Alexandra Dmitrienko
Prof. Dr.-Ing. Alexandra Dmitrienko
Head of Secure Software Systems Research Group
Chair of Software Engineering (Informatik II)
Department of Computer Science
University of Würzburg
Informatics Building, Room A115
Am Hubland
D-97074 Würzburg, Germany
Phone: +49 (931) 31 81667
Fax.: +49 (931) 31 86603
Email: alexandra.dmitrienko@uni-wuerzburg.de
Research Interests
Research Statement
In today's world of ubiquitous digitization, many physical objects, such as our homes, production facilities and even critical infrastructure get connected to networks, and become smarter through data collection and application of artificial intelligence (AI) and machine learning (ML) methods. This unavoidably poses new challenges to security and privacy. In my research, I aim to address new challenges and relevant research questions, such as:
- How to secure new systems, while facing ever growing complexity of software and protocols, large-scale deployments, cost requirements and absence of common standards?
- How to improve security of systems and networks using employment of AI and ML methods, while preserving privacy-friendly collection of training data?
- How to develop sustainable security methods that would be capable of adjusting to new security risks in the future, even in 20 years (typical life span of a car)?
Publications
-
AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot Learning for Mobile Platforms in To appear at the Network and Distributed System Security Symposium (NDSS) (2023).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Smarter Contracts: Detecting Vulnerabilities in Smart Contracts with Deep Transfer Learning in To appear at the Network and Distributed System Security Symposium (NDSS) (2023).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier. in USENIX Security (2022).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
An Experience Report on the Suitability of a Distributed Group Encryption Scheme for an IoT Use Case in IEEE 95th Vehicular Technology Conference (VTC) (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations in ACM Transactions on Privacy and Security (TOPS) (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Ransomware Detection in Databases through Dynamic Analysis of Query Sequences in IEEE Conference on Communications and Network Security (CNS) (2022).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
A Survey on Secure Group Communication Schemes with Focus on IoT Communication in IEEE Access (2022).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
FedCRI: Federated Mobile Cyber-Risk Intelligence in The Network and Distributed System Security Symposium (NDSS) (2022).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Close the Gate: Detecting Backdoored Models in Federated Learning based on Client-Side Deep Layer Output Analysis in ArXiv | arXiv:2210.07714 (2022).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
Towards a Cryptography Benchmark: A View on Attribute Based Encryption Schemes in 2022 5th Conference on Cloud and Internet of Things (CIoT) (2022).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations in Cryptology ePrint Archive, Report 2022/875 (2022). (2022/875)
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges in Cryptology ePrint Archive (2022).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
Digital Contact Tracing Solutions: Promises, Pitfalls and Challenges. in IEEE Transactions on Emerging Topics in Computing (2022).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Digital contact Tracing solutions: Promises, Pitfalls and Challenges. in ArXiv I arXiv 2202.06698v2 (October 2022) (2022).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
Performance Evaluation for a Post-Quantum Public-Key Cryptosystem in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
RIP StrandHogg: A Practical StrandHogg Attack Detection Method on Android in 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) (2021).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Increasing Security in Satellite Networks in 72nd International Astronautical Congress (IAC) (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Benchmarking of Pre- and Post-Quantum Group Encryption Schemes with Focus on IoT in IEEE 40th International Performance Computing and Communications Conference (IPCCC) (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Vision: Challenges & Opportunities. in Vision Paper of the Private AI Collaborative Research Institute (2021).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Security and Privacy Aspects of Digital Contact Tracing Thesis; University of Würzburg. (2021, October).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Towards a Group Encryption Scheme Benchmark: A View on Centralized Schemes with focus on IoT in ACM/SPEC International Conference on Performance Engineering (ICPE) (2021).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning in ArXiv | arXiv:2103.12607v1 (2021).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers in Network and Distributed System Security Symposium (NDSS) (2021).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Contact Tracing by Giant Data Collectors: Opening Pandora’s Box of Threats to Privacy, Sovereignty and National Security. (2020).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Evaluating the Performance of a State-of-the-Art Group-oriented Encryption Scheme for Dynamic Groups in an IoT Scenario in IEEE 28th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS) (2020).Acceptance Rate: 27%
- [ Abstract ]
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Mind the GAP: Security & Privacy Risks of Contact Tracing Apps in TrustCom, Security Track (2020).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers in Cryptology ePrint Archive, Report 2020/1119 (2020).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
LegIoT: Ledgered Trust Management Platform for IoT in European Symposium on Research in Computer Security (ESORICS) (2020).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Mind the GAP: Security & Privacy Risks of Contact Tracing Apps in ArXiv | arXiv:2006.05914v2 (2020).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
SIMPL: Secure IoT Management Platform in ITG Workshop on IT Security (ITSec) (2020).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
DR.SGX: Automated and Adjustable Side-Channel Protection for SGX using Data Location Randomization in Annual Computer Security Applications Conference (ACSAC) (2019).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Hands off my Database: Ransomware Detection in Databases through Dynamic Analysis of Query Sequences in ArXiv | arXiv:1907.06775v1 (2019).
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
POSTER: Efficient and Effective Ransomware Detection in Databases in 34th Annual Computer Security Applications Conference (ACSAC) (2018).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
SmarTor: Smarter Tor with Smart Contracts: Improving resilience of topology distribution in the Tor network. in Annual Computer Security Applications Conference (ACSAC) (2018).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization in ArXiv | arXiv:1709.09917v2 (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
Software grand exposure: SGX cache attacks are practical in In 11th USENIX Workshop on Offensive Technologies (WOOT 17) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Software Grand Exposure: SGX Cache Attacks Are Practical in ArXiv | arXiv:1702.07521v1 (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ BibSonomy-Post ]
-
Secure Wallet-Assisted Offline Bitcoin Payments with Double-Spender Revocation (distinguished paper award) in ACM Conference on Information, Computer and Communications Security (AsiaCCS) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
POSTER: Secure Free-Floating Car Sharing for Offline Cars (an outstanding poster award) in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Secure Free-Floating Car Sharing for Offline Cars in ACM Conference on Data and Application Security and Privacy (CODASPY) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
μchain: How to Forget without Hard Forks in IACR Cryptology ePrint Archive (IACR) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Phonion: Practical Protection of Metadata in Telephony Networks in Proceedings on Privacy Enhancing Technologies (PoPETs) (2017).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
POSTER: Phonion: Frustrating Telephony Metadata Analysis. in Network and Distributed System Security Symposium (NDSS) (2016).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Security and Privacy Aspects of Mobile Platforms and Applications Thesis; TU Darmstadt. (2015, April).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Market-driven Code Provisioning to Mobile Secure Hardware in Financial Cryptography and Data Security Conference (FC) (2015).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
On the (in)security of mobile two-factor authentication in CASED TUD-CS-2014-0029 (2014).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Security Analysis of Mobile Two-Factor Authentication Schemes in Intel Technology Journal (ITJ) (2014).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
On the (In)Security of Mobile Two-Factor Authentication in Financial Cryptography and Data Security Conference (FC) (2014).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
On Offline Payments with Bitcoin in Workshop on Bitcoin Research (BITCOIN’14) (2014).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
POSTER. Bitcoin2Go: Secure Offline and Fast Payments with Bitcoins in Financial Cryptography and Data Security Conference (FC) (2014).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Key2Share for Authentication Services in SmartCard Workshop (SRC) (2014).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Do I know you? - Efficient and Privacy-Preserving Common Friend-Finder Protocols and Applications in Annual Computer Security Applications Conference (ACSAC) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Mobile Platform Security in Synthesis Lectures on Information Security, Privacy, and Trust 2013 (2013). (Vol. 4) Morgan & Claypool.
- [ Abstract ]
- [ BibTeX ]
- [ BibSonomy-Post ]
-
Just-In-Time Code Reuse: The More Things Change, the More They Stay the Same in BlackHat USA (2013).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
CrowdShare: Secure Mobile Resource Sharing in International Conference on Applied Cryptography and Network Security (ACNS) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization (best student paper award) in IEEE Symposium on Security and Privacy (S&P) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Gadge Me If You Can: Secure and Efficient Ad-hoc Instruction-Level Randomization for x86 and ARM in ACM ASIA Conference on Computer and Communications Security (AsiaCCS) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
CrowdShare: Secure mobile resource sharing in TUD-CS-2013-0084 (2013).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
POSTER: Secure Smartphone-based NFC-enabled Car Immobilizer (an outstanding poster award) in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Smart Keys for Cyber-Cars: Secure Smartphone-Based NFC-Enabled Car Immobilizer in ACM Conference on Data and Application Security and Privacy (CODASPY) (2013).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Over-the-air Cross-Platform Infection for Breaking mTAN-based Online Banking Authentication in BlackHat Abu Dhabi (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
XIFER: A Software Diversity Tool Against Code-Reuse Attacks in ACM International Workshop on Wireless of the Students, by the Students, for the Students (MOBICOM) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
SmartTokens: Delegable Access Control with NFC-enabled Smartphones in International Conference on Trust and Trustworthy Computing (TRUST) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones in Network and Distributed System Security Symposium (NDSS) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ URL ]
- [ Download ]
- [ BibSonomy-Post ]
-
Towards Taming Privilege-Escalation Attacks on Android in Network and Distributed System Security Symposium (NDSS) (2012).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Securing the Access to Electronic Health Records on Mobile Phones in Biomedical Engineering Systems and Technologies (BIOSTEC) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones in ACM Workshop on Scalable Trusted Computing (STC) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
A Security Architecture for Accessing Health Records on Mobile Phones in International Conference on Health Informatics (HEALTHINF) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
POSTER: The Quest for Security against Privilege Escalation Attacks on Android in ACM Conference on Computer and Communications Security (CCS) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
POSTER: Control-Flow Integrity for Smartphones in ACM Conference on Computer and Communications Security (CCS) (2011).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Practical and Lightweight Domain Isolation on Android in ACM Workshop on Security and Privacy in Mobile Devices (SPSM) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
CFI Goes Mobile: Control-Flow Integrity for Smartphones in International Workshop on Trustworthy Embedded Devices (TrustED) (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Trusted embedded System Operating System (TeSOS) - Study and Design in HGI-TR-2011-004 (2011).
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
XManDroid: A New Android Evolution to Mitigate Privilege Escalation Attacks in TR-2011-04 (2011).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
TruWalletM: Secure Web Authentication on Mobile Platforms in International Conference on Trusted Systems (INTRUST) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Privilege Escalation Attacks on Android in Information Security Conference (ISC) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Return-Oriented Programming without Returns in ACM Conference on Computer and Communications Security (CCS) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Key Attestation from Trusted Execution Environments in International Conference on Trust and Trustworthy Computing (TRUST) (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Return-Oriented Programming without Returns on ARM (2010).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Trusted Virtual Domains - Design, Implementation and Lessons Learned in International Conference on Trusted Systems (INTRUST) (2009).
- [ Abstract ]
- [ BibTeX ]
- [ Download ]
- [ BibSonomy-Post ]
-
Zigbee-to-TCP/IP Gateway: New Opportunities for ZigBee-based Sensor Networks in International Workshop on Ambient Intelligence and Embedded Systems (AmiEs) (2007).
- [ BibTeX ]
- [ BibSonomy-Post ]
-
WIZnet W3150A network co-processor: New features for embedded devices in Components and Technologies (2006).
- [ BibTeX ]
- [ BibSonomy-Post ]