Ruhr-Uni-Bochum
Thorsten Holz, Eike Kiltz und Christof Paar stehen nebeneinander in einem modernen Innenraum mit großen Fenstern im Hintergrund

Thorsten Holz

Institution: Max-Planck-Institut für Sicherheit und Privatsphäre

Research Hub(s):

Hub B: Eingebettete Sicherheit - CASA 1.0, 2019-2025
Hub C: Sichere Systeme - CASA 1.0, 2019-2025
Hub D: Benutzerfreundlichkeit - CASA 1.0, 2019-2025

E-Mail: Thorsten.Holz@mpi-sp.org

Publikationen:

The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64 Loki: Hardening Code Obfuscation Against Automated Attacks On the challenges of automata reconstruction in LTE networks Dompteur: Taming Audio Adversarial Examples Reproducibility and Replicability of Web Measurement Studies Efficient Calculation of Adversarial Examples for Bayesian Neural Networks 5G SUCI-catchers: still catching them all? Jit-Picking: Differential Fuzzing of JavaScript Engines Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing AI-Generated Faces in the Real World: A Large-Scale Case Study of Twitter Profile Images Confusing Value with Enumeration: Studying the Use of CVEs in Academia Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge "That's another doom I haven't thought about": A User Study on AI Labels as a Safeguard Against Image-Based Misinformation No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning A Representative Study on Human Detection of Artificially Generated Media Across Countries EF/CF: A High Performance Fuzzer for Ethereum Smart Contracts FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities Towards the Detection of Diffusion Model Deepfakes NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding Towards Automated Application-Specific Software Stacks IJON: Exploring Deep State Spaces via Fuzzing HYPER-CUBE: High-Dimensional Hypervisor Fuzzing IMP4GT: IMPersonation Attacks in 4G NeTworks Static Detection of Uninitialized Stack Variables in Binary Code VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching GRIMOIRE: Synthesizing Structure while Fuzzing ANTIFUZZ: Impeding Fuzzing Audits of Binary Executables (Un)informed Con­sent: Studying GDPR Consent Notices in the Field On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways Call Me Maybe: Eavesdropping Encrypted LTE Calls With REVOLTE Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems Leveraging Frequency Analysis for Deep Fake Image Recognition Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces Be the Phisher – Understanding Users’ Perception of Malicious Domains CORSICA: Cross-Origin Web Service Identification AURORA: Statistical Crash Analysis for Automated Root Cause Explanation ETHBMC: A Bounded Model Checker for Smart Contracts Measuring the Impact of the GDPR on Data Sharing in Ad Networks