Pruning the Tree: Rethinking RPKI Architecture From The Ground Up
Haya Schulmann and Niklas Vogel
33rd Annual Network and Distributed System Security Symposium
[Conference Proceedings]

All That Glitters Is Not Gold: RPKI’s Stumbling Speedrun To The Top
Mirdita, Donika and Schulmann, Haya and Waidner, Michael
IEEE Transactions on Dependable and Secure Computing, p.1-12
[Journal Article]

Learning to Identify Conflicts in RPKI
Haya Schulmann and Shujie Zhao
Proceedings of the 20th ACM Asia Conference on Computer and Communications Security, p.1490–1505
[Conference Proceedings]

ValidaTor: Domain Validation over Tor
Jens Frieß and Haya Schulmann and Michael Waidner
22nd USENIX Symposium on Networked Systems Design and Implementation (NSDI 25), p.1367–1380
[Conference Proceedings]

SoK: An Introspective Analysis of RPKI Security
Donika Mirdita and Haya Schulmann and Michael Waidner
34th USENIX Security Symposium (USENIX Security 25), p.3649–3665
[Journal Article]

Stealth BGP Hijacks with uRPF Filtering
Haya Schulmann and Shujie Zhao
19th USENIX WOOT Conference on Offensive Technologies (WOOT 25), p.129–138
[Conference Proceedings]

Poster: Exploring the Landscape of RPKI Relying Parties
Donika Mirdita and Haya Schulmann and Michael Waidner
Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, p.4773–4775
[Conference Proceedings]

Poster: We must talk about RPKI Repositories
Haya Schulmann and Niklas Vogel
Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, p.4755–4757
[Conference Proceedings]

Poster: The Rocky Road Towards RPKI Algorithm Agility
Katharina Miesch and Haya Schulmann and Niklas Vogel
Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, p.4767–4769
[Conference Proceedings]

Demo: Stopping Production Testing: A Graphical RPKI Test-Suite
Tobias Kirsch and Haya Schulmann and Niklas Vogel
Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security, p.4722–4723
[Conference Proceedings]

RPKI: Not Perfect But Good Enough
Haya Schulmann and Niklas Vogel and Michael Waidner
CoRR, Vol.abs/2409.14518
[Journal Article]

Attacking with Something That Does Not Exist: ’Proof of Non-Existence’ Can Exhaust DNS Resolver CPU
Olivia Gruza and Elias Heftrig and Oliver Jacobsen and Haya Schulmann and Niklas Vogel and Michael Waidner
18th USENIX WOOT Conference on Offensive Technologies (WOOT 24), p.45–57
[Conference Proceedings]

Insights into SAV Implementations in the Internet
Haya Schulmann and Shujie Zhao
Passive and Active Measurement, p.69–87
[Conference Proceedings]

Cloudy with a Chance of Cyberattacks: Dangling Resources Abuse on Cloud Platforms
Jens Frieß and Tobias Gattermayer and Nethanel Gelernter and Haya Schulmann and Michael Waidner
21st USENIX Symposium on Networked Systems Design and Implementation (NSDI 24), p.1977–1994
[Conference Proceedings]

The CURE to Vulnerabilities in RPKI Validation
Donika Mirdita and Haya Schulmann and Niklas Vogel and Michael Waidner
31st Annual Network and Distributed System Security Symposium
[Conference Proceedings]

Crowdsourced Distributed Domain Validation
Jens Frieß and Haya Schulmann and Michael Waidner
Proceedings of the 23rd ACM Workshop on Hot Topics in Networks, p.318–325
[Conference Proceedings]

Poster: From Fort to Foe: The Threat of RCE in RPKI
Oliver Jacobsen and Haya Schulmann and Niklas Vogel and Michael Waidner
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, p.5015–5017
[Conference Proceedings]

Poster: Patching NSEC3-Encloser: The Good, the Bad, and the Ugly
Oliver Jacobsen and Haya Schulmann
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, p.4937–4939
[Conference Proceedings]

Poster: Security of Login Interfaces in Modern Organizations
Kevin Nsieyanji Tchokodeu and Haya Schulmann and Gil Sobol and Michael Waidner
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, p.4925–4927
[Conference Proceedings]

Poster: Kill Krill or Proxy RPKI
Louis Cattepoel and Donika Mirdita and Haya Schulmann and Michael Waidner
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, p.4922–4924
[Conference Proceedings]

The Harder You Try, The Harder You Fail: The KeyTrap Denial-of-Service Algorithmic Complexity Attacks on DNSSEC
Elias Heftrig and Haya Schulmann and Niklas Vogel and Michael Waidner
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, p.497–510
[Conference Proceedings]

Byzantine-Secure Relying Party for Resilient RPKI
Jens Frieß and Donika Mirdita and Haya Schulmann and Michael Waidner
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, p.49–63
[Conference Proceedings]

External Attack-Surface of Modern Organizations
Nethanel Gelernter and Haya Schulmann and Michael Waidner
Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, p.589–604
[Conference Proceedings]

Protocol Fixes for KeyTrap Vulnerabilities
Elias Heftrig and Haya Schulmann and Niklas Vogel and Michael Waidner
Proceedings of the 2024 Applied Networking Research Workshop, p.74–80
[Conference Proceedings]

ZPredict: ML-Based IPID Side-channel Measurements
Haya Schulmann and Shujie Zhao
ACM Trans. Priv. Secur., Vol.27
[Journal Article]

Wie Deutschland zur Cybernation wird
Haya Schulmann and Michael Waidner
Datenschutz und Datensicherheit, Vol.48, p.11–15
[Journal Article]

Downgrading DNSSEC: How to Exploit Crypto Agility for Hijacking Signed Zones
Elias Heftrig and Haya Schulmann and Michael Waidner
32nd USENIX Security Symposium (USENIX Security 23), p.7429–7444
[Conference Proceedings]

Keep Your Friends Close, but Your Routeservers Closer: Insights into RPKI Validation in the Internet
Tomas Hlavacek and Haya Schulmann and Niklas Vogel and Michael Waidner
32nd USENIX Security Symposium (USENIX Security 23), p.4841–4858
[Conference Proceedings]

Poster: Off-Path DNSSEC Downgrade Attacks
Elias Heftrig and Haya Schulmann and Michael Waidner
Proceedings of the ACM SIGCOMM 2023 Conference, p.1120–1122
[Conference Proceedings]

Poster: LeMon: Global Route Leak Monitoring Service
Haya Schulmann and Shujie Zhao
Proceedings of the ACM SIGCOMM 2023 Conference, p.1111–1113
[Conference Proceedings]