Security and Privacy Lunch

People interested in network security and privacy meet once a week over lunch break and watch videos related to security and privacy recorded at high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, NDSS, NSDI, USENIX Security, ACM SIGCOMM, ...). After the presentation, there will likely be a short discussion and brainstorming related to the presentation. This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Watching and talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

Organizational Information

  • Contact: Markus Dahlmanns
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list


  • Date: Thursdays, 12:30-13:15h (please follow the mailing list for announcements and last minute changes)
  • Place: COMSYS seminar room (Room 9007, Ground Floor, E3 Building)
  • First meeting: Thursday, April 4
  • Brown bag seminar, please bring your own lunch
  • Suggestions for videos are very welcome, please contact Markus Dahlmanns

 Our security and privacy lunch continues in the winter semester.

Preliminary Schedule

Preliminary Schedule

2019-04-04 Privacy Implications of Email Tracking
I never signed up for this! Privacy implications of email tracking (Steven Englehardt, Jeffrey Han, and Arvind Narayanan @ PETS 2018)
2019-04-11 On the Darknet Value of Sensitive Data
Learning from the Dark Web Dimension of Data (Munish Walther-Puri @ Enigma 2019)
2019-04-18 See No Evil, Hear No Evil, Feel No Evil, Print No Evil?
See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing (Christian Bayens, Tuan Le, Luis Garcia, Raheem Beyah, Mehdi Javanmard, Saman Zonouz @ USENIX Security 2017)
2019-04-25 Privacy Leaks in IoT Apps
If This Then What?: Controlling Flows in IoT Apps (Iulia Bastys, Musard Balliu, Andrei Sabelfeld @ ACM CCS 2018)
Live Talk: Lightweight Dispute Resolution for Ethereum
Dispute Resolution for Smart Contract-based Two Party Protocols (Eric Wagner, Trial Talk for IEEE ICBC 2019)
Special Session
A Blockchain-based Data Market
Building a Secure Data Market on Blockchain (Noah Johnson @ USENIX Enigma 2019)
What Group Chats of WhatsApp, Signal, Telegram, etc. do not offer you – Secure Asynchronous Group Messaging
On Ends-to-Ends Encryption: Asynchronous Group Messaging with Strong Security Guarantees (Katriel Cohn-Gordon, Cas Cremers, Luke Garratt, Jon Millican, Kevin Milner @ ACM CCS 2018)
You've Got Vulnerability
You've Got Vulnerability - Exploring Effective Vulnerability Notifications (Frank Li, Zakir Durumeric, Jakub Czyz, Michael Bailey, Damon McCoy, Stefan Savage, Vern Paxson @ USENIX Security 2016)
Cancelled - Ascension Day
Preserving Privacy in the Age of HD
Balancing Image Privacy and Usability with Thumbnail-Preserving Encryption (Kimia Tajik, Akshith Gunasekaran, Rhea Dutta, Brandon Ellis, Rakesh B. Bobba, Mike Rosulek, Charles V. Wright, Wu-chi Feng @ NDSS 2019)
Simplified Secure Socket API: Support Developers in Using TLS the Right Way
The Secure Socket API: TLS as an Operating System Service (Mark O'Neill, Scott Heidbrink, Jordan Whitehead, Tanner Perdue, Luke Dickinson, Torstein Collett, Nick Bonner, Kent Seamons, and Daniel Zappala @ USENIX Security 2018)
Cancelled - Corpus Christi
Private Information Leakage from Public GitHub Repositories
How Bad Can It Git? Characterizing Secret Leakage in Public GitHub Repositories (Michael Meli, Matthew R. McNiece, Bradley Reaves @ NDSS 2019)
CT as case study for deploying ecosystem-wide changes with minimal end user impact
Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate (Emily Stark, Ryan Sleevi, Rijad Muminovic, Devon O'Brien, Eran Messeri, Adrienne Porter Felt, Brendan McMillion, Parisa Tabriz @ IEEE S&P 2019)
Impact of the European Data Protection Regulation on the Web
Value Your Privacy ... Now Take Some Cookies: Measuring the GDPR’s Impact on Web Privacy (Martin Degeling, Christine Utz, Christopher Lentzsch, Henry Hosseini, Florian Schaub, Thorsten Holz @ NDSS 2019)
Effectiveness of Cookie Policies
Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies (Gertjan Franken, Tom Van Goethem, Wouter Joosen @ USENIX Security 2018)
Dynamically Protecting our Smart Homes
IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT (Z. Berkay Celik, Gang Tan, Patrick McDaniel @ NDSS 2019)
Security on Road
Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers (Meng Luo, Pierre Laperdrix, Nima Honarmand, Nick Nikiforakis @ NDSS 2019)
Stealthy Computations in Your Web Browser
Master of Web Puppets: Abusing Web Browsers for Persistent and Stealthy Computation (Panagiotis Papadopoulos, Panagiotis Ilia, Michalis Polychronakis, Evangelos P. Markatos, Sotiris Ioannidis, Giorgos Vasiliadis @ NDSS 2019)
Defenseless Website Fingerprinting Defenses
Deep Fingerprinting: Undermining Website Fingerprinting Defenses with Deep Learning (Payap Sirinam, Mohsen Imani, Marc Juarez, Matthew Wright @ ACM CCS 2018)
Exploiting Vulnerabilities in Your System's Heart
Spectre Attacks: Exploiting Speculative Execution (Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom @ IEEE S&P 2019)
Attribute-based Revocation of Blockchain Content
Controlled Rewriting in Blockchains: Chameleon-Hashing Gone Attribute-Based (David Derler, Kai Samelin, Daniel Slamanig, Christoph Striecks @ NDSS 2019)
New Vulnerabilities in WiFi
Release the Kraken: New KRACKs in the 802.11 Standard (Mathy Vanhoef, Frank Piessens @ ACM CCS 2018)
2019-09-12 What makes 2-Factor-Authentication Necessary?
"If HTTPS Were Secure, I Wouldn't Need 2FA" - End User and Administrator Mental Models of HTTPS (Katharina Krombholz, Karoline Busse, Katharina Pfeffer, Matthew Smith, Emanuel von Zezschwitz @ IEEE S&P 2019)
2019-09-19 Privacy in the Age of Data Streams
Private Continual Release of Real-Valued Data Streams (Victor Perrier, Hassan Jameel Asghar, Dali Kaafar @ NDSS 2019)
2019-09-26 More on Geographical Avoidance for Tor
On the Challenges of Geographical Avoidance for Tor (Katharina Kohls, Kai Jansen, David Rupprecht, Thorsten Holz, Christina Pöpper @ NDSS 2019)


- Impressum | Datenschutz -