Publications

This list of publications is automatically created from my BibTeX database and will be updated semi-regularly as I update that master file. If you need a PDF version of one of these publications that is not online (for various reasons), please send me an email.

For a list of citations, see e.g. my ResearchGate, Google Scholar, ACM Authorizer, Semantic Scholar, or ORCID profiles. For most of the conference papers, I have also given the presentations, and you can find my associated slides here.

(2024). BioDSSL: A Domain Specific Sensor Language for global, distributed, biometric identification systems. 12th IEEE International Conference on Intelligent Systems (IEEE IS 2024).

PDF Cite DOI

(2024). Shrinking embeddings, not accuracy: Performance-Preserving Reduction of Facial Embeddings for Complex Face Verification Computations. 14th International Conference on Pattern Recognition Systems (ICPRS 2024).

PDF Cite DOI

(2024). Cryptographers’ Feedback on the EU Digital Identity’s ARF.

PDF Cite URL

(2024). Threshold Delegatable Anonymous Credentials With Controlled and Fine-Grained Delegation. IEEE Transactions on Dependable and Secure Computing.

Cite DOI

(2024). On the critical path to implant backdoors and the effectiveness of potential mitigation techniques: Early learnings from XZ. arXiv.

Cite DOI URL

(2024). Honeyquest: Rapidly Measuring the Enticingness of Cyber Deception Techniques with Code-based Questionnaires. Proceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses.

PDF Cite DOI URL

(2024). A Data-Driven Evaluation of the Current Security State of Android Devices. 2024 IEEE Conference on Communications and Network Security (CNS).

PDF Cite DOI

(2023). Face to Face with Efficiency: Real-Time Face Recognition Pipelines on Embedded Devices. Proc. MoMM 2023: Advances in Mobile Computing and Multimedia Intelligence.

PDF Cite DOI

(2023). Anonymously Publishing Liveness Signals with Plausible Deniability. Proc. MoMM 2023: Advances in Mobile Computing and Multimedia Intelligence.

PDF Cite DOI

(2023). Mobile App Distribution Transparency (MADT): Design and evaluation of a system to mitigate necessary trust in mobile app distribution systems. Secure IT Systems. 28th Nordic Conference, NordSec 2023.

PDF Cite DOI URL

(2023). INFRASPEC – Automated Inspection of Critical Infrastructure. ERCIM NEWS- European Research Consortium for Informatics and Mathematics.

Cite

(2023). A Large-Scale Data Collection and Evaluation Framework for Android Device Security Attributes. IDIMT-2023: 31st Interdisciplinary Information Management Talks.

Cite

(2023). A Survey on Fingerprinting Technologies for Smartphones Based on Embedded Transducers. IEEE Internet of Things.

Cite DOI

(2023). Practical Delegatable Anonymous Credentials From Equivalence Class Signatures. Proceedings on Privacy Enhancing Technologies (PoPETs).

PDF Cite DOI

(2023). Efficient Aggregation of Face Embeddings for Decentralized Face Recognition Deployments. Proceedings of the 9th International Conference on Information Systems Security and Privacy (ICISSP 2023).

Cite DOI

(2023). Digitale Identitäten in der physischen Welt: Eine Abwägung von Privatsphäreschutz und Praktikabilität. HMD Praxis der Wirtschaftsinformatik.

Cite DOI

(2022). Fingerprinting Smartphones Based on Microphone Characteristics from Environment Affected Recordings. IEEE Access.

PDF Cite DOI

(2022). Evaluating Dynamic Tor Onion Services for Privacy Preserving Distributed Digital Identity Systems. Journal of Cyber Security and Mobility.

Cite DOI

(2022). Decentralized, Privacy-Preserving, Single Sign-On. Security and Communication Networks.

Cite DOI URL

(2021). Sweep-to-Unlock: Fingerprinting Smartphones based on Loudspeaker Roll-off Characteristics. IEEE Transactions on Mobile Computing.

Cite DOI URL

(2021). Adversary Models for Mobile Device Authentication. ACM Computing Surveys.

PDF Cite DOI URL

(2021). On the state of V3 onion services. Proc. FOCI ‘21: ACM SIGCOMM 2021 Workshop on Free and Open Communications on the Internet.

PDF Cite DOI URL

(2021). On the feasibility of short-lived dynamic onion services. 2021 IEEE Security and Privacy Workshops (SPW).

Cite DOI

(2021). Importance of different facial parts for face detection networks. Proc. IWBF 2021: 9th IEEE International Workshop on Biometrics and Forensics.

Cite DOI URL

(2021). The Android Platform Security Model. ACM Transactions on Privacy and Security (TOPS).

PDF Cite DOI URL

(2021). Experiences and Recommendations from Operating a Tor Exit Node at a University. Proceedings of the 7th International Conference on Information Systems Security and Privacy (ICISSP).

Cite DOI URL

(2021). Analyzing inconsistencies in the Tor consensus. Proc. iiWAS2021: The 23rd International Conference on Information Integration and Web Intelligence.

Cite DOI URL

(2020). Secure Accelerometer-based Pairing of Mobile Devices in Multi-modal Transport. IEEE Access.

Cite DOI

(2020). Privacy-preserving features in the Mobile Driving License. Google Security Blog.

Cite URL

(2020). Adversary Models for Mobile Device Authentication. arXiv:2009.10150 [cs].

Cite arXiv URL

(2020). Dynamic Taint Tracking Simulation. Proc. ICETE 2019: E-Business and Telecommunications.

Cite DOI URL

(2020). Dynamic Taint Tracking Simulation. Communications in Computer and Information Science.

Cite URL

(2020). Disposable dynamic accumulators: toward practical privacy-preserving mobile eIDs with scalable revocation. International Journal of Information Security.

Cite DOI

(2020). The not so private way of tracing contacts: A first analysis of the NOVID20 Android SDK.

PDF Cite

(2020). DAMFA: Decentralized Anonymous Multi-Factor Authentication. Proc. BSCI: International Symposium on Blockchain and Secure Critical Infrastructure.

Cite URL

(2019). CORMORANT: Ubiquitous Risk-Aware Multi-Modal Biometric Authentication across Mobile Devices. Proc. ACM Interactive, Mobile, Wearable and Ubiquitous Technologies.

Cite DOI URL

(2019). The Android Platform Security Model. arXiv:1904.05572 [cs].

Cite URL

(2019). KinPhy: A Kinetic in-Band Channel for Millimetre-Wave Networks. Proceedings of the 17th Conference on Embedded Networked Sensor Systems.

Cite DOI URL

(2019). Insider Attack Resistance in the Android Ecosystem. Enigma 2019.

Cite

(2018). Android Pie à la mode: Security & Privacy. Android Developers Blog.

Cite URL

(2018). Investigating the impact of network security on the line current differential protection system. The Journal of Engineering.

Cite DOI URL

(2018). Design, Implementation, and Evaluation of Secure Communication for Line Current Differential Protection Systems over Packet Switched Networks. International Journal of Critical Infrastructure Protection.

PDF Cite DOI URL

(2018). Bridging the Gap in Privacy-Preserving Revocation: Practical and Scalable Revocation of Mobile eIDs. Proceedings of the 33rd Annual ACM Symposium on Applied Computing (SAC ‘18).

PDF Cite DOI

(2018). Mobile Match-on-Card Authentication Using Offline-Simplified Models with Gait and Face Biometrics. IEEE Transactions on Mobile Computing.

PDF Cite DOI

(2018). Wie sicher ist die schöne, neue und vernetzte Welt?. Automatisierung: Wechselwirkung mit Kunst, Wissenschaft und Gesellschaft.

Cite

(2018). Sulong, and Thanks For All the Bugs: Finding Errors in C Programs by Abstracting from the Native Execution Model. Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems.

Cite DOI

(2018). Recovery of Encrypted Mobile Device Backups from Partially Trusted Cloud Servers. Proc. ARES 2018: 13th International Conference on Availability, Reliability and Security.

Cite URL

(2018). Introspection for C and its Applications to Library Robustness. The Art, Science, and Engineering of Programming, 2018.

Cite URL

(2017). Smartphone-based Gait Recognition: From Authentication to Imitation. IEEE Transactions on Mobile Computing (IEEE TMC).

Cite DOI

(2017). Real-world Identification for an Extensible and Privacy-preserving Mobile eID. Privacy and Identity Management. The Smart Revolution. Privacy and Identity 2017.

PDF Cite DOI

(2017). Extensibility in a Privacy-preserving eID: Towards a Mobile eID System for Real-world Identification and Offline Verification. IFIP Summer School 2017: Privacy and Identity Management – the Smart World Revolution (Pre-proceedings).

PDF Cite

(2017). Protecting Touch: Authenticated App-To-Server Channels for Mobile Devices Using NFC Tags. Information.

PDF Cite DOI

(2017). A Large-Scale, Long-Term Analysis of Mobile Device Usage Characteristics. Proc. ACM Interactive, Mobile, Wearable and Ubiquitous Technologies.

Cite DOI URL

(2017). ShakeUnlock: Securely Transfer Authentication States Between Mobile Devices. IEEE Transactions on Mobile Computing (IEEE TMC).

PDF Cite DOI

(2016). Real-World Identification: Towards a Privacy-Aware Mobile eID for Physical and Offline Verification. Proceedings of the 14th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2016).

Cite DOI

(2016). Mobile Gait Match-on-Card Authentication from Acceleration Data with Offline-Simplified Models. Proceedings of the 14th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2016).

Cite DOI

(2016). DAMN - A Debugging and Manipulation Tool for Android Applications. Proceedings of the 14th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2016).

Cite DOI

(2016). Accelerometer based Gait Recognition using Adapted Gaussian Mixture Models. Proceedings of the 14th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2016).

Cite DOI

(2016). Location-based Risk Assessment for Mobile Authentication. 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing, UbiComp Adjunct 2016, Heidelberg, Germany, September 12-16, 2016.

Cite DOI

(2016). Eyewear Computing – Augmenting the Human with Head-mounted Wearable Assistants (Dagstuhl Seminar 16042). Dagstuhl Reports.

Cite DOI URL

(2015). Towards Device-to-User Authentication: Protecting Against Phishing Hardware by Ensuring Mobile Device Authenticity using Vibration Patterns. Proc. MUM 2015: 14th International Conference on Mobile and Ubiquitous Multimedia.

Cite

(2015). Proceedings of the 14th International Conference on Mobile and Ubiquitous Multimedia (MUM '15). ACM.

Cite DOI URL

(2015). Confidence and Risk Estimation Plugins for Multi-Modal Authentication on Mobile Devices using CORMORANT. 13th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2015).

Cite DOI

(2015). A password-authenticated secure channel for App to Java Card applet communication. International Journal of Pervasive Computing and Communications.

Cite DOI

(2015). Only play in your comfort zone: interaction methods for improving security awareness on mobile devices. Personal and Ubiquitous Computing.

PDF Cite DOI

(2015). Cross Pocket Gait Authentication using Mobile Phone Based Accelerometer Sensor. Proc. EUROCAST 2015: 15th International Conference on Computer Aided Systems Theory.

Cite DOI

(2015). Optimal Derotation of Shared Acceleration Time Series by Determining Relative Spatial Alignment. International Journal of Pervasive Computing and Communications (IJPCC).

Cite DOI

(2015). CORMORANT: Towards Continuous Risk-aware Multi-modal Cross-device Authentication. Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2015 ACM International Symposium on Wearable Computers: Adjunct Publication (UbiComp 2015).

Cite DOI URL

(2014). ShakeUnlock: Securely Unlock Mobile Devices by Shaking them Together. Proc. MoMM 2014: 12th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite DOI

(2014). Orientation Independent Cell Phone Based Gait Authentication. Proc. MoMM 2014: 12th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite DOI

(2014). Optimal Derotation of Shared Acceleration Time Series by Determining Relative Spatial Alignment. Proc. iiWAS 2014: 16th International Conference on Information Integration and Web-based Applications & Services.

PDF Cite

(2014). Mobile Device Usage Characteristics: The Effect of Context and Form Factor on Locked and Unlocked Usage. Proc. MoMM 2014: 12th International Conference on Advances in Mobile Computing and Multimedia.

Cite DOI

(2014). Mobile Application to Java Card Applet Communication using a Password-authenticated Secure Channel. Proc. MoMM 2014: 12th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite DOI

(2014). A Survey of User Interaction for Spontaneous Device Association. ACM Computing Surveys.

PDF Cite DOI

(2014). Special Issue on Security and Trust in Context-Aware Applications. Springer-Verlag.

PDF Cite

(2014). Managing the life cycle of Java Card applets in other Java virtual machines. International Journal of Pervasive Computing and Communications (IJPCC).

PDF Cite DOI

(2014). Diversity in Locked and Unlocked Mobile Device Usage. Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication (UbiComp 2014).

Cite DOI

(2014). An Architecture for Secure Mobile Devices. Security and Communication Networks.

PDF Cite DOI URL

(2014). A Practical Hardware-Assisted Approach to Customize Trusted Boot for Mobile Devices. Information Security Conference (ISC 2014).

Cite

(2013). Visualizations and Switching Mechanisms for Security Zones. Proc. MoMM 2013: 11th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2013). Requirements for an Open Ecosystem for Embedded Tamper Resistant Hardware on Mobile Devices. Proc. MoMM 2013: 11th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2013). Range Face Segmentation: Face Detection and Segmentation for Authentication in Mobile Device Range Images. Proc. MoMM 2013: 11th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2013). An Analysis Of Different Approaches To Gait Recognition Using Cell Phone Based Accelerometer. Proc. MoMM 2013: 11th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2013). (Ab)using foreign VMs: Running Java Card Applets in non-Java Card Virtual Machines. Proc. MoMM 2013: 11th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2013). When Users Cannot Verify Digital Signatures: On the Difficulties of Securing Mobile Devices. Proc. HPCC 2013: 15th IEEE International Conference on High Performance Computing and Communications.

PDF Cite

(2013). UACAP: A Unified Auxiliary Channel Authentication Protocol. IEEE Transactions on Mobile Computing.

PDF Cite DOI

(2013). Towards Secure Personal Device Unlock using Stereo Camera Pan Shots. Proc. EUROCAST 2013: 14th International Conference on ComputerAided Systems Theory.

PDF Cite

(2013). Towards pan shot face unlock: Using biometric face information from different perspectives to unlock mobile devices. International Journal of Pervasive Computing and Communications (IJPCC).

PDF Cite DOI

(2013). 'My Life, Shared' - Trust and Privacy in the Age of Ubiquitous Experience Sharing (Dagstuhl Seminar 13312). Dagstuhl Reports.

Cite DOI URL

(2012). Towards Face Unlock: On the Difficulty of Reliably Detecting Faces on Mobile Phones. Proc. MoMM 2012: 10th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2012). SAPHE - Simple Accelerometer based wireless Pairing with HEuristic trees. Proc. MoMM 2012: 10th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2012). Unify localization using user interface description languages and a navigation context-aware translation tool. Proc. EICS 2012: 4th ACM SIGCHI symposium on Engineering interactive computing systems.

Cite DOI

(2012). Towards usable authentication on mobile phones: An evaluation of speaker and face recognition on off-the-shelf handsets. Proc. IWSSI/SPMU 2012: 4th International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use, colocated with Pervasive 2012.

PDF Cite

(2012). Towards a Practical, Scalable Self-Localization System for Android Phones based on WLAN Fingerprinting. Proc. ICDCSW 2012: 32nd International Conference on Distributed Computing Systems Workshops.

PDF Cite DOI

(2012). Air-Writing: A Platform for Scalable, Privacy-Preserving, Spatial Group Messaging. International Journal of Pervasive Computing and Communications (IJPCC).

PDF Cite DOI

(2011). Private Notes: Encrypted XML Notes Synchronization and Sharing with Untrusted Web Services. Proc. iiWAS2011: 13th International Conference on Information Integration and Web-based Applications & Services.

PDF Cite

(2011). Feature interaction analysis in mobile phones: on the borderline between application functionalities and platform components. Proc. MoMM 2011: 9th International Conference on Advances in Mobile Computing and Multimedia.

Cite

(2011). A Critical Review of Applied MDA for Embedded Devices: Identification of Problem Classes and Discussing Porting Efforts in Practice. Proc. MODELS 2011: ACM/IEEE 14th International Conference on Model Driven Engineering Languages and Systems.

Cite

(2011). A framework for on-device privilege escalation exploit execution on Android. Proc. IWSSI/SPMU 2011: 3rd International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use, colocated with Pervasive 2011.

PDF Cite

(2011). Mobile Platform Architecture Review: Android, iPhone, Qt. Proc. EUROCAST 2011: 13th International Conference on Computer Aided Systems Theory, Part II.

PDF Cite

(2011). Evaluation of Descriptive User Interface Methodologies for Mobile Devices. Proc. EUROCAST 2011: 13th International Conference on Computer Aided Systems Theory, Part II.

PDF Cite

(2011). emphFriends Radar: Towards a Private P2P Location Sharing Platform. Proc. EUROCAST 2011: 13th International Conference on Computer Aided Systems Theory, Part II.

PDF Cite

(2011). Global indexing of indoor localization data.

Cite

(2010). Air-Writing: A Platform for Scalable, Privacy-Preserving, Spatial Group Messaging. Proc. iiWAS2010: 12th International Conference on Information Integration and Web-based Applications & Services.

PDF Cite

(2010). User Created Machine-readable Policies for Energy Efficiency in Smart Homes. Proc. UCSE 2010, co-located with Ubicomp 2010.

PDF Cite

(2009). Shake well before use: Intuitive and Secure Pairing of Mobile Devices. IEEE Transactions on Mobile Computing.

PDF Cite

(2009). On Structural Identification of 2D Regression Functions for In-door Bluetooth Localization. Proc. EUROCAST 2009.

PDF Cite

(2009). Special Issue: Secure Spontaneous Interaction. Inderscience.

Cite

(2008). Towards Alternative User Interfaces for Capturing and Managing Tasks with Mobile Devices. Proc. MoMM 2008: 6th International Conference on Advances in Mobile Computing and Multimedia.

PDF Cite

(2008). Spontaneous Mobile Device Authentication based on Sensor Data. Information Security Technical Report.

PDF Cite DOI

(2008). Peer-it: Stick-on solutions for networks of things. Pervasive and Mobile Computing.

Cite

(2008). Building Flexible Manufacturing Systems Based on Peer-Its. EURASIP Journal on Embedded Systems.

Cite DOI URL

(2007). Shake well before use: two implementations for implicit context authentication. Adjunct Proc. Ubicomp 2007.

PDF Cite

(2007). Security by Spatial Reference: Using Relative Positioning to Authenticate Devices for Spontaneous Interaction. Proc. Ubicomp 2007: 9th International Conference on Ubiquitous Computing.

PDF Cite

(2007). The Candidate Key Protocol for Generating Secret Shared Keys From Similar Sensor Data Streams. Proc. ESAS 2007: 4th European Workshop on Security and Privacy in Ad hoc and Sensor Networks.

PDF Cite

(2007). Shake well before use: Authentication based on Accelerometer Data. Proc. Pervasive 2007: 5th International Conference on Pervasive Computing.

PDF Cite

(2007). A Human-Verifiable Authentication Protocol Using Visible Laser Light. Proc. ARES 2007: 2nd International Conference on Availability, Reliability and Security.

PDF Cite

(2007). Using a Spatial Context Authentication Proxy for Establishing Secure Wireless Connections. Journal of Mobile Multimedia.

PDF Cite

(2007). Towards an Open Source Toolkit for Ubiquitous Device Authentication. Workshops Proc. PerCom 2007: 5th IEEE International Conference on Pervasive Computing and Communications.

PDF Cite

(2007). On the Security of Ultrasound as Out-of-band Channel. Proc. IPDPS 2007: 21st IEEE International Parallel and Distributed Processing Symposium.

PDF Cite

(2007). Extending the Growing Neural Gas Classifier for Context Recognition. Proc. EUROCAST 2007: 11th International Conference on Computer Aided Systems Theory.

PDF Cite

(2006). A Context Authentication Proxy for IPSec using Spatial Reference. Proc. TwUC 2006: 1st International Workshop on Trustworthy Ubiquitous Computing.

PDF Cite

(2006). An Authentication Protocol using Ultrasonic Ranging.

PDF Cite URL

(2005). Technische Hintergründe f̈̊ das rechtliche Handeln im Internet. Aktuelles zum Internet-Recht.

PDF Cite

(2005). Bridging the Gap with P2P Patterns. Proceedings of the Workshop on Smart Object Systems.

PDF Cite

(2005). Eine Architektur zur Kontextvorhersage. Ausgezeichnete Informatikdissertationen 2004.

PDF Cite

(2005). Context Prediction based on Context Histories: Expected Benefits, Issues and Current State-of-the-Art. Proc. ECHISE 2005: 1st International Workshop on Exploiting Context Histories in Smart Environments.

PDF Cite

(2005). Advances in Pervasive Computing: Adjunct Proceedings of the 3rd International Conference on Pervasive Computing. Austrian Computer Society (OCG).

Cite

(2005). An Architecture for Context Prediction. Trauner Verlag.

Cite

(2004). Recognizing and Predicting Context by Learning from User Behavior. Radiomatics: Journal of Communication Engineering, special issue on Advances in Mobile Multimedia.

PDF Cite

(2004). Digital Aura. Advances in Pervasive Computing.

PDF Cite

(2004). An Architecture for Context Prediction. Advances in Pervasive Computing.

PDF Cite

(2004). A Notebook Sensory Data Set for Context Recognition. Proceedings of the Benchmarks and a Database for Context Recognition Workshop.

PDF Cite

(2004). A Context Prediction Code and Data Base. Proceedings of the Benchmarks and a Database for Context Recognition Workshop.

PDF Cite

(2004). A Light-Weight Component Model for Peer-to-Peer Applications. Proceedings MDC04: 2nd International Workshop on Mobile Distributed Computing.

PDF Cite

(2004). The Peer-to-Peer Coordination Framework --- Architecture Reference.

Cite

(2004). A Peer-to-Peer Light-Weight Component Model for Context-Aware Smart Space Applications. International Journal of Wireless and Mobile Computing (IJWMC), special issue on Mobile Distributed Computing.

PDF Cite

(2003). Feature Extraction in Wireless Personal and Local Area Networks. Proc. MWCN 2003: 5th International Conference on Mobile and Wireless Communications Networks.

PDF Cite

(2003). Recognizing and Predicting Context by Learning from User Behavior. Proc. MoMM 2003: 1st International Conference On Advances in Mobile Multimedia.

PDF Cite URL

(2003). Securing Passive Objects in Mobile Ad-Hoc Peer-to-Peer Networks. Electronic Notes in Theoretical Computer Science.

PDF Cite

(2002). DEVS Simulation of Spiking Neural Networks. Cybernetics and Systems: Proc. EMCSR 2002: 16th European Meeting on Cybernetics and Systems Research.

PDF Cite

(2002). Generic Heuristics for Combinatorial Optimization Problems. Proceedings of the 9th International Conference on Operational Research (KOI2002).

PDF Cite