• Take your seats

    Trainings: 27.05.2019 (Monday)

    Conference: 28.–29.05.2019 (Tuesday – Wednesday)

  • -->
  • RuhrSec 2018

    Over 220 participants – thank you.

  • RuhrSec 2017

    Over 180 participants – thank you.

  • RuhrSec 2016

    Over 135 participants – thank you.

Ruhr's IT security conference

Since 2016, RuhrSec is the annual English speaking non-profit IT security conference with cutting-edge security talks by renowned experts. The conference is hosted at the Ruhr-University Bochum in Germany, directly in the heart of Bochum near the river Ruhr. RuhrSec provides academic and industry talks, the typical University feeling, and a highly recommended social event.

In 2019, all profits from the conference ticket income will be again donated to a local non-profit organization. Do you want to recommend one? Contact us please.

Call for Presentations

In RuhrSec's fourth edition, we have once again a call for presentations; this does not include the trainings. Areas of interest are (but are not restricted to) Internet/Web Security, Data and Application Security, Network Security, Security in the Internet of Things, and Usable Security.

Please submit your proposal to the RuhrSec program committee until the 20th of February 2018. We have an ongoing acceptance process; your chance is higher if you submit as early as possible. Your talk must have a length of 45 minutes including Q&A and it has to be in English. Each speaker gets a free two-day conference ticket, an invitation to the speakers dinner on Wednesday, and a travel reimbursement up to a limit of EUR 1,200 (economy (plus)). Please contact us in case that you have any questions.

Easychair RuhrSec 2019 submission form



Trainings (Mercure Hotel Bochum City): Monday, 27.05.2019

Microarchitectural Attacks, Ass.Prof. Dr. Daniel Gruss, Moritz Lipp, Michael Schwarz
Putting Security Checks into Your Build Pipeline, Christian Schneider
Attacking and Defending TLS, Dr. Juraj Somorovsky, Robert Merget

08:00 – 09:00Registration and Biscuits/Coffee
09:00 – 13:00Training
13:00 – 14:00Tuesday/Wednesday: Lunch
14:00 – 18:00Training
19:30 – 22:30Only on Wednesday: Speakers' Dinner (in Bochum)

Conference (Ruhr University Bochum): Tuesday, 28.05.19

08:00 – 09:00Registration and Biscuits/Coffee
09:00 – 09:15Opening, Marcus Niemietz
09:15 – 10:00Ass.Prof. Dr. Christina Pöpper
10:00 – 10:30Coffee Break
10:30 – 11:15
11:15 – 12:00
12:00 – 13:30Lunch
13:30 – 14:15
14:15 – 15:00
15:00 – 15:45Coffee Break
15:45 – 16:30
16:30 – 17:15
17:15 – Open EndSocial Event (incl. Dinner)

Conference (Ruhr University Bochum): Wednesday, 29.05.19

08:45 – 09:15Biscuits/Coffee
09:15 – 10:00
10:00 – 10:30Coffee Break
10:30 – 11:15
11:15 – 12:00
12:00 – 13:30Lunch
13:30 – 14:15
14:15 – 15:00
15:00 – 15:30Coffee Break
15:30 – 16:15
16:15 – 17:00
17:00 – 17:15Closing

Talks & Trainings

Microarchitectural Attacks

Training by Ass.Prof. Dr. Daniel Gruss, Moritz Lipp, Michael Schwarz (TU Graz)

Training. Microarchitectural Attacks

Abstract. With the beginning of 2018, microarchitectural attacks received a lot of attention by the computer security community and other fields. Meltdown and Spectre break isolation between processes and security domains on a hardware level. In this training, we provide a hands-on experience on microarchitectural attacks.

Starting with the basics, we first learn how caches work and then implement three very basic microarchitectural side-channel attacks. We start with Flush+Reload and use it to implement two different attacks; one on a cryptographic algorithm and one template attack. We also see how performance counters can reveal interesting information for microarchitectural attacks.

After having learned how to mount Flush+Reload attacks on shared libraries, we go one step further and get rid of the requirement of shared memory step by step. For this purpose, we learn how to build eviction sets and implement an Evict+Reload attack. Continuing from there, we implement Prime+Probe, an attack which does not require any shared memory. Finally, we implement a Meltdown and a Spectre attack, based on the Flush+Reload implementation we already have implement in the first third of the course.

This course teaches attendees where microarchitectural attack surface is created and how it can be exploited. This provides engineers with valuable knowledge for building more secure hardware and software resilient to these attacks.

Course Outline

  • Introduction
  • Flush+Reload
  • Attacking Weak Crypto I
  • Template Attacks
  • Performance Counters
  • Evict+Reload
  • Prime+Probe
  • Attacking Weak Crypto II
  • Covert Channel
  • Meltdown
  • Spectre

What to bring? Laptop, VirtualBox

Prerequisites. Operating system with at least 4GB of RAM (8GB recommended) and at least 25 GB of free disk space.

Who Should Attend? Security and computer engineers, computer security researchers, people interested in microarchitectural attacks.

What to expect? This course will teach attendees how microarchitectural attacks work and how to automate them. They will learn how to combine different side channels and use different side channels to achieve the same goal in different privilege scenarios. This will give engineers the ability to find and address microarchitectural vulnerabilities in hardware and software.

What not to expect? "Exploits", Fault attacks (Rowhammer).

About the trainer. Daniel Gruss, Moritz Lipp, and Michael Schwarz have been teaching at Graz University of Technology for several years. They are one of the leading groups in microarchitectural attack and defense research and have spoken about this topic at various international venues.

Putting Security Checks into Your Build Pipeline

Training by Christian Schneider

Training. Putting Security Checks into Your Build Pipeline

Abstract. This course gives insight into automation capabilities of security scans, which perfectly fit into many build pipelines. Taking frontends (Web) as well as backends (APIs) into account, you will learn what steps of a security analysis can be best automated - and how. By focussing on OpenSource solutions, you will get a tool arsenal with different automation options ready to test your applications' security on every build.

In order to get the most out of the training day you can (optionally) follow exercises with Kali Linux and a specially for this workshop created demo application to test. And for those without a laptop during the workshop: Even without one to be able to take part in the practical tasks, you’ll obviously pick up a lot of information from the workshop anyway.

Course Outline

  • DevOps pipelines
  • Security tool landscape
  • Automation capabilities and integration styles
  • Overcoming crawler problems
  • Alternative traffic generators
  • Coping with tokens, CAPTCHAs, and other automation problems
  • Configuration recommendations for different automation and scan types
  • Scan scheduling & APIs
  • How to NOT just break builds
  • Handling findings from automated scans
  • Organizational aspects (especially for agile teams)

What to bring? Laptop (with VMware or VirtualBox).

Prerequisites. If you want to attend the exercises: Kali Linux installed and running (inside VM is absolutely ok).

Who Should Attend? DevOps Engineers, QA / Test Engineers, Developers, Penetration Testers, Technical Managers.

What to expect? This course will teach attendees how to use security tools in an automated way to assess the security of their applications as part of build pipelines. At the end of this course attendees will be able to consider different techniques and utilize security tools to security-enhance the software development process of agile DevOps projects.

What not to expect? One-fits-all solutions, offensive stuff (i.e. we're not covering post exploitation techniques as part of automated build chains).

About the trainer. Christian (@cschneider4711) has pursued a successful career as a freelance Java software developer and expanded it to include the focus on IT-Security. His major areas of work are Security Architecture Consulting and Penetration Testing. Aside from trainings he coaches agile projects to include security in the SDLC by applying Security DevOps concepts. Christian enjoys speaking at conferences and blogs at Christian-Schneider.net.

Attacking and Defending TLS

Training by Dr. Juraj Somorovsky, Robert Merget (Ruhr University Bochum)

Training. Attacking and Defending TLS

Abstract. Transport Layer Security (TLS) is the most important cryptographic protocol on the Internet. It is responsible for securing connections between browsers and web servers, or between web services peers. Recent TLS history is however full of new attacks, which makes it challenging to deploy applications securely.

We give an overview of the most critical TLS attacks and show how to detect these attacks with different tools. Afterward, we present best practices to establish secure TLS connections.

Course Outline

  • Short intro into crypto
  • The TLS protocol
  • TLS attacks
  • Secure TLS configuration
  • Security evaluation with open-source tools

What to bring? Laptop, VirtualBox

Prerequisites. Operating system with at least 4GB of RAM (8GB recommended) and at least 25 GB of free disk space.

Who Should Attend? Developers, Penetration Testers

What to expect? This course will teach attendees how to use advanced attack methods against mobile applications, how to reverse engineer their code to look for vulnerabilities and use this information for complex attacks. At the end of this course attendees will be able to use advanced mobile penetration testing tools, carry out injection attacks and use reverse engineering methods to deconstruct the advanced defences of modern mobile applications.

What not to expect? 0days

About the trainers. Dr. Juraj Somorovsky is a security researcher at the Ruhr University Bochum, and a co-founder of Hackmanit GmbH. He is the main developer of a flexible tool for TLS analyses TLS-Attacker (https://github.com/RUB-NDS/TLS-Attacker) and a co-author of several well-known TLS attacks. For example, his attacks DROWN and ROBOT received Pwnie Awards for Best cryptographic attacks in years 2016 and 2018. Juraj Somorovsky presented his work on renowned scientific and industrial conferences, including Usenix Security, Blackhat, Deepsec and OWASP Europe.

Ass.Prof. Dr. Christina Pöpper

(NYU Abu Dhabi) – Keynote

Talk. TBA

Abstract. TBA

Biography. Christina Pöpper is a computer scientist with a focus on information and communication security. Her research goal is to better understand and enhance the security and privacy of current and future IT and communication systems. Specific interests are the security of wireless systems and applications, where she is working on topics like secure localization and jamming-resistant communication, mobile-, protocol- and system-level security as well as on aspects of privacy. She is teaching computer/IT security and general computer science classes. She is affiliated with the Center for Cyber Security at NYUAD.

Prior to joining NYUAD, Christina Pöpper was an assistant professor at Ruhr-University Bochum, Germany, where she headed the Information Security Group at the Electrical Engineering and Information Technology Department / Horst-Görtz-Institute for IT-Security. In the past, she taught specialized courses on wireless security as well as on private and anonymous communication. She received her doctoral and graduate degrees in computer science from ETH Zurich, Switzerland.

Her research interest is cybersecurity and privacy. One focus area is wireless and communication security, in particular securing wireless radio transmissions against jamming as well as securing localization techniques. She likes to combine systems and security mechanisms in different application settings. She addresses secure systems where cryptography alone is often not enough.

Conference location


Training address: Mercure Hotel Bochum City (website), Massenbergstraße 19 21, 44787 Bochum

Conference address: Veranstaltungszentrum, Ruhr-Universität Bochum, Universitätsstraße 150, 44801 Bochum

Google Maps: Link to the conference building

Directions: RuhrSec will be held at the Ruhr University Bochum (RUB). The conference location is directly located under the cafeteria/Mensa in our event center (German: Veranstaltungszentrum). You can find parking spaces for your cars directly under the conference location (University Center/ Universität Mitte, parking level P9). Otherwise you can use the train station (U35 - "Ruhr-Universität"). From the train station, it is a five minutes walk to get to the conference building.

Flight and Train Information

The closest airport is "Düsseldorf Flughafen" (DUS). From DUS, the shortest and fastest way to get to Bochum is via train. Please take the "Sky Train" from the airport to the railway station "Düsseldorf Flughafen". After that you should drive to "Bochum Hauptbahnhof" (aka. "Bochum Hbf."). From there we recommend to take a taxi to the conference center (about 10 euros). Otherwise you can take the underground station (U-Bahn) train U35 to "Ruhr Universität Bochum".

Please notice:

  • Please pay for the sky train (a few euros).
  • To get your train tickets, you can use a ticket machine after the sky train. They allow you to choose English for the UI and you can pay (often) with your credit cards. Please be sure to bring enough cash (euros) with you, because it is possible that the ticket machine does not accept your credit card. The ticket price should be something around €3 (SkyTrain) and €20 (train).
  • Please do not forget to validate your train ticket with one of the stamp machines. Otherwise, it is not valid.

If you want to check out when your train will arrive you can use this web page: http://www.bahn.com/i/view/DEU/en/index.shtml


We do not offer any hotel room reservation service. From our experience, it is cheaper to use common hotel booking portals instead of booking the rooms directly at the hotel or with a reservation code.

Directly in the heart of Bochum and near the train station, we recommend two hotels:

Ibis has renewed their hotel a few years ago and it is, depending on the view, sufficient to spend a few nights in it. More luxury is given in the Mercure Hotel, which was a Park Inn hotel in the past. Both hotels are not far away from Bochum's famous Bermuda Dreieck (with a lot of good bars and German beer).

More Information

Social Event

Next to their anti-virus products, G DATA is known as the evening sponsor of the Ruhr University's HackPra lecture. As it is in the case of HackPra, RuhrSec will have an awesome evening event too.

Every participant with a valid conference ticket is invited to be our guest at the social event. G Data provides awesome people, tasty food and high quality drinks. Feel free to join us and to talk with other security interested people, including the speakers.


Location: G DATA Academy, Königsallee 178, D-44799 Bochum

How to get there: After the conference we will go together to the location by using public transport systems. More information is given before the first conference keynote.

German way description: Download PDF

Time: After the first conference day (>=17:00 o'clock)

Contact us

This event will be provided by Hackmanit. The Hackmanit organisation team consists of Marcus Niemietz, Christian Mainka and Juraj Somorovsky. We are security researchers with a strong relationship to the Horst Görtz Institute for IT security.

In case that you have any questions regarding the conference, please contact us via mail:

Email us

Hackmanit GmbH

Universitätsstraße 150 (ID 2/469)
44801 Bochum

Our Phone:

T: (+49)(0)234 / 45930961


(+49)(0)234 / 45930960

Our Email:


Find us elsewhere


Follow our posts


Follow our tweets


Refresh your memories


Enjoy our videos