Dr Ralph Holz

Lecturer in Networks and Security
School of Information Technologies

J12 - The School of Information Technologies
The University of Sydney

Telephone +61 2 9036 9718
Fax +61 2 9351 3838

Website School of Information Technologies

Personal website

Google scholar

Biographical details

Ralph Holz is a Lecturer in Networks and Security in the School of Information Technologies, where he leads the Node for Cybersecurity and Usable Security inside the Human-Centred Technologies theme. He is a Visiting Researcher at the University of New South Wales and Technical University of Munich.

Ralph's research interests revolve around network measurement and security, with a decidedly empirical approach. His theme is real-world security, with current research focusing on global-scale measurement of internet service deployments and their security, data-driven security mechanisms, and analysis of blockchain technology and its implications.

Before coming to the University of Sydney, Ralph was a Researcher at Data61|CSIRO (then NICTA), with roles across the Mobile Systems and Software Systems groups, and a Post-doctoral Researcher at Technical University of Munich, where he also received his PhD in 2014. During his PhD, he worked for several prominent industry partners such as Airbus Group and Nokia Siemens Networks.

He has a proven track record of successful research projects and industry engagement.

Research interests

Dr Ralph Holz's research aims to enhance the security and privacy of internet users. His current focus are Internet security measurements and blockchains. Since internet users are also human beings, his work necessarily takes into account the complex interactions between the two.

"I try to understand the security of computer technology as it is deployed in real systems, and hence as it affects our daily lives. It is a tremendous challenge, with many implications, to bridge the gap between a purely technical understanding and the workings of the human mind. Human factors critically determine whether a system will be securely deployed, operated and used.

"I actually measure the security of computer systems, which allows me to determine how well they achieve their purpose. Once I have identified any potential shortcomings, I design solutions so they achieve their purpose better and provide an overall higher level of security.

"Importantly, I also take into account how the system is used by actual users. Ideally, technology should be designed in such a way that its users are supported and that its security features do not get in the way of how those users want to use the technology.

"I am driven by my curiosity. I want to understand how technology works in the real world - what effects it has on people, organisations and society.

"The digital world is a fact, and we need to understand it in order to improve its performance and security. We must also get to the point where we can give guarantees of fundamental human rights, such as free speech online. Security and privacy technology is an enabler of these rights in the digital world.

"Ultimately I hope to contribute to much-improved security on the internet. Security for users implies improved security for industry, government, NGOs and, ultimately, society.

"I have been working in this area for more than 10 years, and I joined the University of Sydney in 2016. Being an academic here gives me great freedom to work on problems that matter, while remaining engaged with important groups from industry and society."

Teaching and supervision

Ralph is available to supervise research and research-linked projects (in particular PhD projects, Honours, Master, SSPs...).

Prospective PhD students will need to meet the admission criteria and be competitive for a scholarship. They also need to have a strong background in computer security and networks and provide a research proposal. Please consult the admission website, Ralph's current research agenda, and list of previous publications before contacting Ralph and preparing a research proposal. Please also include a transcript and CV in your email.

Ralph is currently teaching the following units:

  • COMP5617 - Empirical Security Analysis and Engineering (S2)
  • COMP9121 - Design of Networks & Distributed Systems (S2)

Current research students

Project title Research student
Building the Blocks: Blockchain Consensus from Private to Public Christopher NATOLI

In the media


    International collaboration


      Domestic collaboration


        Industry engagement

          Selected grants

          2018

          • Taipan: A Blockchain with Democratic Consensus and Validated Contracts; Gramoli V, Raynal M, Fekete A, Holz R, Scholz B; Australian Research Council (ARC)/Discovery Projects (DP).

          2017

          • Policy Scenarios for the Future(s) of Australian Cyber Security; Smith F, Sinpeng A, Atkinson S, Holz R, Hutchinson J; DVC Research/Sydney Policy Lab.
          • Setting the standard for consumer data sharing practices of top-rated health apps; Grundy Q, Bero L, Holz R, Held F, Kay J, Allman-Farinelli M; DVC Research/Sydney Policy Lab.
          • Global activity analysis of blockchain transactions and smart contracts with the Blockchain Observatory; Holz R; University of Sydney/Early Career Researcher.
          • Big Data, Algorithms, and Security in the Digital Age (Project-based units); Smith F, Brevini B, Dong Z, Holz R; DVC Education/Small Educational Innovation Grant.

          2016

          • Enabling data-driven security and privacy�a cross-disciplinary platform for observation and analysis; Roehm U, Holz R, Chawla S; Faculty of Engineering & Information Technology/Major Equipment Grant.

          Selected publications

          Download citations: PDF RTF Endnote

          Journals

          • Schlamp, J., Holz, R., Jacquemart, Q., Carle, G., Biersack, E. (2016). HEAP: Reliable Assessment of BGP Hijacking Attacks. IEEE Journal on Selected Areas in Communications, 34(6), 1849-1861. [More Information]

          Conferences

          • Banfi, D., Mehani, O., Jourjon, G., Schwaighofer, L., Holz, R. (2016). Endpoint-transparent Multipath Transport with Software-defined Networks. 2016 IEEE 41st Conference on Local Computer Networks (LCN 2016), Piscataway: (IEEE) Institute of Electrical and Electronics Engineers. [More Information]
          • Holz, R., Amann, J., Mehani, O., Wachs, M., Kaafar, M. (2016). TLS in the wild: An Internet-wide analysis of TLS-based protocols for electronic communication. 2016 Network and Distributed System Security Symposium (NDSS), Reston: Internet Society. [More Information]
          • Mehani, O., Holz, R., Ferlin, S., Boreli, R. (2015). An Early Look at Multipath TCP Deployment in the Wild. 6th International Workshop on Hot Topics in Planet-Scale Measurement (HotPlanet 2015), New York: Association for Computing Machinery (ACM). [More Information]
          • Schlamp, J., Holz, R., Gasser, O., Korsten, A., Jacquemart, Q., Carle, G., Biersack, E. (2015). Investigating the Nature of Routing Anomalies: Closing in on Subprefix Hijacking Attacks. 7th International Workshop on Traffic Monitoring and Analysis (TMA 2015), Cham: Springer. [More Information]
          • Bass, L., Holz, R., Rimba, P., Tran, A., Zhu, L. (2015). Securing a Deployment Pipeline. 3rd International Workshop on Release Engineering (RELENG 2015), Piscataway: (IEEE) Institute of Electrical and Electronics Engineers. [More Information]
          • Gasser, O., Holz, R., Carle, G. (2014). A deeper understanding of SSH: Results from Internet-wide scans. IEEE Network Operations and Management Symposium (NOMS). IEEE. [More Information]
          • Holz, R., Riedmaier, T., Kammenhuber, N., Carle, G. (2012). X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-Middle. European Symposium on Research in Computer Security (ESORICS). [More Information]
          • Ulrich, A., Holz, R., Hauck, P., Carle, G. (2011). Investigating the OpenPGP Web of Trust. ESORICS 2011. Springer. [More Information]
          • Holz, R., Braun, L., Kammenhuber, N., Carle, G. (2011). The SSL Landscape � A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements. ACM SIGCOMM Internet Measurement Conference, IMC. [More Information]

          2016

          • Banfi, D., Mehani, O., Jourjon, G., Schwaighofer, L., Holz, R. (2016). Endpoint-transparent Multipath Transport with Software-defined Networks. 2016 IEEE 41st Conference on Local Computer Networks (LCN 2016), Piscataway: (IEEE) Institute of Electrical and Electronics Engineers. [More Information]
          • Schlamp, J., Holz, R., Jacquemart, Q., Carle, G., Biersack, E. (2016). HEAP: Reliable Assessment of BGP Hijacking Attacks. IEEE Journal on Selected Areas in Communications, 34(6), 1849-1861. [More Information]
          • Holz, R., Amann, J., Mehani, O., Wachs, M., Kaafar, M. (2016). TLS in the wild: An Internet-wide analysis of TLS-based protocols for electronic communication. 2016 Network and Distributed System Security Symposium (NDSS), Reston: Internet Society. [More Information]

          2015

          • Mehani, O., Holz, R., Ferlin, S., Boreli, R. (2015). An Early Look at Multipath TCP Deployment in the Wild. 6th International Workshop on Hot Topics in Planet-Scale Measurement (HotPlanet 2015), New York: Association for Computing Machinery (ACM). [More Information]
          • Schlamp, J., Holz, R., Gasser, O., Korsten, A., Jacquemart, Q., Carle, G., Biersack, E. (2015). Investigating the Nature of Routing Anomalies: Closing in on Subprefix Hijacking Attacks. 7th International Workshop on Traffic Monitoring and Analysis (TMA 2015), Cham: Springer. [More Information]
          • Bass, L., Holz, R., Rimba, P., Tran, A., Zhu, L. (2015). Securing a Deployment Pipeline. 3rd International Workshop on Release Engineering (RELENG 2015), Piscataway: (IEEE) Institute of Electrical and Electronics Engineers. [More Information]

          2014

          • Gasser, O., Holz, R., Carle, G. (2014). A deeper understanding of SSH: Results from Internet-wide scans. IEEE Network Operations and Management Symposium (NOMS). IEEE. [More Information]

          2012

          • Holz, R., Riedmaier, T., Kammenhuber, N., Carle, G. (2012). X.509 Forensics: Detecting and Localising the SSL/TLS Men-in-the-Middle. European Symposium on Research in Computer Security (ESORICS). [More Information]

          2011

          • Ulrich, A., Holz, R., Hauck, P., Carle, G. (2011). Investigating the OpenPGP Web of Trust. ESORICS 2011. Springer. [More Information]
          • Holz, R., Braun, L., Kammenhuber, N., Carle, G. (2011). The SSL Landscape � A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements. ACM SIGCOMM Internet Measurement Conference, IMC. [More Information]

          For support on your academic profile contact .