Ruhr-Uni-Bochum
Thorsten Holz

Thorsten Holz

Institution: CISPA / CASA

Research Hub(s):

Hub B: Embedded Security
Hub C: Secure Systems
Hub D: Usability

E-Mail: Thorsten.Holz@rub.de

Publications:

SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws Reproducibility and Replicability of Web Measurement Studies Efficient Calculation of Adversarial Examples for Bayesian Neural Networks 5G SUCI-catchers: still catching them all? Dompteur: Taming Audio Adversarial Examples On the challenges of automata reconstruction in LTE networks Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64 Loki: Hardening Code Obfuscation Against Automated Attacks Jit-Picking: Differential Fuzzing of JavaScript Engines Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding GRIMOIRE: Synthesizing Structure while Fuzzing ANTIFUZZ: Impeding Fuzzing Audits of Binary Executables (Un)informed Con­sent: Studying GDPR Consent Notices in the Field VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching Static Detection of Uninitialized Stack Variables in Binary Code Towards Automated Application-Specific Software Stacks IJON: Exploring Deep State Spaces via Fuzzing HYPER-CUBE: High-Dimensional Hypervisor Fuzzing IMP4GT: IMPersonation Attacks in 4G NeTworks On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways Call Me Maybe: Eavesdropping Encrypted LTE Calls With REVOLTE AURORA: Statistical Crash Analysis for Automated Root Cause Explanation ETHBMC: A Bounded Model Checker for Smart Contracts Measuring the Impact of the GDPR on Data Sharing in Ad Networks CORSICA: Cross-Origin Web Service Identification Be the Phisher – Understanding Users’ Perception of Malicious Domains Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems Leveraging Frequency Analysis for Deep Fake Image Recognition Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types