Welcome

I am a Professor of Computer Science at the University of Münster. I also hold a part-time appointment at the University of Twente.

I work in computer networks and security. My research interests revolve around understanding and improving security on the Internet, taking an empirical approach. Broadly speaking, this encompasses

• global-scale measurement of Internet service deployments and their security
• empirical analysis of security technology
• implications for policy and governance

In my work, I care foremost about the real-world implications of technology. Hence, I work with other disciplines and industry alike to make the Internet a safer, more secure, and altogether more interesting and useful place.

News

• April ‘26: I teach Computer-Netze und ihre Leistung (Computer Networks) in ST2026. I have taken part-time leave - there will be no Network and System Security this term!
• April ‘26: I have taken over the roles of Erasmus and BAföG officer in our institute.
• March ‘26: Shyam and Nils had their papers accepted at PAM, and Gustavo and Pascal at NOMS. Congrats to the teams!

Bio

Before joining the University of Münster as full professor, I was an Associate Professor at the University of Twente in the Netherlands. Before that, I was a Lecturer and Senior Lecturer at the University of Sydney in Australia. Until 2016, I was a Researcher at NICTA (later Data61), also in Sydney, where I worked on network security and was part of the Security Business Team. I hold a PhD from Technical University of Munich. I did both my post-grad and under-grad studies at Eberhard Karls University, Tuebingen, one of Germany’s classic universities.

Selected publications

All publications

• LanDscAPe: Exploring LDAP Weaknesses and Data Leaks at Internet Scale. Jonas Kaspereit, Gurur Öndarö, Gustavo Luvizotto Cesar, Simon Ebbers, Fabian Ising, Christoph Saatjohann, Mattijs Jonker, Ralph Holz, and Sebastian Schinzel. Proc. USENIX Security Symposium. Philadelphia, PA, USA, 2024. Link
• Packed to the Brim: Investigating the Impact of Highly Responsive Prefixes on Internet-wide Measurement Campaigns. Patrick Sattler, Johannes Zirngibl, Mattijs Jonker, Oliver Gasser, Georg Carle, and Ralph Holz. Int. Conf. on Emerging Networking Experiments And Technologies (CoNEXT). Paris, France, December 2023. Link
• Tracking the deployment of TLS 1.3 on the Web: A story of experimentation and centralization. Ralph Holz, Jens Hiller, Johanna Amann, Abbas Razaghpanah, Thomas Jost, Narseo Vallina-Rodriguez, and Oliver Hohlfeld. SIGCOMM Comput. Commun. Rev., 50(3). July 2020. PDF Link
• Data sharing practices of medicines-related apps and the mobile ecosystem. Quinn Grundy, Kellia Chiu, Fabian Held, Andrea Continella, Lisa Bero, and Ralph Holz. The BMJ, 364(1920). March 2019. Link
• The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem. Quirin Scheitle, Oliver Gasser, Theodor Nolte, Johanna Amann, Georg Carle, Ralph Holz, Thomas C. Schmidt, and Matthias Wählisch. Proc. ACM/USENIX 18th Annual Internet Measurement Conference (IMC). Boston, MA, USA, October 2018. Link
• A First Look at Certification Authority Authorization (CAA). Quirin Scheitle, Taejoon Chung, Jens Hiller, Oliver Gasser, Johannes Naab, Roland van Rijswijk-Deij, Oliver Hohlfeld, Ralph Holz, Dave Choffnes, Alan Mislove, and Georg Carle. SIGCOMM Comput. Commun. Rev., 48(2):10-23. April 2018. PDF Link
• Mission accomplished? HTTPS security after DigiNotar. Johanna Amann, Oliver Gasser, Quirin Scheitle, Lexi Brent, Georg Carle, and Ralph Holz. Proc. ACM/USENIX 17th Annual Internet Measurement Conference (IMC). London, UK, November 2017. Link
• HEAP: Reliable assessment of BGP Hijacking attacks. Johann Schlamp, Ralph Holz, Quentin Jacquemart, Georg Carle, and Ernst W. Biersack. IEEE J. Selected Areas of Communication (JSAC), 34(6):1849-1861. 2016. PDF
• TLS in the wild-An Internet-wide analysis of TLS-based protocols for electronic communication. Ralph Holz, Johanna Amann, Olivier Mehani, Matthias Wachs, and Mohamed Ali Kafaar. Proc. Network and Distributed System Symposium (NDSS). San Diego, CA, USA, February 2016. PDF

Advising

Prospective PhD students

PhD positions at the University of Münster and at the University of Twente are generally fully funded and part of a research project. I advertise these positions publicly, but you can also write me an email to find out if there are any vacancies at the moment.

Before you do that, please read the take the time to find out what I like to work on. I do not reply to inquiries that don’t make such an effort. Prospective PhD students must have a strong background in computer security and/or networks. I expect that incoming PhD students can articulate clearly why they want to work in a particular research area and have some research experience, e.g., from a Master thesis.

I currently work with the following PhD students:

• Gerrit Seifert (University of Münster)
• Nils Kempen (University of Münster)
• Gustavo Luvizotto (University of Twente)
• Bulut Ulukapi (University of Twente)
• Shyam Krishna Khadka (University of Twente)
• Matteo Liberato (University of Twente)
• Sousan Tarahomi (University of Twente)
• Pascal Huppert (University of Twente)

Bachelor and Master students

My group always has open topics in the area of Internet measurement and network security. Please contact me if you are interested in doing a thesis with me. Please note: I do not offer Bachelor theses at the University of Twente, and I accept only one Master student per year at the University of Twente.

Teaching

For the current list of course offerings, please see my website at the University of Münster.

In general, I teach a selection from the following:

• Empirical Security Analysis & Engineering (MSc, English, usually WT). I offer this simultaneously at the University of Twente.
• Network and System Security (NaSS, MSc, English, usually ST)
• Computernetzwerke (BSc, German, usually ST)
• Developing Tools for Empirical Internet Measurement (project seminar format, MSc and BSc, language as required, term varying)
• Empirical Research in Computer Networks (seminar format, MSc, language as required, term varying)

Our Graduates Seminar (Oberseminar) runs year-round; MSc and BSc students writing their theses are expected to enrol.

Contact and legal notice

• Prof Dr Ralph Holz
• Institut für Informatik, FB 10, University of Münster
• Einsteinstr. 62, 48149 Münster, Germany
• +49 251 83 38 447
Responsible for this website under Section 5 of the German Digitale-Dienste-Gesetz:
Prof Dr Ralph Holz (address as above)

Hinweis/Disclaimer. This website presents my academic activities and does not represent an official publication of the University of Münster, the University of Twente, or the University of Sydney./Diese Website dient der Darstellung meiner wissenschaftlichen Tätigkeiten und ist keine offizielle Publikation der Universität Münster, der Universität Twente oder der University of Sydney./Deze website is bedoeld om mijn wetenschappelijke werkzaamheden te presenteren en vormt geen officiële publicatie van de Universiteit van Münster, de Universiteit Twente of de University of Sydney.

This website is hosted on Amazon Web Services (AWS) servers located in the EU and delivered via Cloudflare. Both providers process connection data (e.g. IP address, request time) solely for security and technical delivery. Data are not used for profiling or analytics and are automatically deleted after a short retention period. The processing is based on Art. 6 (1)(f) GDPR (legitimate interest in secure and efficient website delivery).