[{"citation":{"ieee":"F. Lange, N. Niere, and J. Somorovsky, “Towards Automated DNS Censorship Circumvention,” presented at the Free and Open Communications on the Internet, Virtual, 2026.","chicago":"Lange, Felix, Niklas Niere, and Juraj Somorovsky. “Towards Automated DNS Censorship Circumvention,” 2026.","short":"F. Lange, N. Niere, J. Somorovsky, in: 2026.","mla":"Lange, Felix, et al. <i>Towards Automated DNS Censorship Circumvention</i>. 2026.","bibtex":"@inproceedings{Lange_Niere_Somorovsky_2026, title={Towards Automated DNS Censorship Circumvention}, author={Lange, Felix and Niere, Niklas and Somorovsky, Juraj}, year={2026} }","apa":"Lange, F., Niere, N., &#38; Somorovsky, J. (2026). <i>Towards Automated DNS Censorship Circumvention</i>. Free and Open Communications on the Internet, Virtual.","ama":"Lange F, Niere N, Somorovsky J. Towards Automated DNS Censorship Circumvention. In: ; 2026."},"year":"2026","has_accepted_license":"1","main_file_link":[{"open_access":"1","url":"https://www.petsymposium.org/foci/2026/foci-2026-0001.pdf"}],"conference":{"name":"Free and Open Communications on the Internet","start_date":"2026-02-19","end_date":"2026-02-19","location":"Virtual"},"title":"Towards Automated DNS Censorship Circumvention","date_created":"2026-02-20T14:35:34Z","author":[{"first_name":"Felix","last_name":"Lange","full_name":"Lange, Felix","id":"67893"},{"full_name":"Niere, Niklas","id":"63563","last_name":"Niere","first_name":"Niklas"},{"first_name":"Juraj","full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"}],"oa":"1","date_updated":"2026-02-21T10:20:16Z","file":[{"date_created":"2026-02-20T14:34:05Z","creator":"nniklas","date_updated":"2026-02-21T10:20:16Z","file_name":"foci-2026-0001.pdf","file_id":"64568","access_level":"open_access","file_size":775133,"content_type":"application/pdf","relation":"main_file"}],"status":"public","abstract":[{"text":"Censorship is employed by many governments and ISPs worldwide, with an increasing trend in recent years. One of the most censored protocols is DNS: censors target unencrypted and encrypted DNS to prevent clients from resolving the domain name of unwanted websites. Despite much research on DNS censorship, only a few tools can circumvent it.To support users affected by DNS censorship, we present DPYProxy-DNS, a DNS resolver that automatically detects and employs a working DNS censorship circumvention. We demonstrate the effectiveness of DPYProxy-DNS by automatically circumventing DNS censorship in China and Iran and analyzing DNS censorship mechanisms in these countries. Our analyses re veal that DNS censorship in Iran is ineffective against encrypted DNS. In China, DPYProxy-DNS revealed two consistently working circumvention techniques for unencrypted DNS: TCP segmentation for DNS over TCP and ignoring DNS responses injected by the Great Firewall of China (GFW). Our findings reveal varying levels of DNS censorship across different countries, underscoring the importance of the automated circumvention approach we provide with DPYProxy-DNS.","lang":"eng"}],"type":"conference","language":[{"iso":"eng"}],"file_date_updated":"2026-02-21T10:20:16Z","ddc":["006"],"user_id":"63563","_id":"64566"},{"main_file_link":[{"open_access":"1","url":"https://www.petsymposium.org/foci/2025/foci-2025-0002.pdf"}],"conference":{"end_date":"2025-02-20","location":"Virtual","name":"Free and Open Communications on the Internet","start_date":"2025-02-20"},"title":"I(ra)nconsistencies: Novel Insights into Iran’s Censorship","date_created":"2025-02-24T08:09:56Z","author":[{"last_name":"Lange","full_name":"Lange, Felix","id":"67893","first_name":"Felix"},{"last_name":"Niere","id":"63563","full_name":"Niere, Niklas","first_name":"Niklas"},{"full_name":"von Niessen, Jonathan","last_name":"von Niessen","first_name":"Jonathan"},{"full_name":"Suermann, Dennis","last_name":"Suermann","first_name":"Dennis"},{"id":"74619","full_name":"Heitmann, Nico","last_name":"Heitmann","orcid":"0009-0003-7687-7044","first_name":"Nico"},{"first_name":"Juraj","id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"}],"date_updated":"2025-05-06T13:48:32Z","oa":"1","citation":{"ama":"Lange F, Niere N, von Niessen J, Suermann D, Heitmann N, Somorovsky J. I(ra)nconsistencies: Novel Insights into Iran’s Censorship. In: <i>Proceedings on Privacy Enhancing Technologies</i>. ; 2025.","chicago":"Lange, Felix, Niklas Niere, Jonathan von Niessen, Dennis Suermann, Nico Heitmann, and Juraj Somorovsky. “I(Ra)Nconsistencies: Novel Insights into Iran’s Censorship.” In <i>Proceedings on Privacy Enhancing Technologies</i>, 2025.","ieee":"F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, and J. Somorovsky, “I(ra)nconsistencies: Novel Insights into Iran’s Censorship,” presented at the Free and Open Communications on the Internet, Virtual, 2025.","apa":"Lange, F., Niere, N., von Niessen, J., Suermann, D., Heitmann, N., &#38; Somorovsky, J. (2025). I(ra)nconsistencies: Novel Insights into Iran’s Censorship. <i>Proceedings on Privacy Enhancing Technologies</i>. Free and Open Communications on the Internet, Virtual.","bibtex":"@inproceedings{Lange_Niere_von Niessen_Suermann_Heitmann_Somorovsky_2025, title={I(ra)nconsistencies: Novel Insights into Iran’s Censorship}, booktitle={Proceedings on Privacy Enhancing Technologies}, author={Lange, Felix and Niere, Niklas and von Niessen, Jonathan and Suermann, Dennis and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }","mla":"Lange, Felix, et al. “I(Ra)Nconsistencies: Novel Insights into Iran’s Censorship.” <i>Proceedings on Privacy Enhancing Technologies</i>, 2025.","short":"F. Lange, N. Niere, J. von Niessen, D. Suermann, N. Heitmann, J. Somorovsky, in: Proceedings on Privacy Enhancing Technologies, 2025."},"year":"2025","has_accepted_license":"1","quality_controlled":"1","file_date_updated":"2025-02-24T08:07:59Z","language":[{"iso":"eng"}],"ddc":["006"],"user_id":"63563","department":[{"_id":"632"}],"_id":"58801","file":[{"creator":"flange","date_created":"2025-02-24T08:07:59Z","date_updated":"2025-02-24T08:07:59Z","file_name":"foci-2025-0002.pdf","file_id":"58802","access_level":"closed","file_size":535700,"content_type":"application/pdf","relation":"main_file","success":1}],"status":"public","abstract":[{"lang":"eng","text":"Iran employs one of the most prominent Internet censors in the world. An important part of Iran’s censorship apparatus is its analysis of unencrypted protocols such as HTTP and DNS. During routine evaluations of Iran’s HTTP and DNS censorship, we noticed several properties we believe to be unknown today. For instance, we found injections of correct static IPs for some domains such as google.com on the DNS level, unclear HTTP version parsing, and correlations between DNS and HTTP censorship. In this paper, we present our findings to the community and discuss possible takeaways for affected people and the censorship circumvention community. As some of our findings left us bewildered, we hope to ignite a discussion about Iran’s censorship behavior. We aim to use the discussion of our work to execute a thorough analysis and explanation of Iran’s censorship behavior in the future."}],"type":"conference","publication":"Proceedings on Privacy Enhancing Technologies"},{"abstract":[{"text":"HTTPS composes large parts of today’s Internet traffic and has long been subject to censorship efforts in different countries. While censors analyze the Transport Layer Security (TLS) protocol to block encrypted HTTP traffic, censorship circumvention efforts have primarily focused on other protocols such as TCP. In this paper, we hypothesize that the TLS protocol offers previously unseen opportunities for censorship circumvention techniques. We tested our hypothesis by proposing possible censorship circumvention techniques that act on the TLS protocol. To validate the effectiveness of these techniques, we evaluate their acceptance by popular TLS servers and successfully demonstrate that these techniques can circumvent censors in China and Iran. In our evaluations, we discovered 38—partially standard-compliant—distinct censorship circumvention techniques, which we could group into 11 unique categories. Additionally, we provide novel insights into how China censors TLS traffic by presenting evidence of at least three distinct censorship appliances. We suspect that other parts of China’s censorship apparatus and other censors exhibit similar structures and advocate future censorship research to anticipate them. With this work, we hope to aid people affected by censorship and stimulate further\r\nresearch into censorship circumvention using cryptographic protocols.","lang":"eng"}],"file":[{"relation":"main_file","content_type":"application/pdf","file_name":"TLS_Obscurity.pdf","access_level":"open_access","file_id":"59826","file_size":463431,"date_created":"2025-05-06T13:49:35Z","creator":"nniklas","date_updated":"2025-05-06T13:51:45Z"}],"publication":"2025 IEEE Symposium on Security and Privacy (SP)","ddc":["006"],"language":[{"iso":"eng"}],"year":"2025","title":"Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer","date_created":"2025-05-06T13:40:50Z","status":"public","type":"conference","file_date_updated":"2025-05-06T13:51:45Z","_id":"59824","user_id":"63563","department":[{"_id":"632"}],"citation":{"chicago":"Niere, Niklas, Felix Lange, Robert Merget, and Juraj Somorovsky. “Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer.” In <i>2025 IEEE Symposium on Security and Privacy (SP)</i>, 2025. <a href=\"https://doi.org/10.1109/SP61157.2025.00151\">https://doi.org/10.1109/SP61157.2025.00151</a>.","ieee":"N. Niere, F. Lange, R. Merget, and J. Somorovsky, “Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer,” presented at the 46th IEEE Symposium on Security and Privacy, San Francisco, 2025, doi: <a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>.","ama":"Niere N, Lange F, Merget R, Somorovsky J. Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer. In: <i>2025 IEEE Symposium on Security and Privacy (SP)</i>. ; 2025. doi:<a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>","apa":"Niere, N., Lange, F., Merget, R., &#38; Somorovsky, J. (2025). Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer. <i>2025 IEEE Symposium on Security and Privacy (SP)</i>. 46th IEEE Symposium on Security and Privacy, San Francisco. <a href=\"https://doi.org/10.1109/SP61157.2025.00151\">https://doi.org/10.1109/SP61157.2025.00151</a>","bibtex":"@inproceedings{Niere_Lange_Merget_Somorovsky_2025, title={Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer}, DOI={<a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>}, booktitle={2025 IEEE Symposium on Security and Privacy (SP)}, author={Niere, Niklas and Lange, Felix and Merget, Robert and Somorovsky, Juraj}, year={2025} }","short":"N. Niere, F. Lange, R. Merget, J. Somorovsky, in: 2025 IEEE Symposium on Security and Privacy (SP), 2025.","mla":"Niere, Niklas, et al. “Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer.” <i>2025 IEEE Symposium on Security and Privacy (SP)</i>, 2025, doi:<a href=\"https://doi.org/10.1109/SP61157.2025.00151\">10.1109/SP61157.2025.00151</a>."},"has_accepted_license":"1","conference":{"start_date":"2025-05-12","name":"46th IEEE Symposium on Security and Privacy","location":"San Francisco","end_date":"2025-05-14"},"doi":"10.1109/SP61157.2025.00151","oa":"1","date_updated":"2025-06-02T12:03:51Z","author":[{"first_name":"Niklas","last_name":"Niere","full_name":"Niere, Niklas","id":"63563"},{"id":"67893","full_name":"Lange, Felix","last_name":"Lange","first_name":"Felix"},{"full_name":"Merget, Robert","last_name":"Merget","first_name":"Robert"},{"last_name":"Somorovsky","orcid":"0000-0002-3593-7720","id":"83504","full_name":"Somorovsky, Juraj","first_name":"Juraj"}]},{"type":"conference","status":"public","_id":"58657","department":[{"_id":"632"}],"user_id":"58331","file_date_updated":"2025-02-17T11:13:10Z","has_accepted_license":"1","publication_status":"published","page":"1867 - 1885","citation":{"ama":"Rossel J, Mladenov V, Wördenweber N, Somorovsky J. Security Implications of Malicious G-Codes in 3D Printing. In: <i>Proceedings of the 34th USENIX Security Symposium</i>. ; 2025:1867-1885.","ieee":"J. Rossel, V. Mladenov, N. Wördenweber, and J. Somorovsky, “Security Implications of Malicious G-Codes in 3D Printing,” in <i>Proceedings of the 34th USENIX Security Symposium</i>, Seattle, WA, USA, 2025, pp. 1867–1885.","chicago":"Rossel, Jost, Vladislav Mladenov, Nico Wördenweber, and Juraj Somorovsky. “Security Implications of Malicious G-Codes in 3D Printing.” In <i>Proceedings of the 34th USENIX Security Symposium</i>, 1867–85, 2025.","apa":"Rossel, J., Mladenov, V., Wördenweber, N., &#38; Somorovsky, J. (2025). Security Implications of Malicious G-Codes in 3D Printing. <i>Proceedings of the 34th USENIX Security Symposium</i>, 1867–1885.","bibtex":"@inproceedings{Rossel_Mladenov_Wördenweber_Somorovsky_2025, title={Security Implications of Malicious G-Codes in 3D Printing}, booktitle={Proceedings of the 34th USENIX Security Symposium}, author={Rossel, Jost and Mladenov, Vladislav and Wördenweber, Nico and Somorovsky, Juraj}, year={2025}, pages={1867–1885} }","short":"J. Rossel, V. Mladenov, N. Wördenweber, J. Somorovsky, in: Proceedings of the 34th USENIX Security Symposium, 2025, pp. 1867–1885.","mla":"Rossel, Jost, et al. “Security Implications of Malicious G-Codes in 3D Printing.” <i>Proceedings of the 34th USENIX Security Symposium</i>, 2025, pp. 1867–85."},"oa":"1","date_updated":"2025-08-22T10:34:24Z","author":[{"first_name":"Jost","id":"58331","full_name":"Rossel, Jost","orcid":"0000-0002-3182-4059","last_name":"Rossel"},{"first_name":"Vladislav","full_name":"Mladenov, Vladislav","last_name":"Mladenov"},{"last_name":"Wördenweber","full_name":"Wördenweber, Nico","first_name":"Nico"},{"first_name":"Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","full_name":"Somorovsky, Juraj","id":"83504"}],"conference":{"name":"34th USENIX Security Symposium","start_date":"2025-08-13","end_date":"2025-08-15","location":"Seattle, WA, USA"},"main_file_link":[{"url":"https://www.usenix.org/conference/usenixsecurity25/presentation/rossel","open_access":"1"}],"publication":"Proceedings of the 34th USENIX Security Symposium","abstract":[{"lang":"eng","text":"The rapid growth of 3D printing technology has transformed a wide range of industries, enabling the on-demand production of complex objects, from aerospace components to medical devices. However, this technology also introduces significant security challenges. Previous research highlighted the security implications of G-Codes—commands used to control the printing process. These studies assumed powerful attackers and focused on manipulations of the printed models, leaving gaps in understanding the full attack potential.\r\n\r\nIn this study, we systematically analyze security threats associated with 3D printing, focusing specifically on vulnerabilities caused by G-Code commands. We introduce attacks and attacker models that assume a less powerful adversary than traditionally considered, broadening the scope of potential security threats. Our findings show that even minimal access to the 3D printer can result in significant security breaches, such as unauthorized access to subsequent print jobs or persistent misconfiguration of the printer. We identify 278 potentially malicious G-Codes across the attack categories Information Disclosure, Denial of Service, and Model Manipulation. Our evaluation demonstrates the applicability of these attacks across various 3D printers and their firmware. Our findings underscore the need for a better standardization process of G-Codes and corresponding security best practices.\r\n"}],"file":[{"date_updated":"2025-02-17T11:13:10Z","date_created":"2025-02-17T11:10:31Z","creator":"jrossel","file_size":1562838,"file_name":"Security_Analysis_of_G_Codes.pdf","file_id":"58660","access_level":"open_access","content_type":"application/pdf","relation":"main_file"}],"ddc":["000"],"language":[{"iso":"eng"}],"quality_controlled":"1","year":"2025","date_created":"2025-02-17T11:12:17Z","title":"Security Implications of Malicious G-Codes in 3D Printing"},{"status":"public","file":[{"relation":"main_file","content_type":"application/pdf","access_level":"open_access","file_name":"paper.pdf","file_id":"61465","file_size":333869,"date_created":"2025-09-29T13:41:18Z","creator":"snhebrok","date_updated":"2025-09-29T13:46:49Z"},{"file_name":"ae.pdf","file_id":"61466","access_level":"open_access","file_size":162464,"creator":"snhebrok","date_created":"2025-09-29T13:41:27Z","date_updated":"2025-09-29T13:46:49Z","relation":"supplementary_material","content_type":"application/pdf"},{"content_type":"application/pdf","relation":"poster","date_updated":"2025-09-29T13:46:49Z","creator":"snhebrok","date_created":"2025-09-29T13:41:41Z","file_size":535577,"file_id":"61467","file_name":"poster.pdf","access_level":"open_access"},{"content_type":"application/pdf","relation":"slides","date_created":"2025-09-29T13:42:04Z","creator":"snhebrok","date_updated":"2025-09-29T13:46:49Z","file_name":"slides.pdf","access_level":"open_access","file_id":"61468","file_size":3057223}],"publication":"34th USENIX Security Symposium","type":"conference","ddc":["000"],"file_date_updated":"2025-09-29T13:46:49Z","language":[{"iso":"eng"}],"_id":"60970","department":[{"_id":"632"}],"user_id":"55616","year":"2025","citation":{"ama":"Hebrok SN, Storm TL, Cramer FM, Radoy MM, Somorovsky J. STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. In: <i>34th USENIX Security Symposium</i>. ; 2025.","chicago":"Hebrok, Sven Niclas, Tim Leonhard Storm, Felix Matthias Cramer, Maximilian Manfred Radoy, and Juraj Somorovsky. “STEK Sharing Is Not Caring: Bypassing TLS Authentication in Web Servers Using Session Tickets.” In <i>34th USENIX Security Symposium</i>, 2025.","ieee":"S. N. Hebrok, T. L. Storm, F. M. Cramer, M. M. Radoy, and J. Somorovsky, “STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets,” 2025.","apa":"Hebrok, S. N., Storm, T. L., Cramer, F. M., Radoy, M. M., &#38; Somorovsky, J. (2025). STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets. <i>34th USENIX Security Symposium</i>.","bibtex":"@inproceedings{Hebrok_Storm_Cramer_Radoy_Somorovsky_2025, title={STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets}, booktitle={34th USENIX Security Symposium}, author={Hebrok, Sven Niclas and Storm, Tim Leonhard and Cramer, Felix Matthias and Radoy, Maximilian Manfred and Somorovsky, Juraj}, year={2025} }","short":"S.N. Hebrok, T.L. Storm, F.M. Cramer, M.M. Radoy, J. Somorovsky, in: 34th USENIX Security Symposium, 2025.","mla":"Hebrok, Sven Niclas, et al. “STEK Sharing Is Not Caring: Bypassing TLS Authentication in Web Servers Using Session Tickets.” <i>34th USENIX Security Symposium</i>, 2025."},"has_accepted_license":"1","title":"STEK Sharing is Not Caring: Bypassing TLS Authentication in Web Servers using Session Tickets","main_file_link":[{"url":"https://www.usenix.org/conference/usenixsecurity25/presentation/hebrok","open_access":"1"}],"oa":"1","date_updated":"2025-09-29T13:46:49Z","author":[{"first_name":"Sven Niclas","orcid":"0009-0006-1172-1665","last_name":"Hebrok","id":"55616","full_name":"Hebrok, Sven Niclas"},{"full_name":"Storm, Tim Leonhard","id":"74914","orcid":"0009-0001-2681-1624","last_name":"Storm","first_name":"Tim Leonhard"},{"last_name":"Cramer","full_name":"Cramer, Felix Matthias","first_name":"Felix Matthias"},{"id":"68826","full_name":"Radoy, Maximilian Manfred","last_name":"Radoy","orcid":"0009-0005-3059-6823","first_name":"Maximilian Manfred"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"}],"date_created":"2025-08-21T13:43:47Z"},{"has_accepted_license":"1","year":"2025","citation":{"chicago":"Niere, Niklas, Felix Lange, Nico Heitmann, and Juraj Somorovsky. “Encrypted Client Hello (ECH) in Censorship Circumvention,” 2025.","ieee":"N. Niere, F. Lange, N. Heitmann, and J. Somorovsky, “Encrypted Client Hello (ECH) in Censorship Circumvention,” presented at the Free and Open Communications on the Internet, Washington, D.C., 2025.","ama":"Niere N, Lange F, Heitmann N, Somorovsky J. Encrypted Client Hello (ECH) in Censorship Circumvention. In: ; 2025.","apa":"Niere, N., Lange, F., Heitmann, N., &#38; Somorovsky, J. (2025). <i>Encrypted Client Hello (ECH) in Censorship Circumvention</i>. Free and Open Communications on the Internet, Washington, D.C.","mla":"Niere, Niklas, et al. <i>Encrypted Client Hello (ECH) in Censorship Circumvention</i>. 2025.","short":"N. Niere, F. Lange, N. Heitmann, J. Somorovsky, in: 2025.","bibtex":"@inproceedings{Niere_Lange_Heitmann_Somorovsky_2025, title={Encrypted Client Hello (ECH) in Censorship Circumvention}, author={Niere, Niklas and Lange, Felix and Heitmann, Nico and Somorovsky, Juraj}, year={2025} }"},"oa":"1","date_updated":"2025-10-23T14:26:38Z","date_created":"2025-07-03T07:14:00Z","author":[{"id":"63563","full_name":"Niere, Niklas","last_name":"Niere","first_name":"Niklas"},{"last_name":"Lange","full_name":"Lange, Felix","id":"67893","first_name":"Felix"},{"first_name":"Nico","last_name":"Heitmann","orcid":"0009-0003-7687-7044","full_name":"Heitmann, Nico","id":"74619"},{"full_name":"Somorovsky, Juraj","id":"83504","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","first_name":"Juraj"}],"title":"Encrypted Client Hello (ECH) in Censorship Circumvention","conference":{"end_date":"2025-07-14","location":"Washington, D.C.","name":"Free and Open Communications on the Internet","start_date":"2025-07-14"},"main_file_link":[{"url":"https://www.petsymposium.org/foci/2025/foci-2025-0016.pdf","open_access":"1"}],"type":"conference","abstract":[{"text":"Censors have long censored Transport Layer Security (TLS) traffic by inspecting the domain name in the unencrypted Server Name Indication (SNI) extension. By encrypting the SNI extension, the Encrypted ClientHello (ECH) prevents censors from blocking TLS traffic to certain domains. Despite this promising outlook, ECH’s current capability to contest TLS censorship is unclear; for instance, Russia has started censoring ECH connections successfully. This paper clarifies ECH’s current role for TLS censorship. To this end, we evaluate servers’ support for ECH and its analysis and subsequent blocking by censors. We determine Cloudflare as the only major provider supporting ECH. Additionally, we affirm previously known ECH censorship in Russia and uncover indirect censorship of ECH through encrypted DNS censorship in China and Iran. Our findings suggest that ECH’s contribution to censorship circumvention is currently limited: we consider ECH’s dependence on encrypted DNS especially challenging for ECH’s capability to circumvent censorship. We stress the importance of censorship-resistant ECH to solve the long-known problem of SNI-based TLS censorship.","lang":"eng"}],"status":"public","file":[{"content_type":"application/pdf","relation":"main_file","date_updated":"2025-10-23T14:26:38Z","creator":"nniklas","date_created":"2025-07-03T07:11:14Z","file_size":755171,"access_level":"open_access","file_id":"60505","file_name":"foci-2025-0016.pdf"}],"_id":"60503","user_id":"63563","keyword":["censorship","circumvention","ECH","TLS"],"ddc":["006"],"file_date_updated":"2025-10-23T14:26:38Z","language":[{"iso":"eng"}]},{"publication":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","type":"conference","status":"public","abstract":[{"text":"Vulnerability disclosures are necessary to improve the security of our digital ecosystem. However, they can also be challenging for researchers: it may be hard to find out who the affected parties even are, or how to contact them. Researchers may be ignored or face adversity when disclosing vulnerabilities. We investigate researchers' experiences with vulnerability disclosures, extract best practices, and make recommendations for researchers, institutions that employ them, industry, and regulators to enable effective vulnerability disclosures.","lang":"eng"}],"user_id":"58331","_id":"62738","language":[{"iso":"eng"}],"keyword":["software vulnerabilities","vulnerability disclosure","security research"],"publication_status":"published","citation":{"apa":"Sri Ramulu, H., Rotthaler, A. L., Rossel, J., Gonzalez Rodriguez, R., Wermke, D., Fahl, S., Kohno, T., Somorovsky, J., &#38; Acar, Y. (2025). Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures. <i>Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security</i>. <a href=\"https://doi.org/10.1145/3719027.3760723\">https://doi.org/10.1145/3719027.3760723</a>","bibtex":"@inproceedings{Sri Ramulu_Rotthaler_Rossel_Gonzalez Rodriguez_Wermke_Fahl_Kohno_Somorovsky_Acar_2025, title={Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures}, DOI={<a href=\"https://doi.org/10.1145/3719027.3760723\">10.1145/3719027.3760723</a>}, booktitle={Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security}, publisher={ACM}, author={Sri Ramulu, Harshini and Rotthaler, Anna Lena and Rossel, Jost and Gonzalez Rodriguez, Rachel and Wermke, Dominik and Fahl, Sascha and Kohno, Tadayoshi and Somorovsky, Juraj and Acar, Yasemin}, year={2025} }","short":"H. Sri Ramulu, A.L. Rotthaler, J. Rossel, R. Gonzalez Rodriguez, D. Wermke, S. Fahl, T. Kohno, J. Somorovsky, Y. Acar, in: Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2025.","mla":"Sri Ramulu, Harshini, et al. “Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures.” <i>Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security</i>, ACM, 2025, doi:<a href=\"https://doi.org/10.1145/3719027.3760723\">10.1145/3719027.3760723</a>.","ama":"Sri Ramulu H, Rotthaler AL, Rossel J, et al. Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures. In: <i>Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security</i>. ACM; 2025. doi:<a href=\"https://doi.org/10.1145/3719027.3760723\">10.1145/3719027.3760723</a>","ieee":"H. Sri Ramulu <i>et al.</i>, “Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures,” 2025, doi: <a href=\"https://doi.org/10.1145/3719027.3760723\">10.1145/3719027.3760723</a>.","chicago":"Sri Ramulu, Harshini, Anna Lena Rotthaler, Jost Rossel, Rachel Gonzalez Rodriguez, Dominik Wermke, Sascha Fahl, Tadayoshi Kohno, Juraj Somorovsky, and Yasemin Acar. “Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures.” In <i>Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security</i>. ACM, 2025. <a href=\"https://doi.org/10.1145/3719027.3760723\">https://doi.org/10.1145/3719027.3760723</a>."},"year":"2025","date_created":"2025-12-02T08:48:00Z","author":[{"first_name":"Harshini","id":"99000","full_name":"Sri Ramulu, Harshini","orcid":"0000-0002-0000-5843","last_name":"Sri Ramulu"},{"last_name":"Rotthaler","full_name":"Rotthaler, Anna Lena","id":"97843","first_name":"Anna Lena"},{"first_name":"Jost","full_name":"Rossel, Jost","id":"58331","last_name":"Rossel","orcid":"0000-0002-3182-4059"},{"first_name":"Rachel","full_name":"Gonzalez Rodriguez, Rachel","last_name":"Gonzalez Rodriguez"},{"first_name":"Dominik","last_name":"Wermke","full_name":"Wermke, Dominik"},{"full_name":"Fahl, Sascha","last_name":"Fahl","first_name":"Sascha"},{"first_name":"Tadayoshi","full_name":"Kohno, Tadayoshi","last_name":"Kohno"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"},{"last_name":"Acar","full_name":"Acar, Yasemin","id":"94636","first_name":"Yasemin"}],"date_updated":"2025-12-02T08:54:18Z","oa":"1","publisher":"ACM","doi":"10.1145/3719027.3760723","conference":{"end_date":"2025-10-17","start_date":"2025-10-13"},"main_file_link":[{"open_access":"1","url":"https://dl.acm.org/doi/10.1145/3719027.3760723"}],"title":"Poster: Computer Security Researchers' Experiences with Vulnerability Disclosures"},{"publication":"Applied Cryptography and Network Security","type":"conference","status":"public","abstract":[{"text":"Video conferencing systems have become an indispensable part of our world. Using video conferencing systems implies the expectation that online meetings run as smoothly as in-person meetings. Thus, online meetings need to be just as secure and private as in-person meetings, which are secured against disruptive factors and unauthorized persons by physical access control mechanisms.\r\n\r\nTo show the security dangers of conferencing systems and raise general awareness when using these technologies, we analyze the security of two widely used research and education open-source video conferencing systems: BigBlueButton and eduMEET. Because both systems are very different, we analyzed their architectures, considering the respective components with their main tasks, features, and user roles. In the following systematic security analyses, we found 50 vulnerabilities. These include broken access control, NoSQL injection, and denial of service (DoS). The vulnerabilities have root causes of different natures. While BigBlueButton has a lot of complexity due to many components, eduMEET, which is relatively young, focuses more on features than security. The sheer amount of results and the lack of prior work indicate a research gap that needs to be closed since video conferencing systems continue to play a significant role in research, education, and everyday life.","lang":"eng"}],"department":[{"_id":"632"}],"user_id":"74619","_id":"54437","language":[{"iso":"eng"}],"publication_status":"published","citation":{"ieee":"N. Heitmann, H. Siewert, S. Moog, and J. Somorovsky, “Security Analysis of BigBlueButton and eduMEET,” Abu Dhabi, 2024, doi: <a href=\"https://doi.org/10.1007/978-3-031-54776-8_8\">10.1007/978-3-031-54776-8_8</a>.","chicago":"Heitmann, Nico, Hendrik Siewert, Sven Moog, and Juraj Somorovsky. “Security Analysis of BigBlueButton and EduMEET.” In <i>Applied Cryptography and Network Security</i>. Cham: Springer Nature Switzerland, 2024. <a href=\"https://doi.org/10.1007/978-3-031-54776-8_8\">https://doi.org/10.1007/978-3-031-54776-8_8</a>.","ama":"Heitmann N, Siewert H, Moog S, Somorovsky J. Security Analysis of BigBlueButton and eduMEET. In: <i>Applied Cryptography and Network Security</i>. Springer Nature Switzerland; 2024. doi:<a href=\"https://doi.org/10.1007/978-3-031-54776-8_8\">10.1007/978-3-031-54776-8_8</a>","mla":"Heitmann, Nico, et al. “Security Analysis of BigBlueButton and EduMEET.” <i>Applied Cryptography and Network Security</i>, Springer Nature Switzerland, 2024, doi:<a href=\"https://doi.org/10.1007/978-3-031-54776-8_8\">10.1007/978-3-031-54776-8_8</a>.","short":"N. Heitmann, H. Siewert, S. Moog, J. Somorovsky, in: Applied Cryptography and Network Security, Springer Nature Switzerland, Cham, 2024.","bibtex":"@inproceedings{Heitmann_Siewert_Moog_Somorovsky_2024, place={Cham}, title={Security Analysis of BigBlueButton and eduMEET}, DOI={<a href=\"https://doi.org/10.1007/978-3-031-54776-8_8\">10.1007/978-3-031-54776-8_8</a>}, booktitle={Applied Cryptography and Network Security}, publisher={Springer Nature Switzerland}, author={Heitmann, Nico and Siewert, Hendrik and Moog, Sven and Somorovsky, Juraj}, year={2024} }","apa":"Heitmann, N., Siewert, H., Moog, S., &#38; Somorovsky, J. (2024). Security Analysis of BigBlueButton and eduMEET. <i>Applied Cryptography and Network Security</i>. <a href=\"https://doi.org/10.1007/978-3-031-54776-8_8\">https://doi.org/10.1007/978-3-031-54776-8_8</a>"},"year":"2024","place":"Cham","date_created":"2024-05-23T11:15:39Z","author":[{"last_name":"Heitmann","id":"74619","full_name":"Heitmann, Nico","first_name":"Nico"},{"first_name":"Hendrik","last_name":"Siewert","full_name":"Siewert, Hendrik"},{"last_name":"Moog","full_name":"Moog, Sven","first_name":"Sven"},{"first_name":"Juraj","full_name":"Somorovsky, Juraj","id":"83504","orcid":"0000-0002-3593-7720","last_name":"Somorovsky"}],"publisher":"Springer Nature Switzerland","date_updated":"2024-05-23T11:20:29Z","conference":{"start_date":"2024-03-05","end_date":"2024-03-08","location":"Abu Dhabi"},"doi":"10.1007/978-3-031-54776-8_8","main_file_link":[{"url":"https://link.springer.com/content/pdf/10.1007/978-3-031-54776-8_8.pdf"}],"title":"Security Analysis of BigBlueButton and eduMEET"},{"place":"Bristol","citation":{"apa":"Müller, P., Niere, N., Lange, F., &#38; Somorovsky, J. (2024). Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling. <i>Proceedings on Privacy Enhancing Technologies</i>. Free and Open Communications on the Internet 2024 , Bristol.","short":"P. Müller, N. Niere, F. Lange, J. Somorovsky, in: Proceedings on Privacy Enhancing Technologies, Bristol, 2024.","mla":"Müller, Philipp, et al. “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling.” <i>Proceedings on Privacy Enhancing Technologies</i>, 2024.","bibtex":"@inproceedings{Müller_Niere_Lange_Somorovsky_2024, place={Bristol}, title={Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling}, booktitle={Proceedings on Privacy Enhancing Technologies}, author={Müller, Philipp and Niere, Niklas and Lange, Felix and Somorovsky, Juraj}, year={2024} }","ama":"Müller P, Niere N, Lange F, Somorovsky J. Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling. In: <i>Proceedings on Privacy Enhancing Technologies</i>. ; 2024.","ieee":"P. Müller, N. Niere, F. Lange, and J. Somorovsky, “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling,” presented at the Free and Open Communications on the Internet 2024 , Bristol, 2024.","chicago":"Müller, Philipp, Niklas Niere, Felix Lange, and Juraj Somorovsky. “Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling.” In <i>Proceedings on Privacy Enhancing Technologies</i>. Bristol, 2024."},"publication_status":"published","has_accepted_license":"1","main_file_link":[{"open_access":"1","url":"https://www.petsymposium.org/foci/2024/foci-2024-0012.pdf"}],"conference":{"start_date":"2024-07-15","name":"Free and Open Communications on the Internet 2024 ","location":"Bristol","end_date":"2024-07-15"},"oa":"1","date_updated":"2024-07-09T07:49:59Z","author":[{"last_name":"Müller","full_name":"Müller, Philipp","first_name":"Philipp"},{"full_name":"Niere, Niklas","id":"63563","last_name":"Niere","first_name":"Niklas"},{"first_name":"Felix","id":"67893","full_name":"Lange, Felix","last_name":"Lange"},{"first_name":"Juraj","id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"}],"status":"public","type":"conference","file_date_updated":"2024-07-09T07:42:54Z","_id":"55137","user_id":"67893","department":[{"_id":"632"}],"year":"2024","quality_controlled":"1","title":"Turning Attacks into Advantages: Evading HTTP Censorship with HTTP Request Smuggling","date_created":"2024-07-09T07:49:37Z","abstract":[{"lang":"eng","text":"Many countries limit their residents' access to various websites. As a substantial number of these websites do not support TLS encryption, censorship of unencrypted HTTP requests remains prevalent. Accordingly, circumvention techniques can and have been found for the HTTP protocol. In this paper, we infer novel circumvention techniques on the HTTP layer from a web security vulnerability by utilizing HTTP request smuggling (HRS). To demonstrate the viability of our techniques, we collected various test vectors from previous work about HRS and evaluated them on popular web servers and censors in China, Russia, and Iran. Our findings show that HRS can be successfully employed as a censorship circumvention technique against multiple censors and web servers. We also discover a standard-compliant circumvention technique in Russia, unusually inconsistent censorship in China, and an implementation bug in Iran. The results of this work imply that censorship circumvention techniques can successfully be constructed from existing vulnerabilities. We conjecture that this implication provides insights to the censorship circumvention community beyond the viability of specific techniques presented in this work."}],"file":[{"relation":"main_file","content_type":"application/pdf","file_id":"55139","access_level":"open_access","file_name":"Turning Attacks into Advantages_ Evading HTTP Censorship with HTTP Request Smuggling - foci-2024-0012.pdf","file_size":189676,"date_created":"2024-07-09T07:42:54Z","creator":"flange","date_updated":"2024-07-09T07:42:54Z"}],"publication":"Proceedings on Privacy Enhancing Technologies","ddc":["006"],"keyword":["censorship","censorship circumvention","http","http request smuggling"],"language":[{"iso":"eng"}]},{"year":"2024","place":"Cham","citation":{"ama":"Radoy MM, Hebrok SN, Somorovsky J. In Search of Partitioning Oracle Attacks Against TLS Session Tickets. In: <i>Lecture Notes in Computer Science</i>. Springer Nature Switzerland; 2024. doi:<a href=\"https://doi.org/10.1007/978-3-031-70896-1_16\">10.1007/978-3-031-70896-1_16</a>","ieee":"M. M. Radoy, S. N. Hebrok, and J. Somorovsky, “In Search of Partitioning Oracle Attacks Against TLS Session Tickets,” in <i>Lecture Notes in Computer Science</i>, Cham: Springer Nature Switzerland, 2024.","chicago":"Radoy, Maximilian Manfred, Sven Niclas Hebrok, and Juraj Somorovsky. “In Search of Partitioning Oracle Attacks Against TLS Session Tickets.” In <i>Lecture Notes in Computer Science</i>. Cham: Springer Nature Switzerland, 2024. <a href=\"https://doi.org/10.1007/978-3-031-70896-1_16\">https://doi.org/10.1007/978-3-031-70896-1_16</a>.","apa":"Radoy, M. M., Hebrok, S. N., &#38; Somorovsky, J. (2024). In Search of Partitioning Oracle Attacks Against TLS Session Tickets. In <i>Lecture Notes in Computer Science</i>. Springer Nature Switzerland. <a href=\"https://doi.org/10.1007/978-3-031-70896-1_16\">https://doi.org/10.1007/978-3-031-70896-1_16</a>","mla":"Radoy, Maximilian Manfred, et al. “In Search of Partitioning Oracle Attacks Against TLS Session Tickets.” <i>Lecture Notes in Computer Science</i>, Springer Nature Switzerland, 2024, doi:<a href=\"https://doi.org/10.1007/978-3-031-70896-1_16\">10.1007/978-3-031-70896-1_16</a>.","bibtex":"@inbook{Radoy_Hebrok_Somorovsky_2024, place={Cham}, title={In Search of Partitioning Oracle Attacks Against TLS Session Tickets}, DOI={<a href=\"https://doi.org/10.1007/978-3-031-70896-1_16\">10.1007/978-3-031-70896-1_16</a>}, booktitle={Lecture Notes in Computer Science}, publisher={Springer Nature Switzerland}, author={Radoy, Maximilian Manfred and Hebrok, Sven Niclas and Somorovsky, Juraj}, year={2024} }","short":"M.M. Radoy, S.N. Hebrok, J. Somorovsky, in: Lecture Notes in Computer Science, Springer Nature Switzerland, Cham, 2024."},"publication_identifier":{"isbn":["9783031708954","9783031708961"],"issn":["0302-9743","1611-3349"]},"publication_status":"published","title":"In Search of Partitioning Oracle Attacks Against TLS Session Tickets","doi":"10.1007/978-3-031-70896-1_16","date_updated":"2024-10-07T13:38:28Z","publisher":"Springer Nature Switzerland","author":[{"first_name":"Maximilian Manfred","full_name":"Radoy, Maximilian Manfred","id":"68826","last_name":"Radoy","orcid":"0009-0005-3059-6823"},{"first_name":"Sven Niclas","orcid":"0009-0006-1172-1665","last_name":"Hebrok","full_name":"Hebrok, Sven Niclas","id":"55616"},{"first_name":"Juraj","id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"}],"date_created":"2024-09-06T07:06:14Z","status":"public","publication":"Lecture Notes in Computer Science","type":"book_chapter","language":[{"iso":"eng"}],"_id":"56079","department":[{"_id":"632"}],"user_id":"68826"},{"language":[{"iso":"eng"}],"keyword":["SSL","TLS","DTLS","Protocol State Fuzzing","Planning Based"],"user_id":"67893","department":[{"_id":"632"}],"_id":"57816","status":"public","abstract":[{"lang":"eng","text":"TLS-Attacker is an open-source framework for analyzing Transport\r\nLayer Security (TLS) implementations. The framework allows users\r\nto specify custom protocol flows and provides modification hooks to\r\nmanipulate message contents. Since its initial publication in 2016 by\r\nJuraj Somorovsky, TLS-Attacker has been used in numerous studies\r\npublished at well-established conferences and helped to identify\r\nvulnerabilities in well-known open-source TLS libraries. To enable\r\nautomated analyses, TLS-Attacker has grown into a suite of projects,\r\neach designed as a building block that can be applied to facilitate\r\nvarious analysis methodologies. The framework still undergoes\r\ncontinuous improvements with feature extensions, such as DTLS\r\n1.3 or the addition of new dialects such as QUIC, to continue its\r\neffectiveness and relevancy as a security analysis framework."}],"type":"conference","publication":"Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)","conference":{"location":"Hawaii","end_date":"2024-12-13","start_date":"2024-12-09","name":"Annual Computer Security Applications Conference"},"title":"TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations","date_created":"2024-12-17T11:25:14Z","author":[{"first_name":"Fabian","full_name":"Bäumer, Fabian","last_name":"Bäumer"},{"full_name":"Brinkmann, Marcus","last_name":"Brinkmann","first_name":"Marcus"},{"full_name":"Erinola, Nurullah","last_name":"Erinola","first_name":"Nurullah"},{"first_name":"Sven Niclas","id":"55616","full_name":"Hebrok, Sven Niclas","last_name":"Hebrok","orcid":"0009-0006-1172-1665"},{"first_name":"Nico","orcid":"0009-0003-7687-7044","last_name":"Heitmann","full_name":"Heitmann, Nico","id":"74619"},{"first_name":"Felix","full_name":"Lange, Felix","id":"67893","last_name":"Lange"},{"full_name":"Maehren, Marcel","last_name":"Maehren","first_name":"Marcel"},{"full_name":"Merget, Robert","last_name":"Merget","first_name":"Robert"},{"first_name":"Niklas","id":"63563","full_name":"Niere, Niklas","last_name":"Niere"},{"orcid":"0009-0005-3059-6823","last_name":"Radoy","full_name":"Radoy, Maximilian Manfred","id":"68826","first_name":"Maximilian Manfred"},{"last_name":"Schmidt","full_name":"Schmidt, Conrad","first_name":"Conrad"},{"first_name":"Jörg","last_name":"Schwenk","full_name":"Schwenk, Jörg"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"}],"date_updated":"2025-02-27T08:02:30Z","citation":{"mla":"Bäumer, Fabian, et al. “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations.” <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>, 2024.","short":"F. Bäumer, M. Brinkmann, N. Erinola, S.N. Hebrok, N. Heitmann, F. Lange, M. Maehren, R. Merget, N. Niere, M.M. Radoy, C. Schmidt, J. Schwenk, J. Somorovsky, in: Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24), 2024.","bibtex":"@inproceedings{Bäumer_Brinkmann_Erinola_Hebrok_Heitmann_Lange_Maehren_Merget_Niere_Radoy_et al._2024, title={TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations}, booktitle={Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)}, author={Bäumer, Fabian and Brinkmann, Marcus and Erinola, Nurullah and Hebrok, Sven Niclas and Heitmann, Nico and Lange, Felix and Maehren, Marcel and Merget, Robert and Niere, Niklas and Radoy, Maximilian Manfred and et al.}, year={2024} }","apa":"Bäumer, F., Brinkmann, M., Erinola, N., Hebrok, S. N., Heitmann, N., Lange, F., Maehren, M., Merget, R., Niere, N., Radoy, M. M., Schmidt, C., Schwenk, J., &#38; Somorovsky, J. (2024). TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations. <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>. Annual Computer Security Applications Conference, Hawaii.","ieee":"F. Bäumer <i>et al.</i>, “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations,” presented at the Annual Computer Security Applications Conference, Hawaii, 2024.","chicago":"Bäumer, Fabian, Marcus Brinkmann, Nurullah Erinola, Sven Niclas Hebrok, Nico Heitmann, Felix Lange, Marcel Maehren, et al. “TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations.” In <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>, 2024.","ama":"Bäumer F, Brinkmann M, Erinola N, et al. TLS-Attacker: A Dynamic Framework for Analyzing TLS Implementations. In: <i>Proceedings of Cybersecurity Artifacts Competition and Impact Award (ACSAC ’24)</i>. ; 2024."},"year":"2024","quality_controlled":"1"},{"publication_status":"published","citation":{"chicago":"Niere, Niklas, Sven Niclas Hebrok, Juraj Somorovsky, and Robert Merget. “Poster: Circumventing the GFW with TLS Record Fragmentation.” In <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>. ACM, 2023. <a href=\"https://doi.org/10.1145/3576915.3624372\">https://doi.org/10.1145/3576915.3624372</a>.","ieee":"N. Niere, S. N. Hebrok, J. Somorovsky, and R. Merget, “Poster: Circumventing the GFW with TLS Record Fragmentation,” 2023, doi: <a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>.","ama":"Niere N, Hebrok SN, Somorovsky J, Merget R. Poster: Circumventing the GFW with TLS Record Fragmentation. In: <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>. ACM; 2023. doi:<a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>","apa":"Niere, N., Hebrok, S. N., Somorovsky, J., &#38; Merget, R. (2023). Poster: Circumventing the GFW with TLS Record Fragmentation. <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>. <a href=\"https://doi.org/10.1145/3576915.3624372\">https://doi.org/10.1145/3576915.3624372</a>","mla":"Niere, Niklas, et al. “Poster: Circumventing the GFW with TLS Record Fragmentation.” <i>Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security</i>, ACM, 2023, doi:<a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>.","short":"N. Niere, S.N. Hebrok, J. Somorovsky, R. Merget, in: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2023.","bibtex":"@inproceedings{Niere_Hebrok_Somorovsky_Merget_2023, title={Poster: Circumventing the GFW with TLS Record Fragmentation}, DOI={<a href=\"https://doi.org/10.1145/3576915.3624372\">10.1145/3576915.3624372</a>}, booktitle={Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security}, publisher={ACM}, author={Niere, Niklas and Hebrok, Sven Niclas and Somorovsky, Juraj and Merget, Robert}, year={2023} }"},"year":"2023","date_created":"2023-12-15T07:34:24Z","author":[{"id":"63563","full_name":"Niere, Niklas","last_name":"Niere","first_name":"Niklas"},{"full_name":"Hebrok, Sven Niclas","id":"55616","last_name":"Hebrok","orcid":"0009-0006-1172-1665","first_name":"Sven Niclas"},{"full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"},{"last_name":"Merget","full_name":"Merget, Robert","first_name":"Robert"}],"publisher":"ACM","date_updated":"2024-04-02T12:17:18Z","doi":"10.1145/3576915.3624372","title":"Poster: Circumventing the GFW with TLS Record Fragmentation","type":"conference","publication":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","status":"public","abstract":[{"text":"State actors around the world censor the HTTPS protocol to block access to certain websites. While many circumvention strategies utilize the TCP layer only little emphasis has been placed on the analysis of TLS-a complex protocol and integral building block of HTTPS. In contrast to the TCP layer, circumvention methods on the TLS layer do not require root privileges since TLS operates on the application layer. With this proposal, we want to motivate a deeper analysis of TLS in regard to censorship circumvention techniques. To prove the existence of such techniques, we present TLS record fragmentation as a novel circumvention technique and circumvent the Great Firewall of China (GFW) using this technique. We hope that our research fosters collaboration between censorship and TLS researchers.","lang":"eng"}],"user_id":"83504","department":[{"_id":"632"}],"_id":"49654","language":[{"iso":"eng"}]},{"date_updated":"2023-06-21T06:49:56Z","oa":"1","author":[{"id":"55616","full_name":"Hebrok, Sven Niclas","last_name":"Hebrok","first_name":"Sven Niclas"},{"first_name":"Simon","last_name":"Nachtigall","full_name":"Nachtigall, Simon"},{"last_name":"Maehren","full_name":"Maehren, Marcel","first_name":"Marcel"},{"first_name":"Nurullah","full_name":"Erinola, Nurullah","last_name":"Erinola"},{"first_name":"Robert","full_name":"Merget, Robert","last_name":"Merget"},{"first_name":"Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","id":"83504","full_name":"Somorovsky, Juraj"},{"full_name":"Schwenk, Jörg","last_name":"Schwenk","first_name":"Jörg"}],"date_created":"2023-03-22T08:15:42Z","title":"We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets","main_file_link":[{"open_access":"1","url":"https://www.usenix.org/conference/usenixsecurity23/presentation/hebrok"}],"year":"2023","citation":{"ama":"Hebrok SN, Nachtigall S, Maehren M, et al. We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets. In: <i>32nd USENIX Security Symposium</i>. ; 2023.","ieee":"S. N. Hebrok <i>et al.</i>, “We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets,” 2023.","chicago":"Hebrok, Sven Niclas, Simon Nachtigall, Marcel Maehren, Nurullah Erinola, Robert Merget, Juraj Somorovsky, and Jörg Schwenk. “We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets.” In <i>32nd USENIX Security Symposium</i>, 2023.","apa":"Hebrok, S. N., Nachtigall, S., Maehren, M., Erinola, N., Merget, R., Somorovsky, J., &#38; Schwenk, J. (2023). We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets. <i>32nd USENIX Security Symposium</i>.","mla":"Hebrok, Sven Niclas, et al. “We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets.” <i>32nd USENIX Security Symposium</i>, 2023.","short":"S.N. Hebrok, S. Nachtigall, M. Maehren, N. Erinola, R. Merget, J. Somorovsky, J. Schwenk, in: 32nd USENIX Security Symposium, 2023.","bibtex":"@inproceedings{Hebrok_Nachtigall_Maehren_Erinola_Merget_Somorovsky_Schwenk_2023, title={We Really Need to Talk About Session Tickets: A Large-Scale Analysis of Cryptographic Dangers with TLS Session Tickets}, booktitle={32nd USENIX Security Symposium}, author={Hebrok, Sven Niclas and Nachtigall, Simon and Maehren, Marcel and Erinola, Nurullah and Merget, Robert and Somorovsky, Juraj and Schwenk, Jörg}, year={2023} }"},"_id":"43060","user_id":"83504","department":[{"_id":"632"}],"language":[{"iso":"eng"}],"type":"conference","publication":"32nd USENIX Security Symposium","status":"public"},{"title":"Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth","date_created":"2023-08-15T12:21:05Z","publisher":"IEEE","year":"2023","quality_controlled":"1","language":[{"iso":"eng"}],"ddc":["000"],"keyword":["Defense-in-Depth","Human Factors","Production Engineering","Product Design","Systems Engineering"],"file":[{"content_type":"application/pdf","relation":"main_file","date_created":"2024-09-05T13:00:09Z","creator":"jrossel","date_updated":"2024-09-05T13:00:09Z","file_name":"Re_envisioning_Industrial_Control_Systems_security.pdf","access_level":"closed","file_id":"56077","file_size":197727}],"abstract":[{"lang":"eng","text":"The security of Industrial Control Systems is relevant both for reliable production system operations and for high-quality throughput in terms of manufactured products. Security measures are designed, operated and maintained by different roles along product and production system lifecycles. Defense-in-Depth as a paradigm builds upon the assumption that breaches are unavoidable. The paper at hand provides an analysis of roles, corresponding Human Factors and their relevance for data theft and sabotage attacks. The resulting taxonomy is reflected by an example related to Additive Manufacturing. The results assist in both designing and redesigning Industrial Control System as part of an entire production system so that Defense-in-Depth with regard to Human Factors is built in by design."}],"publication":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","main_file_link":[{"url":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10190647"}],"doi":"10.1109/eurospw59978.2023.00048","conference":{"start_date":"2023-07-03","name":"2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)","location":"Delft, Netherlands","end_date":"2023-07-07"},"author":[{"first_name":"Jens","id":"405","full_name":"Pottebaum, Jens","orcid":"http://orcid.org/0000-0001-8778-2989","last_name":"Pottebaum"},{"first_name":"Jost","full_name":"Rossel, Jost","id":"58331","last_name":"Rossel","orcid":"0000-0002-3182-4059"},{"orcid":"0000-0002-3593-7720","last_name":"Somorovsky","id":"83504","full_name":"Somorovsky, Juraj","first_name":"Juraj"},{"full_name":"Acar, Yasemin","id":"94636","last_name":"Acar","first_name":"Yasemin"},{"id":"111","full_name":"Fahr, René","last_name":"Fahr","first_name":"René"},{"full_name":"Arias Cabarcos, Patricia","id":"92804","last_name":"Arias Cabarcos","first_name":"Patricia"},{"first_name":"Eric","orcid":"0000-0003-3470-3647","last_name":"Bodden","id":"59256","full_name":"Bodden, Eric"},{"full_name":"Gräßler, Iris","id":"47565","last_name":"Gräßler","orcid":"0000-0001-5765-971X","first_name":"Iris"}],"date_updated":"2025-07-16T11:06:47Z","citation":{"chicago":"Pottebaum, Jens, Jost Rossel, Juraj Somorovsky, Yasemin Acar, René Fahr, Patricia Arias Cabarcos, Eric Bodden, and Iris Gräßler. “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth.” In <i>2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW)</i>, 379–85. IEEE, 2023. <a href=\"https://doi.org/10.1109/eurospw59978.2023.00048\">https://doi.org/10.1109/eurospw59978.2023.00048</a>.","ieee":"J. Pottebaum <i>et al.</i>, “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth,” in <i>2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW)</i>, Delft, Netherlands, 2023, pp. 379–385, doi: <a href=\"https://doi.org/10.1109/eurospw59978.2023.00048\">10.1109/eurospw59978.2023.00048</a>.","ama":"Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: <i>2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW)</i>. IEEE; 2023:379-385. doi:<a href=\"https://doi.org/10.1109/eurospw59978.2023.00048\">10.1109/eurospw59978.2023.00048</a>","mla":"Pottebaum, Jens, et al. “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth.” <i>2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW)</i>, IEEE, 2023, pp. 379–85, doi:<a href=\"https://doi.org/10.1109/eurospw59978.2023.00048\">10.1109/eurospw59978.2023.00048</a>.","bibtex":"@inproceedings{Pottebaum_Rossel_Somorovsky_Acar_Fahr_Arias Cabarcos_Bodden_Gräßler_2023, title={Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth}, DOI={<a href=\"https://doi.org/10.1109/eurospw59978.2023.00048\">10.1109/eurospw59978.2023.00048</a>}, booktitle={2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW)}, publisher={IEEE}, author={Pottebaum, Jens and Rossel, Jost and Somorovsky, Juraj and Acar, Yasemin and Fahr, René and Arias Cabarcos, Patricia and Bodden, Eric and Gräßler, Iris}, year={2023}, pages={379–385} }","short":"J. Pottebaum, J. Rossel, J. Somorovsky, Y. Acar, R. Fahr, P. Arias Cabarcos, E. Bodden, I. Gräßler, in: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW), IEEE, 2023, pp. 379–385.","apa":"Pottebaum, J., Rossel, J., Somorovsky, J., Acar, Y., Fahr, R., Arias Cabarcos, P., Bodden, E., &#38; Gräßler, I. (2023). Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. <i>2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&#38;PW)</i>, 379–385. <a href=\"https://doi.org/10.1109/eurospw59978.2023.00048\">https://doi.org/10.1109/eurospw59978.2023.00048</a>"},"page":"379-385","publication_status":"published","has_accepted_license":"1","file_date_updated":"2024-09-05T13:00:09Z","user_id":"58331","department":[{"_id":"34"},{"_id":"152"},{"_id":"76"},{"_id":"632"},{"_id":"858"}],"_id":"46500","status":"public","type":"conference"},{"file":[{"relation":"main_file","content_type":"application/pdf","file_id":"48065","file_name":"Security_Analysis_of_the_3mf_Data_Format.pdf","access_level":"open_access","file_size":1054999,"date_created":"2023-10-16T03:48:08Z","creator":"jrossel","date_updated":"2024-09-05T11:14:40Z"}],"abstract":[{"lang":"eng","text":"3D printing is a well-established technology with rapidly increasing usage scenarios both in the industry and consumer context. The growing popularity of 3D printing has also attracted security researchers, who have analyzed possibilities for weakening 3D models or stealing intellectual property from 3D models. We extend these important aspects and provide the first comprehensive security analysis of 3D printing data formats. We performed our systematic study on the example of the 3D Manufacturing Format (3MF), which offers a large variety of features that could lead to critical attacks. Based on 3MF’s features, we systematized three attack goals: Data Exfiltration (dex), Denial of Service, and UI Spoofing (uis). We achieve these goals by exploiting the complexity of 3MF, which is based on the Open Packaging Conventions (OPC) format and uses XML to define 3D models. In total, our analysis led to 352 tests. To create and run these tests automatically, we implemented an open-source tool named 3MF Analyzer (tool), which helped us evaluate 20 applications."}],"publication":"Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses","language":[{"iso":"eng"}],"ddc":["000"],"keyword":["Data Format Security","3D Manufacturing Format","3D Printing","Additive Manufacturing"],"year":"2023","quality_controlled":"1","title":"Security Analysis of the 3MF Data Format","date_created":"2023-10-11T13:42:09Z","publisher":"ACM","status":"public","type":"conference","file_date_updated":"2024-09-05T11:14:40Z","user_id":"58331","department":[{"_id":"632"}],"_id":"48012","citation":{"ama":"Rossel J, Mladenov V, Somorovsky J. Security Analysis of the 3MF Data Format. In: <i>Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses</i>. ACM; 2023. doi:<a href=\"https://doi.org/10.1145/3607199.3607216\">10.1145/3607199.3607216</a>","ieee":"J. Rossel, V. Mladenov, and J. Somorovsky, “Security Analysis of the 3MF Data Format,” presented at the 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hongkong, 2023, doi: <a href=\"https://doi.org/10.1145/3607199.3607216\">10.1145/3607199.3607216</a>.","chicago":"Rossel, Jost, Vladislav Mladenov, and Juraj Somorovsky. “Security Analysis of the 3MF Data Format.” In <i>Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses</i>. ACM, 2023. <a href=\"https://doi.org/10.1145/3607199.3607216\">https://doi.org/10.1145/3607199.3607216</a>.","bibtex":"@inproceedings{Rossel_Mladenov_Somorovsky_2023, title={Security Analysis of the 3MF Data Format}, DOI={<a href=\"https://doi.org/10.1145/3607199.3607216\">10.1145/3607199.3607216</a>}, booktitle={Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses}, publisher={ACM}, author={Rossel, Jost and Mladenov, Vladislav and Somorovsky, Juraj}, year={2023} }","short":"J. Rossel, V. Mladenov, J. Somorovsky, in: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, ACM, 2023.","mla":"Rossel, Jost, et al. “Security Analysis of the 3MF Data Format.” <i>Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses</i>, ACM, 2023, doi:<a href=\"https://doi.org/10.1145/3607199.3607216\">10.1145/3607199.3607216</a>.","apa":"Rossel, J., Mladenov, V., &#38; Somorovsky, J. (2023). Security Analysis of the 3MF Data Format. <i>Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses</i>. 26th International Symposium on Research in Attacks, Intrusions and Defenses, Hongkong. <a href=\"https://doi.org/10.1145/3607199.3607216\">https://doi.org/10.1145/3607199.3607216</a>"},"publication_status":"published","has_accepted_license":"1","main_file_link":[{"url":"https://dl.acm.org/doi/abs/10.1145/3607199.3607216"}],"conference":{"name":"26th International Symposium on Research in Attacks, Intrusions and Defenses","start_date":"2023-10-16","end_date":"2023-10-18","location":"Hongkong"},"doi":"10.1145/3607199.3607216","author":[{"first_name":"Jost","id":"58331","full_name":"Rossel, Jost","last_name":"Rossel","orcid":"0000-0002-3182-4059"},{"first_name":"Vladislav","last_name":"Mladenov","full_name":"Mladenov, Vladislav"},{"first_name":"Juraj","full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"}],"oa":"1","date_updated":"2025-07-16T11:06:49Z"},{"user_id":"83504","department":[{"_id":"632"}],"_id":"32572","language":[{"iso":"eng"}],"type":"conference","publication":"Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)","status":"public","date_created":"2022-08-03T11:02:10Z","author":[{"full_name":"Mayer, Peter","last_name":"Mayer","first_name":"Peter"},{"first_name":"Damian","last_name":"Poddebniak","full_name":"Poddebniak, Damian"},{"first_name":"Konstantin","full_name":"Fischer, Konstantin","last_name":"Fischer"},{"first_name":"Marcus","full_name":"Brinkmann, Marcus","last_name":"Brinkmann"},{"id":"83504","full_name":"Somorovsky, Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","first_name":"Juraj"},{"full_name":"Sasse, Angela","last_name":"Sasse","first_name":"Angela"},{"first_name":"Sebastian","full_name":"Schinzel, Sebastian","last_name":"Schinzel"},{"full_name":"Volkamer, Melanie","last_name":"Volkamer","first_name":"Melanie"}],"date_updated":"2024-04-02T12:19:28Z","publisher":"USENIX Association","title":"\"I don' know why I check this...\" - Investigating Expert Users' Strategies to Detect Email Signature Spoofing Attacks","publication_identifier":{"isbn":["978-1-939133-30-4"]},"citation":{"ieee":"P. Mayer <i>et al.</i>, “‘I don’ know why I check this...’ - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks,” in <i>Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)</i>, 2022, pp. 77–96.","chicago":"Mayer, Peter, Damian Poddebniak, Konstantin Fischer, Marcus Brinkmann, Juraj Somorovsky, Angela Sasse, Sebastian Schinzel, and Melanie Volkamer. “‘I Don’ Know Why I Check This...’ - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks.” In <i>Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)</i>, 77–96. Boston, MA: USENIX Association, 2022.","ama":"Mayer P, Poddebniak D, Fischer K, et al. “I don’ know why I check this...” - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks. In: <i>Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)</i>. USENIX Association; 2022:77–96.","apa":"Mayer, P., Poddebniak, D., Fischer, K., Brinkmann, M., Somorovsky, J., Sasse, A., Schinzel, S., &#38; Volkamer, M. (2022). “I don’ know why I check this...” - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks. <i>Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)</i>, 77–96.","short":"P. Mayer, D. Poddebniak, K. Fischer, M. Brinkmann, J. Somorovsky, A. Sasse, S. Schinzel, M. Volkamer, in: Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022), USENIX Association, Boston, MA, 2022, pp. 77–96.","bibtex":"@inproceedings{Mayer_Poddebniak_Fischer_Brinkmann_Somorovsky_Sasse_Schinzel_Volkamer_2022, place={Boston, MA}, title={“I don’ know why I check this...” - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks}, booktitle={Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)}, publisher={USENIX Association}, author={Mayer, Peter and Poddebniak, Damian and Fischer, Konstantin and Brinkmann, Marcus and Somorovsky, Juraj and Sasse, Angela and Schinzel, Sebastian and Volkamer, Melanie}, year={2022}, pages={77–96} }","mla":"Mayer, Peter, et al. “‘I Don’ Know Why I Check This...’ - Investigating Expert Users’ Strategies to Detect Email Signature Spoofing Attacks.” <i>Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)</i>, USENIX Association, 2022, pp. 77–96."},"page":"77–96","place":"Boston, MA","year":"2022"},{"status":"public","type":"conference","publication":"31st USENIX Security Symposium (USENIX Security 22)","language":[{"iso":"eng"}],"_id":"32573","user_id":"83504","department":[{"_id":"632"}],"year":"2022","place":"Boston, MA","citation":{"apa":"Maehren, M., Nieting, P., Hebrok, S. N., Merget, R., Somorovsky, J., &#38; Schwenk, J. (2022). TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries. <i>31st USENIX Security Symposium (USENIX Security 22)</i>.","mla":"Maehren, Marcel, et al. “TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries.” <i>31st USENIX Security Symposium (USENIX Security 22)</i>, USENIX Association, 2022.","bibtex":"@inproceedings{Maehren_Nieting_Hebrok_Merget_Somorovsky_Schwenk_2022, place={Boston, MA}, title={TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries}, booktitle={31st USENIX Security Symposium (USENIX Security 22)}, publisher={USENIX Association}, author={Maehren, Marcel and Nieting, Philipp and Hebrok, Sven Niclas and Merget, Robert and Somorovsky, Juraj and Schwenk, Jörg}, year={2022} }","short":"M. Maehren, P. Nieting, S.N. Hebrok, R. Merget, J. Somorovsky, J. Schwenk, in: 31st USENIX Security Symposium (USENIX Security 22), USENIX Association, Boston, MA, 2022.","ama":"Maehren M, Nieting P, Hebrok SN, Merget R, Somorovsky J, Schwenk J. TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries. In: <i>31st USENIX Security Symposium (USENIX Security 22)</i>. USENIX Association; 2022.","ieee":"M. Maehren, P. Nieting, S. N. Hebrok, R. Merget, J. Somorovsky, and J. Schwenk, “TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries,” 2022.","chicago":"Maehren, Marcel, Philipp Nieting, Sven Niclas Hebrok, Robert Merget, Juraj Somorovsky, and Jörg Schwenk. “TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries.” In <i>31st USENIX Security Symposium (USENIX Security 22)</i>. Boston, MA: USENIX Association, 2022."},"title":"TLS-Anvil: Adapting Combinatorial Testing for TLS Libraries","publisher":"USENIX Association","date_updated":"2024-04-02T12:19:45Z","date_created":"2022-08-03T11:03:30Z","author":[{"last_name":"Maehren","full_name":"Maehren, Marcel","first_name":"Marcel"},{"last_name":"Nieting","full_name":"Nieting, Philipp","first_name":"Philipp"},{"first_name":"Sven Niclas","full_name":"Hebrok, Sven Niclas","id":"55616","orcid":"0009-0006-1172-1665","last_name":"Hebrok"},{"full_name":"Merget, Robert","last_name":"Merget","first_name":"Robert"},{"id":"83504","full_name":"Somorovsky, Juraj","last_name":"Somorovsky","orcid":"0000-0002-3593-7720","first_name":"Juraj"},{"first_name":"Jörg","last_name":"Schwenk","full_name":"Schwenk, Jörg"}]},{"title":"On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers","doi":"10.1109/spw54247.2022.9833880","date_updated":"2024-05-23T11:01:43Z","publisher":"IEEE","date_created":"2024-05-23T10:49:19Z","author":[{"first_name":"Hendrik","last_name":"Siewert","full_name":"Siewert, Hendrik"},{"first_name":"Martin","full_name":"Kretschmer, Martin","last_name":"Kretschmer"},{"full_name":"Niemietz, Marcus","last_name":"Niemietz","first_name":"Marcus"},{"first_name":"Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky","id":"83504","full_name":"Somorovsky, Juraj"}],"year":"2022","citation":{"apa":"Siewert, H., Kretschmer, M., Niemietz, M., &#38; Somorovsky, J. (2022). On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers. <i>2022 IEEE Security and Privacy Workshops (SPW)</i>. <a href=\"https://doi.org/10.1109/spw54247.2022.9833880\">https://doi.org/10.1109/spw54247.2022.9833880</a>","mla":"Siewert, Hendrik, et al. “On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers.” <i>2022 IEEE Security and Privacy Workshops (SPW)</i>, IEEE, 2022, doi:<a href=\"https://doi.org/10.1109/spw54247.2022.9833880\">10.1109/spw54247.2022.9833880</a>.","short":"H. Siewert, M. Kretschmer, M. Niemietz, J. Somorovsky, in: 2022 IEEE Security and Privacy Workshops (SPW), IEEE, 2022.","bibtex":"@inproceedings{Siewert_Kretschmer_Niemietz_Somorovsky_2022, title={On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers}, DOI={<a href=\"https://doi.org/10.1109/spw54247.2022.9833880\">10.1109/spw54247.2022.9833880</a>}, booktitle={2022 IEEE Security and Privacy Workshops (SPW)}, publisher={IEEE}, author={Siewert, Hendrik and Kretschmer, Martin and Niemietz, Marcus and Somorovsky, Juraj}, year={2022} }","chicago":"Siewert, Hendrik, Martin Kretschmer, Marcus Niemietz, and Juraj Somorovsky. “On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers.” In <i>2022 IEEE Security and Privacy Workshops (SPW)</i>. IEEE, 2022. <a href=\"https://doi.org/10.1109/spw54247.2022.9833880\">https://doi.org/10.1109/spw54247.2022.9833880</a>.","ieee":"H. Siewert, M. Kretschmer, M. Niemietz, and J. Somorovsky, “On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers,” 2022, doi: <a href=\"https://doi.org/10.1109/spw54247.2022.9833880\">10.1109/spw54247.2022.9833880</a>.","ama":"Siewert H, Kretschmer M, Niemietz M, Somorovsky J. On the Security of Parsing Security-Relevant HTTP Headers in Modern Browsers. In: <i>2022 IEEE Security and Privacy Workshops (SPW)</i>. IEEE; 2022. doi:<a href=\"https://doi.org/10.1109/spw54247.2022.9833880\">10.1109/spw54247.2022.9833880</a>"},"publication_status":"published","language":[{"iso":"eng"}],"_id":"54435","user_id":"74619","department":[{"_id":"632"}],"abstract":[{"text":"Web browsers are among the most important but also complex software solutions to access the web. It is therefore not surprising that web browsers are an attractive target for attackers. Especially in the last decade, security researchers and browser vendors have developed sandboxing mechanisms like security-relevant HTTP headers to tackle the problem of getting a more secure browser. Although the security community is aware of the importance of security-relevant HTTP headers, legacy applications and individual requests from different parties have led to possible insecure configurations of these headers. Even if specific security headers are configured correctly, conflicts in their functionalities may lead to unforeseen browser behaviors and vulnerabilities. Recently, the first work which analyzed duplicated headers and conflicts in headers was published by Calzavara et al. at USENIX Security [1]. The authors focused on inconsistent protections by using both, the HTTP header X-Frame-Options and the framing protection of the Content-Security-Policy. We extend their work by analyzing browser behaviors when parsing duplicated headers, conflicting directives, and values that do not conform to the defined ABNF metalanguage specification. We created an open-source testbed running over 19,800 test cases, at which nearly 300 test cases are executed in the set of 66 different browsers. Our work shows that browsers conform to the specification and behave securely. However, all tested browsers behave differently when it comes, for example, to parsing the Strict-Transport-Security header. Moreover, Chrome, Safari, and Firefox behave differently if the header contains a character, which is not allowed by the defined ABNF. This results in the protection mechanism being fully enforced, partially enforced, or not enforced and thus completely bypassable.","lang":"eng"}],"status":"public","type":"conference","publication":"2022 IEEE Security and Privacy Workshops (SPW)"},{"publication_identifier":{"isbn":["978-1-939133-24-3"]},"year":"2021","citation":{"ama":"Brinkmann M, Dresen C, Merget R, et al. ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication. In: <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>. {USENIX} Association; 2021:4293-4310.","ieee":"M. Brinkmann <i>et al.</i>, “ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication,” in <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, 2021, pp. 4293–4310.","chicago":"Brinkmann, Marcus, Christian Dresen, Robert Merget, Damian Poddebniak, Jens Müller, Juraj Somorovsky, Jörg Schwenk, and Sebastian Schinzel. “ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication.” In <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, 4293–4310. {USENIX} Association, 2021.","apa":"Brinkmann, M., Dresen, C., Merget, R., Poddebniak, D., Müller, J., Somorovsky, J., Schwenk, J., &#38; Schinzel, S. (2021). ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication. <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, 4293–4310.","mla":"Brinkmann, Marcus, et al. “ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication.” <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, {USENIX} Association, 2021, pp. 4293–310.","short":"M. Brinkmann, C. Dresen, R. Merget, D. Poddebniak, J. Müller, J. Somorovsky, J. Schwenk, S. Schinzel, in: 30th {USENIX} Security Symposium ({USENIX} Security 21), {USENIX} Association, 2021, pp. 4293–4310.","bibtex":"@inproceedings{Brinkmann_Dresen_Merget_Poddebniak_Müller_Somorovsky_Schwenk_Schinzel_2021, title={ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication}, booktitle={30th {USENIX} Security Symposium ({USENIX} Security 21)}, publisher={{USENIX} Association}, author={Brinkmann, Marcus and Dresen, Christian and Merget, Robert and Poddebniak, Damian and Müller, Jens and Somorovsky, Juraj and Schwenk, Jörg and Schinzel, Sebastian}, year={2021}, pages={4293–4310} }"},"page":"4293-4310","date_updated":"2022-01-06T06:57:01Z","publisher":"{USENIX} Association","author":[{"first_name":"Marcus","full_name":"Brinkmann, Marcus","last_name":"Brinkmann"},{"first_name":"Christian","full_name":"Dresen, Christian","last_name":"Dresen"},{"last_name":"Merget","full_name":"Merget, Robert","first_name":"Robert"},{"first_name":"Damian","last_name":"Poddebniak","full_name":"Poddebniak, Damian"},{"last_name":"Müller","full_name":"Müller, Jens","first_name":"Jens"},{"first_name":"Juraj","full_name":"Somorovsky, Juraj","id":"83504","last_name":"Somorovsky","orcid":"0000-0002-3593-7720"},{"first_name":"Jörg","last_name":"Schwenk","full_name":"Schwenk, Jörg"},{"full_name":"Schinzel, Sebastian","last_name":"Schinzel","first_name":"Sebastian"}],"date_created":"2021-10-04T18:53:47Z","title":"ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication","type":"conference","publication":"30th {USENIX} Security Symposium ({USENIX} Security 21)","status":"public","_id":"25331","user_id":"83504","department":[{"_id":"632"}],"language":[{"iso":"eng"}]},{"language":[{"iso":"eng"}],"user_id":"83504","department":[{"_id":"632"}],"_id":"25332","status":"public","type":"conference","publication":"30th {USENIX} Security Symposium ({USENIX} Security 21)","title":"Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)","author":[{"first_name":"Robert","full_name":"Merget, Robert","last_name":"Merget"},{"last_name":"Brinkmann","full_name":"Brinkmann, Marcus","first_name":"Marcus"},{"first_name":"Nimrod","last_name":"Aviram","full_name":"Aviram, Nimrod"},{"first_name":"Juraj","id":"83504","full_name":"Somorovsky, Juraj","orcid":"0000-0002-3593-7720","last_name":"Somorovsky"},{"first_name":"Johannes","full_name":"Mittmann, Johannes","last_name":"Mittmann"},{"last_name":"Schwenk","full_name":"Schwenk, Jörg","first_name":"Jörg"}],"date_created":"2021-10-04T18:55:36Z","publisher":"{USENIX} Association","date_updated":"2022-01-06T06:57:01Z","citation":{"apa":"Merget, R., Brinkmann, M., Aviram, N., Somorovsky, J., Mittmann, J., &#38; Schwenk, J. (2021). Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E). <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, 213–230.","mla":"Merget, Robert, et al. “Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E).” <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, {USENIX} Association, 2021, pp. 213–30.","bibtex":"@inproceedings{Merget_Brinkmann_Aviram_Somorovsky_Mittmann_Schwenk_2021, title={Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)}, booktitle={30th {USENIX} Security Symposium ({USENIX} Security 21)}, publisher={{USENIX} Association}, author={Merget, Robert and Brinkmann, Marcus and Aviram, Nimrod and Somorovsky, Juraj and Mittmann, Johannes and Schwenk, Jörg}, year={2021}, pages={213–230} }","short":"R. Merget, M. Brinkmann, N. Aviram, J. Somorovsky, J. Mittmann, J. Schwenk, in: 30th {USENIX} Security Symposium ({USENIX} Security 21), {USENIX} Association, 2021, pp. 213–230.","ieee":"R. Merget, M. Brinkmann, N. Aviram, J. Somorovsky, J. Mittmann, and J. Schwenk, “Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E),” in <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, 2021, pp. 213–230.","chicago":"Merget, Robert, Marcus Brinkmann, Nimrod Aviram, Juraj Somorovsky, Johannes Mittmann, and Jörg Schwenk. “Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E).” In <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>, 213–30. {USENIX} Association, 2021.","ama":"Merget R, Brinkmann M, Aviram N, Somorovsky J, Mittmann J, Schwenk J. Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E). In: <i>30th {USENIX} Security Symposium ({USENIX} Security 21)</i>. {USENIX} Association; 2021:213-230."},"page":"213-230","year":"2021","publication_identifier":{"isbn":["978-1-939133-24-3"]}}]