Bochum's IT security research is well represented at this year's "SOUPS - Symposium on Usable Privacy and Security" and the "USENIX Security Symposium". A total of 12 papers related to the Horst Görtz Institute for IT Security or the CASA Cluster of Excellence have been accepted at the conferences this year.
SOUPS is organised annually in combination with the Usenix Security Symposium and aims to "bring together an interdisciplinary group of researchers and practitioners in human-computer interaction, security and privacy."
The Usenix Security Symposium, which is highly regarded in the field, focuses particularly on the security and privacy of computer systems and networks and is aimed at researchers, practitioners, system administrators and system programmers.
The "Eighteenth Symposium on Usable Privacy and Security" will take place from 7-9 August and the "31st Usenix Security Symposium" from 10-12 August in Boston.
These papers are accepted at USENIX Security:
- OpenSSLNTRU: Faster post-quantum TLS key exchange
Daniel J. Bernstein, University of Illinois at Chicago and Ruhr-Universität Bochum; Billy Bob Brumley and Nicola Tuveri, Tampere University; Ming-Shing Chen, Ruhr-Universität Bochum
- Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing
Tobias Scharnowski, Nils Bars, Ali Abbasi, Thorsten Holz and Moritz Schloegel, Ruhr-Universität Bochum; Eric Gustafson, UC Santa Barbara; Marius Muench, Vrije Universiteit Amsterdam; Giovanni Vigna, UC Santa Barbara and VMware; Christopher Kruegel, UC Santa Barbara
- "The Same PIN, Just Longer": On the (In)Security of Upgrading PINs from 4 to 6 Digits
Collins W. Munyendo, Miles Grant, Elena Korkes and Adam J. Aviv, The George Washington University; Philipp Markert, Ruhr-Universität Bochum; Alexandra Nisenoff und Blase Ur, University of Chicago
- Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures
Simon Rohlmann, Christian Mainka, Vladislav Mladenov and Jörg Schwenk, Ruhr-Universität Bochum
- SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing
Tobias Cloosters and Lucas Davi, University of Duisburg-Essen; Johannes Willbold, Ruhr-Universität Bochum; Thorsten Holz, CISPA Helmholtz Center for Information Security
- TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries
Marcel Maehren, Robert Merget, Jörg Schwenk and Philipp Nieting, Ruhr-Universität Bochum; Sven Hebrok and Juraj Somorovsky, Paderborn University
- Loki: Hardening Code Obfuscation Against Automated Attacks
Moritz Schloegel, Tim Blazytko, Moritz Contag, Cornelius Aschermann, Ali Abbasi and Julius Basler, Ruhr-Universität Bochum; Thorsten Holz, CISPA Helmholtz Center for Information Security
These papers are accepted at SOUPS:
- Let’s Hash: Helping Developers with Password Security
Lisa Geierhaas and Anna-Marie Ortloff, University of Bonn; Matthew Smith, University of Bonn and Fraunhofer FKIE; Alena Naiakshina, Ruhr-Universität Bochum
- "As soon as it's a risk, I want to require MFA": How Administrators Configure Risk-based Authentication
Philipp Markert and Theodor Schnitzler, Ruhr-Universität Bochum; Maximilian Golla, Max Planck Institute for Security and Privacy; Markus Dürmuth, Leibniz University Hannover
- Exploring User Authentication with Windows Hello in a Small Business Environment
Florian M. Farke, Jannis Pinter and Leona Lassak, Ruhr-Universität Bochum; Markus Dürmuth, Leibniz University Hannover
- “Fast, Easy, Convenient.” Studying Adoption and Perception of Digital Covid Certificates
Franziska Herbert, Marvin Kowalewski, Theodor Schnitzler and Leona Lassak, Ruhr-Universität Bochum; Markus Dürmuth, Leibniz University Hannover
- "I don’t know why I check this...'' - Investigating Expert Users' Strategies to Detect Email Signature Spoofing Attacks
Peter Mayer, SECUSO and Karlsruhe Institute of Technology; Damian Poddebniak, Münster University of Applied Sciences; Konstantin Fischer, Marcus Brinkmann and Angela Sasse, Ruhr-Universität Bochum; Juraj Somorovsky, Paderborn University; Sebastian Schinzel, Münster University of Applied Sciences; Melanie Volkamer, SECUSO and Karlsruhe Institute of Technology
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.