Dr. rer. nat. Daniel Plohmann
Researcher at Fraunhofer FKIE
|
Research Interests
- Reverse Engineering
- Malware Analysis
- Advanced simulation methods and techniques
Publications
- 2023
- Daniel Plohmann, Manuel Blatt, Daniel Enders
MCRIT: The MinHash-based Code Relationship & Investigation Toolkit
In: The Journal on Cybercrime & Digital Investigations, [S.l.], v. 8, n. 1, p. 1-13, April 2023. ISSN 2494-2715.
- Daniel Plohmann, Manuel Blatt, Daniel Enders
- 2022
- Daniel Plohmann
Classification, Characterization, and Contextualization of Windows Malware using Static Behavior and Similarity Analysis
Doctoral Thesis, University of Bonn, Germany, July 2022.
- Daniel Plohmann
- 2019
- Felix Bilstein, Daniel Plohmann
YARA-Signator: Automated Generation of Code-based YARA Rules
In: The Journal on Cybercrime & Digital Investigations, [S.l.], v. 5, n. 1, p. 1-13, December 2019. ISSN 2494-2715.
- Felix Bilstein, Daniel Plohmann
- 2018
- Daniel Plohmann, Steffen Enders, Elmar Padilla
ApiScout: Robust Windows API Usage Recovery for Malware Characterization and Similarity Analysis
In: The Journal on Cybercrime & Digital Investigations, [S.l.], v. 4, n. 1, p. 1-16, December 2018. ISSN 2494-2715.
- Daniel Plohmann, Steffen Enders, Elmar Padilla
- 2017
- Daniel Plohmann, Martin Clauß, Steffen Enders, Elmar Padilla
Malpedia: A Collaborative Effort to Inventorize the Malware Landscape
In: The Journal on Cybercrime & Digital Investigations, v. 3, n. 1, p. 1-19, December 2017. ISSN 2494-2715. - Jan-Niclas Hilgert, Martin Lambertz, Daniel Plohmann
Extending The Sleuth Kit and its underlying model for pooled storage file system forensic analysis
Best Paper Award
In: Digital Investigation: The International Journal of Digital Forensics & Incident Response 22. (2017): p. 76-85.
- Daniel Plohmann, Martin Clauß, Steffen Enders, Elmar Padilla
- 2016
- Daniel Plohmann, Khaled Yakdan, Michael Klatt, Johannes Bader, Elmar Gerhards-Padilla
A Comprehensive Measurement Study of Domain Generating Malware
In: Proeceedings of the 25th USENIX Security Symposium, Austin TX, USA, August 2016.
- Daniel Plohmann, Khaled Yakdan, Michael Klatt, Johannes Bader, Elmar Gerhards-Padilla
- 2015
- Daniel Plohmann
DGArchive: A deep dive into domain generation
Presentation at 3rd Botconf, Paris, France, December 2015.
- Daniel Plohmann
- 2014
- Laura Guevara, Daniel Plohmann
Semantic Exploration of Binaries
In: Proceedings of 2nd Botconf, Nancy, France, December 2014.
- Laura Guevara, Daniel Plohmann
- 2013
- Dennis Andriesse, Christian Rossow, Brett Stone-Gross, Daniel Plohmann, Herbert Bos
Highly Resilient Peer-to-Peer Botnets Are Here: An Analysis of Gameover Zeus
In: Proceedings of the 8th International Conference on Malicious and Unwanted Software (Malware 2013), Fajardo, USA, October 2013. - Daniel Plohmann
http://www.isotf.org/isoi12.html#agendaPicking Stones from Castles - Citadel Data Mining
Presentation at ISOI 12, Copenhagen, Denmark, September 2013. - Daniel Plohmann, Sebastian Eschweiler, Elmar Gerhards-Padilla
Patterns of a Cooperative Malware Analysis Workflow
In: Proceedings of the 5th International Conference on Cyber Conflict (CyCon'2013), Tallinn, Estonia, June 2013. - Christian Rossow, Dennis Andriesse, Tillmann Werner, Brett Stone-Gross, Daniel Plohmann, Christian J. Dietrich, Herbert Bos
P2PWNED -- Modeling and Evaluating the Resilience of Peer-to-Peer Botnets
In: Proceedings of the 34th IEEE Symposium on Security and Privacy (S&P 2013), San Francisco, USA, May 2013.
- Dennis Andriesse, Christian Rossow, Brett Stone-Gross, Daniel Plohmann, Herbert Bos
- 2012
- Daniel Plohmann and Christopher Kannen
AntiRE - An Executable Collection of Anti-Reversing Techniques
In: Collin Mulliner, Patrick Stewin, editors, Proceedings of the Seventh GI SIG SIDAR Graduate Workshop on Reactive Security (SPRING). Technical Report SR-2012-01. GI FG SIGAR, Berlin, July 2012. - Daniel Plohmann, Elmar Gerhards-Padilla
Malware and Botnet Analysis Methodology
ERCIM-News, Vol. 2012, No. 90, July 2012, p. 22
ercim-news.ercim.eu/en90/special/malware-and-botnet-analysis-methodology - Daniel Plohmann, Elmar Gerhards-Padilla
A Case Study on the Miner Botnet
In: Proceedings of the 4th International Conference on Cyber Conflict (CyCon'2012), Tallinn, Estonia, June 2012. - Daniel Plohmann, Elmar Gerhards-Padilla
Aktuelles aus der Welt der Botnetze
IT-Report, Mittler Report Verlag GmbH, Bonn, Germany, Mai 2012 - Daniel Plohmann, Elmar Gerhards-Padilla
Das schwächste Glied - Wie sich Unternehmen und Behörden vor Cyber-Attacken schützen können
Sicherheitstechnischer Report, Vol. 2012, Mittler Report Verlag GmbH, Bonn, Germany, April 2012
- Daniel Plohmann and Christopher Kannen
- 2011
- Daniel Plohmann, Elmar Gerhards-Padilla, Felix Leder, Jan Gassen, André Wichmann, Sebastian Eschweiler
Botnets: Detection, Measurement and Defense
In: Proceedings of the 6th Future Security, Security Research Conference, Berlin, Germany, September 2011. - Daniel Plohmann, Elmar Gerhards-Padilla, Felix Leder
Botnets: Detection, Measurement, Disinfection & Defence
Technical Report published by the European Network and Information Security Agency (ENISA). Editor: Giles Hogben. Heraklion, Greece, March 2011 - Daniel Plohmann, Elmar Gerhards-Padilla, Felix Leder
Botnets: 10 Tough Questions
Report published by the European Network and Information Security Agency (ENISA). Editor: Giles Hogben. Heraklion, Greece, March 2011
- Daniel Plohmann, Elmar Gerhards-Padilla, Felix Leder, Jan Gassen, André Wichmann, Sebastian Eschweiler
- 2010
- Felix Leder and Daniel Plohmann
PyBox - A Python approach to sandboxing
In: Sebastian Schmerl, Simon Hunke, editors, Proceedings of the Fifth GI SIG SIDAR Graduate Workshop on Reactive Security (SPRING). Technical Report SR-2010-01, page 4. GI FG SIGAR, Bonn, July 2010.
- Felix Leder and Daniel Plohmann
- 2009
- Daniel Plohmann
Parallele Simulation von drahtlosen Mesh-Netzen
Diploma Thesis, University of Bonn, October 2009
- Daniel Plohmann
- Other
- Daniel Plohmann
x86 Opcode Structure and Instruction Overview - Felix Leder and Daniel Plohmann
PyBox - A user-level framework for rootkit-like monitoring of processes
- Daniel Plohmann
Presentations
Presentations without published slides.
- 2016
- Daniel Plohmann
The 3 Ghosts of Malware Reversing (Keynote)
Presentation at Malware and Reverse Engineering Workshop (MRE-2016), Melbourne, Australia, July 2016. - Daniel Plohmann
A Field Report on Botnet Investigations
Presentation at Malware and Reverse Engineering Workshop (MRE-2016), Melbourne, Australia, July 2016.
- Daniel Plohmann
- 2015
- Daniel Plohmann
MASFAD: Military multi-Agent System For APT Detection
Presentation at Cyber Defense Conference, Bonn, Germany, November 2015.
- Daniel Plohmann
- 2014
- Daniel Plohmann
CTF Knowledge Exchange - ROP exploitation
Presentation at University of Bonn, March 2014.
- Daniel Plohmann
- 2013
- Daniel Plohmann
Picking Stones from Castles - Citadel Data Mining
Presentation at ISOI 12, Copenhagen, Denmark, September 2013.
- Daniel Plohmann
- 2012
- Daniel Plohmann
Data-Mining P2P Botnets
Presentation at INBOT'12, Aachen, Germany, March 2012.
- Daniel Plohmann
- 2011
- Daniel Plohmann
Introduction to P2P Botnets
University Colloquium, Bonn, Germany, December 2011.
- Daniel Plohmann
Public Service
Program Committee
- ENISA Workshop on Botnet Detection, Measurement, Disinfection & Defence
Reviewer for
- IEEE Security & Privacy Magazine
- 11th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'14), London, GB, 2014.
- 37th IEEE Conference on Local Computer Networks (LCN 2012), Florida, USA, 2012.
- "it - Information Technology: Special Issue on Reactive Security", Eds.: Molitor, P., Rothermel, K., Flegel, U. To be published, Oldenbourg Wissenschaftsverlag Munich, 2012.
- 13th International Conference on Distributed Computing and Networking (ICDCN 2012), Hong Kong Polytechnic University, Hong Kong, China.
Teaching
Lectures, Labs, and Seminars
- WS 2015
- Seminar: Seminar Selected Topics in Malware Analysis and Computer/Network Security
- Lab: Malware Analysis
- SS 2015
- Project Group: "Malware Bootcamp"
- SS 2014
- Lab: Malware Analysis
- SS 2012
- Exercises to "Network Security" (lecture by Prof. Dr. Peter Martini, Dr. Jens Tölle and Wolfgang Moll)
- Project Group: "Malware Bootcamp"
- Seminar: Seminar Selected Topics in Malware Analysis and Computer/Network Security
- Lab: Communication and Communicating Devices
- WS 2011/12
- Project Group: "Malware Bootcamp"
- Seminar: Seminar Selected Topics in Malware Analysis and Computer/Network Security
- SS 2011
- Guest lecture with topic: "Malware Analysis and Reverse Engineering" as part of "Systemnahe Informatik" (lecture by Prof. Dr. Peter Martini)
- Exercises to "Network Security" (lecture by Prof. Dr. Peter Martini, Dr. Jens Tölle and Wolfgang Moll)
- Project Group: "Malware Bootcamp"
- WS 2010/11
- Project Group: "Malware Bootcamp"
- SS 2010
- Exercises to "Systemnahe Informatik" (lecture by Prof. Dr. Peter Martini)
- Exercises to "Network Security" (lecture by Prof. Dr. Peter Martini, Dr. Jens Tölle and Wolfgang Moll)
- Project Group: "Malware Bootcamp"
Supervised Work
- "Study of how Malware has Evolved in recent Years from a forensics Perspective and how to keep Pace with this Trends". Störmer, Ronny; Master Thesis, 2023.
- "Dynamic Malware Analysis using the .NET Profiling API". Khouei, Sina; Lab Report, 2023.
- "Analysis of Statically-Linked Code in Malware using Methods of Code Similarity". Enders, Daniel; Master Thesis, 2022.
- "Verfahren zur automatisierten Identifikation bekannter Funktionen in Disassemblern". Wüstenberg, Thilo; Bachelor Thesis, 2021.
- "Capability Analysis on Malicious Software". Bilstein, Felix; Master Thesis, 2021.
- "Analysis of Code Reuse and Obfuscation in .NET Malware". Blatt, Manuel; Master Thesis, 2021.
- "An Overview of .NET Bytecode and (De-)Obfuscation". Blatt, Manuel; Seminar Report, 2020.
- "Konsistenz- und Ähnlichkeitsanalyse von Rich Headern in Malware". Enders, Daniel; Bachelor Thesis, 2020.
- "Automation Convenience through Shellcode Injection in Hypervisor-based Malware Analysis". Blatt, Manuel; Lab Report, 2020.
- "Prototyping a recursive ARM Disassembler for Memory Dumps". Bilstein, Felix; Lab Report, 2019.
- "Challenges of Recovering Binary Disassembly". Bilstein, Felix; Seminar Report, 2019.
- "Authorship Attribution on Executable x86/x64 Binary Code". Enders, Steffen; Master Thesis, 2019.
- "Improving YARA-Signator for effective Generation of code-based YARA-Signatures". Bilstein, Felix; Lab Report, 2019.
- "Qualitative analysis of YARA pattern-matching". Hofstetter, Max; Lab Report, 2018.
- "Automatic Generation of code-based YARA-Signatures". Bilstein, Felix; Bachelor Thesis, 2018.
- "Compiler-Fingerprinting on x86/x64 Binaries". Enders, Steffen; Bachelor Thesis, 2017.
- "Memory visualization and diffing". Denno, Mohamad and Ali; Lab Report, 2017.
- "Robust Malware Unpacking". Jenke, Thorsten; Master Thesis, 2016.
- "A Malware Classification System Based On Structural Static Analysis". Hordiienko, Paul; Master Thesis, 2016.
- "Command & Control Server Mimicry through Analysis and Replay of Network Capture Data". Buhl, Lennart; Bachelor Thesis, 2016.
- "A survey of executables matching techniques". Hordiienko, Paul; Seminar Report, 2016.
- "Flow-based Network Intrusion Detection". Herzog, Marco; Seminar Report, 2015.
- "Malware Classification". Jenke, Thorsten; Seminar Report, 2015.
- "Domain Generation Algorithm Recognition". Fischer, Sören; Lab Report, 2015.
- "Ein rekursiver Disassembler". Heiler, Lorenz; Lab Report, 2015.
- "Deobfuscation of Andromeda API Calls". Frieß, Jens; Lab Report, 2015.
- "Dumping Malware for Fun and Profit". Bilstein, Felix; Lab Report, 2015.
- "The many Faces of Malware - Clustering Icons from Malware". Buhl, Lennart; Lab Report, 2014.
- "Semantic Exploration of Binaries". Guevara, Laura; Master Thesis, 2014.
- "Clustering von Citadel Packer". Jenke, Thorsten; Bachelor Thesis, 2014.
- "Asynchronous Tracking of Peer-to-Peer Botnets". Dammann, Julian; Diploma Thesis, 2012.
- "Code Protection in Android". Schulz, Patrick; Lab Report, 2012.
- "What the Fuzz?! Fuzzing - Automated software vulnerability discovery". Koch, Jonathan; Seminar Report, 2011.
- "Heuristiken in Unpacking-Frameworks". Schulz, Patrick; Bachelor Thesis, 2011.