Security and Privacy Lunch

People interested in network security and privacy meet once a week over lunch break and watch videos related to security and privacy recorded at high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, NDSS, NSDI, USENIX Security, ACM SIGCOMM, ...). After the presentation, there will likely be a short discussion and brainstorming related to the presentation. This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Watching and talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

Organizational Information

  • Contact: Martin Henze
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list


  • Date: Thursdays, 12:30-13:15h (please follow the mailing list for announcements and last minute changes)
  • Place: COMSYS seminar room (Room 9007, Ground Floor, E3 Building)
  • First meeting: Thursday, October 11
  • Brown bag seminar, please bring your own lunch
  • Suggestions for videos are very welcome, please contact Martin Henze

Our security and privacy lunch continues in the summer semester.

Preliminary Schedule

2018-10-11 How to Hide a Secret During Forced Access
BurnBox: Self-Revocable Encryption in a World Of Compelled Access (Nirvan Tyagi, Muhammad Haris Mughees, Thomas Ristenpart, Ian Miers @ USENIX Security 2018)
2018-10-18 Energy Grids under Attack
BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid (Saleh Soltan, Prateek Mittal, H. Vincent Poor @ USENIX Security 2018)
2018-10-25 Hiding your Network Topology
NetHide: Secure and Practical Network Topology Obfuscation (Roland Meier, Petar Tsankov, Vincent Lenders, Laurent Vanbever, Martin Vechev @ USENIX Security 2018)
2018-11-01 Cancelled - All Saints' Day
2018-11-08 Defeating all? existing Card Skimmers
Fear the Reaper: Characterization and Fast Detection of Card Skimmers (Nolen Scaife, Christian Peeters, Patrick Traynor @ USENIX Security 2018)
2018-11-15 On the Perception and Usage of Tor Hidden Services
How Do Tor Users Interact With Onion Services? (Philipp Winter, Annie Edmundson, Laura Roberts, Agnieszka Dutkowska-Zuk, Marshini Chetty, Nick Feamster @ USENIX Security 2018)
(in Room 9U10, basement of E3 building)
2018-11-22 Hijacking Content Delivery Network Traffic
End-Users Get Maneuvered: Empirical Analysis of Redirection Hijacking in Content Delivery Networks (Shuai Hao, Yubao Zhang, Haining Wang, Angelos Stavrou @ USENIX Security 2018)
2018-11-29 Dissecting Censorship on Application-Layer
Quack: Scalable Remote Measurement of Application-Layer Censorship (Benjamin VanderSloot, Allison McDonald, Will Scott, J. Alex Halderman, Roya Ensafi @ USENIX Security 2018)
2018-12-06 Scalable, Private Smart Contracts
Arbitrum: Scalable, Private Smart Contracts (Harry Kalodner, Steven Goldfeder, Xiaoqi Chen, S. Matthew Weinberg, Edward W. Felten @ USENIX Security 2018)
2018-12-13 Silently Controlling Alexa and Friends
Inaudible Voice Commands: The Long-Range Attack and Defense (Sheng Shen, Nirupam Roy, Haitham Hassanieh, Romit Roy Choudhury @ USENIX NSDI 2018)
2018-12-20 CCC on-site talk: How reliable is video identification?
Circumventing video identification using augmented reality (Jan Garcia, Trial Talk for 35C3 2018)
(Special Session)
2018-12-27 Cancelled - winter break
2019-01-03 Vulnerabilities in end-to-end Email Encryption
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels (Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, Jörg Schwenk @ USENIX Security 2018)
2019-01-10 Evolvement of the TLS Ecosystem
Coming of Age: A Longitudinal Study of TLS Deployment (Platon Kotzias, Abbas Razaghpanah, Johanna Amann, Kenneth G. Paterson, Narseo Vallina-Rodriguez, Juan Caballero @ ACM IMC 2018)
2019-01-17 Is Zcash Really Anonymous?
An Empirical Analysis of Anonymity in Zcash (George Kappos, Haaroon Yousaf, Mary Maller, Sarah Meiklejohn @ USENIX Security 2018)
2019-01-24 Evading automated detection
When Does Machine Learning FAIL? Generalized Transferability for Evasion and Poisoning Attacks (Octavian Suciu, Radu Marginean, Yigitcan Kaya, Hal Daume III, Tudor Dumitras @ USENIX Security 2018)
2019-01-31 Comparing Deep Learning Fingerprinting Approaches to state-of-the-art Classifiers
Automated Website Fingerprinting through Deep Learning (Vera Rimmer, Davy Preuveneers, Marc Juarez, Tom Van Goethem, Wouter Joosen @ NDSS 2018)
2019-02-07 Deploying Secure Multi-Party Computation for Social Good
Deploying MPC for Social Good (Andrei Lapets, Frederick Jansen, Lucy Qin, Kinan Dak Albab, Peter Flockhart, Rawane Issa, Mayank Varia, Azer Bestavros @ RWC 2019)
2019-02-14 Information Leakage via Side Channels in Binaries
DATA – Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries (Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, Georg Sigl @ USENIX Security 2018)
2019-02-21 A Public Log for Internet Certificates
The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem (Quirin Scheitle, Oliver Gasser, Johanna Amann, Lexi Brent, Georg Carle, Ralph Holz, Thomas C. Schmidt, Matthias Wählisch @ ACM IMC 2018)
2019-02-28 Cancelled - Fat Thursday
2019-03-07 Influence of App Development on Privacy Leaks
Bug Fixes, Improvements, ... and Privacy Leaks - A Longitudinal Study of PII Leaks Across Android App Versions (Jingjing Ren, Martina Lindorfer, Daniel J. Dubois, Ashwin Rao, David Choffnes, Narseo Vallina-Rodriguez @ NDSS 2018)
2019-03-14 Cancelled - Chair retreat
2019-03-21 Understanding security mistakes developers make
Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It (Daniel Votipka, Kelsey Fulton, James Parker, Matthew Hou, Michelle Mazurek, Mike Hicks @ RWC 2019)
2019-03-28 What You Corrupt Is Not What You Crash
What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (Marius Muench, Jan Stijohann, Frank Kargl, Aurelien Francillon, Davide Balzarotti @ NDSS 2018)
- Impressum | Datenschutz -