• Take your seats

    Trainings: 27.05.2019 (Monday)

    Conference: 28.–29.05.2019 (Tuesday – Wednesday)

  • -->
  • RuhrSec 2018

    Over 210 participants – thank you.

  • RuhrSec 2017

    Over 180 participants – thank you.

  • RuhrSec 2016

    Over 135 participants – thank you.

Ruhr's IT security conference

Since 2016, RuhrSec is the annual English speaking non-profit IT security conference with cutting-edge security talks by renowned experts. The conference is hosted at the Ruhr-University Bochum in Germany, directly in the heart of Bochum near the river Ruhr. RuhrSec provides academic and industry talks, the typical University feeling, and a highly recommended social event.

In 2019, all profits from the conference ticket income will be again donated to a local non-profit organization. Do you want to recommend one? Contact us please.

Call for Presentations

In RuhrSec's fourth edition, we have once again a call for presentations; this does not include the trainings. Areas of interest are (but are not restricted to) Internet/Web Security, Data and Application Security, Network Security, Security in the Internet of Things, and Usable Security.

Please submit your proposal to the RuhrSec program committee until the 20th of February 2019. We have an ongoing acceptance process; your chance is higher if you submit as early as possible. Your talk must have a length of 45 minutes including Q&A and it has to be in English. Each speaker gets a free two-day conference ticket, an invitation to the speakers' dinner on Monday, and a travel reimbursement up to a limit of EUR 1,200 (economy (plus)).

How to increase your chances of being accepted?
When submitting your proposal, please consider to include the preliminary structure of your talk or even your slides. Also, include videos or slides of your previous talks. All additional information will help us to evaluate your proposal. Please contact us in case that you have any questions.

Easychair RuhrSec 2019 submission form



Trainings (Mercure Hotel Bochum City): Monday, 27.05.2019

Microarchitectural Attacks, Ass.Prof. Dr. Daniel Gruss, Moritz Lipp, Michael Schwarz
Putting Security Checks into Your Build Pipeline, Christian Schneider
Attacking and Defending TLS, Dr. Juraj Somorovsky, Robert Merget

08:00 – 09:00Registration and Biscuits/Coffee
09:00 – 13:00Training
13:00 – 14:00Lunch
14:00 – 18:00Training
19:30 – 22:30Speakers' Dinner

Conference (Ruhr University Bochum): Tuesday, 28.05.19

08:00 – 09:00Registration and Biscuits/Coffee
09:00 – 09:15Opening, Marcus Niemietz
09:15 – 10:00Ass.Prof. Dr. Christina Pöpper
10:00 – 10:30Coffee Break
10:30 – 11:15
11:15 – 12:00
12:00 – 13:30Lunch
13:30 – 14:15
14:15 – 15:00
15:00 – 15:45Coffee Break
15:45 – 16:30
16:30 – 17:15
17:15 – Open EndSocial Event (incl. Dinner)

Conference (Ruhr University Bochum): Wednesday, 29.05.19

08:45 – 09:15Biscuits/Coffee
09:15 – 10:00
10:00 – 10:30Coffee Break
10:30 – 11:15
11:15 – 12:00
12:00 – 13:30Lunch
13:30 – 14:15
14:15 – 15:00
15:00 – 15:30Coffee Break
15:30 – 16:15
16:15 – 17:00
17:00 – 17:15Closing

Talks & Trainings

Microarchitectural Attacks

Training by Ass.Prof. Dr. Daniel Gruss, Moritz Lipp, Michael Schwarz (TU Graz)

Training. Microarchitectural Attacks

Abstract. With the beginning of 2018, microarchitectural attacks received a lot of attention by the computer security community and other fields. Meltdown and Spectre break isolation between processes and security domains on a hardware level. In this training, we provide a hands-on experience on microarchitectural attacks.

Starting with the basics, we first learn how caches work and then implement three very basic microarchitectural side-channel attacks. We start with Flush+Reload and use it to implement two different attacks; one on a cryptographic algorithm and one template attack. We also see how performance counters can reveal interesting information for microarchitectural attacks.

After having learned how to mount Flush+Reload attacks on shared libraries, we go one step further and get rid of the requirement of shared memory step by step. For this purpose, we learn how to build eviction sets and implement an Evict+Reload attack. Continuing from there, we implement Prime+Probe, an attack which does not require any shared memory. Finally, we implement a Meltdown and a Spectre attack, based on the Flush+Reload implementation we already have implement in the first third of the course.

This course teaches attendees where microarchitectural attack surface is created and how it can be exploited. This provides engineers with valuable knowledge for building more secure hardware and software resilient to these attacks.

Course Outline.

  • Introduction
  • Flush+Reload
  • Attacking Weak Crypto I
  • Template Attacks
  • Performance Counters
  • Evict+Reload
  • Prime+Probe
  • Attacking Weak Crypto II
  • Covert Channel
  • Meltdown
  • Spectre

What to bring? Laptop, VirtualBox

Prerequisites. Operating system with at least 4GB of RAM (8GB recommended) and at least 25 GB of free disk space.

Who Should Attend? Security and computer engineers, computer security researchers, people interested in microarchitectural attacks.

What to expect? This course will teach attendees how microarchitectural attacks work and how to automate them. They will learn how to combine different side channels and use different side channels to achieve the same goal in different privilege scenarios. This will give engineers the ability to find and address microarchitectural vulnerabilities in hardware and software.

What not to expect? "Exploits", Fault attacks (Rowhammer).

About the trainers. Daniel Gruss, Moritz Lipp, and Michael Schwarz have been teaching at Graz University of Technology for several years. They are one of the leading groups in microarchitectural attack and defense research and have spoken about this topic at various international venues.

Putting Security Checks into Your Build Pipeline

Training by Christian Schneider

Training. Putting Security Checks into Your Build Pipeline

Abstract. This course gives insight into automation capabilities of security scans, which perfectly fit into many build pipelines. Taking frontends (Web) as well as backends (APIs) into account, you will learn what steps of a security analysis can be best automated - and how. By focussing on OpenSource solutions, you will get a tool arsenal with different automation options ready to test your applications' security on every build.

In order to get the most out of the training day you can (optionally) follow exercises with Kali Linux and a specially for this workshop created demo application to test. And for those without a laptop during the workshop: Even without one to be able to take part in the practical tasks, you’ll obviously pick up a lot of information from the workshop anyway.

Course Outline.

  • DevOps pipelines
  • Security tool landscape
  • Automation capabilities and integration styles
  • Overcoming crawler problems
  • Alternative traffic generators
  • Coping with tokens, CAPTCHAs, and other automation problems
  • Configuration recommendations for different automation and scan types
  • Scan scheduling & APIs
  • How to NOT just break builds
  • Handling findings from automated scans
  • Organizational aspects (especially for agile teams)

What to bring? Laptop (with VMware or VirtualBox).

Prerequisites. If you want to attend the exercises: Kali Linux installed and running (inside VM is absolutely ok).

Who Should Attend? DevOps Engineers, QA / Test Engineers, Developers, Penetration Testers, Technical Managers.

What to expect? This course will teach attendees how to use security tools in an automated way to assess the security of their applications as part of build pipelines. At the end of this course attendees will be able to consider different techniques and utilize security tools to security-enhance the software development process of agile DevOps projects.

What not to expect? One-fits-all solutions, offensive stuff (i.e. we're not covering post exploitation techniques as part of automated build chains).

About the trainer. Christian (@cschneider4711) has pursued a successful career as a freelance Java software developer and expanded it to include the focus on IT-Security. His major areas of work are Security Architecture Consulting and Penetration Testing. Aside from trainings he coaches agile projects to include security in the SDLC by applying Security DevOps concepts. Christian enjoys speaking at conferences and blogs at Christian-Schneider.net.

Attacking and Defending TLS

Training by Dr. Juraj Somorovsky, Robert Merget (Ruhr University Bochum)

Training. Attacking and Defending TLS

Abstract. Transport Layer Security (TLS) is the most important cryptographic protocol on the Internet. It is responsible for securing connections between browsers and web servers, or between web services peers. Recent TLS history is however full of new attacks, which makes it challenging to deploy applications securely.

We give an overview of the most critical TLS attacks and show how to detect these attacks with different tools. Afterward, we present best practices to establish secure TLS connections.

Course Outline.

  • Short intro into crypto
  • The TLS protocol
  • TLS attacks
  • Secure TLS configuration
  • Security evaluation with open-source tools

What to bring? Laptop, VirtualBox

Prerequisites. Operating system with at least 4GB of RAM (8GB recommended) and at least 25 GB of free disk space.

Who Should Attend? Developers, Penetration Testers

What to expect? You will learn the concepts behind the most important cryptographic protocol and the relevant attacks from recent years. You will gain knowledge on how to analyze your server configuration with open source tools and how to deploy TLS securely.

What not to expect? 0days

About the trainers. Dr. Juraj Somorovsky is a security researcher at the Ruhr University Bochum, and a co-founder of Hackmanit GmbH. He is the main developer of a flexible tool for TLS analyses called TLS-Attacker and a co-author of several well-known TLS attacks. For example, his attacks DROWN and ROBOT received Pwnie Awards for Best cryptographic attacks in years 2016 and 2018. Juraj Somorovsky presented his work on renowned scientific and industrial conferences, including Usenix Security, Blackhat, Deepsec and OWASP Europe.

Robert Merget (@ic0nz1) is a PhD Student at the Chair for Network and Data security at Ruhr University Bochum. The focus of his research is practical TLS implementations and their analysis. He is a co-author of TLS-Attacker and the main developer of TLS-Scanner.

Ass.Prof. Dr. Christina Pöpper

(NYU Abu Dhabi) – Keynote

Talk. TBA

Abstract. TBA

Biography. Christina Pöpper is a computer scientist with a focus on information and communication security. Her research goal is to better understand and enhance the security and privacy of current and future IT and communication systems. Specific interests are the security of wireless systems and applications, where she is working on topics like secure localization and jamming-resistant communication, mobile-, protocol- and system-level security as well as on aspects of privacy. She is teaching computer/IT security and general computer science classes. She is affiliated with the Center for Cyber Security at NYUAD.

Prior to joining NYUAD, Christina Pöpper was an assistant professor at Ruhr-University Bochum, Germany, where she headed the Information Security Group at the Electrical Engineering and Information Technology Department / Horst-Görtz-Institute for IT-Security. In the past, she taught specialized courses on wireless security as well as on private and anonymous communication. She received her doctoral and graduate degrees in computer science from ETH Zurich, Switzerland.

Her research interest is cybersecurity and privacy. One focus area is wireless and communication security, in particular securing wireless radio transmissions against jamming as well as securing localization techniques. She likes to combine systems and security mechanisms in different application settings. She addresses secure systems where cryptography alone is often not enough.

Conference location


Training address: Mercure Hotel Bochum City (website), Massenbergstraße 19-21, 44787 Bochum

Google Maps: Link to the hotel

Conference address: Veranstaltungszentrum, Ruhr-Universität Bochum, Universitätsstraße 150, 44801 Bochum

Google Maps: Link to the conference building

Directions: RuhrSec will be held at the Ruhr University Bochum (RUB). The conference location is directly located under the cafeteria/Mensa in our event center ("VZ" or "Veranstaltungszentrum"). You can find parking spaces for your car directly under the conference location (University Center/"Universität Mitte", parking space P9). Otherwise, you can take the subway ("U-Bahn") U35 to the station "Ruhr-Universität". From the station, it is a 5-10 minutes' walk to the conference building.

Flight and Train Information

The closest airport is "Düsseldorf Flughafen" (DUS). From DUS, the shortest and fastest way to get to Bochum is via train. Please take the "Sky Train" from the airport to the train station "Düsseldorf Flughafen". Afterwards, you should take a train to "Bochum Hauptbahnhof" (aka. "Bochum Hbf"). From there we recommend to take a taxi to the conference center (about 10 euro). Otherwise, you can take the subway ("U-Bahn") U35 to the station "Ruhr-Universität". From the station, it is a 5-10 minutes' walk to the conference building.

Please notice:

  • Please pay for the sky train (about 2 euro).
  • To get your train tickets, you can use a ticket machine after the sky train. They allow you to choose English for the UI and you can (often) pay with your credit cards. Please be sure to bring enough cash (euro) with you, because it is possible that the ticket machine does not accept your credit card. The ticket price should be about 2 euro (SkyTrain) and 20 euro (train).
  • Please do not forget to validate your train ticket with one of the stamp machines. Otherwise, it is not valid.

If you want to check when your train will arrive you can use this web page: https://reiseauskunft.bahn.de/bin/query.exe/en


We do not offer any hotel room reservation service. From our experience, it is cheaper to use common hotel booking portals instead of booking the rooms directly at the hotel or with a reservation code.

Directly in the heart of Bochum and near the central station, we recommend two hotels:

Ibis has renewed their hotel a few years ago and it is, depending on the view, sufficient to spend a few nights in it. More luxury is given in the Mercure Hotel, which was a Park Inn hotel in the past. Both hotels are not far away from Bochum's famous "Bermuda Dreieck" - with a lot of good bars and German beer.

Social Event

Besides their anti-virus products, G DATA is known as the evening sponsor of the Ruhr University's HackPra lecture. As in the case of HackPra, RuhrSec will have an awesome evening event too.

Every participant with a valid conference ticket is invited to be our guest at the social event. G Data provides awesome people, tasty food and high quality drinks. Feel free to join us and to talk with other security interested people, including the speakers.


Location: G DATA Academy, Königsallee 178, D-44799 Bochum

How to get there: After the conference we will go to the location by using public transport systems together. More information is given before the keynote on the first conference day.

German way description: Download PDF

Time: After the first conference day (>=17:00 o'clock)

Contact us

The conference is organized by Hackmanit. The Hackmanit organization team consists of Marcus Niemietz, Christian Mainka and Juraj Somorovsky. We are security researchers with a strong relationship to the Horst Görtz Institute for IT security.

In case you have any questions regarding the conference, please contact us via mail:

Email us

Hackmanit GmbH

Universitätsstraße 150 (ID 2/469)
44801 Bochum

Our Phone:

T: (+49)(0)234 / 45930961


(+49)(0)234 / 45930960

Our Email:


Find us elsewhere


Follow our posts


Follow our tweets


Refresh your memories


Enjoy our videos