Publications

Onelogon: Taking over Active Directory Accounts via Netlogon

Alexander Neff, Tobias Holl, Kevin Borgolte

Proceedings of the 20th USENIX WOOT Conference on Offensive Technologies (WOOT), August 2026

@inproceedings{woot2026-onelogon,
  title     = {{Onelogon: Taking over Active Directory Accounts via Netlogon}},
  author    = {Neff, Alexander and Holl, Tobias and Borgolte, Kevin},
  booktitle = {Proceedings of the 20th USENIX WOOT Conference on Offensive Technologies (WOOT)},
  code      = {https://github.com/rub-softsec/onelogon},
  date      = {2026-08},
  editor    = {Bianchi, Antonio and Classen, Jiska},
  location  = {Baltimore, MD, USA},
  publisher = {USENIX Association}
}

New Platform, Old Issues: How Web-based TV Broadcasts threaten Users' Security

Carlotta Tagliaro, Andrej Danis, Kevin Borgolte, Martina Lindorfer

Proceedings of the 23rd Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 2026

@inproceedings{dimva2026-hbbtv-old-issues,
  title     = {{New Platform, Old Issues: How Web-based TV Broadcasts threaten Users' Security}},
  author    = {Tagliaro, Carlotta and Danis, Andrej and Borgolte, Kevin and Lindorfer, Martina},
  booktitle = {Proceedings of the 23rd Conference on Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  code      = {https://github.com/SecPriv/HbbTV-attack-toolkit},
  date      = {2026-07},
  editor    = {Moonsamy, Veelasha and D'Elia, Daniele Cono},
  location  = {Chania, Greece},
  publisher = {Springer International Publishing}
}

StorFuzz: Using Data Diversity to Overcome Fuzzing Plateaus

Leon Weiß, Tobias Holl, Kevin Borgolte

Proceedings of the 48th IEEE/ACM International Conference on Software Engineering (ICSE), April 2026

@inproceedings{icse2026-storfuzz,
  title     = {{StorFuzz: Using Data Diversity to Overcome Fuzzing Plateaus}},
  author    = {Weiß, Leon and Holl, Tobias and Borgolte, Kevin},
  booktitle = {Proceedings of the 48th IEEE/ACM International Conference on Software Engineering (ICSE)},
  code      = {https://github.com/rub-softsec/storfuzz/},
  data      = {https://doi.org/10.5281/zenodo.14979693},
  date      = {2026-04},
  doi       = {10.1145/3744916.3773179},
  editor    = {Mezini, Mira and Zimmermann, Thomas},
  location  = {Rio de Janeiro, Brazil},
  publisher = {Association for Computing Machinery (ACM)/Institute of Electrical and Electronics Engineers (IEEE)},
  volume    = {48}
}

Hallucinating Certificates: Differential Testing of TLS Certificate Validation Using Generative Language Models

Talha Paracha, Kyle Posluns, Kevin Borgolte, Martina Lindorfer, David Choffnes

Proceedings of the 48th IEEE/ACM International Conference on Software Engineering (ICSE), April 2026

@inproceedings{icse2026-hallucinating-certificates,
  title     = {{Hallucinating Certificates: Differential Testing of TLS Certificate Validation Using Generative Language Models}},
  author    = {Paracha, Talha and Posluns, Kyle and Borgolte, Kevin and Lindorfer, Martina and Choffnes, David},
  booktitle = {Proceedings of the 48th IEEE/ACM International Conference on Software Engineering (ICSE)},
  code      = {https://github.com/rub-softsec/mlcerts},
  data      = {https://zenodo.org/records/15971208},
  date      = {2026-04},
  doi       = {10.1145/3744916.3773203},
  editor    = {Mezini, Mira and Zimmermann, Thomas},
  location  = {Rio de Janeiro, Brazil},
  publisher = {Association for Computing Machinery (ACM)/Institute of Electrical and Electronics Engineers (IEEE)},
  volume    = {48}
}

The Things That Count: Coverage Evaluation Under the Microscope (Registered Report)

Tobias Holl, Leon Weiß, Kevin Borgolte

Proceedings of the 5th International Fuzzing Workshop (FUZZING), February 2026

@inproceedings{fuzzing2026-the-things-that-count,
  title     = {{The Things That Count: Coverage Evaluation Under the Microscope (Registered Report)}},
  author    = {Holl, Tobias and Weiß, Leon and Borgolte, Kevin},
  booktitle = {Proceedings of the 5th International Fuzzing Workshop (FUZZING)},
  code      = {https://softsec.link/fz26.cov/},
  date      = {2026-02-27},
  doi       = {10.14722/fuzzing.2026.23030},
  editor    = {Böhme, Marcel and Meng, Ruijie and Padhye, Rohan and Noller, Yannic and Szekeres, László},
  location  = {San Diego, CA, USA},
  publisher = {Internet Society (ISOC)},
  volume    = {5}
}

Pogofuzz: Profile-Guided Optimization for Fuzzing (Registered Report)

Tobias Holl, Leon Weiß, Kevin Borgolte

Proceedings of the 5th International Fuzzing Workshop (FUZZING), February 2026

@inproceedings{fuzzing2026-pogofuzz,
  title     = {{Pogofuzz: Profile-Guided Optimization for Fuzzing (Registered Report)}},
  author    = {Holl, Tobias and Weiß, Leon and Borgolte, Kevin},
  booktitle = {Proceedings of the 5th International Fuzzing Workshop (FUZZING)},
  code      = {https://softsec.link/fz26.pogofuzz/},
  date      = {2026-02-27},
  doi       = {10.14722/fuzzing.2026.23029},
  editor    = {Böhme, Marcel and Meng, Ruijie and Padhye, Rohan and Noller, Yannic and Szekeres, László},
  location  = {San Diego, CA, USA},
  publisher = {Internet Society (ISOC)},
  volume    = {5}
}

Does Representation Matter? Evaluating IRs for LLM-based Binary Decompilation

Tomás Pelayo-Benedet, Kevin Borgolte, Ricardo J. Rodríguez

Proceedings of the 9th Workshop on Binary Analysis Research (BAR), February 2026

@inproceedings{bar2026-does-representation-matter,
  title     = {{Does Representation Matter? Evaluating IRs for LLM-based Binary Decompilation}},
  author    = {Pelayo-Benedet, Tomás and Borgolte, Kevin and Rodríguez, Ricardo J.},
  booktitle = {Proceedings of the 9th Workshop on Binary Analysis Research (BAR)},
  data      = {https://github.com/rub-softsec/does-representation-matter-dataset},
  date      = {2026-02-27},
  doi       = {10.14722/bar.2026.23077},
  editor    = {Bardin, Sébastien and Hauser, Christophe},
  location  = {San Diego, CA, USA},
  publisher = {Internet Society (ISOC)},
  volume    = {9}
}

Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols

Carlotta Tagliaro, Martina Komsic, Andrea Continella, Kevin Borgolte, Martina Lindorfer

Proceedings of the 27th International Symposium on Recent Advances in Intrusion Detection (RAID), September 2024

@inproceedings{raid2024-iot-backends,
  title     = {{Large-Scale Security Analysis of Real-World Backend Deployments Speaking IoT-Focused Protocols}},
  author    = {Tagliaro, Carlotta and Komsic, Martina and Continella, Andrea and Borgolte, Kevin and Lindorfer, Martina},
  booktitle = {Proceedings of the 27th International Symposium on Recent Advances in Intrusion Detection (RAID)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2024-09},
  doi       = {10.1145/3678890.3678899},
  edition   = {27},
  editor    = {Aafer, Yousra and Fratantonio, Yanick},
  isbn      = {979-8-4007-0959},
  location  = {Padua, Italy},
  publisher = {Springer International Publishing}
}

Are You Sure You Want To Do Coordinated Vulnerability Disclosure?

Ting-Han Chen, Carlotta Tagliaro, Martina Lindorfer, Kevin Borgolte, Jeroen van der Ham-de Vos

Proceedings of the 9th International Workshop on Traffic Measurements for Cybersecurity (WTMC), July 2024

@inproceedings{wtmc2024-are-you-sure-you-want-to-do-cvd,
  title     = {{Are You Sure You Want To Do Coordinated Vulnerability Disclosure?}},
  author    = {Chen, Ting-Han and Tagliaro, Carlotta and Lindorfer, Martina and Borgolte, Kevin and van der Ham-de Vos, Jeroen},
  booktitle = {Proceedings of the 9th International Workshop on Traffic Measurements for Cybersecurity (WTMC)},
  date      = {2024-07-08},
  doi       = {10.1109/EuroSPW61312.2024.00039},
  edition   = {9},
  location  = {Vienna, Austria},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)}
}

IoTFlow: Inferring IoT Device Behavior at Scale through Static Mobile Companion App Analysis

David Schmidt, Carlotta Tagliaro, Kevin Borgolte, Martina Lindorfer

Proceedings of the 30th ACM SIGSAC Conference on Computer and Communications Security (CCS), November 2023

@inproceedings{ccs2023-iotflow,
  title     = {{IoTFlow: Inferring IoT Device Behavior at Scale through Static Mobile Companion App Analysis}},
  author    = {Schmidt, David and Tagliaro, Carlotta and Borgolte, Kevin and Lindorfer, Martina},
  booktitle = {Proceedings of the 30th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  date      = {2023-11},
  doi       = {10.1145/3576915.3623211},
  edition   = {30},
  editor    = {Cremers, Cas and Kirda, Engin},
  location  = {Copenhagen, Denmark},
  publisher = {Association for Computing Machinery (ACM)}
}

Pushing Boundaries: An Empirical View on the Digital Sovereignty of Six Governments in the Midst of Geopolitical Tensions

Bernardus Jansen, Natalia Kadenko, Dennis Broeders, Michel van Eeten, Kevin Borgolte, Tobias Fiebig

Government Information Quarterly (GIQ) (Volume 40, Issue 4), August 2023

@article{giq2023-pushing-boundaries,
  title     = {{Pushing Boundaries: An Empirical View on the Digital Sovereignty of Six Governments in the Midst of Geopolitical Tensions}},
  author    = {Jansen, Bernardus and Kadenko, Natalia and Broeders, Dennis and van Eeten, Michel and Borgolte, Kevin and Fiebig, Tobias},
  date      = {2023-08-21},
  doi       = {10.1016/j.giq.2023.101862},
  issn      = {0740-624X},
  journal   = {Government Information Quarterly (GIQ)},
  number    = {4},
  pages     = {101862},
  publisher = {Elsevier},
  url       = {https://www.sciencedirect.com/science/article/pii/S0740624X2300062X},
  volume    = {40}
}

Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale

Stijn Pletinckx, Kevin Borgolte, Tobias Fiebig

Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS), November 2021

@inproceedings{ccs2021-out-of-sight-out-of-mind,
  title     = {{Out of Sight, Out of Mind: Detecting Orphaned Web Pages at Internet-Scale}},
  author    = {Pletinckx, Stijn and Borgolte, Kevin and Fiebig, Tobias},
  booktitle = {Proceedings of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  date      = {2021-11},
  doi       = {10.1145/3460120.3485367},
  edition   = {28},
  editor    = {Shi, Elaine and Vigna, Giovanni},
  isbn      = {978-1-4503-8454-4},
  location  = {Seoul, South Korea},
  publisher = {Association for Computing Machinery (ACM)}
}

Designing for Tussle in Encrypted DNS

Austin Hounsel, Paul Schmitt, Kevin Borgolte, Nick Feamster

Proceedings of the 20th Workshop on Hot Topics in Networking (HotNets), November 2021

@inproceedings{hotnets2021-designing-for-tussle-in-encrypted-dns,
  title     = {{Designing for Tussle in Encrypted DNS}},
  author    = {Hounsel, Austin and Schmitt, Paul and Borgolte, Kevin and Feamster, Nick},
  booktitle = {Proceedings of the 20th Workshop on Hot Topics in Networking (HotNets)},
  date      = {2021-11-10},
  doi       = {10.1145/3484266.3487383},
  edition   = {20},
  editor    = {Yu, Minlan and Vanbever, Lauren},
  location  = {Online},
  publisher = {Association for Computing Machinery (ACM)}
}

Cyber Grand Shellphish

Antonio Bianchi, Kevin Borgolte, Jacopo Corbetta, Francesco Disperati, Andrew Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Giovanni Vigna, Ruoyu Wang

Phrack (Volume 15, Issue 70), October 2021

Authors listed alphabetically.

@article{phrack2021-cyber-grand-shellphish,
  title     = {{Cyber Grand Shellphish}},
  author    = {Bianchi, Antonio and Borgolte, Kevin and Corbetta, Jacopo and Disperati, Francesco and Dutcher, Andrew and Grosen, John and Grosen, Paul and Machiry, Aravind and Salls, Christopher and Shoshitaishvili, Yan and Stephens, Nick and Vigna, Giovanni and Wang, Ruoyu},
  date      = {2021-10-05},
  journal   = {Phrack},
  number    = {70},
  publisher = {The Phrack Staff},
  url       = {http://phrack.org/papers/cyber_grand_shellphish.html},
  volume    = {15}
}

Encryption without Centralization: Distributing DNS Queries Across Recursive Resolvers

Austin Hounsel, Paul Schmitt, Kevin Borgolte, Nick Feamster

Proceedings of the 2021 Applied Networking Research Workshop (ANRW), July 2021

Extended abstract. Co-located with IETF 105.

@inproceedings{anrw2021-encryption-without-centralization,
  title     = {{Encryption without Centralization: Distributing DNS Queries Across Recursive Resolvers}},
  author    = {Hounsel, Austin and Schmitt, Paul and Borgolte, Kevin and Feamster, Nick},
  booktitle = {Proceedings of the 2021 Applied Networking Research Workshop (ANRW)},
  date      = {2021-07-24},
  doi       = {10.1145/3472305.3472318},
  editor    = {Lutu, Andra and Feamster, Nick},
  location  = {Online},
  publisher = {Association for Computing Machinery (ACM)}
}

Can Encrypted DNS Be Fast?

Austin Hounsel, Paul Schmitt, Kevin Borgolte, Nick Feamster

Proceedings of the 22nd Passive and Active Measurement (PAM), March 2021

@inproceedings{pam2021-can-encrypted-dns-be-fast,
  title       = {{Can Encrypted DNS Be Fast?}},
  author      = {Hounsel, Austin and Schmitt, Paul and Borgolte, Kevin and Feamster, Nick},
  booktitle   = {Proceedings of the 22nd Passive and Active Measurement (PAM)},
  series      = {Lecture Notes in Computer Science (LNCS)},
  date        = {2021-03},
  doi         = {10.1007/978-3-030-72582-2_26},
  editor      = {Levin, Dave and Lutu, Andra},
  eprint      = {2007.06812},
  eprintclass = {cs.NI},
  eprinttype  = {arxiv},
  location    = {Virtual (COVID-19)},
  publisher   = {Springer International Publishing}
}

Those Who Know Don't, Those Who Don't Know Deploy: Understanding Security Awareness in the Adoption of Industrial IoT

Verena Schrama, Carlos H. Gañán, Doris Aschenbrenner, Mark de Reuver, Kevin Borgolte, Tobias Fiebig

Proceedings of the 20th Workshop on the Economics of Information Security (WEIS), December 2020

@inproceedings{weis2020-those-who-know-dont,
  title     = {{Those Who Know Don't, Those Who Don't Know Deploy: Understanding Security Awareness in the Adoption of Industrial IoT}},
  author    = {Schrama, Verena and Gañán, Carlos H. and Aschenbrenner, Doris and de Reuver, Mark and Borgolte, Kevin and Fiebig, Tobias},
  booktitle = {Proceedings of the 20th Workshop on the Economics of Information Security (WEIS)},
  date      = {2020-12},
  editor    = {Christin, Nicolas},
  location  = {Brussels, Belgium},
  url       = {https://weis2020.econinfosec.org/wp-content/uploads/sites/8/2020/06/weis20-final23.pdf}
}

Identifying Disinformation Websites Using Infrastructure Features

Austin Hounsel, Jordan Holland, Ben Kaiser, Kevin Borgolte, Nick Feamster, Jonathan Mayer

Proceedings of the 10th USENIX Workshop on Free and Open Communications on the Internet, August 2020

@inproceedings{foci2020-identifying-disinformation,
  title       = {{Identifying Disinformation Websites Using Infrastructure Features}},
  author      = {Hounsel, Austin and Holland, Jordan and Kaiser, Ben and Borgolte, Kevin and Feamster, Nick and Mayer, Jonathan},
  booktitle   = {Proceedings of the 10th USENIX Workshop on Free and Open Communications on the Internet},
  date        = {2020-08},
  edition     = {10},
  editor      = {Ensafi, Roya and Klein, Hans},
  eprint      = {2003.07684},
  eprintclass = {cs.CY},
  eprinttype  = {arxiv},
  publisher   = {USENIX Association},
  url         = {https://www.usenix.org/conference/foci20/presentation/hounsel}
}

Understanding The Performance Costs and Benefits of Privacy-focused Browser Extensions

Kevin Borgolte, Nick Feamster

Proceedings of the 29th The Web Conference (TheWebConf, formerly known as WWW), April 2020

@inproceedings{www2020-privacy-extensions,
  title     = {{Understanding The Performance Costs and Benefits of Privacy-focused Browser Extensions}},
  author    = {Borgolte, Kevin and Feamster, Nick},
  booktitle = {Proceedings of the 29th The Web Conference (TheWebConf, formerly known as WWW)},
  date      = {2020-04},
  doi       = {10.1145/3366423.3380292},
  edition   = {29},
  editor    = {Liu, Tie-Yan and van Steen, Maarten},
  location  = {Taiwan, Taipei},
  publisher = {International World Wide Web Conference Committee (IW3C2)}
}

Comparing the Effects of DNS, DoT, and DoH on Web Performance

Austin Hounsel, Kevin Borgolte, Paul Schmitt, Jordan Holland, Nick Feamster

Proceedings of the 29th The Web Conference (TheWebConf, formerly known as WWW), April 2020

@inproceedings{www2020-dns-dot-doh,
  title       = {{Comparing the Effects of DNS, DoT, and DoH on Web Performance}},
  author      = {Hounsel, Austin and Borgolte, Kevin and Schmitt, Paul and Holland, Jordan and Feamster, Nick},
  booktitle   = {Proceedings of the 29th The Web Conference (TheWebConf, formerly known as WWW)},
  date        = {2020-04},
  doi         = {10.1145/3366423.3380139},
  edition     = {29},
  editor      = {Liu, Tie-Yan and van Steen, Maarten},
  eprint      = {1907.08089v3},
  eprintclass = {cs.NI},
  eprinttype  = {arxiv},
  location    = {Taiwan, Taipei},
  publisher   = {International World Wide Web Conference Committee (IW3C2)},
  url         = {https://arxiv.org/abs/1907.08089v3}
}

How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem

Kevin Borgolte, Tithi Chattopadhyay, Nick Feamster, Mihir Kshirsagar, Jordan Holland, Austin Hounsel, Paul Schmitt

Proceedings of the 47th Research Conference on Communications, Information and Internet Policy (TPRC), September 2019

Authors listed alphabetically.

@inproceedings{tprc2019-doh-policy,
  title     = {{How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem}},
  author    = {Borgolte, Kevin and Chattopadhyay, Tithi and Feamster, Nick and Kshirsagar, Mihir and Holland, Jordan and Hounsel, Austin and Schmitt, Paul},
  booktitle = {Proceedings of the 47th Research Conference on Communications, Information and Internet Policy (TPRC)},
  date      = {2019-09},
  doi       = {10.2139/ssrn.3427563},
  edition   = {12},
  location  = {Washington, D.C., USA},
  publisher = {TPRC},
  url       = {https://ssrn.com/abstract=3427563}
}

Analyzing the Costs (and Benefits) of DNS, DoT, and DoH for the Modern Web

Austin Hounsel, Kevin Borgolte, Paul Schmitt, Jordan Holland, Nick Feamster

Proceedings of the 2019 Applied Networking Research Workshop (ANRW), July 2019

Extended abstract. Co-located with IETF 105.

@inproceedings{anrw2019-analyzing-the-costs-of-dns-dot-doh,
  title     = {{Analyzing the Costs (and Benefits) of DNS, DoT, and DoH for the Modern Web}},
  author    = {Hounsel, Austin and Borgolte, Kevin and Schmitt, Paul and Holland, Jordan and Feamster, Nick},
  booktitle = {Proceedings of the 2019 Applied Networking Research Workshop (ANRW)},
  date      = {2019-07-22},
  doi       = {10.1145/3340301.3341129},
  editor    = {Gill, Phillipa and Iyengar, Jana},
  location  = {Montréal, QC, Canada},
  publisher = {Association for Computing Machinery (ACM)}
}

Investigating Operators' Perspective on Security Misconfigurations

Constanze Dietrich, Katharina Krombholz, Kevin Borgolte, Tobias Fiebig

Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security (CCS), October 2018

@inproceedings{ccs2018-security-misconfigurations,
  title     = {{Investigating Operators' Perspective on Security Misconfigurations}},
  author    = {Dietrich, Constanze and Krombholz, Katharina and Borgolte, Kevin and Fiebig, Tobias},
  booktitle = {Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  date      = {2018-10},
  doi       = {10.1145/3243734.3243794},
  edition   = {25},
  editor    = {Backes, Michael and Wang, XiaoFeng},
  isbn      = {978-1-4503-5693-0},
  location  = {Toronto, ON, Canada},
  publisher = {Association for Computing Machinery (ACM)}
}

Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks

Wei Meng, Chenxiong Qian, Shuang Hao, Kevin Borgolte, Giovanni Vigna, Christopher Kruegel, Wenke Lee

Proceedings of the 27th USENIX Security Symposium (USENIX Security), August 2018

@inproceedings{sec2018-rampart,
  title     = {{Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks}},
  author    = {Meng, Wei and Qian, Chenxiong and Hao, Shuang and Borgolte, Kevin and Vigna, Giovanni and Kruegel, Christopher and Lee, Wenke},
  booktitle = {Proceedings of the 27th USENIX Security Symposium (USENIX Security)},
  date      = {2018-08},
  edition   = {27},
  editor    = {Enck, William and Porter Felt, Adrienne},
  location  = {Baltimore, MD, USA},
  publisher = {USENIX Association},
  url       = {https://www.usenix.org/conference/usenixsecurity18/presentation/meng}
}

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates

Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, Giovanni Vigna

Proceedings of the 2018 Applied Networking Research Workshop (ANRW), July 2018

Extended abstract. Co-located with IETF 102.

@inproceedings{anrw2018-cloud-strife,
  title     = {{Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates}},
  author    = {Borgolte, Kevin and Fiebig, Tobias and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 2018 Applied Networking Research Workshop (ANRW)},
  date      = {2018-07-16},
  doi       = {10.1145/3232755.3232859},
  editor    = {Choffnes, David and Goldberg, Sharon},
  isbn      = {978-1-4503-5585-8},
  location  = {Montréal, QC, Canada},
  publisher = {Association for Computing Machinery (ACM)}
}

Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones

Kevin Borgolte, Shuang Hao, Tobias Fiebig, Giovanni Vigna

Proceedings of the 39th IEEE Symposium on Security & Privacy (S&P), May 2018

@inproceedings{sp2018-enumerating-ipv6,
  title     = {{Enumerating Active IPv6 Hosts for Large-scale Security Scans via DNSSEC-signed Reverse Zones}},
  author    = {Borgolte, Kevin and Hao, Shuang and Fiebig, Tobias and Vigna, Giovanni},
  booktitle = {Proceedings of the 39th IEEE Symposium on Security \& Privacy (S\&P)},
  date      = {2018-05},
  doi       = {10.1109/SP.2018.00027},
  edition   = {39},
  editor    = {Parno, Bryan and Kruegel, Christopher},
  isbn      = {978-1-5386-4353-2},
  issn      = {2375-1207},
  location  = {San Francisco, CA, USA},
  pages     = {438--452},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)}
}

Mechanical Phish: Resilient Autonomous Hacking

Yan Shoshitaishvili, Antonio Bianchi, Kevin Borgolte, Amat Cama, Jacopo Corbetta, Francesco Disperati, Andrew Dutcher, John Grosen, Paul Grosen, Aravind Machiry, Christopher Salls, Nick Stephens, Ruoyu Wang, Giovanni Vigna

IEEE Security & Privacy, March 2018

@article{spm2018-mechanical-phish,
  title     = {{Mechanical Phish: Resilient Autonomous Hacking}},
  author    = {Shoshitaishvili, Yan and Bianchi, Antonio and Borgolte, Kevin and Cama, Amat and Corbetta, Jacopo and Disperati, Francesco and Dutcher, Andrew and Grosen, John and Grosen, Paul and Machiry, Aravind and Salls, Christopher and Stephens, Nick and Wang, Ruoyu and Vigna, Giovanni},
  date      = {2018-03/2018-04},
  doi       = {10.1109/MSP.2018.1870858},
  issn      = {1558-4046},
  journal   = {IEEE Security \& Privacy},
  number    = {2},
  pages     = {12--22},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
  url       = {https://ieeexplore.ieee.org/document/8328966/},
  volume    = {16}
}

In rDNS We Trust: Revisiting a Common Data-Source's Reliability

Tobias Fiebig, Kevin Borgolte, Shuang Hao, Christopher Kruegel, Giovanni Vigna, Anja Feldmann

Proceedings of the 19th Passive and Active Measurement (PAM), March 2018

@inproceedings{pam2018-in-rdns-we-trust,
  title     = {{In rDNS We Trust: Revisiting a Common Data-Source's Reliability}},
  author    = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni and Feldmann, Anja},
  booktitle = {Proceedings of the 19th Passive and Active Measurement (PAM)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2018-03},
  doi       = {10.1007/978-3-319-76481-8_10},
  edition   = {19},
  editor    = {Beverly, Robert and Smaragdakis, Georgios},
  isbn      = {978-3-319-54327-7},
  location  = {Berlin, Germany},
  pages     = {131--145},
  publisher = {Springer International Publishing},
  volume    = {10771}
}

Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates

Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, Giovanni Vigna

Proceedings of the 25th Network and Distributed System Security Symposium (NDSS), February 2018

@inproceedings{ndss2018-cloud-strife,
  title     = {{Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates}},
  author    = {Borgolte, Kevin and Fiebig, Tobias and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 25th Network and Distributed System Security Symposium (NDSS)},
  date      = {2018-02},
  doi       = {10.14722/ndss.2018.23327},
  edition   = {25},
  editor    = {Traynor,  Patrick and Oprea, Alina},
  isbn      = {1891562-49-5},
  location  = {San Diego, CA, USA},
  publisher = {Internet Society (ISOC)}
}

Something From Nothing (There): Collecting Global IPv6 Datasets From DNS

Tobias Fiebig, Kevin Borgolte, Shuang Hao, Christopher Kruegel, Giovanni Vigna

Proceedings of the 18th Passive and Active Measurement (PAM), March 2017

@inproceedings{pam2017-something-from-nothing-there,
  title     = {{Something From Nothing (There): Collecting Global IPv6 Datasets From DNS}},
  author    = {Fiebig, Tobias and Borgolte, Kevin and Hao, Shuang and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 18th Passive and Active Measurement (PAM)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2017-03},
  doi       = {10.1007/978-3-319-54328-4_3},
  edition   = {18},
  editor    = {Kâafar, Mohamed Ali and Uhlig, Steve and Johanna Amann},
  isbn      = {978-3-319-54328-4},
  location  = {Sydney, Australia},
  pages     = {30--43},
  publisher = {Springer International Publishing},
  volume    = {10176}
}

Drops for Stuff: An Analysis of Reshipping Mule Scams

Shuang Hao, Kevin Borgolte, Nick Nikiforakis, Gianluca Stringhini, Manuel Egele, Michael Eubanks, Brian Krebs, Giovanni Vigna

Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS), October 2015

@inproceedings{ccs2015-drops-for-stuff,
  title     = {{Drops for Stuff: An Analysis of Reshipping Mule Scams}},
  author    = {Hao, Shuang and Borgolte, Kevin and Nikiforakis, Nick and Stringhini, Gianluca and Egele, Manuel and Eubanks, Michael and Krebs, Brian and Vigna, Giovanni},
  booktitle = {Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  acmid     = {2813620},
  date      = {2015-10},
  doi       = {10.1145/2810103.2813620},
  edition   = {22},
  editor    = {Li, Ninghui and Kruegel, Christopher},
  isbn      = {978-1-4503-3832-5},
  location  = {Denver, CO, USA},
  numpages  = {12},
  pages     = {1081--1092},
  publisher = {Association for Computing Machinery (ACM)}
}

Meerkat: Detecting Website Defacements through Image-based Object Recognition

Kevin Borgolte, Christopher Kruegel, Giovanni Vigna

Proceedings of the 24th USENIX Security Symposium (USENIX Security), August 2015

Internet Defense Prize Finalist.

@inproceedings{sec2015-meerkat,
  title     = {{Meerkat: Detecting Website Defacements through Image-based Object Recognition}},
  author    = {Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 24th USENIX Security Symposium (USENIX Security)},
  date      = {2015-08},
  edition   = {24},
  editor    = {Jung, Jaeyeon Jung and Holz, Thorsten},
  isbn      = {978-1-931971-232},
  location  = {Washington, D.C., USA},
  pages     = {595--610},
  publisher = {USENIX Association},
  url       = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/borgolte}
}

What You Submit is Who You Are: A Multi-Modal Approach for Deanonymizing Scientific Publications

Mathias Payer, Ling Huang, Neil Zhenqiang Gong, Kevin Borgolte, Mario Frank

IEEE Transactions on Information Forensics and Security (TIFS) (Volume 10, Issue 1), January 2015

@article{tifs2015-what-you-submit-is-who-you-are,
  title     = {{What You Submit is Who You Are: A Multi-Modal Approach for Deanonymizing Scientific Publications}},
  author    = {Payer, Mathias and Huang, Ling and Gong, Neil Zhenqiang and Borgolte, Kevin and Frank, Mario},
  date      = {2015-01},
  doi       = {10.1109/TIFS.2014.2368355},
  issn      = {1556-6013},
  journal   = {IEEE Transactions on Information Forensics and Security (TIFS)},
  number    = {1},
  pages     = {200--212},
  publisher = {Institute of Electrical and Electronics Engineers (IEEE)},
  volume    = {10}
}

Protecting Web Single Sign-on against Relying Party Impersonation Attacks through a Bi-directional Secure Channel with Authentication

Yinzhi Cao, Yan Shoshitaishvili, Kevin Borgolte, Christopher Kruegel, Giovanni Vigna, Yan Chen

Proceedings of the 17th International Symposium on Recent Advances in Intrusion Detection (RAID), September 2014

@inproceedings{raid2014-protecting-websso,
  title     = {{Protecting Web Single Sign-on against Relying Party Impersonation Attacks through a Bi-directional Secure Channel with Authentication}},
  author    = {Cao, Yinzhi and Shoshitaishvili, Yan and Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni and Chen, Yan},
  booktitle = {Proceedings of the 17th International Symposium on Recent Advances in Intrusion Detection (RAID)},
  series    = {Lecture Notes in Computer Science (LNCS)},
  date      = {2014-09},
  doi       = {10.1007/978-3-319-11379-1_14},
  edition   = {17},
  editor    = {Stavrou, Angelos and Bos, Herbert and Portokalidis, Georgios},
  isbn      = {978-3-319-11379-1},
  location  = {Gothenburg, Sweden},
  pages     = {276--298},
  publisher = {Springer International Publishing},
  volume    = {8688}
}

Ten Years of iCTF: The Good, The Bad, and The Ugly

Giovanni Vigna, Kevin Borgolte, Jacopo Corbetta, Adam Doupé, Yanick Fratantonio, Luca Invernizzi, Dhilung Kirat, Yan Shoshitaishvili

Proceedings of the 1st USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE), August 2014

@inproceedings{3gse2014-10-years-of-ictf,
  title     = {{Ten Years of iCTF: The Good, The Bad, and The Ugly}},
  author    = {Vigna, Giovanni and Borgolte, Kevin and Corbetta, Jacopo and Doupé, Adam and Fratantonio, Yanick and Invernizzi, Luca and Kirat, Dhilung and Shoshitaishvili, Yan},
  booktitle = {Proceedings of the 1st USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE)},
  date      = {2014-08},
  edition   = {1},
  editor    = {Peterson, Zachary N. J.},
  location  = {San Diego, CA},
  publisher = {USENIX Association},
  url       = {https://www.usenix.org/conference/3gse14/summit-program/presentation/vigna}
}

Relevant Change Detection: Framework for the Precise Extraction of Modified and Novel Web-based Content as a Filtering Technique for Analysis Engines

Kevin Borgolte, Christopher Kruegel, Giovanni Vigna

Proceedings of the 23rd World Wide Web Conference (WWW), April 2014

Developers' Track.

@inproceedings{wwwdev2014-relevant-change-detection,
  title     = {{Relevant Change Detection: Framework for the Precise Extraction of Modified and Novel Web-based Content as a Filtering Technique for Analysis Engines}},
  author    = {Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 23rd World Wide Web Conference (WWW)},
  series    = {WWW Companion},
  acmid     = {2578039},
  date      = {2014-04},
  doi       = {10.1145/2567948.2578039},
  edition   = {23},
  editor    = {Broder, Andrei Z. and Shim, Kyuseok and Suel, Torsten},
  isbn      = {978-1-4503-2745-9},
  location  = {Seoul, Republic of Korea},
  numpages  = {4},
  pages     = {595--598},
  publisher = {International World Wide Web Conference Committee (IW3C2)}
}

Delta: Automatic Identification of Unknown Web-based Infection Campaigns

Kevin Borgolte, Christopher Kruegel, Giovanni Vigna

Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS), November 2013

@inproceedings{ccs2013-delta,
  title     = {{Delta: Automatic Identification of Unknown Web-based Infection Campaigns}},
  author    = {Borgolte, Kevin and Kruegel, Christopher and Vigna, Giovanni},
  booktitle = {Proceedings of the 20th ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  acmid     = {2516725},
  date      = {2013-11},
  doi       = {10.1145/2508859.2516725},
  edition   = {20},
  editor    = {Gligor, Virgil D. and Yung, Moti},
  isbn      = {978-1-4503-2477-9},
  location  = {Berlin, Germany},
  numpages  = {12},
  pages     = {109--120},
  publisher = {Association for Computing Machinery (ACM)},
  title+an  = {=highlight}
}

Preprints

Human Factors in Security Research: Lessons Learned from 2008-2018

Mannat Kaur, Michel van Eeten, Marijn Janssen, Kevin Borgolte, Tobias Fiebig

March 2021

@unpublished{arxiv-2103.13287,
  title       = {{Human Factors in Security Research: Lessons Learned from 2008-2018}},
  author      = {Kaur, Mannat and van Eeten, Michel and Janssen, Marijn and Borgolte, Kevin and Fiebig, Tobias},
  date        = {2021-03-24},
  eprint      = {2103.13287},
  eprintclass = {cs.CY},
  eprinttype  = {arxiv},
  url         = {https://arxiv.org/abs/2103.13287}
}

Classifying Network Vendors at Internet Scale

Jordan Holland, Ross Teixera, Paul Schmitt, Kevin Borgolte, Jennifer Rexford, Nick Feamster, Jonathan Mayer

June 2020

@unpublished{arxiv-2006.13086,
  title       = {{Classifying Network Vendors at Internet Scale}},
  author      = {Holland, Jordan and Teixera, Ross and Schmitt, Paul and Borgolte, Kevin and Rexford, Jennifer and Feamster, Nick and Mayer, Jonathan},
  date        = {2020-06-23},
  eprint      = {2006.13086},
  eprintclass = {cs.NI},
  eprinttype  = {arxiv},
  url         = {https://arxiv.org/abs/2006.13086}
}