| Toward automated dynamic malware analysis using CWSandbox C Willems, T Holz, F Freiling IEEE Security & Privacy 5 (2), 32-39, 2007 | 1146 | 2007 |
| Automatic Analysis of Malware Behavior Using Machine Learning K Rieck, P Trinius, C Willems, T Holz Journal of Computer Security 19 (4), 639-668, 2009 | 894 | 2009 |
| Learning and classification of malware behavior K Rieck, T Holz, C Willems, P Düssel, P Laskov Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA …, 2008 | 851 | 2008 |
| Measurements and mitigation of peer-to-peer-based botnets: A case study on Storm Worm T Holz, M Steiner, F Dahl, E Biersack, F Freiling 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2008 | 607 | 2008 |
| Virtual Honeypots: From Botnet Tracking to Intrusion Detection N Provos, T Holz Addison-Wesley Professional, 2007 | 593 | 2007 |
| Measuring and detecting fast-flux service networks T Holz, C Gorecki, K Rieck, FC Freiling Network and Distributed System Security Symposium (NDSS), 2008 | 570* | 2008 |
| Rishi: Identify Bot Contaminated Hosts by IRC Nickname Evaluation J Goebel, T Holz 1st Workshop on Hot Topics in Understanding Botnets (HotBots), 2007 | 564 | 2007 |
| Practical timing side channel attacks against kernel space ASLR R Hund, C Willems, T Holz IEEE Symposium on Security and Privacy (Oakland), 191-205, 2013 | 517 | 2013 |
| The Nepenthes platform: An efficient approach to collect malware P Baecher, M Koetter, T Holz, M Dornseif, F Freiling Recent Advances in Intrusion Detection (RAID), 165-184, 2006 | 512 | 2006 |
| A practical attack to de-anonymize social network users G Wondracek, T Holz, E Kirda, C Kruegel IEEE Symposium on Security and Privacy (Oakland), 223-238, 2010 | 497 | 2010 |
| Botnet tracking: Exploring a root-cause methodology to prevent distributed denial-of-service attacks F Freiling, T Holz, G Wicherski European Symposium on Research in Computer Security (ESORICS), 319-335, 2005 | 472 | 2005 |
| Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications F Schuster, T Tendyck, C Liebchen, L Davi, AR Sadeghi, T Holz IEEE Symposium on Security and Privacy (Oakland), 745-762, 2015 | 467 | 2015 |
| Return-oriented rootkits: Bypassing kernel code integrity protection mechanisms R Hund, T Holz, FC Freiling USENIX Security Symposium, 383-398, 2009 | 367 | 2009 |
| Cross-architecture bug search in binary executables J Pewny, B Garmany, R Gawlik, C Rossow, T Holz 2015 IEEE Symposium on Security and Privacy, 709-724, 2015 | 333 | 2015 |
| Learning more about the underground economy: A case-study of keyloggers and dropzones T Holz, M Engelberth, F Freiling European Symposium on Research in Computer Security (ESORICS), 1-18, 2009 | 325 | 2009 |
| Mobile security catching up? Revealing the nuts and bolts of the security of mobile devices M Becher, FC Freiling, J Hoffmann, T Holz, S Uellenbeck, C Wolf IEEE Symposium on Security and Privacy (Oakland), 96-111, 2011 | 317 | 2011 |
| (Un) informed Consent: Studying GDPR Consent Notices in the Field C Utz, M Degeling, S Fahl, F Schaub, T Holz ACM SIGSAC Conference on Computer and Communications Security (CCS), 2019 | 281 | 2019 |
| Know your enemy: Tracking botnets P Bacher, T Holz, M Kotter, G Wicherski The Honeynet Project & Research Alliance, 2005 | 275 | 2005 |
| We value your privacy... now take some cookies: Measuring the GDPR's impact on web privacy M Degeling, C Utz, C Lentzsch, H Hosseini, F Schaub, T Holz Network and Distributed System Security Symposium (NDSS), 2018 | 274 | 2018 |
| As the net churns: Fast-flux botnet observations J Nazario, T Holz 3rd International Conference on Malicious and Unwanted Software (Malware), 24-31, 2008 | 272 | 2008 |
