Ruhr-Uni-Bochum
Thorsten Holz

Thorsten Holz

Institution: CISPA / CASA

Research Hub(s):

Hub B: Embedded Security
Hub C: Secure Systems
Hub D: Usability

E-Mail: Thorsten.Holz@rub.de

Publications:

The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64 Loki: Hardening Code Obfuscation Against Automated Attacks Jit-Picking: Differential Fuzzing of JavaScript Engines Efficient Calculation of Adversarial Examples for Bayesian Neural Networks On the challenges of automata reconstruction in LTE networks Reproducibility and Replicability of Web Measurement Studies 5G SUCI-catchers: still catching them all? Dompteur: Taming Audio Adversarial Examples Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing EF/CF: A High Performance Fuzzer for Ethereum Smart Contracts No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning A Representative Study on Human Detection of Artificially Generated Media Across Countries Towards the Detection of Diffusion Model Deepfakes FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding GRIMOIRE: Synthesizing Structure while Fuzzing ANTIFUZZ: Impeding Fuzzing Audits of Binary Executables (Un)informed Con­sent: Studying GDPR Consent Notices in the Field VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching Static Detection of Uninitialized Stack Variables in Binary Code Towards Automated Application-Specific Software Stacks IJON: Exploring Deep State Spaces via Fuzzing HYPER-CUBE: High-Dimensional Hypervisor Fuzzing IMP4GT: IMPersonation Attacks in 4G NeTworks On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways Call Me Maybe: Eavesdropping Encrypted LTE Calls With REVOLTE AURORA: Statistical Crash Analysis for Automated Root Cause Explanation ETHBMC: A Bounded Model Checker for Smart Contracts Measuring the Impact of the GDPR on Data Sharing in Ad Networks CORSICA: Cross-Origin Web Service Identification Be the Phisher – Understanding Users’ Perception of Malicious Domains Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems Leveraging Frequency Analysis for Deep Fake Image Recognition Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types