Thorsten Holz

Publications:

The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws || 2021-10-06 xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64 || 2022-06-06 Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains || 2021-09-30 SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing || 2022-08-10 On the challenges of automata reconstruction in LTE networks || 2021-06-28 Reproducibility and Replicability of Web Measurement Studies || 2022-04-25 Dompteur: Taming Audio Adversarial Examples || 2021-08-11 5G SUCI-catchers: still catching them all? || 2021-06-01 Efficient Calculation of Adversarial Examples for Bayesian Neural Networks || 2020-02-01 Loki: Hardening Code Obfuscation Against Automated Attacks || 2022-08-10 Jit-Picking: Differential Fuzzing of JavaScript Engines || 2022-11-07 Towards the Detection of Diffusion Model Deepfakes || 2024-02-27 FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities || 2023-02-27 EF/CF: A High Performance Fuzzer for Ethereum Smart Contracts || 2023-07-03 Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing || 2022-08-10 Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding || 2019-02-24 GRIMOIRE: Synthesizing Structure while Fuzzing || 2019-08-25 ANTIFUZZ: Impeding Fuzzing Audits of Binary Executables || 2019-07-10 (Un)informed Con­sent: Studying GDPR Consent Notices in the Field || 2019-11-11 VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching || 2019-12-09 Static Detection of Uninitialized Stack Variables in Binary Code || 2019-08-23 Towards Automated Application-Specific Software Stacks || 2019-09-23 IJON: Exploring Deep State Spaces via Fuzzing || 2020-05-18 HYPER-CUBE: High-Dimensional Hypervisor Fuzzing || 2020-02-23 IMP4GT: IMPersonation Attacks in 4G NeTworks || 2020-02-23 On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways || 2020-01-01 Call Me Maybe: Eavesdropping Encrypted LTE Calls With REVOLTE || 2020-08-12 AURORA: Statistical Crash Analysis for Automated Root Cause Explanation || 2020-08-12 ETHBMC: A Bounded Model Checker for Smart Contracts || 2020-08-12 Measuring the Impact of the GDPR on Data Sharing in Ad Networks || 2020-11-09 CORSICA: Cross-Origin Web Service Identification || 2020-11-09 Be the Phisher – Understanding Users’ Perception of Malicious Domains || 2020-11-09 Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems || 2020-12-07 Leveraging Frequency Analysis for Deep Fake Image Recognition || 2020-07-12 Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing || 2020-12-07 Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces || 2020-09-14 NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types || 2021-08-11