BibTeX records: Martin Johns

download as .bib file

@article{DBLP:journals/popets/BoussahaHBRRKJCAB24,
  author       = {Soumaya Boussaha and
                  Lukas Hock and
                  Miguel Bermejo and
                  Rub{\'{e}}n Cuevas Rum{\'{\i}}n and
                  {\'{A}}ngel Cuevas Rum{\'{\i}}n and
                  David Klein and
                  Martin Johns and
                  Luca Compagna and
                  Daniele Antonioli and
                  Thomas Barber},
  title        = {FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking
                  and Entropy-based Thresholds},
  journal      = {Proc. Priv. Enhancing Technol.},
  volume       = {2024},
  number       = {3},
  pages        = {540--560},
  year         = {2024},
  url          = {https://doi.org/10.56553/popets-2024-0092},
  doi          = {10.56553/POPETS-2024-0092},
  timestamp    = {Thu, 18 Jul 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/popets/BoussahaHBRRKJCAB24.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/KirchnerKKKJ24,
  author       = {Robin Kirchner and
                  Simon Koch and
                  Noah Kamangar and
                  David Klein and
                  Martin Johns},
  title        = {A Black-Box Privacy Analysis of Messaging Service Providers' Chat
                  Message Processing},
  journal      = {Proc. Priv. Enhancing Technol.},
  volume       = {2024},
  number       = {3},
  pages        = {674--691},
  year         = {2024},
  url          = {https://doi.org/10.56553/popets-2024-0099},
  doi          = {10.56553/POPETS-2024-0099},
  timestamp    = {Thu, 18 Jul 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/popets/KirchnerKKKJ24.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/hicss/WarneckeBBBDHJP24,
  author       = {Joana M. Warnecke and
                  Christian Baumgartner and
                  Michael H. Breitner and
                  Dominique F. Briechle and
                  Thomas M. Deserno and
                  Maximilian Heumann and
                  Martin Johns and
                  Alexander Picker and
                  Andreas Rausch and
                  Lars C. Wolf},
  editor       = {Tung X. Bui},
  title        = {Continuous Health Monitoring on Shared Mobility Devices: {A} Health-eScooter
                  Prototype},
  booktitle    = {57th Hawaii International Conference on System Sciences, {HICSS} 2024,
                  Hilton Hawaiian Village Waikiki Beach Resort, Hawaii, USA, January
                  3-6, 2024},
  pages        = {3485--3494},
  publisher    = {ScholarSpace},
  year         = {2024},
  url          = {https://hdl.handle.net/10125/106805},
  timestamp    = {Mon, 02 Sep 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/hicss/WarneckeBBBDHJP24.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/KirchnerMM0RJ24,
  author       = {Robin Kirchner and
                  Jonas M{\"{o}}ller and
                  Marius Musch and
                  David Klein and
                  Konrad Rieck and
                  Martin Johns},
  editor       = {Davide Balzarotti and
                  Wenyuan Xu},
  title        = {Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind
                  Cross-Site Scripting},
  booktitle    = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia,
                  PA, USA, August 14-16, 2024},
  publisher    = {{USENIX} Association},
  year         = {2024},
  url          = {https://www.usenix.org/conference/usenixsecurity24/presentation/kirchner},
  timestamp    = {Mon, 22 Jul 2024 17:10:49 +0200},
  biburl       = {https://dblp.org/rec/conf/uss/KirchnerMM0RJ24.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/WesselsKPJ24,
  author       = {Malte Wessels and
                  Simon Koch and
                  Giancarlo Pellegrino and
                  Martin Johns},
  editor       = {Davide Balzarotti and
                  Wenyuan Xu},
  title        = {{SSRF} vs. Developers: {A} Study of SSRF-Defenses in {PHP} Applications},
  booktitle    = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia,
                  PA, USA, August 14-16, 2024},
  publisher    = {{USENIX} Association},
  year         = {2024},
  url          = {https://www.usenix.org/conference/usenixsecurity24/presentation/wessels},
  timestamp    = {Mon, 22 Jul 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/uss/WesselsKPJ24.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/KleinRBKJ23,
  author       = {David Klein and
                  Benny Rolle and
                  Thomas Barber and
                  Manuel Karl and
                  Martin Johns},
  editor       = {Weizhi Meng and
                  Christian Damsgaard Jensen and
                  Cas Cremers and
                  Engin Kirda},
  title        = {General Data Protection Runtime: Enforcing Transparent {GDPR} Compliance
                  for Existing Applications},
  booktitle    = {Proceedings of the 2023 {ACM} {SIGSAC} Conference on Computer and
                  Communications Security, {CCS} 2023, Copenhagen, Denmark, November
                  26-30, 2023},
  pages        = {3343--3357},
  publisher    = {{ACM}},
  year         = {2023},
  url          = {https://doi.org/10.1145/3576915.3616604},
  doi          = {10.1145/3576915.3616604},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/KleinRBKJ23.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/KochWKJ23,
  author       = {Simon Koch and
                  Malte Wessels and
                  David Klein and
                  Martin Johns},
  editor       = {Weizhi Meng and
                  Christian Damsgaard Jensen and
                  Cas Cremers and
                  Engin Kirda},
  title        = {Poster: The Risk of Insufficient Isolation of Database Transactions
                  in Web Applications},
  booktitle    = {Proceedings of the 2023 {ACM} {SIGSAC} Conference on Computer and
                  Communications Security, {CCS} 2023, Copenhagen, Denmark, November
                  26-30, 2023},
  pages        = {3576--3578},
  publisher    = {{ACM}},
  year         = {2023},
  url          = {https://doi.org/10.1145/3576915.3624394},
  doi          = {10.1145/3576915.3624394},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/KochWKJ23.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ndss/GrossKBHJ23,
  author       = {Samuel Gro{\ss} and
                  Simon Koch and
                  Lukas Bernhard and
                  Thorsten Holz and
                  Martin Johns},
  title        = {{FUZZILLI:} Fuzzing for JavaScript {JIT} Compiler Vulnerabilities},
  booktitle    = {30th Annual Network and Distributed System Security Symposium, {NDSS}
                  2023, San Diego, California, USA, February 27 - March 3, 2023},
  publisher    = {The Internet Society},
  year         = {2023},
  url          = {https://www.ndss-symposium.org/ndss-paper/fuzzilli-fuzzing-for-javascript-jit-compiler-vulnerabilities/},
  timestamp    = {Thu, 15 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ndss/GrossKBHJ23.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/KochAJ23,
  author       = {Simon Koch and
                  Benjamin Altpeter and
                  Martin Johns},
  editor       = {Joseph A. Calandrino and
                  Carmela Troncoso},
  title        = {The {OK} Is Not Enough: {A} Large Scale Study of Consent Dialogs in
                  Smartphone Applications},
  booktitle    = {32nd {USENIX} Security Symposium, {USENIX} Security 2023, Anaheim,
                  CA, USA, August 9-11, 2023},
  pages        = {5467--5484},
  publisher    = {{USENIX} Association},
  year         = {2023},
  url          = {https://www.usenix.org/conference/usenixsecurity23/presentation/koch},
  timestamp    = {Wed, 18 Oct 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/uss/KochAJ23.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/KochWAOJ22,
  author       = {Simon Koch and
                  Malte Wessels and
                  Benjamin Altpeter and
                  Madita Olvermann and
                  Martin Johns},
  title        = {Keeping Privacy Labels Honest},
  journal      = {Proc. Priv. Enhancing Technol.},
  volume       = {2022},
  number       = {4},
  pages        = {486--506},
  year         = {2022},
  url          = {https://doi.org/10.56553/popets-2022-0119},
  doi          = {10.56553/POPETS-2022-0119},
  timestamp    = {Sat, 30 Sep 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/popets/KochWAOJ22.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/KleinMBKJ22,
  author       = {David Klein and
                  Marius Musch and
                  Thomas Barber and
                  Moritz Kopmann and
                  Martin Johns},
  title        = {Accept All Exploits: Exploring the Security Impact of Cookie Banners},
  booktitle    = {Annual Computer Security Applications Conference, {ACSAC} 2022, Austin,
                  TX, USA, December 5-9, 2022},
  pages        = {911--922},
  publisher    = {{ACM}},
  year         = {2022},
  url          = {https://doi.org/10.1145/3564625.3564647},
  doi          = {10.1145/3564625.3564647},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/acsac/KleinMBKJ22.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/asiaccs/MuschKBJ22,
  author       = {Marius Musch and
                  Robin Kirchner and
                  Max Boll and
                  Martin Johns},
  editor       = {Yuji Suga and
                  Kouichi Sakurai and
                  Xuhua Ding and
                  Kazue Sako},
  title        = {Server-Side Browsers: Exploring the Web's Hidden Attack Surface},
  booktitle    = {{ASIA} {CCS} '22: {ACM} Asia Conference on Computer and Communications
                  Security, Nagasaki, Japan, 30 May 2022 - 3 June 2022},
  pages        = {1168--1181},
  publisher    = {{ACM}},
  year         = {2022},
  url          = {https://doi.org/10.1145/3488932.3517414},
  doi          = {10.1145/3488932.3517414},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/asiaccs/MuschKBJ22.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/KleinBBSJ22,
  author       = {David Klein and
                  Thomas Barber and
                  Souphiane Bensalim and
                  Ben Stock and
                  Martin Johns},
  title        = {Hand Sanitizers in the Wild: {A} Large-scale Study of Custom JavaScript
                  Sanitizer Functions},
  booktitle    = {7th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
                  2022, Genoa, Italy, June 6-10, 2022},
  pages        = {236--250},
  publisher    = {{IEEE}},
  year         = {2022},
  url          = {https://doi.org/10.1109/EuroSP53844.2022.00023},
  doi          = {10.1109/EUROSP53844.2022.00023},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/eurosp/KleinBBSJ22.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/imc/KarlMMJL22,
  author       = {Manuel Karl and
                  Marius Musch and
                  Guoli Ma and
                  Martin Johns and
                  Sebastian Lekies},
  editor       = {Chadi Barakat and
                  Cristel Pelsser and
                  Theophilus A. Benson and
                  David R. Choffnes},
  title        = {No keys to the kingdom required: a comprehensive investigation of
                  missing authentication vulnerabilities in the wild},
  booktitle    = {Proceedings of the 22nd {ACM} Internet Measurement Conference, {IMC}
                  2022, Nice, France, October 25-27, 2022},
  pages        = {619--632},
  publisher    = {{ACM}},
  year         = {2022},
  url          = {https://doi.org/10.1145/3517745.3561446},
  doi          = {10.1145/3517745.3561446},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/imc/KarlMMJL22.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/DirksenKMSRJ21,
  author       = {Alexandra Dirksen and
                  David Klein and
                  Robert Michael and
                  Tilman Stehr and
                  Konrad Rieck and
                  Martin Johns},
  title        = {LogPicker: Strengthening Certificate Transparency Against Covert Adversaries},
  journal      = {Proc. Priv. Enhancing Technol.},
  volume       = {2021},
  number       = {4},
  pages        = {184--202},
  year         = {2021},
  url          = {https://doi.org/10.2478/popets-2021-0066},
  doi          = {10.2478/POPETS-2021-0066},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/popets/DirksenKMSRJ21.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosec/BensalimKBJ21,
  author       = {Souphiane Bensalim and
                  David Klein and
                  Thomas Barber and
                  Martin Johns},
  title        = {Talking About My Generation: Targeted DOM-based {XSS} Exploit Generation
                  using Dynamic Data Flow Analysis},
  booktitle    = {EuroSec '21: Proceedings of the 14th European Workshop on Systems
                  Security, Virtual Event / Edinburgh, Scotland, UK, April 26, 2021},
  pages        = {27--33},
  publisher    = {{ACM}},
  year         = {2021},
  url          = {https://doi.org/10.1145/3447852.3458718},
  doi          = {10.1145/3447852.3458718},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/eurosec/BensalimKBJ21.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ndss/SteffensMJS21,
  author       = {Marius Steffens and
                  Marius Musch and
                  Martin Johns and
                  Ben Stock},
  title        = {Who's Hosting the Block Party? Studying Third-Party Blockage of {CSP}
                  and {SRI}},
  booktitle    = {28th Annual Network and Distributed System Security Symposium, {NDSS}
                  2021, virtually, February 21-25, 2021},
  publisher    = {The Internet Society},
  year         = {2021},
  url          = {https://www.ndss-symposium.org/ndss-paper/whos-hosting-the-block-party-studying-third-party-blockage-of-csp-and-sri/},
  timestamp    = {Thu, 17 Jun 2021 15:42:26 +0200},
  biburl       = {https://dblp.org/rec/conf/ndss/SteffensMJS21.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/MuschJ21,
  author       = {Marius Musch and
                  Martin Johns},
  editor       = {Michael D. Bailey and
                  Rachel Greenstadt},
  title        = {U Can't Debug This: Detecting JavaScript Anti-Debugging Techniques
                  in the Wild},
  booktitle    = {30th {USENIX} Security Symposium, {USENIX} Security 2021, August 11-13,
                  2021},
  pages        = {2935--2950},
  publisher    = {{USENIX} Association},
  year         = {2021},
  url          = {https://www.usenix.org/conference/usenixsecurity21/presentation/musch},
  timestamp    = {Mon, 20 Nov 2023 08:57:49 +0100},
  biburl       = {https://dblp.org/rec/conf/uss/MuschJ21.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccsw-ws/JohnsD20,
  author       = {Martin Johns and
                  Alexandra Dirksen},
  editor       = {Yinqian Zhang and
                  Radu Sion},
  title        = {Towards Enabling Secure Web-Based Cloud Services using Client-Side
                  Encryption},
  booktitle    = {CCSW'20, Proceedings of the 2020 {ACM} {SIGSAC} Conference on Cloud
                  Computing Security Workshop, Virtual Event, USA, November 9, 2020},
  pages        = {67--76},
  publisher    = {{ACM}},
  year         = {2020},
  url          = {https://doi.org/10.1145/3411495.3421364},
  doi          = {10.1145/3411495.3421364},
  timestamp    = {Thu, 12 Oct 2023 12:32:08 +0200},
  biburl       = {https://dblp.org/rec/conf/ccsw-ws/JohnsD20.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/KochSJP20,
  author       = {Simon Koch and
                  Tim Sauer and
                  Martin Johns and
                  Giancarlo Pellegrino},
  editor       = {Chih{-}Cheng Hung and
                  Tom{\'{a}}s Cern{\'{y}} and
                  Dongwan Shin and
                  Alessio Bechini},
  title        = {Raccoon: automated verification of guarded race conditions in web
                  applications},
  booktitle    = {{SAC} '20: The 35th {ACM/SIGAPP} Symposium on Applied Computing, online
                  event, [Brno, Czech Republic], March 30 - April 3, 2020},
  pages        = {1678--1687},
  publisher    = {{ACM}},
  year         = {2020},
  url          = {https://doi.org/10.1145/3341105.3373855},
  doi          = {10.1145/3341105.3373855},
  timestamp    = {Sat, 30 Sep 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sac/KochSJP20.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/LochJHMS20,
  author       = {Florian D. Loch and
                  Martin Johns and
                  Martin Hecker and
                  Martin Mohr and
                  Gregor Snelting},
  editor       = {Chih{-}Cheng Hung and
                  Tom{\'{a}}s Cern{\'{y}} and
                  Dongwan Shin and
                  Alessio Bechini},
  title        = {Hybrid taint analysis for Java {EE}},
  booktitle    = {{SAC} '20: The 35th {ACM/SIGAPP} Symposium on Applied Computing, online
                  event, [Brno, Czech Republic], March 30 - April 3, 2020},
  pages        = {1716--1725},
  publisher    = {{ACM}},
  year         = {2020},
  url          = {https://doi.org/10.1145/3341105.3373887},
  doi          = {10.1145/3341105.3373887},
  timestamp    = {Thu, 29 Oct 2020 00:00:00 +0100},
  biburl       = {https://dblp.org/rec/conf/sac/LochJHMS20.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/QuiringKAJR20,
  author       = {Erwin Quiring and
                  David Klein and
                  Daniel Arp and
                  Martin Johns and
                  Konrad Rieck},
  editor       = {Srdjan Capkun and
                  Franziska Roesner},
  title        = {Adversarial Preprocessing: Understanding and Preventing Image-Scaling
                  Attacks in Machine Learning},
  booktitle    = {29th {USENIX} Security Symposium, {USENIX} Security 2020, August 12-14,
                  2020},
  pages        = {1363--1380},
  publisher    = {{USENIX} Association},
  year         = {2020},
  url          = {https://www.usenix.org/conference/usenixsecurity20/presentation/quiring},
  timestamp    = {Tue, 28 May 2024 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/uss/QuiringKAJR20.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/IEEEares/MuschWJR19,
  author       = {Marius Musch and
                  Christian Wressnegger and
                  Martin Johns and
                  Konrad Rieck},
  title        = {Thieves in the Browser: Web-based Cryptojacking in the Wild},
  booktitle    = {Proceedings of the 14th International Conference on Availability,
                  Reliability and Security, {ARES} 2019, Canterbury, UK, August 26-29,
                  2019},
  pages        = {4:1--4:10},
  publisher    = {{ACM}},
  year         = {2019},
  url          = {https://doi.org/10.1145/3339252.3339261},
  doi          = {10.1145/3339252.3339261},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/IEEEares/MuschWJR19.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/MuschSRSJ19,
  author       = {Marius Musch and
                  Marius Steffens and
                  Sebastian Roth and
                  Ben Stock and
                  Martin Johns},
  editor       = {Steven D. Galbraith and
                  Giovanni Russello and
                  Willy Susilo and
                  Dieter Gollmann and
                  Engin Kirda and
                  Zhenkai Liang},
  title        = {ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices},
  booktitle    = {Proceedings of the 2019 {ACM} Asia Conference on Computer and Communications
                  Security, AsiaCCS 2019, Auckland, New Zealand, July 09-12, 2019},
  pages        = {391--402},
  publisher    = {{ACM}},
  year         = {2019},
  url          = {https://doi.org/10.1145/3321705.3329841},
  doi          = {10.1145/3321705.3329841},
  timestamp    = {Sat, 30 Sep 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/MuschSRSJ19.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/MuschWJR19,
  author       = {Marius Musch and
                  Christian Wressnegger and
                  Martin Johns and
                  Konrad Rieck},
  editor       = {Roberto Perdisci and
                  Cl{\'{e}}mentine Maurice and
                  Giorgio Giacinto and
                  Magnus Almgren},
  title        = {New Kid on the Web: {A} Study on the Prevalence of WebAssembly in
                  the Wild},
  booktitle    = {Detection of Intrusions and Malware, and Vulnerability Assessment
                  - 16th International Conference, {DIMVA} 2019, Gothenburg, Sweden,
                  June 19-20, 2019, Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {11543},
  pages        = {23--42},
  publisher    = {Springer},
  year         = {2019},
  url          = {https://doi.org/10.1007/978-3-030-22038-9\_2},
  doi          = {10.1007/978-3-030-22038-9\_2},
  timestamp    = {Sun, 04 Aug 2024 19:42:33 +0200},
  biburl       = {https://dblp.org/rec/conf/dimva/MuschWJR19.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ndss/SteffensRJS19,
  author       = {Marius Steffens and
                  Christian Rossow and
                  Martin Johns and
                  Ben Stock},
  title        = {Don't Trust The Locals: Investigating the Prevalence of Persistent
                  Client-Side Cross-Site Scripting in the Wild},
  booktitle    = {26th Annual Network and Distributed System Security Symposium, {NDSS}
                  2019, San Diego, California, USA, February 24-27, 2019},
  publisher    = {The Internet Society},
  year         = {2019},
  url          = {https://www.ndss-symposium.org/ndss-paper/dont-trust-the-locals-investigating-the-prevalence-of-persistent-client-side-cross-site-scripting-in-the-wild/},
  timestamp    = {Mon, 01 Feb 2021 08:42:22 +0100},
  biburl       = {https://dblp.org/rec/conf/ndss/SteffensRJS19.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/IEEEares/MuschHJ18,
  author       = {Marius Musch and
                  Martin H{\"{a}}rterich and
                  Martin Johns},
  editor       = {Sebastian Doerr and
                  Mathias Fischer and
                  Sebastian Schrittwieser and
                  Dominik Herrmann},
  title        = {Towards an Automatic Generation of Low-Interaction Web Application
                  Honeypots},
  booktitle    = {Proceedings of the 13th International Conference on Availability,
                  Reliability and Security, {ARES} 2018, Hamburg, Germany, August 27-30,
                  2018},
  pages        = {27:1--27:6},
  publisher    = {{ACM}},
  year         = {2018},
  url          = {https://doi.org/10.1145/3230833.3230839},
  doi          = {10.1145/3230833.3230839},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/IEEEares/MuschHJ18.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1808-09474,
  author       = {Marius Musch and
                  Christian Wressnegger and
                  Martin Johns and
                  Konrad Rieck},
  title        = {Web-based Cryptojacking in the Wild},
  journal      = {CoRR},
  volume       = {abs/1808.09474},
  year         = {2018},
  url          = {http://arxiv.org/abs/1808.09474},
  eprinttype    = {arXiv},
  eprint       = {1808.09474},
  timestamp    = {Mon, 03 Sep 2018 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/corr/abs-1808-09474.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dagstuhl-reports/JohnsNVW18,
  author       = {Martin Johns and
                  Nick Nikiforakis and
                  Melanie Volkamer and
                  John Wilander},
  title        = {Web Application Security (Dagstuhl Seminar 18321)},
  journal      = {Dagstuhl Reports},
  volume       = {8},
  number       = {8},
  pages        = {1--17},
  year         = {2018},
  url          = {https://doi.org/10.4230/DagRep.8.8.1},
  doi          = {10.4230/DAGREP.8.8.1},
  timestamp    = {Fri, 22 Feb 2019 00:00:00 +0100},
  biburl       = {https://dblp.org/rec/journals/dagstuhl-reports/JohnsNVW18.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/LekiesKGNJ17,
  author       = {Sebastian Lekies and
                  Krzysztof Kotowicz and
                  Samuel Gro{\ss} and
                  Eduardo A. Vela Nava and
                  Martin Johns},
  editor       = {Bhavani Thuraisingham and
                  David Evans and
                  Tal Malkin and
                  Dongyan Xu},
  title        = {Code-Reuse Attacks for the Web: Breaking Cross-Site Scripting Mitigations
                  via Script Gadgets},
  booktitle    = {Proceedings of the 2017 {ACM} {SIGSAC} Conference on Computer and
                  Communications Security, {CCS} 2017, Dallas, TX, USA, October 30 -
                  November 03, 2017},
  pages        = {1709--1723},
  publisher    = {{ACM}},
  year         = {2017},
  url          = {https://doi.org/10.1145/3133956.3134091},
  doi          = {10.1145/3133956.3134091},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/LekiesKGNJ17.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/PellegrinoJ0BR17,
  author       = {Giancarlo Pellegrino and
                  Martin Johns and
                  Simon Koch and
                  Michael Backes and
                  Christian Rossow},
  editor       = {Bhavani Thuraisingham and
                  David Evans and
                  Tal Malkin and
                  Dongyan Xu},
  title        = {Deemon: Detecting {CSRF} with Dynamic Analysis and Property Graphs},
  booktitle    = {Proceedings of the 2017 {ACM} {SIGSAC} Conference on Computer and
                  Communications Security, {CCS} 2017, Dallas, TX, USA, October 30 -
                  November 03, 2017},
  pages        = {1757--1771},
  publisher    = {{ACM}},
  year         = {2017},
  url          = {https://doi.org/10.1145/3133956.3133959},
  doi          = {10.1145/3133956.3133959},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/PellegrinoJ0BR17.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/StockJS017,
  author       = {Ben Stock and
                  Martin Johns and
                  Marius Steffens and
                  Michael Backes},
  editor       = {Engin Kirda and
                  Thomas Ristenpart},
  title        = {How the Web Tangled Itself: Uncovering the History of Client-Side
                  Web (In)Security},
  booktitle    = {26th {USENIX} Security Symposium, {USENIX} Security 2017, Vancouver,
                  BC, Canada, August 16-18, 2017},
  pages        = {971--987},
  publisher    = {{USENIX} Association},
  year         = {2017},
  url          = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/stock},
  timestamp    = {Mon, 01 Feb 2021 08:42:59 +0100},
  biburl       = {https://dblp.org/rec/conf/uss/StockJS017.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1708-08786,
  author       = {Giancarlo Pellegrino and
                  Martin Johns and
                  Simon Koch and
                  Michael Backes and
                  Christian Rossow},
  title        = {Deemon: Detecting {CSRF} with Dynamic Analysis and Property Graphs},
  journal      = {CoRR},
  volume       = {abs/1708.08786},
  year         = {2017},
  url          = {http://arxiv.org/abs/1708.08786},
  eprinttype    = {arXiv},
  eprint       = {1708.08786},
  timestamp    = {Mon, 13 Aug 2018 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/corr/abs-1708-08786.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/ac/FeldererBJBBP16,
  author       = {Michael Felderer and
                  Matthias B{\"{u}}chler and
                  Martin Johns and
                  Achim D. Brucker and
                  Ruth Breu and
                  Alexander Pretschner},
  title        = {Security Testing: {A} Survey},
  journal      = {Adv. Comput.},
  volume       = {101},
  pages        = {1--51},
  year         = {2016},
  url          = {https://doi.org/10.1016/bs.adcom.2015.11.003},
  doi          = {10.1016/BS.ADCOM.2015.11.003},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/ac/FeldererBJBBP16.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dud/StockJ16,
  author       = {Ben Stock and
                  Martin Johns},
  title        = {Client-Side {XSS} in Theorie und Praxis},
  journal      = {Datenschutz und Datensicherheit},
  volume       = {40},
  number       = {11},
  pages        = {707--712},
  year         = {2016},
  url          = {https://doi.org/10.1007/s11623-016-0688-5},
  doi          = {10.1007/S11623-016-0688-5},
  timestamp    = {Sat, 27 May 2017 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/dud/StockJ16.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/StockPRJ016,
  author       = {Ben Stock and
                  Giancarlo Pellegrino and
                  Christian Rossow and
                  Martin Johns and
                  Michael Backes},
  editor       = {Edgar R. Weippl and
                  Stefan Katzenbeisser and
                  Christopher Kruegel and
                  Andrew C. Myers and
                  Shai Halevi},
  title        = {{POSTER:} Mapping the Landscape of Large-Scale Vulnerability Notifications},
  booktitle    = {Proceedings of the 2016 {ACM} {SIGSAC} Conference on Computer and
                  Communications Security, Vienna, Austria, October 24-28, 2016},
  pages        = {1787--1789},
  publisher    = {{ACM}},
  year         = {2016},
  url          = {https://doi.org/10.1145/2976749.2989057},
  doi          = {10.1145/2976749.2989057},
  timestamp    = {Tue, 10 Nov 2020 20:00:49 +0100},
  biburl       = {https://dblp.org/rec/conf/ccs/StockPRJ016.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/GroefSJPD16,
  author       = {Willem De Groef and
                  Deepak Subramanian and
                  Martin Johns and
                  Frank Piessens and
                  Lieven Desmet},
  editor       = {Sascha Ossowski},
  title        = {Ensuring endpoint authenticity in WebRTC peer-to-peer communication},
  booktitle    = {Proceedings of the 31st Annual {ACM} Symposium on Applied Computing,
                  Pisa, Italy, April 4-8, 2016},
  pages        = {2103--2110},
  publisher    = {{ACM}},
  year         = {2016},
  url          = {https://doi.org/10.1145/2851613.2851804},
  doi          = {10.1145/2851613.2851804},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sac/GroefSJPD16.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/StockPRJ016,
  author       = {Ben Stock and
                  Giancarlo Pellegrino and
                  Christian Rossow and
                  Martin Johns and
                  Michael Backes},
  editor       = {Thorsten Holz and
                  Stefan Savage},
  title        = {Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability
                  Notification},
  booktitle    = {25th {USENIX} Security Symposium, {USENIX} Security 16, Austin, TX,
                  USA, August 10-12, 2016},
  pages        = {1015--1032},
  publisher    = {{USENIX} Association},
  year         = {2016},
  url          = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/stock},
  timestamp    = {Mon, 01 Feb 2021 08:43:18 +0100},
  biburl       = {https://dblp.org/rec/conf/uss/StockPRJ016.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/StockPKLJ15,
  author       = {Ben Stock and
                  Stephan Pfistner and
                  Bernd Kaiser and
                  Sebastian Lekies and
                  Martin Johns},
  editor       = {Indrajit Ray and
                  Ninghui Li and
                  Christopher Kruegel},
  title        = {From Facepalm to Brain Bender: Exploring Client-Side Cross-Site Scripting},
  booktitle    = {Proceedings of the 22nd {ACM} {SIGSAC} Conference on Computer and
                  Communications Security, Denver, CO, USA, October 12-16, 2015},
  pages        = {1419--1430},
  publisher    = {{ACM}},
  year         = {2015},
  url          = {https://doi.org/10.1145/2810103.2813625},
  doi          = {10.1145/2810103.2813625},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/StockPKLJ15.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/BraunPPJ15,
  author       = {Bastian Braun and
                  Korbinian Pauli and
                  Joachim Posegga and
                  Martin Johns},
  editor       = {Roger L. Wainwright and
                  Juan Manuel Corchado and
                  Alessio Bechini and
                  Jiman Hong},
  title        = {LogSec: adaptive protection for the wild wild web},
  booktitle    = {Proceedings of the 30th Annual {ACM} Symposium on Applied Computing,
                  Salamanca, Spain, April 13-17, 2015},
  pages        = {2149--2156},
  publisher    = {{ACM}},
  year         = {2015},
  url          = {https://doi.org/10.1145/2695664.2695709},
  doi          = {10.1145/2695664.2695709},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sac/BraunPPJ15.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/LekiesSWJ15,
  author       = {Sebastian Lekies and
                  Ben Stock and
                  Martin Wentzel and
                  Martin Johns},
  editor       = {Jaeyeon Jung and
                  Thorsten Holz},
  title        = {The Unexpected Dangers of Dynamic JavaScript},
  booktitle    = {24th {USENIX} Security Symposium, {USENIX} Security 15, Washington,
                  D.C., USA, August 12-14, 2015},
  pages        = {723--735},
  publisher    = {{USENIX} Association},
  year         = {2015},
  url          = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/lekies},
  timestamp    = {Mon, 01 Feb 2021 08:42:57 +0100},
  biburl       = {https://dblp.org/rec/conf/uss/LekiesSWJ15.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@book{DBLP:series/sbcs/RyckDPJ14,
  author       = {Philippe De Ryck and
                  Lieven Desmet and
                  Frank Piessens and
                  Martin Johns},
  title        = {Primer on Client-Side Web Security},
  series       = {Springer Briefs in Computer Science},
  publisher    = {Springer},
  year         = {2014},
  url          = {https://doi.org/10.1007/978-3-319-12226-7},
  doi          = {10.1007/978-3-319-12226-7},
  isbn         = {978-3-319-12225-0},
  timestamp    = {Tue, 16 May 2017 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/series/sbcs/RyckDPJ14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/internet/DesmetJ14,
  author       = {Lieven Desmet and
                  Martin Johns},
  title        = {Real-Time Communications Security on the Web},
  journal      = {{IEEE} Internet Comput.},
  volume       = {18},
  number       = {6},
  pages        = {8--10},
  year         = {2014},
  url          = {https://doi.org/10.1109/MIC.2014.117},
  doi          = {10.1109/MIC.2014.117},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/internet/DesmetJ14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/istr/Johns14,
  author       = {Martin Johns},
  title        = {Script-templates for the Content Security Policy},
  journal      = {J. Inf. Secur. Appl.},
  volume       = {19},
  number       = {3},
  pages        = {209--223},
  year         = {2014},
  url          = {https://doi.org/10.1016/j.jisa.2014.03.007},
  doi          = {10.1016/J.JISA.2014.03.007},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/istr/Johns14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/jcs/DesmetJLS14,
  author       = {Lieven Desmet and
                  Martin Johns and
                  Benjamin Livshits and
                  Andrei Sabelfeld},
  title        = {Preface},
  journal      = {J. Comput. Secur.},
  volume       = {22},
  number       = {4},
  pages        = {467--468},
  year         = {2014},
  url          = {https://doi.org/10.3233/JCS-140506},
  doi          = {10.3233/JCS-140506},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/jcs/DesmetJLS14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/StockJ14,
  author       = {Ben Stock and
                  Martin Johns},
  editor       = {Shiho Moriai and
                  Trent Jaeger and
                  Kouichi Sakurai},
  title        = {Protecting users against XSS-based password manager abuse},
  booktitle    = {9th {ACM} Symposium on Information, Computer and Communications Security,
                  {ASIA} {CCS} '14, Kyoto, Japan - June 03 - 06, 2014},
  pages        = {183--194},
  publisher    = {{ACM}},
  year         = {2014},
  url          = {https://doi.org/10.1145/2590296.2590336},
  doi          = {10.1145/2590296.2590336},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/StockJ14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/codaspy/BraunJKP14,
  author       = {Bastian Braun and
                  Martin Johns and
                  Johannes K{\"{o}}stler and
                  Joachim Posegga},
  editor       = {Elisa Bertino and
                  Ravi S. Sandhu and
                  Jaehong Park},
  title        = {PhishSafe: leveraging modern JavaScript API's for transparent and
                  robust protection},
  booktitle    = {Fourth {ACM} Conference on Data and Application Security and Privacy,
                  CODASPY'14, San Antonio, TX, {USA} - March 03 - 05, 2014},
  pages        = {61--72},
  publisher    = {{ACM}},
  year         = {2014},
  url          = {https://doi.org/10.1145/2557547.2557553},
  doi          = {10.1145/2557547.2557553},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/codaspy/BraunJKP14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sec/BraunKPJ14,
  author       = {Bastian Braun and
                  Johannes K{\"{o}}stler and
                  Joachim Posegga and
                  Martin Johns},
  editor       = {Nora Cuppens{-}Boulahia and
                  Fr{\'{e}}d{\'{e}}ric Cuppens and
                  Sushil Jajodia and
                  Anas Abou El Kalam and
                  Thierry Sans},
  title        = {A Trusted {UI} for the Mobile Web},
  booktitle    = {{ICT} Systems Security and Privacy Protection - 29th {IFIP} {TC} 11
                  International Conference, {SEC} 2014, Marrakech, Morocco, June 2-4,
                  2014. Proceedings},
  series       = {{IFIP} Advances in Information and Communication Technology},
  volume       = {428},
  pages        = {127--141},
  publisher    = {Springer},
  year         = {2014},
  url          = {https://doi.org/10.1007/978-3-642-55415-5\_11},
  doi          = {10.1007/978-3-642-55415-5\_11},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sec/BraunKPJ14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sicherheit/StockLJ14,
  author       = {Ben Stock and
                  Sebastian Lekies and
                  Martin Johns},
  editor       = {Stefan Katzenbeisser and
                  Volkmar Lotz and
                  Edgar R. Weippl},
  title        = {DOM-basiertes Cross-Site Scripting im Web: Reise in ein unerforschtes
                  Land},
  booktitle    = {Sicherheit 2014: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
                  Beitr{\"{a}}ge der 7. Jahrestagung des Fachbereichs Sicherheit
                  der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 19.-21. M{\"{a}}rz
                  2014, Wien, {\"{O}}sterreich},
  series       = {{LNI}},
  volume       = {{P-228}},
  pages        = {53--64},
  publisher    = {{GI}},
  year         = {2014},
  url          = {https://dl.gi.de/handle/20.500.12116/20068},
  timestamp    = {Tue, 04 Jul 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sicherheit/StockLJ14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/StockLMSJ14,
  author       = {Ben Stock and
                  Sebastian Lekies and
                  Tobias Mueller and
                  Patrick Spiegel and
                  Martin Johns},
  editor       = {Kevin Fu and
                  Jaeyeon Jung},
  title        = {Precise Client-side Protection against DOM-based Cross-Site Scripting},
  booktitle    = {Proceedings of the 23rd {USENIX} Security Symposium, San Diego, CA,
                  USA, August 20-22, 2014},
  pages        = {655--670},
  publisher    = {{USENIX} Association},
  year         = {2014},
  url          = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/stock},
  timestamp    = {Mon, 01 Feb 2021 08:43:04 +0100},
  biburl       = {https://dblp.org/rec/conf/uss/StockLMSJ14.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/LekiesSJ13,
  author       = {Sebastian Lekies and
                  Ben Stock and
                  Martin Johns},
  editor       = {Ahmad{-}Reza Sadeghi and
                  Virgil D. Gligor and
                  Moti Yung},
  title        = {25 million flows later: large-scale detection of DOM-based {XSS}},
  booktitle    = {2013 {ACM} {SIGSAC} Conference on Computer and Communications Security,
                  CCS'13, Berlin, Germany, November 4-8, 2013},
  pages        = {1193--1204},
  publisher    = {{ACM}},
  year         = {2013},
  url          = {https://doi.org/10.1145/2508859.2516703},
  doi          = {10.1145/2508859.2516703},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/ccs/LekiesSJ13.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/Johns13,
  author       = {Martin Johns},
  editor       = {Konrad Rieck and
                  Patrick Stewin and
                  Jean{-}Pierre Seifert},
  title        = {PreparedJS: Secure Script-Templates for JavaScript},
  booktitle    = {Detection of Intrusions and Malware, and Vulnerability Assessment
                  - 10th International Conference, {DIMVA} 2013, Berlin, Germany, July
                  18-19, 2013. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {7967},
  pages        = {102--121},
  publisher    = {Springer},
  year         = {2013},
  url          = {https://doi.org/10.1007/978-3-642-39235-1\_6},
  doi          = {10.1007/978-3-642-39235-1\_6},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/dimva/Johns13.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/raid/JohnsL13,
  author       = {Martin Johns and
                  Sebastian Lekies},
  editor       = {Salvatore J. Stolfo and
                  Angelos Stavrou and
                  Charles V. Wright},
  title        = {Tamper-Resistant LikeJacking Protection},
  booktitle    = {Research in Attacks, Intrusions, and Defenses - 16th International
                  Symposium, {RAID} 2013, Rodney Bay, St. Lucia, October 23-25, 2013.
                  Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {8145},
  pages        = {265--285},
  publisher    = {Springer},
  year         = {2013},
  url          = {https://doi.org/10.1007/978-3-642-41284-4\_14},
  doi          = {10.1007/978-3-642-41284-4\_14},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/raid/JohnsL13.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/JohnsLS13,
  author       = {Martin Johns and
                  Sebastian Lekies and
                  Ben Stock},
  editor       = {Samuel T. King},
  title        = {Eradicating {DNS} Rebinding with the Extended Same-origin Policy},
  booktitle    = {Proceedings of the 22th {USENIX} Security Symposium, Washington, DC,
                  USA, August 14-16, 2013},
  pages        = {621--636},
  publisher    = {{USENIX} Association},
  year         = {2013},
  url          = {https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/johns},
  timestamp    = {Mon, 01 Feb 2021 08:42:56 +0100},
  biburl       = {https://dblp.org/rec/conf/uss/JohnsLS13.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dud/Johns12,
  author       = {Martin Johns},
  title        = {HTML5-Security - Sicherer Umgang mit den neuen JavaScript APIs},
  journal      = {Datenschutz und Datensicherheit},
  volume       = {36},
  number       = {4},
  pages        = {231--235},
  year         = {2012},
  url          = {https://doi.org/10.1007/s11623-012-0090-x},
  doi          = {10.1007/S11623-012-0090-X},
  timestamp    = {Sat, 27 May 2017 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/dud/Johns12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/JohnsLBF12,
  author       = {Martin Johns and
                  Sebastian Lekies and
                  Bastian Braun and
                  Benjamin Flesch},
  editor       = {Robert H'obbes' Zakon},
  title        = {BetterAuth: web authentication revisited},
  booktitle    = {28th Annual Computer Security Applications Conference, {ACSAC} 2012,
                  Orlando, FL, USA, 3-7 December 2012},
  pages        = {169--178},
  publisher    = {{ACM}},
  year         = {2012},
  url          = {https://doi.org/10.1145/2420950.2420977},
  doi          = {10.1145/2420950.2420977},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/acsac/JohnsLBF12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/raid/LekiesNTPJ12,
  author       = {Sebastian Lekies and
                  Nick Nikiforakis and
                  Walter Tighzert and
                  Frank Piessens and
                  Martin Johns},
  editor       = {Davide Balzarotti and
                  Salvatore J. Stolfo and
                  Marco Cova},
  title        = {{DEMACRO:} Defense against Malicious Cross-Domain Requests},
  booktitle    = {Research in Attacks, Intrusions, and Defenses - 15th International
                  Symposium, {RAID} 2012, Amsterdam, The Netherlands, September 12-14,
                  2012. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {7462},
  pages        = {254--273},
  publisher    = {Springer},
  year         = {2012},
  url          = {https://doi.org/10.1007/978-3-642-33338-5\_13},
  doi          = {10.1007/978-3-642-33338-5\_13},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/raid/LekiesNTPJ12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sicherheit/LekiesTJ12,
  author       = {Sebastian Lekies and
                  Walter Tighzert and
                  Martin Johns},
  editor       = {Neeraj Suri and
                  Michael Waidner},
  title        = {Towards stateless, client-side driven Cross-Site Request Forgery protection
                  for Web applications},
  booktitle    = {Sicherheit 2012: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
                  Beitr{\"{a}}ge der 6. Jahrestagung des Fachbereichs Sicherheit
                  der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 7.-9. M{\"{a}}rz
                  2012 in Darmstadt},
  series       = {{LNI}},
  volume       = {{P-195}},
  pages        = {111--121},
  publisher    = {{GI}},
  year         = {2012},
  url          = {https://dl.gi.de/handle/20.500.12116/18267},
  timestamp    = {Tue, 04 Jul 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sicherheit/LekiesTJ12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/trustbus/BraunKJP12,
  author       = {Bastian Braun and
                  Stefan Kucher and
                  Martin Johns and
                  Joachim Posegga},
  editor       = {Simone Fischer{-}H{\"{u}}bner and
                  Sokratis K. Katsikas and
                  Gerald Quirchmayr},
  title        = {A User-Level Authentication Scheme to Mitigate Web Session-Based Vulnerabilities},
  booktitle    = {Trust, Privacy and Security in Digital Business - 9th International
                  Conference, TrustBus 2012, Vienna, Austria, September 3-7, 2012. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {7449},
  pages        = {17--29},
  publisher    = {Springer},
  year         = {2012},
  url          = {https://doi.org/10.1007/978-3-642-32287-7\_2},
  doi          = {10.1007/978-3-642-32287-7\_2},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/trustbus/BraunKJP12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/trustbus/JohnsP12,
  author       = {Martin Johns and
                  Joachim Posegga},
  editor       = {Simone Fischer{-}H{\"{u}}bner and
                  Sokratis K. Katsikas and
                  Gerald Quirchmayr},
  title        = {WebSand: Server-Driven Outbound Web-Application Sandboxing},
  booktitle    = {Trust, Privacy and Security in Digital Business - 9th International
                  Conference, TrustBus 2012, Vienna, Austria, September 3-7, 2012. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {7449},
  pages        = {216--217},
  publisher    = {Springer},
  year         = {2012},
  url          = {https://doi.org/10.1007/978-3-642-32287-7\_20},
  doi          = {10.1007/978-3-642-32287-7\_20},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/trustbus/JohnsP12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dagstuhl-reports/DesmetJLS12,
  author       = {Lieven Desmet and
                  Martin Johns and
                  Benjamin Livshits and
                  Andrei Sabelfeld},
  title        = {Web Application Security (Dagstuhl Seminar 12401)},
  journal      = {Dagstuhl Reports},
  volume       = {2},
  number       = {10},
  pages        = {1--37},
  year         = {2012},
  url          = {https://doi.org/10.4230/DagRep.2.10.1},
  doi          = {10.4230/DAGREP.2.10.1},
  timestamp    = {Thu, 14 Oct 2021 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/dagstuhl-reports/DesmetJLS12.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@phdthesis{DBLP:phd/de/Johns2011,
  author       = {Martin Johns},
  title        = {Code Injection Vulnerabilities in Web Applications: Exemplified at
                  Cross-site Scripting},
  school       = {University of Passau},
  year         = {2011},
  url          = {http://www.opus-bayern.de/uni-passau/volltexte/2011/2362/},
  urn          = {urn:nbn:de:bvb:739-opus-23626},
  timestamp    = {Sat, 17 Jul 2021 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/phd/de/Johns2011.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/it/Johns11,
  author       = {Martin Johns},
  title        = {Code-injection Vulnerabilities in Web Applications - Exemplified at
                  Cross-site Scripting},
  journal      = {it Inf. Technol.},
  volume       = {53},
  number       = {5},
  pages        = {256},
  year         = {2011},
  url          = {https://doi.org/10.1524/itit.2011.0651},
  doi          = {10.1524/ITIT.2011.0651},
  timestamp    = {Mon, 28 Aug 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/it/Johns11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/JawurekJR11,
  author       = {Marek Jawurek and
                  Martin Johns and
                  Konrad Rieck},
  editor       = {Robert H'obbes' Zakon and
                  John P. McDermott and
                  Michael E. Locasto},
  title        = {Smart metering de-pseudonymization},
  booktitle    = {Twenty-Seventh Annual Computer Security Applications Conference, {ACSAC}
                  2011, Orlando, FL, USA, 5-9 December 2011},
  pages        = {227--236},
  publisher    = {{ACM}},
  year         = {2011},
  url          = {https://doi.org/10.1145/2076732.2076764},
  doi          = {10.1145/2076732.2076764},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/acsac/JawurekJR11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/JohnsL11,
  author       = {Martin Johns and
                  Sebastian Lekies},
  editor       = {Thorsten Holz and
                  Herbert Bos},
  title        = {Biting the Hand That Serves You: {A} Closer Look at Client-Side Flash
                  Proxies for Cross-Domain Requests},
  booktitle    = {Detection of Intrusions and Malware, and Vulnerability Assessment
                  - 8th International Conference; {DIMVA} 2011, Amsterdam, The Netherlands,
                  July 7-8, 2011. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {6739},
  pages        = {85--103},
  publisher    = {Springer},
  year         = {2011},
  url          = {https://doi.org/10.1007/978-3-642-22424-9\_6},
  doi          = {10.1007/978-3-642-22424-9\_6},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/dimva/JohnsL11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/essos/NikiforakisMYJJ11,
  author       = {Nick Nikiforakis and
                  Wannes Meert and
                  Yves Younan and
                  Martin Johns and
                  Wouter Joosen},
  editor       = {{\'{U}}lfar Erlingsson and
                  Roel J. Wieringa and
                  Nicola Zannone},
  title        = {SessionShield: Lightweight Protection against Session Hijacking},
  booktitle    = {Engineering Secure Software and Systems - Third International Symposium,
                  ESSoS 2011, Madrid, Spain, February 9-10, 2011. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {6542},
  pages        = {87--100},
  publisher    = {Springer},
  year         = {2011},
  url          = {https://doi.org/10.1007/978-3-642-19125-1\_7},
  doi          = {10.1007/978-3-642-19125-1\_7},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/essos/NikiforakisMYJJ11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosec/NikiforakisJJ11,
  author       = {Nick Nikiforakis and
                  Wouter Joosen and
                  Martin Johns},
  editor       = {Engin Kirda and
                  Steven Hand},
  title        = {Abusing locality in shared web hosting},
  booktitle    = {Proceedings of the Fourth European Workshop on System Security, EUROSEC'11,
                  April 10, 2011, Salzburg, Austria},
  pages        = {2},
  publisher    = {{ACM}},
  year         = {2011},
  url          = {https://doi.org/10.1145/1972551.1972553},
  doi          = {10.1145/1972551.1972553},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/eurosec/NikiforakisJJ11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icst/JohnsJ11,
  author       = {Martin Johns and
                  Moritz Jodeit},
  title        = {Scanstud: {A} Methodology for Systematic, Fine-Grained Evaluation
                  of Static Analysis Tools},
  booktitle    = {Fourth {IEEE} International Conference on Software Testing, Verification
                  and Validation, {ICST} 2012, Berlin, Germany, 21-25 March, 2011, Workshop
                  Proceedings},
  pages        = {523--530},
  publisher    = {{IEEE} Computer Society},
  year         = {2011},
  url          = {https://doi.org/10.1109/ICSTW.2011.32},
  doi          = {10.1109/ICSTW.2011.32},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/icst/JohnsJ11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/pet/JawurekJK11,
  author       = {Marek Jawurek and
                  Martin Johns and
                  Florian Kerschbaum},
  editor       = {Simone Fischer{-}H{\"{u}}bner and
                  Nicholas Hopper},
  title        = {Plug-In Privacy for Smart Metering Billing},
  booktitle    = {Privacy Enhancing Technologies - 11th International Symposium, {PETS}
                  2011, Waterloo, ON, Canada, July 27-29, 2011. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {6794},
  pages        = {192--210},
  publisher    = {Springer},
  year         = {2011},
  url          = {https://doi.org/10.1007/978-3-642-22263-4\_11},
  doi          = {10.1007/978-3-642-22263-4\_11},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/pet/JawurekJK11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/JohnsBSP11,
  author       = {Martin Johns and
                  Bastian Braun and
                  Michael Schrank and
                  Joachim Posegga},
  editor       = {William C. Chu and
                  W. Eric Wong and
                  Mathew J. Palakal and
                  Chih{-}Cheng Hung},
  title        = {Reliable protection against session fixation attacks},
  booktitle    = {Proceedings of the 2011 {ACM} Symposium on Applied Computing (SAC),
                  TaiChung, Taiwan, March 21 - 24, 2011},
  pages        = {1531--1537},
  publisher    = {{ACM}},
  year         = {2011},
  url          = {https://doi.org/10.1145/1982185.1982511},
  doi          = {10.1145/1982185.1982511},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sac/JohnsBSP11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@incollection{DBLP:reference/crypt/Johns11,
  author       = {Martin Johns},
  editor       = {Henk C. A. van Tilborg and
                  Sushil Jajodia},
  title        = {Session Hijacking Attacks},
  booktitle    = {Encyclopedia of Cryptography and Security, 2nd Ed},
  pages        = {1189--1190},
  publisher    = {Springer},
  year         = {2011},
  url          = {https://doi.org/10.1007/978-1-4419-5906-5\_661},
  doi          = {10.1007/978-1-4419-5906-5\_661},
  timestamp    = {Wed, 12 Jul 2017 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/reference/crypt/Johns11.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/essos/JohnsBGP10,
  author       = {Martin Johns and
                  Christian Beyerlein and
                  Rosemaria Giesecke and
                  Joachim Posegga},
  editor       = {Fabio Massacci and
                  Dan S. Wallach and
                  Nicola Zannone},
  title        = {Secure Code Generation for Web Applications},
  booktitle    = {Engineering Secure Software and Systems, Second International Symposium,
                  ESSoS 2010, Pisa, Italy, February 3-4, 2010. Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {5965},
  pages        = {96--113},
  publisher    = {Springer},
  year         = {2010},
  url          = {https://doi.org/10.1007/978-3-642-11747-3\_8},
  doi          = {10.1007/978-3-642-11747-3\_8},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/essos/JohnsBGP10.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/isse/JawurekJ10,
  author       = {Marek Jawurek and
                  Martin Johns},
  editor       = {Norbert Pohlmann and
                  Helmut Reimer and
                  Wolfgang Schneider},
  title        = {Security Challenges of a Changing Energy Landscape},
  booktitle    = {{ISSE} 2010 - Securing Electronic Business Processes, Highlights of
                  the Information Security Solutions Europe 2010 Conference, Berlin,
                  Germany, October 5-7, 2010},
  pages        = {249--259},
  publisher    = {Vieweg+Teubner},
  year         = {2010},
  url          = {https://doi.org/10.1007/978-3-8348-9788-6\_24},
  doi          = {10.1007/978-3-8348-9788-6\_24},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/isse/JawurekJ10.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sicherheit/SchrankBJP10,
  author       = {Michael Schrank and
                  Bastian Braun and
                  Martin Johns and
                  Joachim Posegga},
  editor       = {Felix C. Freiling},
  title        = {Session Fixation - The Forgotten Vulnerability?},
  booktitle    = {Sicherheit 2010: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
                  Beitr{\"{a}}ge der 5. Jahrestagung des Fachbereichs Sicherheit
                  der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 5.-7. Oktober
                  2010 in Berlin},
  series       = {{LNI}},
  volume       = {{P-170}},
  pages        = {341--352},
  publisher    = {{GI}},
  year         = {2010},
  url          = {https://dl.gi.de/handle/20.500.12116/19794},
  timestamp    = {Tue, 04 Jul 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sicherheit/SchrankBJP10.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1012-2248,
  author       = {Marek Jawurek and
                  Martin Johns and
                  Florian Kerschbaum},
  title        = {Plug-in privacy for Smart Metering billing},
  journal      = {CoRR},
  volume       = {abs/1012.2248},
  year         = {2010},
  url          = {http://arxiv.org/abs/1012.2248},
  eprinttype    = {arXiv},
  eprint       = {1012.2248},
  timestamp    = {Mon, 13 Aug 2018 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/corr/abs-1012-2248.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@incollection{DBLP:conf/gi/Johns09,
  author       = {Martin Johns},
  editor       = {Abraham Bernstein and
                  Steffen H{\"{o}}lldobler and
                  G{\"{u}}nter Hotz and
                  Klaus{-}Peter L{\"{o}}hr and
                  Paul Molitor and
                  Gustaf Neumann and
                  R{\"{u}}diger Reischuk and
                  Dietmar Saupe and
                  Myra Spiliopoulou and
                  Harald St{\"{o}}rrle and
                  Dorothea Wagner},
  title        = {Code-injection Verwundbarkeit in Web Anwendungen am Beispiel von Cross-site
                  Scripting},
  booktitle    = {Ausgezeichnete Informatikdissertationen 2009},
  series       = {{LNI}},
  volume       = {{D-10}},
  pages        = {111--120},
  publisher    = {{GI}},
  year         = {2009},
  url          = {https://dl.gi.de/handle/20.500.12116/33660},
  timestamp    = {Tue, 04 Jul 2023 17:43:57 +0200},
  biburl       = {https://dblp.org/rec/conf/gi/Johns09.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@proceedings{DBLP:conf/dagstuhl/2009P9141,
  editor       = {Dan Boneh and
                  {\'{U}}lfar Erlingsson and
                  Martin Johns and
                  Benjamin Livshits},
  title        = {Web Application Security, 29.03. - 03.04.2009},
  series       = {Dagstuhl Seminar Proceedings},
  volume       = {09141},
  publisher    = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany},
  year         = {2009},
  url          = {http://drops.dagstuhl.de/portals/09141/},
  timestamp    = {Thu, 10 Jun 2021 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/dagstuhl/2009P9141.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dagstuhl/BonehEJL09,
  author       = {Dan Boneh and
                  {\'{U}}lfar Erlingsson and
                  Martin Johns and
                  Benjamin Livshits},
  editor       = {Dan Boneh and
                  {\'{U}}lfar Erlingsson and
                  Martin Johns and
                  Benjamin Livshits},
  title        = {09141 Abstracts Collection - Web Application Security},
  booktitle    = {Web Application Security, 29.03. - 03.04.2009},
  series       = {Dagstuhl Seminar Proceedings},
  volume       = {09141},
  publisher    = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany},
  year         = {2009},
  url          = {http://drops.dagstuhl.de/opus/volltexte/2010/2726/},
  timestamp    = {Thu, 10 Jun 2021 13:02:09 +0200},
  biburl       = {https://dblp.org/rec/conf/dagstuhl/BonehEJL09.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dagstuhl/BonehEJL09a,
  author       = {Dan Boneh and
                  {\'{U}}lfar Erlingsson and
                  Martin Johns and
                  Benjamin Livshits},
  editor       = {Dan Boneh and
                  {\'{U}}lfar Erlingsson and
                  Martin Johns and
                  Benjamin Livshits},
  title        = {09141 Executive Summary - Web Application Security},
  booktitle    = {Web Application Security, 29.03. - 03.04.2009},
  series       = {Dagstuhl Seminar Proceedings},
  volume       = {09141},
  publisher    = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany},
  year         = {2009},
  url          = {http://drops.dagstuhl.de/opus/volltexte/2010/2725/},
  timestamp    = {Thu, 23 Aug 2018 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/dagstuhl/BonehEJL09a.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/virology/Johns08,
  author       = {Martin Johns},
  title        = {On JavaScript Malware and related threats},
  journal      = {J. Comput. Virol.},
  volume       = {4},
  number       = {3},
  pages        = {161--178},
  year         = {2008},
  url          = {https://doi.org/10.1007/s11416-007-0076-7},
  doi          = {10.1007/S11416-007-0076-7},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/journals/virology/Johns08.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/JohnsEP08,
  author       = {Martin Johns and
                  Bj{\"{o}}rn Engelmann and
                  Joachim Posegga},
  title        = {{XSSDS:} Server-Side Detection of Cross-Site Scripting Attacks},
  booktitle    = {Twenty-Fourth Annual Computer Security Applications Conference, {ACSAC}
                  2008, Anaheim, California, USA, 8-12 December 2008},
  pages        = {335--344},
  publisher    = {{IEEE} Computer Society},
  year         = {2008},
  url          = {https://doi.org/10.1109/ACSAC.2008.36},
  doi          = {10.1109/ACSAC.2008.36},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/acsac/JohnsEP08.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dud/JohnsS07,
  author       = {Martin Johns and
                  Daniel Schreckling},
  title        = {Automatisierter Code-Audit - Sicherheitsanalyse von Source Code in
                  Theorie und Praxis},
  journal      = {Datenschutz und Datensicherheit},
  volume       = {31},
  number       = {12},
  pages        = {888--893},
  year         = {2007},
  url          = {https://doi.org/10.1007/s11623-007-0286-7},
  doi          = {10.1007/S11623-007-0286-7},
  timestamp    = {Wed, 16 Mar 2022 00:00:00 +0100},
  biburl       = {https://dblp.org/rec/journals/dud/JohnsS07.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/JohnsW07,
  author       = {Martin Johns and
                  Justus Winter},
  editor       = {Bernhard M. H{\"{a}}mmerli and
                  Robin Sommer},
  title        = {Protecting the Intranet Against "JavaScript Malware" and
                  Related Attacks},
  booktitle    = {Detection of Intrusions and Malware, and Vulnerability Assessment,
                  4th International Conference, {DIMVA} 2007, Lucerne, Switzerland,
                  July 12-13, 2007, Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {4579},
  pages        = {40--59},
  publisher    = {Springer},
  year         = {2007},
  url          = {https://doi.org/10.1007/978-3-540-73614-1\_3},
  doi          = {10.1007/978-3-540-73614-1\_3},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/dimva/JohnsW07.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/JohnsB07,
  author       = {Martin Johns and
                  Christian Beyerlein},
  editor       = {Yookun Cho and
                  Roger L. Wainwright and
                  Hisham Haddad and
                  Sung Y. Shin and
                  Yong Wan Koo},
  title        = {SMask: preventing injection attacks in web applications by approximating
                  automatic data/code separation},
  booktitle    = {Proceedings of the 2007 {ACM} Symposium on Applied Computing (SAC),
                  Seoul, Korea, March 11-15, 2007},
  pages        = {284--291},
  publisher    = {{ACM}},
  year         = {2007},
  url          = {https://doi.org/10.1145/1244002.1244071},
  doi          = {10.1145/1244002.1244071},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/sac/JohnsB07.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/esorics/Johns06,
  author       = {Martin Johns},
  editor       = {Dieter Gollmann and
                  Jan Meier and
                  Andrei Sabelfeld},
  title        = {SessionSafe: Implementing {XSS} Immune Session Handling},
  booktitle    = {Computer Security - {ESORICS} 2006, 11th European Symposium on Research
                  in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings},
  series       = {Lecture Notes in Computer Science},
  volume       = {4189},
  pages        = {444--460},
  publisher    = {Springer},
  year         = {2006},
  url          = {https://doi.org/10.1007/11863908\_27},
  doi          = {10.1007/11863908\_27},
  timestamp    = {Mon, 26 Jun 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/esorics/Johns06.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/biosig/Johns03,
  author       = {Martin Johns},
  editor       = {Arslan Br{\"{o}}mme and
                  Christoph Busch},
  title        = {Pseudonyme Biometrik: Ein signatur-basierter Ansatz},
  booktitle    = {{BIOSIG} 2003, Proceedings of the 1st Conference on Biometrics and
                  Electronic Signatures of the {GI} Working Group BIOSIG, 24 July 2003,
                  Darmstadt, Germany},
  series       = {{LNI}},
  volume       = {{P-31}},
  pages        = {113--120},
  publisher    = {{GI}},
  year         = {2003},
  url          = {https://dl.gi.de/handle/20.500.12116/29651},
  timestamp    = {Tue, 04 Jul 2023 01:00:00 +0200},
  biburl       = {https://dblp.org/rec/conf/biosig/Johns03.bib},
  bibsource    = {dblp computer science bibliography, https://dblp.org}
}