practical. Brasser, Ferdinand; Müller, Urs; Dmitrienko, Alexandra; Kostiainen, Kari; Capkun, Srdjan; Sadeghi, Ahmad-Reza; in ArXiv | arXiv:1702.07521v1 (2017).
  • μchain: How to Forget without Hard Forks. Puddu, Ivan; Dmitrienko, Alexandra; Capkun, Srdjan; in IACR Cryptology ePrint Archive (IACR) (2017).
  • POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award). Dmitrienko, Alexandra; Plappert, Christian; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
2016[ to top ]
  • POSTER: Phonion: Frustrating Telephony Metadata Analysis. Heuser, Stephan; Reaves, Bradley; Pendyala, Praveen Kumar; Carter, Henry; Dmitrienko, Alexandra; Enck, William; Sadeghi, Ahmad-Reza; Traynor, Patrick; in Network and Distributed System Security Symposium (NDSS) (2016).
2015[ to top ]
  • Security and Privacy Aspects of Mobile Platforms and Applications. Dmitrienko, Alexandra; Thesis; TU Darmstadt. (2015, April).
  • Market-driven Code Provisioning to Mobile Secure Hardware. Dmitrienko, Alexandra; Heuser, Stephan; Nguyen, Thien Duc; da Silva Ramos, Marcos; Rein, Andre; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2015).
2014[ to top ]
  • On the (In)Security of Mobile Two-Factor Authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Financial Cryptography and Data Security Conference (FC) (2014).
  • POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Financial Cryptography and Data Security Conference (FC) (2014).
  • Key2Share for Authentication Services. Busold, Christoph; Dmitrienko, Alexandra; Wachsmann, Christian; in SmartCard Workshop (SRC) (2014).
  • On the (in)security of mobile two-factor authentication. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in CASED TUD-CS-2014-0029 (2014).
  • Security Analysis of Mobile Two-Factor Authentication Schemes. Dmitrienko, Alexandra; Liebchen, Christopher; Rossow, Christian; Sadeghi, Ahmad-Reza; in Intel Technology Journal (ITJ) (2014).
  • On Offline Payments with Bitcoin. Dmitrienko, Alexandra; Noack, David; Sadeghi, Ahmad-Reza; Yung, Moti; in Workshop on Bitcoin Research (BITCOIN’14) (2014).
2013[ to top ]
  • Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM ASIA Conference on Computer and Communications Security (AsiaCCS) (2013).
  • CrowdShare: Secure Mobile Resource Sharing. Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Reshetova, Elena; Sadeghi, Ahmad-Reza; Schneider, Thomas; Stelle, Stanislaus; in International Conference on Applied Cryptography and Network Security (ACNS) (2013).
  • Mobile Platform Security Asokan, N.; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Kostiainen, Kari; Reshetova, Elena; Sadeghi, Ahmad-Reza; in Synthesis Lectures on Information Security, Privacy, and Trust 2013 (2013). (Vol. 4) Morgan & Claypool.
  • POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award). Busold, Christoph; Dmitrienko, Alexandra; Seudie, Herve; Taha, Ahmed; Sobhani, Majid; Wachsmann, Christian; Sadeghi, Ahmad-Reza; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
  • Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same. Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in BlackHat USA (2013).
  • Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer. Bertino, Elisa; Sandhu, Ravi S.; Bauer, Lujo; Park, Jaehong; in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
  • Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award). Snow, Kevin Z.; Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Monrose, Fabian; Sadeghi, Ahmad-Reza; in IEEE Symposium on Security and Privacy (S&P) (2013).
  • CrowdShare: Secure mobile resource sharing. Asokan, N.; Dmitrienko, Alexandra; Nagy, Marcin; Elena, Reshetova; Sadeghi, Ahmad-Reza; Schneider, Thomas; Stelle, Stanislaus; in TUD-CS-2013-0084 (2013).
  • Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications. Nagy, Marcin; Cristofaro, Emiliano De; Dmitrienko, Alexandra; Asokan, N.; Sadeghi, Ahmad-Reza; in Annual Computer Security Applications Conference (ACSAC) (2013).
2012[ to top ]
  • Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication. Davi, Lucas; Dmitrienko, Alexandra; Liebchen, Christopher; Sadeghi, Ahmad-Reza; in BlackHat Abu Dhabi (2012).
  • Towards Taming Privilege-Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in Network and Distributed System Security Symposium (NDSS) (2012).
  • MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in Network and Distributed System Security Symposium (NDSS) (2012).
  • XIFER: A Software Diversity Tool Against Code-Reuse Attacks. Davi, Lucas; Dmitrienko, Alexandra; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM International Workshop on Wireless of the Students, by the Students, for the Students (MOBICOM) (2012).
  • SmartTokens: Delegable Access Control with NFC-enabled Smartphones. Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Tamrakar, Sandeep; Wachsmann, Christian; in International Conference on Trust and Trustworthy Computing (TRUST) (2012).
2011[ to top ]
  • POSTER: The Quest for Security against Privilege Escalation Attacks on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Conference on Computer and Communications Security (CCS) (2011).
  • Practical and Lightweight Domain Isolation on Android. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Heuser, Stephan; Sadeghi, Ahmad-Reza; Shastry, Bhargava; in ACM Workshop on Security and Privacy in Mobile Devices (SPSM) (2011).
  • CFI Goes Mobile: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in International Workshop on Trustworthy Embedded Devices (TrustED) (2011).
  • Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Kowalski, Christoph; Winandy, Marcel; in ACM Workshop on Scalable Trusted Computing (STC) (2011).
  • POSTER: Control-Flow Integrity for Smartphones. Davi, Lucas; Dmitrienko, Alexandra; Egele, Manuel; Fischer, Thomas; Holz, Thorsten; Hund, Ralf; Nürnberger, Stefan; Sadeghi, Ahmad-Reza; in ACM Conference on Computer and Communications Security (CCS) (2011).
  • XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks. Bugiel, Sven; Davi, Lucas; Dmitrienko, Alexandra; Fischer, Thomas; Sadeghi, Ahmad-Reza; in TR-2011-04 (2011).
  • Securing the Access to Electronic Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Biomedical Engineering Systems and Technologies (BIOSTEC) (2011).
  • Trusted embedded System Operating System (TeSOS) - Study and Design. Dmitrienko, Alexandra; Gessner, Dennis; Sadeghi, Ahmad-Reza; Schulz, Steffen; Stueble, Christian; Ullmann, Markus; in HGI-TR-2011-004 (2011).
  • A Security Architecture for Accessing Health Records on Mobile Phones. Dmitrienko, Alexandra; Hadzic, Zecir; Löhr, Hans; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Health Informatics (HEALTHINF) (2011).
2010[ to top ]
  • Return-Oriented Programming without Returns on ARM. (HGI-TR-2010-002), Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; (2010).
  • Key Attestation from Trusted Execution Environments. Kostiainen, Kari; Dmitrienko, Alexandra; Ekberg, Jan-Erik; Sadeghi, Ahmad-Reza; Asokan, N.; in International Conference on Trust and Trustworthy Computing (TRUST) (2010).
  • Return-Oriented Programming without Returns. Checkoway, Stephen; Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Shacham, Hovav; Winandy, Marcel; in ACM Conference on Computer and Communications Security (CCS) (2010).
  • Privilege Escalation Attacks on Android. Davi, Lucas; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Winandy, Marcel; in Information Security Conference (ISC) (2010).
  • TruWalletM: Secure Web Authentication on Mobile Platforms. Bugiel, Sven; Dmitrienko, Alexandra; Kostiainen, Kari; Sadeghi, Ahmad-Reza; Winandy, Marcel; in International Conference on Trusted Systems (INTRUST) (2010).
2009[ to top ]
  • Trusted Virtual Domains - Design, Implementation and Lessons Learned. Catuogno, Luigi; Dmitrienko, Alexandra; Sadeghi, Ahmad-Reza; Schulz, Steffen; Winandy, Marcel; Zhan, Jing; Eriksson, Konrad; Kuhlmann, Dirk; Ramunno, Gianluca; Schunter, Matthias; in International Conference on Trusted Systems (INTRUST) (2009).
2007[ to top ]
  • Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks. Dmitrienko, Alexandra; in International Workshop on Ambient Intelligence and Embedded Systems (AmiEs) (2007).
2006[ to top ]
  • WIZnet W3150A network co-processor: New features for embedded devices. Dmitrienko, Alexandra; in Components and Technologies (2006).