Publikationen
Verbundweite Themen
Geloczi, E., Mexis, N., Holler, B., Pöhls, H. C., & Katzenbeisser, S. (2025).
IoTCat: A Multidimensional Approach to Categorize IoT Devices in order to Identify a Delegate for Cybersecurity Functions.
In M. Manulis (Ed.), Applied Cryptography and Network Security Workshops. ACNS 2025. Lecture Notes in Computer Science, Vol. 15653 (pp. 222-241). Springer.
https://doi.org/10.1007/978-3-032-01799-4_13
Pöhls, H.C., Eckhardt, D., Feist, N., Pfeiffer, S., Herrmann, D. & Katzenbeisser, S. (2025).
The Complexity of Cyber Security in Private and Professional Everyday Life — An Ethnographic-Informatic Collaborative Approach.
In A. Moallem (Ed.), HCI for Cybersecurity, Privacy and Trust. HCII 2025. Lecture Notes in Computer Science, Vol.15814 (pp. 105-124). Springer.
https://doi.org/10.1007/978-3-031-92833-8_7 
Pöhls, H. C., Kügler, F., Geloczi, E., & Klement, F. (2025).
Segmentation and Filtering Are Still the Gold Standard for Privacy in IoT — An In-Depth STRIDE and LINDDUN Analysis of Smart Homes.
Future Internet, 17(2), 1–61. MDPI.
https://www.mdpi.com/1999-5903/17/2/77/pdf
Geloczi, E., Pöhls, H.C., Klement, F., Posegga, J. & Katzenbeisser, S. (2024).
Unveiling the Shadows: An Approach towards Detection, Precise Localization, and Effective Isolation of Concealed IoT Devices in Unfamiliar Environments.
In WPES ’24: Proceedings of the 23rd Workshop on Privacy in the Electronic Society (pp. 109-123).
https://doi.org/10.1145/3689943.3695040
Eckhardt, D., Freiling, F., Herrmann, D., Katzenbeisser, S., & Pöhls, H. C. (2024).
Sicherheit in der Digitalisierung des Alltags: Definition eines ethnografisch-informatischen Forschungsfeldes für die Lösung alltäglicher Sicherheitsprobleme.
In Konferenzband der 12. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI Sicherheit 2024) (pp. 107-118). Gesellschaft für Informatik.
https://doi.org/10.18420/sicherheit2024_007
Mader, B., Eichenmüller, C., Pugliese, G., Eckhardt, D., & Benenson, Z. (2024).
I Blame Apple in Part for My False Expectations: An Autoethnographic Study of Apple’s Lockdown Mode in IOS.
Preprint, November 20, 2024.
https://doi.org/10.48550/arXiv.2411.13249
Brenner, R., Leithäuser, M., Jänich, S., & Pöhls, H. C. (2024).
Updatefähigkeit als Konstruktionsanforderung.
In RDi – Recht der Digitalisierung, 2024, 252.
Eckhardt, D., Freiling, F., Herrmann, D., Katzenbeisser, S., & Pöhls, H. C. (2023).
Sicherheit in der Digitalisierung des Alltags: Definition eines ethnografisch-informatischen Forschungsfeldes für die Lösung alltäglicher Sicherheitsprobleme (gekürzte Version).
Technischer Bericht, Univ. Passau.
https://doi.org/10.15475/sidial.2023
Klement, F., Pöhls, H. C., & Katzenbeisser, S. (2022).
Change your Car’s Filters: Efficient Concurrent and Multi-Stage Firewall for OBD-II Network Traffic.
In IEEE International Workshop on Computer-Aided Modeling and Design of Communication Links and Networks (CAMAD) (pp. 19-25). IEEE.
Klement, F., Pöhls, H. C., & Katzenbeisser, S. (2022).
Man-in-the-OBD: A modular, protocol agnostic firewall for automotive dongles to enhance privacy and security.
In W. Li, S. Furnell & W. Meng (Eds.), Attacks and Defenses for the Internet-of-Things. ADIoT 2022. Lecture Notes in Computer Science, vol 13745, 143-164. Springer.
Teilprojekt A01 – Sichere Kapselung
Geloczi, E., & Katzenbeisser, S. (2025).
Inter-Device PUFs: A Novel Paradigm for Physical Unclonable Functions.
HS3 2025: 1st Workshop on Hardware-Supported Software Security (Co-Located with ESORICS), September 25, 2025. HS3 2025, Toulouse, France. To appear.
Geloczi, E., Mexis, N. & Katzenbeisser, S. (2025).
PUSH for Security: A PUF-Based Protocol to Prevent Session Hijacking.
In V. Nicomette, A. Benzekri, N. Boulahia-Cuppens & J. Vaidya (Eds.), Computer Security – ESORICS 2025. ESORICS 2025. Lecture Notes in Computer Science, Vol. 16055. Springer.
https://doi.org/10.1007/978-3-032-07894-0_7
Geloczi, E., Klement, F., Struck, P., & Katzenbeisser, S. (2025).
SoK: Delegated Security in the Internet of Things.
Future Internet, 17(5), 202.
https://doi.org/10.3390/fi17050202
Geloczi, E., Klement, F., Gründinger, E., & Katzenbeisser, S. (2023).
Secure Stitch: Unveiling the Fabric of Security Patterns for the Internet of Things.
In R. Rios & J. Posegga (Eds.), Security and Trust Management. STM 2023. Lecture Notes in Computer Science, Vol. 14336. Springer.
https://doi.org/10.1007/978-3-031-47198-8 _4
Anagnostopoulos, N. A., Fan, Y., Saleem, M. U., Mexis, N., Geloczi, E., Klement, F., Frank, F., Schaller, A., Arul, T., & Katzenbeisser, S. (2022).
Testing Physical Unclonable Functions Implemented on Commercial Off-the-Shelf NAND Flash Memories Using Programming Disturbances.
In 2022 IEEE 12th International Conference on Consumer Electronics (ICCE-Berlin) (pp. 1–9). IEEE.
doi: 10.1109/ICCE-Berlin56473.2022.10021310
Teilprojekt A02 – Firmware-Härtung
Benoit, T., Wang, Y., Dannehl, M., & Kinder, J. (2025).
BLens: Contrastive captioning of binary functions using ensemble embedding.
In 34th USENIX Security Symposium (USENIX Security), USENIX Association.
Jänich, S. & Kinder, J.(n.d.).
Working Title: „Automated Binary Patches for n-Day Vulnerabilities in Firmware“.
Manuscript in preparation.
Teilprojekt B03 – Architekturen und Dienste
Pöhls, H.C. & Steffens, L. (2025).
Checking the Impact of Security Standardization – A Case Study on Bluetooth LE Pairing of Internet-of-Things Devices.
In ICT Systems Security and Privacy Protection – 40th IFIP SEC Conference. Springer. To appear.
Rakotondravony, N., Pöhls, H. C., Pfeifer, J., & Harrison, L. (2024).
Viz4NetSec: Visualizing Dynamic Network Security Configurations of Everyday Interconnected Objects in Home Networks.
HCI international 2024.
Pöhls, H. C. (2023).
Towards a Unified Abstract Architecture to Coherently and Generically Describe Security Goals and Risks of AI Systems.
19th International Workshop Security and Trust Management (STM) in conjunction with ESORICS. Springer.
Pöhls, H. C., Gebauer S., Scharnboeck F., Spielvogel, K., & Posegga, J. (2024).
MQfilTTr: Strengthening Smart Home Privacy through MQTT Traffic Manipulation.
In 14th WISTP International Conference on Information Security Theory and Practice (WISTP 2024), Lecture Notes in Computer Science (LNCS).
Teilprojekt B04 – Datenschutz-Bibliotheken
Stöver, A., Gerber, N., Pridöhl, H., Maass, M., Bretthauer, S. , Spiecker genannt Döhmann, I., Hollick, M., & Herrmann, D. (2023).
How Website Owners Face Privacy Issues: Thematic Analysis of Responses from a Covert Notification Study Reveals Diverse Circumstances and Challenges.
Proceedings on Privacy Enhancing Technologies, 2023(2), 251-264.
https://doi.org/10.56553/popets-2023-0051
Hennig, A., Neusser, F., Pawelek, A. A., Herrmann, D., & Mayer, P. (2022).
Standing out among the daily spam: How to catch website owners‘ attention by means of vulnerability notifications.
In Extended Abstracts of the 2022 CHI Conference on Human Factors in Computing Systems (CHI EA ’22). Association for Computing Machinery. Article 317, 1-8.
Teilprojekt B05 – Sichere Einbindung
Momeu, M., Gaidis, A. J., v.d. Heidt, J., & Kemerlis, V. P. (2025).
IUBIK: Isolating User Bytes in Commodity Operating System Kernels via Memory Tagging Extensions.
In 2025 IEEE Symposium on Security and Privacy (SP), 867-885.
https://doi.org/10.1109/SP61157.2025.00135
Momeu, M., Kilger, F., Roemheld, C., Schnückel, S., Proskurin, S., Polychronakis, M., & Kemerlis, V. P. (2024).
ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels.
In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIA CCS), 1159-1172.
https://doi.org/10.1145/3634737.3644994
Momeu, M., Schnückel, S., Angnis, K., Polychronakis, M., & Kemerlis, V. P. (2024).
Safeslab: Mitigating use-after-free vulnerabilities via memory protection keys.
In Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security (CCS ’24), 1345–1359.
https://doi.org/10.1145/3658644.3670279
Teilprojekt C06 – Datenschutz-Analyse
Weinberger, L., Eichenmüller, C., Gassmann, F., Pugliese, G., & Benenson, Z. (2024).
Used, Avoided, Restricted? Perceptions, Behavior, and Changes in Video Conferencing of German-speaking Users During and After the Pandemic.
European Symposium on Usable Security (EuroUSEC 2024, September 30 & October 1, 2024, Karlstad, Sweden).
Eichhorn, M., & Pugliese, G. (2024).
Do You „Relay“ Want to Give Me Away? – Forensic Cues of Smart Relays and Their IoT Companion Apps.
DFRWS APAC 2024: Digital Forensics Research Conference Asia-Pacific (October ’24, Brisbane, Australia).
Crasselt, J., & Pugliese, G. (2024).
Started Off Local, Now We’re in the Cloud: Forensic Examination of the Amazon Echo Show 15 Smart Display.
DFRWS USA 2024: Digital Forensics Research Conference USA (July ’24, Baton Rouge, Louisiana, USA).
Stachak, M., Geus, J., Pugliese, G., & Freiling, F. (2024).
Nyon Unchained: Forensic Analysis of Bosch’s eBike Board Computers.
DFRWS EU 2024: Digital Forensics Research Conference Europe (March ’24, Zaragoza, Spain).
Best Student Paper Award – DFRWS EU-Konferenz 2024
Eichhorn, M., Schneider, J., & Pugliese, G. (2024).
Well Played, Suspect! – Forensic Examination of the Handheld Gaming Console “Steam Deck”.
DFRWS EU 2024: Digital Forensics Research Conference Europe (March ’24, Zaragoza, Spain).
Weinberger, L., Eichenmüller, C., & Benenson, Z. (2023).
Interplay of Security, Privacy and Usability in Videoconferencing.
Extended Abstracts of the ACM CHI Conference on Human Factors in Computing Systems, 2023.
Freiling, F. (2023).
Zum Umgang mit Erkenntnissen der IT-Sicherheitsforschung.
In S. Golla & D. Brodowski (Eds.), IT-Sicherheitsforschung und IT-Strafrecht (pp. 21-33). Mohr Siebeck.
Benenson, Z. (2022).
Gestaltung menschengerechter IT-Sicherheit.
In Cyber Security. Gesellschaft für Informatik e.V., Vol. 46, 7-12.
Teilprojekt C07 – Updatepflicht und -berechtigung
Leithäuser, M. (2025).
Nachträgliche Drosselung eines Batteriespeichers als Sachmangel.
In RDi – Recht der Digitalisierung, 2025, 269.
Riehm, T., Leithäuser, M. & Brenner, R. (2024).
Vertragliche Ansprüche auf Sicherheitsaktualisierungen?
In B. Raue (Ed.), Digitale Resilienz: Effektives Recht auf sichere Software (pp. 5-37). Schriften des IRDT | Trier Studies on Digital Law.
Brenner, R. (2024).
Software im Fokus der neuen Produkthaftungsrichtlinie.
In RDi – Recht der Digitalisierung, 2024, 345.
Brenner, R., Leithäuser, M., Jänich, S., & Pöhls, H. C. (2024).
Updatefähigkeit als Konstruktionsanforderung.
In RDi – Recht der Digitalisierung, 2024, 252.
Leithäuser, M. (2023).
Nachträgliche Mängel beim Softwarekauf.
In RDi – Recht der Digitalisierung, 2023, 274.
Riehm, T. (2022).
Digitale Dienstleistungen.
In RDi – Recht der Digitalisierung, 2022, 209.
Teilprojekt C08 – Alltagsdigitalisierung: Akzeptanz – Kompetenz – Prozesse
Eckhardt, D. (2025).
Unterwegs(sein) Feldnotieren. Kritzeln, Jotten, Headnoting als mobile Methoden für mobile Feldwissenschaften.
In M. Naumann & A. Strüver (Eds.), Handbuch Mobile Methoden in der Sozial- und Raumforschung (pp. 265-276). utb.
Eckhardt, D. (2025).
Das Partineum: Ein ethnografischer Ort zur Wissens- und Denkstilteilhabe.
Zeitschrift für Empirische Kulturwissenschaft, 121(1), 28-47.
https://doi.org/10.31244/zekw/2025/01.03
Eckhardt, D., Feist, N., & Pfeiffer, S. (2024).
Work Based Human Factor: Vom Mensch als Störfaktor zum Mensch als Sicherheitsgewährleister.
In Bundesamt für Sicherheit in der Informationstechnik (Ed.), Cybernation Deutschland. Kooperation gewinnt. Die Themen des 20. Deutschen IT-Sicherheitskongresses. 20. Deutscher IT-Sicherheitskongress.
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Veranstaltungen/ITSiKongress/20ter/Kongressdokumentation_2024.pdf?__blob=publicationFile&v=5
Dendler, L., Nicklich, M., Pfeiffer, S., & Schulze, A. (2024).
Systemic Risks and Organizational Challenges in Transformative Processes: ‘Cybersecurity’ in the Food Field.
In E. Weik, C. Land & R. Hartz (Eds.), The Handbook of Organizing Economic, Ecological and Societal Transformation (pp. 165–188). De Gruyter.
https://doi.org/10.1515/9783110986945-009
Eckhardt, D. (2023).
Ethnografisches Feldnotieren in digitalen Feldern: Perspektiven einer Wissens- und Arbeitspraxis.
Kulturanthropologie Notizen, 85, 52-77.
https://doi.org/10.21248/ka-notizen.85.21