Security and Privacy Lunch

People interested in network security and privacy meet once a week over lunch break and watch videos related to security and privacy recorded at high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, NDSS, NSDI, USENIX Security, ACM SIGCOMM, ...). After the presentation, there will likely be a short discussion and brainstorming related to the presentation. This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Watching and talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

Organizational Information

  • Contact: Martin Henze
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list


  • Date: Wednesdays, 12:30-13:15h (please follow the mailing list for announcements and last minute changes)
  • Place: COMSYS seminar room (Room 9007, Ground Floor, E3 Building)
  • First meeting: Wednesday, April 4
  • Brown bag seminar, please bring your own lunch
  • Suggestions for videos are very welcome, please contact Martin Henze

Preliminary Schedule

2018-04-04Measuring Anti-Adblockers (in Room 9U10, basement of E3 building)
Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis (Shitong Zhu, Xunchao Hu, Zhiyun Qian, Zubair Shafiq, Heng Yin @ NDSS 2018)
2018-04-11Studying the Mobile Tracking Ecosystem
Apps, Trackers, Privacy, and Regulators: A Global Study of the Mobile Tracking Ecosystem (Abbas Razaghpanah, Rishab Nithyanand, Narseo Vallina-Rodriguez, Srikanth Sundaresan, Mark Allman, Christian Kreibich, Phillipa Gill @ NDSS 2018)
2018-04-25De-anonymizing Programmers from Executables
When Coding Style Survives Compilation: De-anonymizing Programmers from Executable Binaries (Aylin Caliskan, Fabian Yamaguchi, Edwin Dauber, Richard Harang, Konrad Rieck, Rachel Greenstadt, Arvind Narayanan @ NDSS 2018)
2018-05-02A Decryption Contingent for Governmental Agencies?
Crypto Crumple Zones: Protecting Encryption in a Time of Political Uncertainty (Charles V. Wright, Mayank Varia @ USENIX Enigma 2018)
2018-05-09Information Leakage of Private Browsing Sessions
Veil: Private Browsing Semantics Without Browser-side Assistance (Frank Wang, James Mickens, Nickolai Zeldovich @ NDSS 2018)
2018-05-16Is it safe to use that HTTP proxy?
A Large-scale Analysis of Content Modification by Open HTTP Proxies (Giorgos Tsirantonakis, Panagiotis Ilia, Sotiris Ioannidis, Elias Athanasopoulos, Michalis Polychronakis @ NDSS 2018)
2018-05-23Measuring Tor from Middle Relays
Inside Job: Applying Traffic Analysis to Measure Tor from Within (Rob Jansen, Marc Juarez, Rafa Galvez, Tariq Elahi, Claudia Diaz @ NDSS 2018)
2018-05-30Survey Scam Detection (shifted to 13:00h)
Surveylance: Automatically Detecting Online Survey Scams (Amin Kharraz, William Robertson, Engin Kirda @ IEEE S&P 2018)
2018-06-06Addressing Security Problems of Domain-Validated Certificates
Cloud Strife: Mitigating the Security Risks of Domain-Validated Certificates (Kevin Borgolte, Tobias Fiebig, Shuang Hao, Christopher Kruegel, Giovanni Vigna @ NDSS 2018)
2018-06-13Scaling Out Blockchain-based Systems
OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding (Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ewa Syta, Bryan Ford @ IEEE S&P 2018)
2018-06-20Security Implications of Online App Generators
The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators (Marten Oltrogge, Erik Derr, Christian Stransky, Yasemin Acar, Sascha Fahl, Christian Rossow, Giancarlo Pellegrino, Sven Bugiel, Michael Backes @ IEEE S&P 2018)
2018-06-27Tracking Ransomware
Tracking Ransomware End-to-end (Danny Yuxing Huang, Maxwell Matthaios Aliapoulios, Vector Guo Li, Luca Invernizzi, Elie Bursztein, Kylie McRoberts, Jonathan Levin, Kirill Levchenko, Alex C. Snoeren, Damon McCoy @ IEEE S&P 2018)
2018-07-04Privacy Risks with PII-based Targeting
Privacy Risks with Facebook's PII-based Targeting: Auditing a Data Broker's Advertising Interface (Giridhari Venkatadri, Athanasios Andreou, Yabing Liu, Alan Mislove, Krishna P. Gummadi, Patrick Loiseau, Oana Goga @ IEEE S&P 2018)
2018-07-11Investigating Android Custom Permissions
Resolving the Predicament of Android Custom Permissions (Güliz Seray Tuncay, Soteris Demetriou, Karan Ganju, Carl A. Gunter @ NDSS 2018)
2018-07-18Privacy-preserving Consensual Data Sharing
Consensual and Privacy-Preserving Sharing of Multi-Subject and Interdependent Data (Alexandra-Mihaela Olteanu, Kevin Huguenin, Italo Dacosta, Jean-Pierre Hubaux @ NDSS 2018)
2018-07-25Tagging Attacks on Tor Circuits (in Room 9006)
Untagging Tor: a tale of onions, raccoons, and security definitions (Jean Paul Degabriele, Martijn Stam @ RWC 2018)
2018-08-01Privacy-preserving Distributed Ledger Auditing
zkLedger: Privacy-Preserving Auditing for Distributed Ledgers (Neha Narula, Willy Vasquez, Madars Virza @ USENIX NSDI 2018)
2018-08-08Security Patches in Open-source Projects
Large-Scale Empirical Study of Security Patches (Frank Li, Vern Paxson @ ACM CCS 2017)
2018-08-15Next Generation Browser Fingerprinting
FP-STALKER: Tracking Browser Fingerprint Evolutions Along Time (Antoine Vastel, Pierre Laperdrix, Walter Rudametkin, Romain Rouvoy @ IEEE S&P 2018)
2018-08-22Anonymous Micropayment Channels
Bolt: Anonymous Payment Channels for Decentralized Currencies (Matthew Green, Ian Miers @ ACM CCS 2017)
2019-08-29Sophisticated Online Tracking
Cross-Device Tracking: Measurement and Disclosures (Justin Brookman, Phoebe Rouge, Aaron Alva, Christina Yeung @ PETS 2017)
2018-09-05Short Zero Knowledge Proofs for Cryptocurrencies (in Room 9006)
Bulletproofs: Short Proofs for Confidential Transactions and More (Benedikt Bunz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, Greg Maxwell @ IEEE S&P 2018)
2018-09-12Security Implications of Code-Signing Breaches
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI (Doowon Kim, Bum Jun Kwon, Tudor DumitraƟ @ ACM CCS 2017)
2018-09-19The State of Offline Password Cracking
On the Economics of Offline Password Cracking (Jeremiah Blocki, Benjamin Harsha, Samson Zhou @ IEEE S&P 2018)
2018-09-26Measuring Censorship
Global Measurement of DNS Manipulation (Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, Vern Paxson @ USENIX Security 2017)

 Our security and privacy lunch continues in the winter semester.

- Impressum -