Our Publications
2026
| Title | Event | Authors |
|---|---|---|
| The Passkey Promise: A Comparative Usability Study of MFA Methods |
47th IEEE Symposium on Security and Privacy |
Erwin Kupris Thomas Schreck |
| Always Authenticated, Never Exposed: Continuous Authentication via Zero-Knowledge Proofs DOI: 10.1007/978-3-032-06155-3_2 |
21st International Workshop on Security and Trust Management (STM 2025) |
Dennis Hamm Erwin Kupris Thomas Schreck |
| Evolution of Remote Attestation: A Systematic Literature Review of Post-2020 Approaches Download |
4th International Workshop on Trends in Digital Identity |
Tobias Hilbig Florian Wegscheider Thomas Schreck |
| SoK: The Engineer’s Guide to Post-Quantum Cryptography for Embedded Devices |
11th IEEE European Symposium on Security and Privacy (EuroS&P 2026) |
Nikolai Puch Maximilian Pursche Sebastian N. Peters Michael Heinl |
| All You Need is Trust: A Longitudinal Analysis of Italy's OpenID Federation Journey Download |
11th IEEE European Symposium on Security and Privacy |
Tobias Hilbig Erwin Kupris Thomas Schreck |
2025
| Title | Event | Authors |
|---|---|---|
| Unlocking the Future of (edu)MFA: Integrating Passkeys for Research and Education |
32. DFN-Konferenz Sicherheit in vernetzten Systemen |
Erwin Kupris Florian Ritterhoff Steffen Hofmann Thomas Schreck |
| Identity Threats and Where to Find Them: Mapping ITDR and MITRE ATT&CK |
1st International Workshop on Security and Risk in Identity Management (SeRIM 2025) |
Vitali Serzantov Erwin Kupris Thomas Schreck |
| Device Identity Bootstrapping in Constrained Environments: A BLE-Based BRSKI Extension Download DOI: 10.1109/EDCC66201.2025.00024 |
EDCC 2025: 20th European Dependable Computing Conference |
Julian Krieger Tobias Hilbig Thomas Schreck |
| Identifying key attacks on an IEEE 9-Bus System by leveraging the MITRE ATT&CK ICS Matrix DOI: 10.1145/3679240.3734647 |
16th ACM International Conference on Futureand Sustainable Energy Systems (E-ENERGY ’25) |
Marius Biebel Zhao Song Thomas Schreck Christoph Hackl |
| Leveraging BRSKI to Protect the Hardware Supply Chain of Operational Technology: Opportunities and Challenges DOI: 10.1145/3672608.3707707 |
40th ACM/SIGAPP Symposium on Applied Computing (SAC’25) |
Michael P. Heinl Adrian Reuter Sebastian N. Peters Markus Bever |
| Leveraging LLMs for Memory Forensics: A Comparative Analysis of Malware Detection DOI: 10.1145/3748263 |
Digital Threats: Research and Practice |
Jan-Hendrik Lang Thomas Schreck |
2024
| Title | Event | Authors |
|---|---|---|
| A-WAYF: Automated Where Are You From in Multilateral Federations Download URN: nbn:de:0074-3863-4 |
2nd International Workshop on Trends in Digital Identity (TDI 2024) |
Erwin Kupris Tobias Hilbig David Pierre Sugar Thomas Schreck |
| Poster: FedCM for Research and Education Download DOI: 10.5281/zenodo.12648766 |
9th IEEE European Symposium on Security and Privacy |
Erwin Kupris Tobias Hilbig Thomas Schreck |
| BT 2 X: Multi-Leveled Binary Transparency to Protect the Software Supply Chain of Operational Technology DOI: 10.1145/3690134.3694816 |
Sixth Workshop on CPS&IoT Security and Privacy (CPSIoTSec’24) |
Michael P. Heinl Victor Embacher |
| The "Big Beast to Tackle": Practices in Quality Assurance for Cyber Threat Intelligence DOI: 10.1145/3678890.3678903 |
27th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2024) |
Thomas Geras Thomas Schreck |
| Machines Have Identities Too! Extending NIST’s SP 800-63 for Device Identity Download DOI: 10.1007/978-3-031-76371-7_3 |
20th International Workshop on Security and Trust Management (STM 2024) |
Tobias Hilbig Erwin Kupris Thomas Schreck |
| Do You Play It by the Books? A Study on Incident Response Playbooks and Influencing Factors DOI: 10.1109/SP54263.2024.00060 |
2024 IEEE Symposium on Security and Privacy (SP) |
Daniel Schlette Philip Empl Marco Caselli Thomas Schreck Günther Pernul |
2023
| Title | Event | Authors |
|---|---|---|
| Sharing Communities: The Good, the Bad, and the Ugly DOI: 10.1145/3576915.3623144 |
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security |
Thomas Geras Thomas Schreck |
| Protect the Gate – Not Only Once: Continuous Access Evaluation in Practice Download DOI: 10.1109/CSNet59123.2023.10339788 |
2023 7th Cyber Security in Networking Conference (CSNet) |
Tobias Hilbig Vitali Serzantov Thomas Schreck |
| ‘State of the Union’: Evaluating Open Source Zero Trust Components Download DOI: 10.1007/978-3-031-47198-8_3 |
STM 2023: Security and Trust Management |
Tobias Hilbig Thomas Schreck Tobias Limmer |
| security.txt Revisited: Analysis of Prevalence and Conformity in 2022 Download DOI: 10.1145/3609234 |
Digital Threats: Research and Practice |
Tobias Hilbig Thomas Geras Erwin Kupris Thomas Schreck |
| Moderne PKI-Architektur an einer Hochschule ISBN: 978-3-7568-8139-0 |
30. DFN-Konferenz „Sicherheit in vernetzten Systemen“ |
Thomas Schreck Florian Ritterhoff |
| Enterprise Cyber Threat Modeling and Simulation of Loss Events for Cyber Risk Quantification DOI: 10.1145/3605763.3625244 |
CCSW '23: Proceedings of the 2023 on Cloud Computing Security Workshop |
Christian Ellerhold Johann Schnagl Thomas Schreck |
2022
| Title | Event | Authors |
|---|---|---|
| Understanding the Usage of IT-Security Games in the Industry and Its Mapping to Job Profiles Download DOI: 10.4230/oasics.icpec.2022.3 |
OASIcs |
Tilman Dewes Tiago Gasiba Thomas Schreck |