Security and Privacy Lunch

People interested in network security and privacy meet regularly over lunch break and discuss very recent research related to security and privacy from high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, NDSS, NSDI, USENIX Security, ACM SIGCOMM, ...). This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

With most restrictions regarding the pandemic lifted, we return to bi-weekly sessions in our seminar room. Join our mailing list to receive updates.

Organizational Information

  • Contact: Johannes Lohmöller
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list


  • Discussion Date: Wednesday, 12:30pm. 
  • Place: COMSYS Seminar Room, Room 9007, Building E3
  • Suggestions for videos are very welcome, please contact Johannes Lohmöller

Preliminary Schedule

Date Topic
2023-04-05 On the Security of the NFT Ecosystem
Understanding Security Issues in the NFT Ecosystem (Dipanjan Das, Priyanka Bose, Nicola Ruaro, Christopher Kruegel, Giovanni Vigna @ CCS 2022)
2023-04-19 Measuring Authentication Vulnerabilities
No keys to the kingdom required: a comprehensive investigation of missing authentication vulnerabilities in the wild (Manuel Karl, Marius Musch, Guoli Ma, Martin Johns, Sebastian Lekies @ IMC 2022)
2023-05-03 Stealthy Tracking of Mobile Phones
LTrack: Stealthy Tracking of Mobile Phones in LTEe (Martin Kotuliak, Simon Erni, Patrick Leu, Marc Röschlin, Srdjan Čapkun @ USENIX Security 2022)
2023-05-17 Recent Developments for the IPFS and Payment Channels
Total Eclipse of the Heart – Disrupting the InterPlanetary File System (Bernd Prünster, Alexander Marsalek, Thomas Zefferer @ USENIX Security 2022)
Twilight: A Differentially Private Payment Channel Network (Maya Dotan, Saar Tochner, Aviv Zohar, Yossi Gilad @ USENIX Security 2022)
2023-05-31 Cookies, Consent, and the GDPR
Checking Websites' GDPR Consent Compliance for Marketing Emails (Karel Kubicek, Jakob Merane, Carlos Cotrini, Alexander Stremitzer, Stefan Bechtold, David Basin @ PETS 2022)
My Cookie is a phoenix: detection, measurement, and lawfulness of cookie respawning with browser fingerprinting (Imane Fouad, Cristiana Santos, Arnaud Legout, Nataliia Bielova @ PETS 2022)
2023-06-14 Device Fingerprinting
Device Fingerprinting with Peripheral Timestamps (John V. Monaco @ IEEE S&P 2022)
2023-06-28 Traffic Analysis Weaknesses in Tor
Trace Oddity: Methodologies for Data-Driven Traffic Analysis on Tor (Vera Rimmer, Theodor Schnitzler, Tom Van Goethem, Abel Rodríguez Romero, Wouter Joosen, Katharina Kohls @ PETS 2022)
2023-07-12 Privacy Implications of Smart TVs
FingerprinTV: Fingerprinting Smart TV Apps (Janus Varmarken, Jad Al Aaraj, Rahmadi Trimananda, Athina Markopoulou @ PETS 2022)
Watch Over Your TV: A Security and Privacy Analysis of the Android TV ecosystem (Marcos Tileria, Jorge Blasco @ PETS 2022)
2023-07-26 Uncovered: IP Fragmentation Attacks against TCP
PMTUD is not Panacea: Revisiting IP Fragmentation Attacks against TCP (Xuewei Feng, Qi Li, Kun Sun, Ke Xu, et al. @ NDSS 2022)
2023-08-09 Certificate Pinning
A comparative analysis of certificate pinning in Android & iOS (Amogh Pradeep, Muhammad Talha Paracha, Protick Bhowmick, Ali Davanian, Abbas Razaghpanah, Taejoong Chung, Martina Lindorfer, Narseo Vallina-Rodriguez, Dave Levin, David Choffness @ IMC 2022)
2023-08-23 Attacking Biometric Authentication
DepthFake: Spoofing 3D Face Authentication with a 2D Photo (Zhihao Wu, Yushi Cheng, Jiahui Yang, Xiaoyu Ji, Wenyuan Xu @ IEEE S&P 2023)
2023-09-06 Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing
Replay (Far) Away: Exploiting and Fixing Google/Apple Exposure Notification Contact Tracing (Christopher Ellis, Haohuang Wen, Zhiqiang Lin, Anish Arora @ PETS 2022)
2023-09-20 Privacy in Apps and Medical Data
Privacy-Preserving and Efficient Verification of the Outcome in Genome-Wide Association Studies (Anisa Halimi, Leonard Dervishi, Erman Ayday, Apostolos Pyrgelis, Juan Ramon Troncoso-Pastoriza, Jean-Pierre Hubaux, Xiaoqian Jiang, Jaideep Vaidya @ PETS 2022)
How Usable Are iOS App Privacy Labels (Shikun Zhang, Yuanyuan Feng, Yaxing Yao, Lorrie Faith Cranor, Norman Sadeh @ PETS 2022)


- Impressum | Datenschutz -