| Toward automated dynamic malware analysis using CWSandbox C Willems, T Holz, F Freiling IEEE Security & Privacy 5 (2), 32-39, 2007 | 1125 | 2007 |
| Automatic Analysis of Malware Behavior Using Machine Learning K Rieck, P Trinius, C Willems, T Holz Journal of Computer Security 19 (4), 639-668, 2009 | 869 | 2009 |
| Learning and classification of malware behavior K Rieck, T Holz, C Willems, P Düssel, P Laskov Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA …, 2008 | 827 | 2008 |
| Measurements and mitigation of peer-to-peer-based botnets: A case study on Storm Worm T Holz, M Steiner, F Dahl, E Biersack, F Freiling 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2008 | 599 | 2008 |
| Virtual Honeypots: From Botnet Tracking to Intrusion Detection N Provos, T Holz Addison-Wesley Professional, 2007 | 587 | 2007 |
| Measuring and detecting fast-flux service networks T Holz, C Gorecki, K Rieck, FC Freiling Network and Distributed System Security Symposium (NDSS), 2008 | 562 | 2008 |
| Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation J Goebel, T Holz 1st Workshop on Hot Topics in Understanding Botnets (HotBots), 2007 | 555 | 2007 |
| The Nepenthes platform: An efficient approach to collect malware P Baecher, M Koetter, T Holz, M Dornseif, F Freiling Recent Advances in Intrusion Detection (RAID), 165-184, 2006 | 508 | 2006 |
| Practical timing side channel attacks against kernel space ASLR R Hund, C Willems, T Holz IEEE Symposium on Security and Privacy (Oakland), 191-205, 2013 | 496 | 2013 |
| A practical attack to de-anonymize social network users G Wondracek, T Holz, E Kirda, C Kruegel IEEE Symposium on Security and Privacy (Oakland), 223-238, 2010 | 485 | 2010 |
| Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks F Freiling, T Holz, G Wicherski European Symposium on Research in Computer Security (ESORICS), 319-335, 2005 | 470 | 2005 |
| Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications F Schuster, T Tendyck, C Liebchen, L Davi, AR Sadeghi, T Holz IEEE Symposium on Security and Privacy (Oakland), 745-762, 2015 | 452 | 2015 |
| Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms R Hund, T Holz, FC Freiling USENIX Security Symposium, 383-398, 2009 | 365 | 2009 |
| Learning more about the underground economy: A case-study of keyloggers and dropzones T Holz, M Engelberth, F Freiling European Symposium on Research in Computer Security (ESORICS), 1-18, 2009 | 316 | 2009 |
| Mobile security catching up? Revealing the nuts and bolts of the security of mobile devices M Becher, FC Freiling, J Hoffmann, T Holz, S Uellenbeck, C Wolf IEEE Symposium on Security and Privacy (Oakland), 96-111, 2011 | 313 | 2011 |
| Cross-architecture bug search in binary executables J Pewny, B Garmany, R Gawlik, C Rossow, T Holz 2015 IEEE Symposium on Security and Privacy, 709-724, 2015 | 308 | 2015 |
| Know your enemy: Tracking botnets P Bacher, T Holz, M Kotter, G Wicherski The Honeynet Project & Research Alliance, 2005 | 271 | 2005 |
| As the net churns: Fast-flux botnet observations J Nazario, T Holz 3rd International Conference on Malicious and Unwanted Software (Malware), 24-31, 2008 | 268 | 2008 |
| Quantifying the Security of Graphical Passwords: The Case of Android Unlock Patterns S Uellenbeck, M Dürmuth, C Wolf, T Holz ACM Conference on Computer & Communications Security (CCS), 161-172, 2013 | 259 | 2013 |
| Automatically generating models for botnet detection P Wurzinger, L Bilge, T Holz, J Goebel, C Kruegel, E Kirda European Symposium on Research in Computer Security (ESORICS), 232-249, 2009 | 253 | 2009 |
