Thesis Topics
Thesis Process
PhD Process
Available Theses
Ongoing Theses
Past Theses
Past PhD Theses
Permanent Services
Thesis Examiner
Oral Exams
Exchange Student Advisory Service
News & Overview
Incomings
Outgoings
Courses
Course Overview
SS 25
Seminar on Internet Technology
Seminar on Advanced Internet Technology
Proseminar Networks & Security
Proseminar Lasting Research in Networks
Software-Projektpraktikum: Practical Internet eXperience (PIX)
Security and Privacy Lunch
WS 24/25
SS 24
WS 23/24
Past Courses
Miscellaneous
Internet4Kids
Course Evaluations
Evaluations WS 24/25
Evaluations SS 24
Evaluations WS 23/24
Evaluations SS 23
Past Evaluations

Security and Privacy Lunch

People interested in network security and privacy meet regularly over lunch break and discuss very recent research related to security and privacy from high-quality scientific conferences (IEEE Security and Privacy, ACM CCS, NDSS, NSDI, USENIX Security, ACM SIGCOMM, ...). This is a great way to spend your lunch break and keep pace with cutting edge security and privacy research. Talking about scientific presentations often leads to interesting new ideas, possibly laying the foundation for your future thesis topic.

We organize bi-weekly sessions in our seminar room. Join our mailing list to receive updates and invitations a few days before the session.

Organizational Information

  • Contact: Hajeong Jeon
  • ECTS Credits: none (but you can get a certificate)
  • Audience: Anyone interested in security and privacy
  • Language: English
  • Registration: Please subscribe to our mailing list

Logistics

  • Discussion Date: Wednesday, 12:30 PM
  • Place: COMSYS Big Meeting Room, Room 9006, Building E3
  • Suggestions for videos are very welcome, please contact Hajeong Jeon

Preliminary Schedule

Date
 		Topic
 
2025-04-09
 		Intentionally Breaking End-to-End Messaging
A Real-World Law-Enforcement Breach of End-to-End Encrypted Messaging: The Case of Encrochat (Martin R. Albrecht, Sunoo Park, Douglas Stebila, Mike Specter @ RWC 24)
2025-04-23
 

2025-04-23 Wireless Aviation Attacks & Practical AI Threat Models
On a Collision Course: Unveiling Wireless Attacks to the Aircraft Traffic Collision Avoidance System (TCAS) (Giacomo Longo, Martin Strohmeier,Enrico Russo, Alessio Merlo, Vincent Lenders @ USENIX Security 24) 

Towards More Practical Threat Models in Artificial Intelligence Security (Kathrin Grosse, Lukas Bieringer, Tarek R. Besold, Alexandre M. Alahi @ USENIX Security 24)

2025-05-07
 		Your Code Editor Is Vulnerable
UntrustIDE: Exploiting Weaknesses in VS Code Extensions (Elizabeth Lin, Igibek Koishybayev, Trevor Dunlap, William Enck, Alexandros Kapravelos @ NDSS 24)
2025-05-21
 		Hybrid Attestation Neglecting TOCTOU
IDA: Hybrid Attestation with Support for Interrupts and TOCTOU (Fatemeh Arkannezhad, Justin Feng, Nader Sehatbakhsh @ NDSS 24) 
2025-06-04
 

Security Pitfalls in Mobile Payment and App Ecosystems: Authentication Loopholes and TLS Validation Risks
In Wallet We Trust: Bypassing the Digital Wallets Payment Security for Free Shopping (Raja Hasnain Anwar, Syed Rafiul Hussain, and Muhammad Taqi Raza @ USENIX Sec 24)

Racing for TLS Certificate Validation: A Hijacker's Guide to the Android TLS Galaxy (Sajjad Pourali, Xiufen Yu, Lianying Zhao, Mohammad Mannan, and Amr Youssef @ USENIX Sec 24)

2025-06-18
 

IoT Security in Reality & Network Latency Measurement Techniques
Unveiling IoT Security in Reality: A Firmware-Centric Journey (Nicolas Nino, Ruibo Lu, Wei Zhou, Kyu Hyung Lee, Ziming Zhao, Le Guan @USENIX Sec 24) 

CalcuLatency: Leveraging Cross-Layer Network Latency Measurements to Detect Proxy-Enabled Abuse (Reethika Ramesh, Philipp Winter, Sam Korman, Roya Ensafi @USENIX Sec 24)

2025-07-02
 		Internet Censorship
On Precisely Detecting Censorship Circumvention in Real-World Networks (Ryan Wails, George Arnold Sullivan, Micah Sherr, Rob Jansen @NDSS 24) 
2025-07-16
 

Your LDAP Server is Exposing Secrets & Discovering Vulnerable Deployments on Scale
LanDscAPe: Exploring LDAP Weaknesses and Data Leaks at Internet Scale (Jonas Kaspereit, Gurur Öndarö, Gustavo Luvizotto Cesar, Simon Ebbers, Fabian Ising, Christoph Saatjohann, Mattijs Jonker, Ralph Holz, and Sebastian Schinzel @USENIX Sec 24)

6Sense: Internet-Wide IPv6 Scanning and its Security Applications (Grant Williams, Mert Erdemir, Amanda Hsu, Shraddha Bhat, Abhishek Bhaskar, Frank Li, and Paul Pearce @USENIX Sec 24) 

2025-07-30
 		Membership Inference for LLMs
Did the Neurons Read your Book? Document-level Membership Inference for Large Language Models (Matthieu Meeus, Shubham Jain, Marek Rei, Yves-Alexandre de Montjoye @USENIX Sec 24) 
2025-08-13
 		Trusted Tlemetry Tool for Cloud Providers
TrustSketch: Trustworthy Sketch-based Telemetry on Cloud Hosts (Zhuo Cheng, Maria Apostolaki, Zaoxing Liu, Vyas Sekar @NDSS 24)
2025-08-27
 

Social Authentication to Replace Manual Key Authentication & Obstacles While Deploying Passwordless Authentication
SOAP: A Social Authentication Protocol (Felix Linker, David Basin @USENIX 24) 

Why Aren't We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication (Leona Lassak, Elleen Pan and Blase Ur, Maximilian Golla @USENIX 24) 

2025-09-10
 

Verified or Not That is the Question & (Media) Perception of Students in Higher Education
"I can say I'm John Travolta...but I'm not John Travolta": Investigating the Impact of Changes to Social Media Verification Policies on User Perceptions of Verified Accounts (Carson Powers, Nickolas Gravel, Christopher Pellegrini, Micah Sherr, Michelle L. Mazurek, and Daniel Votipka @SOUPS 24)

Media Portrayals of Student Privacy in Higher Education: A 2013-2023 Review (Min Cheong Kim @SOUPS 24) 

2025-09-24
 		Android Security Updates: Delays, Disparities, and the OEM Factor
50 Shades of Support: A Device-Centric Analysis of Android Security Updates (Abbas Acar, Güliz Seray Tuncay, Esteban Luques, Harun Oz, Ahmet Aris, and Selcuk Uluagac
@NDSS 24) 

 

- Impressum | Datenschutz -