Thorsten Holz

Thorsten Holz

Institution: CISPA / CASA

Research Hub(s):

Hub B: Eingebettete Sicherheit
Hub C: Sichere Systeme
Hub D: Benutzerfreundlichkeit

E-Mail: Thorsten.​Holz@​rub.​de


The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws Dompteur: Taming Audio Adversarial Examples 5G SUCI-catchers: still catching them all? Efficient Calculation of Adversarial Examples for Bayesian Neural Networks Reproducibility and Replicability of Web Measurement Studies NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types Plenty of Phish in the Sea: Analyzing Potential Pre-Attack Surfaces Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing Leveraging Frequency Analysis for Deep Fake Image Recognition xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64 EF/CF: A High Performance Fuzzer for Ethereum Smart Contracts Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing Jit-Picking: Differential Fuzzing of JavaScript Engines Loki: Hardening Code Obfuscation Against Automated Attacks Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing On the challenges of automata reconstruction in LTE networks VPS: Excavating High-Level C++ Constructs from Low-Level Binaries to Protect Dynamic Dispatching HYPER-CUBE: High-Dimensional Hypervisor Fuzzing IJON: Exploring Deep State Spaces via Fuzzing Towards Automated Application-Specific Software Stacks Static Detection of Uninitialized Stack Variables in Binary Code IMP4GT: IMPersonation Attacks in 4G NeTworks (Un)informed Con­sent: Studying GDPR Consent Notices in the Field ANTIFUZZ: Impeding Fuzzing Audits of Binary Executables GRIMOIRE: Synthesizing Structure while Fuzzing Adversarial Attacks Against Automatic Speech Recognition Systems via Psychoacoustic Hiding ETHBMC: A Bounded Model Checker for Smart Contracts Be the Phisher – Understanding Users’ Perception of Malicious Domains CORSICA: Cross-Origin Web Service Identification Measuring the Impact of the GDPR on Data Sharing in Ad Networks AURORA: Statistical Crash Analysis for Automated Root Cause Explanation Call Me Maybe: Eavesdropping Encrypted LTE Calls With REVOLTE On Using Application-Layer Middlebox Protocols for Peeking Behind NAT Gateways