default search action
Google
Google Scholar
Semantic Scholar
Internet Archive Scholar
CiteSeerX
ORCIDBibTeX records: Martin Johns
@article{DBLP:journals/popets/BoussahaHBRRKJCAB24,
author = {Soumaya Boussaha and
Lukas Hock and
Miguel Bermejo and
Rub{\'{e}}n Cuevas Rum{\'{\i}}n and
{\'{A}}ngel Cuevas Rum{\'{\i}}n and
David Klein and
Martin Johns and
Luca Compagna and
Daniele Antonioli and
Thomas Barber},
title = {FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking
and Entropy-based Thresholds},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2024},
number = {3},
pages = {540--560},
year = {2024},
url = {https://doi.org/10.56553/popets-2024-0092},
doi = {10.56553/POPETS-2024-0092},
timestamp = {Thu, 18 Jul 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/popets/BoussahaHBRRKJCAB24.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/KirchnerKKKJ24,
author = {Robin Kirchner and
Simon Koch and
Noah Kamangar and
David Klein and
Martin Johns},
title = {A Black-Box Privacy Analysis of Messaging Service Providers' Chat
Message Processing},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2024},
number = {3},
pages = {674--691},
year = {2024},
url = {https://doi.org/10.56553/popets-2024-0099},
doi = {10.56553/POPETS-2024-0099},
timestamp = {Thu, 18 Jul 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/popets/KirchnerKKKJ24.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/hicss/WarneckeBBBDHJP24,
author = {Joana M. Warnecke and
Christian Baumgartner and
Michael H. Breitner and
Dominique F. Briechle and
Thomas M. Deserno and
Maximilian Heumann and
Martin Johns and
Alexander Picker and
Andreas Rausch and
Lars C. Wolf},
editor = {Tung X. Bui},
title = {Continuous Health Monitoring on Shared Mobility Devices: {A} Health-eScooter
Prototype},
booktitle = {57th Hawaii International Conference on System Sciences, {HICSS} 2024,
Hilton Hawaiian Village Waikiki Beach Resort, Hawaii, USA, January
3-6, 2024},
pages = {3485--3494},
publisher = {ScholarSpace},
year = {2024},
url = {https://hdl.handle.net/10125/106805},
timestamp = {Mon, 02 Sep 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/hicss/WarneckeBBBDHJP24.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/KirchnerMM0RJ24,
author = {Robin Kirchner and
Jonas M{\"{o}}ller and
Marius Musch and
David Klein and
Konrad Rieck and
Martin Johns},
editor = {Davide Balzarotti and
Wenyuan Xu},
title = {Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind
Cross-Site Scripting},
booktitle = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia,
PA, USA, August 14-16, 2024},
publisher = {{USENIX} Association},
year = {2024},
url = {https://www.usenix.org/conference/usenixsecurity24/presentation/kirchner},
timestamp = {Mon, 22 Jul 2024 17:10:49 +0200},
biburl = {https://dblp.org/rec/conf/uss/KirchnerMM0RJ24.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/WesselsKPJ24,
author = {Malte Wessels and
Simon Koch and
Giancarlo Pellegrino and
Martin Johns},
editor = {Davide Balzarotti and
Wenyuan Xu},
title = {{SSRF} vs. Developers: {A} Study of SSRF-Defenses in {PHP} Applications},
booktitle = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia,
PA, USA, August 14-16, 2024},
publisher = {{USENIX} Association},
year = {2024},
url = {https://www.usenix.org/conference/usenixsecurity24/presentation/wessels},
timestamp = {Mon, 22 Jul 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/uss/WesselsKPJ24.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/KleinRBKJ23,
author = {David Klein and
Benny Rolle and
Thomas Barber and
Manuel Karl and
Martin Johns},
editor = {Weizhi Meng and
Christian Damsgaard Jensen and
Cas Cremers and
Engin Kirda},
title = {General Data Protection Runtime: Enforcing Transparent {GDPR} Compliance
for Existing Applications},
booktitle = {Proceedings of the 2023 {ACM} {SIGSAC} Conference on Computer and
Communications Security, {CCS} 2023, Copenhagen, Denmark, November
26-30, 2023},
pages = {3343--3357},
publisher = {{ACM}},
year = {2023},
url = {https://doi.org/10.1145/3576915.3616604},
doi = {10.1145/3576915.3616604},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/KleinRBKJ23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/KochWKJ23,
author = {Simon Koch and
Malte Wessels and
David Klein and
Martin Johns},
editor = {Weizhi Meng and
Christian Damsgaard Jensen and
Cas Cremers and
Engin Kirda},
title = {Poster: The Risk of Insufficient Isolation of Database Transactions
in Web Applications},
booktitle = {Proceedings of the 2023 {ACM} {SIGSAC} Conference on Computer and
Communications Security, {CCS} 2023, Copenhagen, Denmark, November
26-30, 2023},
pages = {3576--3578},
publisher = {{ACM}},
year = {2023},
url = {https://doi.org/10.1145/3576915.3624394},
doi = {10.1145/3576915.3624394},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/KochWKJ23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ndss/GrossKBHJ23,
author = {Samuel Gro{\ss} and
Simon Koch and
Lukas Bernhard and
Thorsten Holz and
Martin Johns},
title = {{FUZZILLI:} Fuzzing for JavaScript {JIT} Compiler Vulnerabilities},
booktitle = {30th Annual Network and Distributed System Security Symposium, {NDSS}
2023, San Diego, California, USA, February 27 - March 3, 2023},
publisher = {The Internet Society},
year = {2023},
url = {https://www.ndss-symposium.org/ndss-paper/fuzzilli-fuzzing-for-javascript-jit-compiler-vulnerabilities/},
timestamp = {Thu, 15 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ndss/GrossKBHJ23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/KochAJ23,
author = {Simon Koch and
Benjamin Altpeter and
Martin Johns},
editor = {Joseph A. Calandrino and
Carmela Troncoso},
title = {The {OK} Is Not Enough: {A} Large Scale Study of Consent Dialogs in
Smartphone Applications},
booktitle = {32nd {USENIX} Security Symposium, {USENIX} Security 2023, Anaheim,
CA, USA, August 9-11, 2023},
pages = {5467--5484},
publisher = {{USENIX} Association},
year = {2023},
url = {https://www.usenix.org/conference/usenixsecurity23/presentation/koch},
timestamp = {Wed, 18 Oct 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/uss/KochAJ23.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/KochWAOJ22,
author = {Simon Koch and
Malte Wessels and
Benjamin Altpeter and
Madita Olvermann and
Martin Johns},
title = {Keeping Privacy Labels Honest},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2022},
number = {4},
pages = {486--506},
year = {2022},
url = {https://doi.org/10.56553/popets-2022-0119},
doi = {10.56553/POPETS-2022-0119},
timestamp = {Sat, 30 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/popets/KochWAOJ22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/KleinMBKJ22,
author = {David Klein and
Marius Musch and
Thomas Barber and
Moritz Kopmann and
Martin Johns},
title = {Accept All Exploits: Exploring the Security Impact of Cookie Banners},
booktitle = {Annual Computer Security Applications Conference, {ACSAC} 2022, Austin,
TX, USA, December 5-9, 2022},
pages = {911--922},
publisher = {{ACM}},
year = {2022},
url = {https://doi.org/10.1145/3564625.3564647},
doi = {10.1145/3564625.3564647},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/acsac/KleinMBKJ22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/asiaccs/MuschKBJ22,
author = {Marius Musch and
Robin Kirchner and
Max Boll and
Martin Johns},
editor = {Yuji Suga and
Kouichi Sakurai and
Xuhua Ding and
Kazue Sako},
title = {Server-Side Browsers: Exploring the Web's Hidden Attack Surface},
booktitle = {{ASIA} {CCS} '22: {ACM} Asia Conference on Computer and Communications
Security, Nagasaki, Japan, 30 May 2022 - 3 June 2022},
pages = {1168--1181},
publisher = {{ACM}},
year = {2022},
url = {https://doi.org/10.1145/3488932.3517414},
doi = {10.1145/3488932.3517414},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/asiaccs/MuschKBJ22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosp/KleinBBSJ22,
author = {David Klein and
Thomas Barber and
Souphiane Bensalim and
Ben Stock and
Martin Johns},
title = {Hand Sanitizers in the Wild: {A} Large-scale Study of Custom JavaScript
Sanitizer Functions},
booktitle = {7th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P
2022, Genoa, Italy, June 6-10, 2022},
pages = {236--250},
publisher = {{IEEE}},
year = {2022},
url = {https://doi.org/10.1109/EuroSP53844.2022.00023},
doi = {10.1109/EUROSP53844.2022.00023},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/eurosp/KleinBBSJ22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/imc/KarlMMJL22,
author = {Manuel Karl and
Marius Musch and
Guoli Ma and
Martin Johns and
Sebastian Lekies},
editor = {Chadi Barakat and
Cristel Pelsser and
Theophilus A. Benson and
David R. Choffnes},
title = {No keys to the kingdom required: a comprehensive investigation of
missing authentication vulnerabilities in the wild},
booktitle = {Proceedings of the 22nd {ACM} Internet Measurement Conference, {IMC}
2022, Nice, France, October 25-27, 2022},
pages = {619--632},
publisher = {{ACM}},
year = {2022},
url = {https://doi.org/10.1145/3517745.3561446},
doi = {10.1145/3517745.3561446},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/imc/KarlMMJL22.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/popets/DirksenKMSRJ21,
author = {Alexandra Dirksen and
David Klein and
Robert Michael and
Tilman Stehr and
Konrad Rieck and
Martin Johns},
title = {LogPicker: Strengthening Certificate Transparency Against Covert Adversaries},
journal = {Proc. Priv. Enhancing Technol.},
volume = {2021},
number = {4},
pages = {184--202},
year = {2021},
url = {https://doi.org/10.2478/popets-2021-0066},
doi = {10.2478/POPETS-2021-0066},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/popets/DirksenKMSRJ21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosec/BensalimKBJ21,
author = {Souphiane Bensalim and
David Klein and
Thomas Barber and
Martin Johns},
title = {Talking About My Generation: Targeted DOM-based {XSS} Exploit Generation
using Dynamic Data Flow Analysis},
booktitle = {EuroSec '21: Proceedings of the 14th European Workshop on Systems
Security, Virtual Event / Edinburgh, Scotland, UK, April 26, 2021},
pages = {27--33},
publisher = {{ACM}},
year = {2021},
url = {https://doi.org/10.1145/3447852.3458718},
doi = {10.1145/3447852.3458718},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/eurosec/BensalimKBJ21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ndss/SteffensMJS21,
author = {Marius Steffens and
Marius Musch and
Martin Johns and
Ben Stock},
title = {Who's Hosting the Block Party? Studying Third-Party Blockage of {CSP}
and {SRI}},
booktitle = {28th Annual Network and Distributed System Security Symposium, {NDSS}
2021, virtually, February 21-25, 2021},
publisher = {The Internet Society},
year = {2021},
url = {https://www.ndss-symposium.org/ndss-paper/whos-hosting-the-block-party-studying-third-party-blockage-of-csp-and-sri/},
timestamp = {Thu, 17 Jun 2021 15:42:26 +0200},
biburl = {https://dblp.org/rec/conf/ndss/SteffensMJS21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/MuschJ21,
author = {Marius Musch and
Martin Johns},
editor = {Michael D. Bailey and
Rachel Greenstadt},
title = {U Can't Debug This: Detecting JavaScript Anti-Debugging Techniques
in the Wild},
booktitle = {30th {USENIX} Security Symposium, {USENIX} Security 2021, August 11-13,
2021},
pages = {2935--2950},
publisher = {{USENIX} Association},
year = {2021},
url = {https://www.usenix.org/conference/usenixsecurity21/presentation/musch},
timestamp = {Mon, 20 Nov 2023 08:57:49 +0100},
biburl = {https://dblp.org/rec/conf/uss/MuschJ21.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccsw-ws/JohnsD20,
author = {Martin Johns and
Alexandra Dirksen},
editor = {Yinqian Zhang and
Radu Sion},
title = {Towards Enabling Secure Web-Based Cloud Services using Client-Side
Encryption},
booktitle = {CCSW'20, Proceedings of the 2020 {ACM} {SIGSAC} Conference on Cloud
Computing Security Workshop, Virtual Event, USA, November 9, 2020},
pages = {67--76},
publisher = {{ACM}},
year = {2020},
url = {https://doi.org/10.1145/3411495.3421364},
doi = {10.1145/3411495.3421364},
timestamp = {Thu, 12 Oct 2023 12:32:08 +0200},
biburl = {https://dblp.org/rec/conf/ccsw-ws/JohnsD20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/KochSJP20,
author = {Simon Koch and
Tim Sauer and
Martin Johns and
Giancarlo Pellegrino},
editor = {Chih{-}Cheng Hung and
Tom{\'{a}}s Cern{\'{y}} and
Dongwan Shin and
Alessio Bechini},
title = {Raccoon: automated verification of guarded race conditions in web
applications},
booktitle = {{SAC} '20: The 35th {ACM/SIGAPP} Symposium on Applied Computing, online
event, [Brno, Czech Republic], March 30 - April 3, 2020},
pages = {1678--1687},
publisher = {{ACM}},
year = {2020},
url = {https://doi.org/10.1145/3341105.3373855},
doi = {10.1145/3341105.3373855},
timestamp = {Sat, 30 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sac/KochSJP20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/LochJHMS20,
author = {Florian D. Loch and
Martin Johns and
Martin Hecker and
Martin Mohr and
Gregor Snelting},
editor = {Chih{-}Cheng Hung and
Tom{\'{a}}s Cern{\'{y}} and
Dongwan Shin and
Alessio Bechini},
title = {Hybrid taint analysis for Java {EE}},
booktitle = {{SAC} '20: The 35th {ACM/SIGAPP} Symposium on Applied Computing, online
event, [Brno, Czech Republic], March 30 - April 3, 2020},
pages = {1716--1725},
publisher = {{ACM}},
year = {2020},
url = {https://doi.org/10.1145/3341105.3373887},
doi = {10.1145/3341105.3373887},
timestamp = {Thu, 29 Oct 2020 00:00:00 +0100},
biburl = {https://dblp.org/rec/conf/sac/LochJHMS20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/QuiringKAJR20,
author = {Erwin Quiring and
David Klein and
Daniel Arp and
Martin Johns and
Konrad Rieck},
editor = {Srdjan Capkun and
Franziska Roesner},
title = {Adversarial Preprocessing: Understanding and Preventing Image-Scaling
Attacks in Machine Learning},
booktitle = {29th {USENIX} Security Symposium, {USENIX} Security 2020, August 12-14,
2020},
pages = {1363--1380},
publisher = {{USENIX} Association},
year = {2020},
url = {https://www.usenix.org/conference/usenixsecurity20/presentation/quiring},
timestamp = {Tue, 28 May 2024 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/uss/QuiringKAJR20.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/IEEEares/MuschWJR19,
author = {Marius Musch and
Christian Wressnegger and
Martin Johns and
Konrad Rieck},
title = {Thieves in the Browser: Web-based Cryptojacking in the Wild},
booktitle = {Proceedings of the 14th International Conference on Availability,
Reliability and Security, {ARES} 2019, Canterbury, UK, August 26-29,
2019},
pages = {4:1--4:10},
publisher = {{ACM}},
year = {2019},
url = {https://doi.org/10.1145/3339252.3339261},
doi = {10.1145/3339252.3339261},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/IEEEares/MuschWJR19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/MuschSRSJ19,
author = {Marius Musch and
Marius Steffens and
Sebastian Roth and
Ben Stock and
Martin Johns},
editor = {Steven D. Galbraith and
Giovanni Russello and
Willy Susilo and
Dieter Gollmann and
Engin Kirda and
Zhenkai Liang},
title = {ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices},
booktitle = {Proceedings of the 2019 {ACM} Asia Conference on Computer and Communications
Security, AsiaCCS 2019, Auckland, New Zealand, July 09-12, 2019},
pages = {391--402},
publisher = {{ACM}},
year = {2019},
url = {https://doi.org/10.1145/3321705.3329841},
doi = {10.1145/3321705.3329841},
timestamp = {Sat, 30 Sep 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/MuschSRSJ19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/MuschWJR19,
author = {Marius Musch and
Christian Wressnegger and
Martin Johns and
Konrad Rieck},
editor = {Roberto Perdisci and
Cl{\'{e}}mentine Maurice and
Giorgio Giacinto and
Magnus Almgren},
title = {New Kid on the Web: {A} Study on the Prevalence of WebAssembly in
the Wild},
booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment
- 16th International Conference, {DIMVA} 2019, Gothenburg, Sweden,
June 19-20, 2019, Proceedings},
series = {Lecture Notes in Computer Science},
volume = {11543},
pages = {23--42},
publisher = {Springer},
year = {2019},
url = {https://doi.org/10.1007/978-3-030-22038-9\_2},
doi = {10.1007/978-3-030-22038-9\_2},
timestamp = {Sun, 04 Aug 2024 19:42:33 +0200},
biburl = {https://dblp.org/rec/conf/dimva/MuschWJR19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ndss/SteffensRJS19,
author = {Marius Steffens and
Christian Rossow and
Martin Johns and
Ben Stock},
title = {Don't Trust The Locals: Investigating the Prevalence of Persistent
Client-Side Cross-Site Scripting in the Wild},
booktitle = {26th Annual Network and Distributed System Security Symposium, {NDSS}
2019, San Diego, California, USA, February 24-27, 2019},
publisher = {The Internet Society},
year = {2019},
url = {https://www.ndss-symposium.org/ndss-paper/dont-trust-the-locals-investigating-the-prevalence-of-persistent-client-side-cross-site-scripting-in-the-wild/},
timestamp = {Mon, 01 Feb 2021 08:42:22 +0100},
biburl = {https://dblp.org/rec/conf/ndss/SteffensRJS19.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/IEEEares/MuschHJ18,
author = {Marius Musch and
Martin H{\"{a}}rterich and
Martin Johns},
editor = {Sebastian Doerr and
Mathias Fischer and
Sebastian Schrittwieser and
Dominik Herrmann},
title = {Towards an Automatic Generation of Low-Interaction Web Application
Honeypots},
booktitle = {Proceedings of the 13th International Conference on Availability,
Reliability and Security, {ARES} 2018, Hamburg, Germany, August 27-30,
2018},
pages = {27:1--27:6},
publisher = {{ACM}},
year = {2018},
url = {https://doi.org/10.1145/3230833.3230839},
doi = {10.1145/3230833.3230839},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/IEEEares/MuschHJ18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1808-09474,
author = {Marius Musch and
Christian Wressnegger and
Martin Johns and
Konrad Rieck},
title = {Web-based Cryptojacking in the Wild},
journal = {CoRR},
volume = {abs/1808.09474},
year = {2018},
url = {http://arxiv.org/abs/1808.09474},
eprinttype = {arXiv},
eprint = {1808.09474},
timestamp = {Mon, 03 Sep 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1808-09474.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dagstuhl-reports/JohnsNVW18,
author = {Martin Johns and
Nick Nikiforakis and
Melanie Volkamer and
John Wilander},
title = {Web Application Security (Dagstuhl Seminar 18321)},
journal = {Dagstuhl Reports},
volume = {8},
number = {8},
pages = {1--17},
year = {2018},
url = {https://doi.org/10.4230/DagRep.8.8.1},
doi = {10.4230/DAGREP.8.8.1},
timestamp = {Fri, 22 Feb 2019 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/dagstuhl-reports/JohnsNVW18.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/LekiesKGNJ17,
author = {Sebastian Lekies and
Krzysztof Kotowicz and
Samuel Gro{\ss} and
Eduardo A. Vela Nava and
Martin Johns},
editor = {Bhavani Thuraisingham and
David Evans and
Tal Malkin and
Dongyan Xu},
title = {Code-Reuse Attacks for the Web: Breaking Cross-Site Scripting Mitigations
via Script Gadgets},
booktitle = {Proceedings of the 2017 {ACM} {SIGSAC} Conference on Computer and
Communications Security, {CCS} 2017, Dallas, TX, USA, October 30 -
November 03, 2017},
pages = {1709--1723},
publisher = {{ACM}},
year = {2017},
url = {https://doi.org/10.1145/3133956.3134091},
doi = {10.1145/3133956.3134091},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/LekiesKGNJ17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/PellegrinoJ0BR17,
author = {Giancarlo Pellegrino and
Martin Johns and
Simon Koch and
Michael Backes and
Christian Rossow},
editor = {Bhavani Thuraisingham and
David Evans and
Tal Malkin and
Dongyan Xu},
title = {Deemon: Detecting {CSRF} with Dynamic Analysis and Property Graphs},
booktitle = {Proceedings of the 2017 {ACM} {SIGSAC} Conference on Computer and
Communications Security, {CCS} 2017, Dallas, TX, USA, October 30 -
November 03, 2017},
pages = {1757--1771},
publisher = {{ACM}},
year = {2017},
url = {https://doi.org/10.1145/3133956.3133959},
doi = {10.1145/3133956.3133959},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/PellegrinoJ0BR17.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/StockJS017,
author = {Ben Stock and
Martin Johns and
Marius Steffens and
Michael Backes},
editor = {Engin Kirda and
Thomas Ristenpart},
title = {How the Web Tangled Itself: Uncovering the History of Client-Side
Web (In)Security},
booktitle = {26th {USENIX} Security Symposium, {USENIX} Security 2017, Vancouver,
BC, Canada, August 16-18, 2017},
pages = {971--987},
publisher = {{USENIX} Association},
year = {2017},
url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/stock},
timestamp = {Mon, 01 Feb 2021 08:42:59 +0100},
biburl = {https://dblp.org/rec/conf/uss/StockJS017.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1708-08786,
author = {Giancarlo Pellegrino and
Martin Johns and
Simon Koch and
Michael Backes and
Christian Rossow},
title = {Deemon: Detecting {CSRF} with Dynamic Analysis and Property Graphs},
journal = {CoRR},
volume = {abs/1708.08786},
year = {2017},
url = {http://arxiv.org/abs/1708.08786},
eprinttype = {arXiv},
eprint = {1708.08786},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1708-08786.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/ac/FeldererBJBBP16,
author = {Michael Felderer and
Matthias B{\"{u}}chler and
Martin Johns and
Achim D. Brucker and
Ruth Breu and
Alexander Pretschner},
title = {Security Testing: {A} Survey},
journal = {Adv. Comput.},
volume = {101},
pages = {1--51},
year = {2016},
url = {https://doi.org/10.1016/bs.adcom.2015.11.003},
doi = {10.1016/BS.ADCOM.2015.11.003},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/ac/FeldererBJBBP16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dud/StockJ16,
author = {Ben Stock and
Martin Johns},
title = {Client-Side {XSS} in Theorie und Praxis},
journal = {Datenschutz und Datensicherheit},
volume = {40},
number = {11},
pages = {707--712},
year = {2016},
url = {https://doi.org/10.1007/s11623-016-0688-5},
doi = {10.1007/S11623-016-0688-5},
timestamp = {Sat, 27 May 2017 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/dud/StockJ16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/StockPRJ016,
author = {Ben Stock and
Giancarlo Pellegrino and
Christian Rossow and
Martin Johns and
Michael Backes},
editor = {Edgar R. Weippl and
Stefan Katzenbeisser and
Christopher Kruegel and
Andrew C. Myers and
Shai Halevi},
title = {{POSTER:} Mapping the Landscape of Large-Scale Vulnerability Notifications},
booktitle = {Proceedings of the 2016 {ACM} {SIGSAC} Conference on Computer and
Communications Security, Vienna, Austria, October 24-28, 2016},
pages = {1787--1789},
publisher = {{ACM}},
year = {2016},
url = {https://doi.org/10.1145/2976749.2989057},
doi = {10.1145/2976749.2989057},
timestamp = {Tue, 10 Nov 2020 20:00:49 +0100},
biburl = {https://dblp.org/rec/conf/ccs/StockPRJ016.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/GroefSJPD16,
author = {Willem De Groef and
Deepak Subramanian and
Martin Johns and
Frank Piessens and
Lieven Desmet},
editor = {Sascha Ossowski},
title = {Ensuring endpoint authenticity in WebRTC peer-to-peer communication},
booktitle = {Proceedings of the 31st Annual {ACM} Symposium on Applied Computing,
Pisa, Italy, April 4-8, 2016},
pages = {2103--2110},
publisher = {{ACM}},
year = {2016},
url = {https://doi.org/10.1145/2851613.2851804},
doi = {10.1145/2851613.2851804},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sac/GroefSJPD16.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/StockPRJ016,
author = {Ben Stock and
Giancarlo Pellegrino and
Christian Rossow and
Martin Johns and
Michael Backes},
editor = {Thorsten Holz and
Stefan Savage},
title = {Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability
Notification},
booktitle = {25th {USENIX} Security Symposium, {USENIX} Security 16, Austin, TX,
USA, August 10-12, 2016},
pages = {1015--1032},
publisher = {{USENIX} Association},
year = {2016},
url = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/stock},
timestamp = {Mon, 01 Feb 2021 08:43:18 +0100},
biburl = {https://dblp.org/rec/conf/uss/StockPRJ016.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/StockPKLJ15,
author = {Ben Stock and
Stephan Pfistner and
Bernd Kaiser and
Sebastian Lekies and
Martin Johns},
editor = {Indrajit Ray and
Ninghui Li and
Christopher Kruegel},
title = {From Facepalm to Brain Bender: Exploring Client-Side Cross-Site Scripting},
booktitle = {Proceedings of the 22nd {ACM} {SIGSAC} Conference on Computer and
Communications Security, Denver, CO, USA, October 12-16, 2015},
pages = {1419--1430},
publisher = {{ACM}},
year = {2015},
url = {https://doi.org/10.1145/2810103.2813625},
doi = {10.1145/2810103.2813625},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/StockPKLJ15.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/BraunPPJ15,
author = {Bastian Braun and
Korbinian Pauli and
Joachim Posegga and
Martin Johns},
editor = {Roger L. Wainwright and
Juan Manuel Corchado and
Alessio Bechini and
Jiman Hong},
title = {LogSec: adaptive protection for the wild wild web},
booktitle = {Proceedings of the 30th Annual {ACM} Symposium on Applied Computing,
Salamanca, Spain, April 13-17, 2015},
pages = {2149--2156},
publisher = {{ACM}},
year = {2015},
url = {https://doi.org/10.1145/2695664.2695709},
doi = {10.1145/2695664.2695709},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sac/BraunPPJ15.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/LekiesSWJ15,
author = {Sebastian Lekies and
Ben Stock and
Martin Wentzel and
Martin Johns},
editor = {Jaeyeon Jung and
Thorsten Holz},
title = {The Unexpected Dangers of Dynamic JavaScript},
booktitle = {24th {USENIX} Security Symposium, {USENIX} Security 15, Washington,
D.C., USA, August 12-14, 2015},
pages = {723--735},
publisher = {{USENIX} Association},
year = {2015},
url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/lekies},
timestamp = {Mon, 01 Feb 2021 08:42:57 +0100},
biburl = {https://dblp.org/rec/conf/uss/LekiesSWJ15.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@book{DBLP:series/sbcs/RyckDPJ14,
author = {Philippe De Ryck and
Lieven Desmet and
Frank Piessens and
Martin Johns},
title = {Primer on Client-Side Web Security},
series = {Springer Briefs in Computer Science},
publisher = {Springer},
year = {2014},
url = {https://doi.org/10.1007/978-3-319-12226-7},
doi = {10.1007/978-3-319-12226-7},
isbn = {978-3-319-12225-0},
timestamp = {Tue, 16 May 2017 01:00:00 +0200},
biburl = {https://dblp.org/rec/series/sbcs/RyckDPJ14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/internet/DesmetJ14,
author = {Lieven Desmet and
Martin Johns},
title = {Real-Time Communications Security on the Web},
journal = {{IEEE} Internet Comput.},
volume = {18},
number = {6},
pages = {8--10},
year = {2014},
url = {https://doi.org/10.1109/MIC.2014.117},
doi = {10.1109/MIC.2014.117},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/internet/DesmetJ14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/istr/Johns14,
author = {Martin Johns},
title = {Script-templates for the Content Security Policy},
journal = {J. Inf. Secur. Appl.},
volume = {19},
number = {3},
pages = {209--223},
year = {2014},
url = {https://doi.org/10.1016/j.jisa.2014.03.007},
doi = {10.1016/J.JISA.2014.03.007},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/istr/Johns14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/jcs/DesmetJLS14,
author = {Lieven Desmet and
Martin Johns and
Benjamin Livshits and
Andrei Sabelfeld},
title = {Preface},
journal = {J. Comput. Secur.},
volume = {22},
number = {4},
pages = {467--468},
year = {2014},
url = {https://doi.org/10.3233/JCS-140506},
doi = {10.3233/JCS-140506},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/jcs/DesmetJLS14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/StockJ14,
author = {Ben Stock and
Martin Johns},
editor = {Shiho Moriai and
Trent Jaeger and
Kouichi Sakurai},
title = {Protecting users against XSS-based password manager abuse},
booktitle = {9th {ACM} Symposium on Information, Computer and Communications Security,
{ASIA} {CCS} '14, Kyoto, Japan - June 03 - 06, 2014},
pages = {183--194},
publisher = {{ACM}},
year = {2014},
url = {https://doi.org/10.1145/2590296.2590336},
doi = {10.1145/2590296.2590336},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/StockJ14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/codaspy/BraunJKP14,
author = {Bastian Braun and
Martin Johns and
Johannes K{\"{o}}stler and
Joachim Posegga},
editor = {Elisa Bertino and
Ravi S. Sandhu and
Jaehong Park},
title = {PhishSafe: leveraging modern JavaScript API's for transparent and
robust protection},
booktitle = {Fourth {ACM} Conference on Data and Application Security and Privacy,
CODASPY'14, San Antonio, TX, {USA} - March 03 - 05, 2014},
pages = {61--72},
publisher = {{ACM}},
year = {2014},
url = {https://doi.org/10.1145/2557547.2557553},
doi = {10.1145/2557547.2557553},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/codaspy/BraunJKP14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sec/BraunKPJ14,
author = {Bastian Braun and
Johannes K{\"{o}}stler and
Joachim Posegga and
Martin Johns},
editor = {Nora Cuppens{-}Boulahia and
Fr{\'{e}}d{\'{e}}ric Cuppens and
Sushil Jajodia and
Anas Abou El Kalam and
Thierry Sans},
title = {A Trusted {UI} for the Mobile Web},
booktitle = {{ICT} Systems Security and Privacy Protection - 29th {IFIP} {TC} 11
International Conference, {SEC} 2014, Marrakech, Morocco, June 2-4,
2014. Proceedings},
series = {{IFIP} Advances in Information and Communication Technology},
volume = {428},
pages = {127--141},
publisher = {Springer},
year = {2014},
url = {https://doi.org/10.1007/978-3-642-55415-5\_11},
doi = {10.1007/978-3-642-55415-5\_11},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sec/BraunKPJ14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sicherheit/StockLJ14,
author = {Ben Stock and
Sebastian Lekies and
Martin Johns},
editor = {Stefan Katzenbeisser and
Volkmar Lotz and
Edgar R. Weippl},
title = {DOM-basiertes Cross-Site Scripting im Web: Reise in ein unerforschtes
Land},
booktitle = {Sicherheit 2014: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
Beitr{\"{a}}ge der 7. Jahrestagung des Fachbereichs Sicherheit
der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 19.-21. M{\"{a}}rz
2014, Wien, {\"{O}}sterreich},
series = {{LNI}},
volume = {{P-228}},
pages = {53--64},
publisher = {{GI}},
year = {2014},
url = {https://dl.gi.de/handle/20.500.12116/20068},
timestamp = {Tue, 04 Jul 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sicherheit/StockLJ14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/StockLMSJ14,
author = {Ben Stock and
Sebastian Lekies and
Tobias Mueller and
Patrick Spiegel and
Martin Johns},
editor = {Kevin Fu and
Jaeyeon Jung},
title = {Precise Client-side Protection against DOM-based Cross-Site Scripting},
booktitle = {Proceedings of the 23rd {USENIX} Security Symposium, San Diego, CA,
USA, August 20-22, 2014},
pages = {655--670},
publisher = {{USENIX} Association},
year = {2014},
url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/stock},
timestamp = {Mon, 01 Feb 2021 08:43:04 +0100},
biburl = {https://dblp.org/rec/conf/uss/StockLMSJ14.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/ccs/LekiesSJ13,
author = {Sebastian Lekies and
Ben Stock and
Martin Johns},
editor = {Ahmad{-}Reza Sadeghi and
Virgil D. Gligor and
Moti Yung},
title = {25 million flows later: large-scale detection of DOM-based {XSS}},
booktitle = {2013 {ACM} {SIGSAC} Conference on Computer and Communications Security,
CCS'13, Berlin, Germany, November 4-8, 2013},
pages = {1193--1204},
publisher = {{ACM}},
year = {2013},
url = {https://doi.org/10.1145/2508859.2516703},
doi = {10.1145/2508859.2516703},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/ccs/LekiesSJ13.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/Johns13,
author = {Martin Johns},
editor = {Konrad Rieck and
Patrick Stewin and
Jean{-}Pierre Seifert},
title = {PreparedJS: Secure Script-Templates for JavaScript},
booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment
- 10th International Conference, {DIMVA} 2013, Berlin, Germany, July
18-19, 2013. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {7967},
pages = {102--121},
publisher = {Springer},
year = {2013},
url = {https://doi.org/10.1007/978-3-642-39235-1\_6},
doi = {10.1007/978-3-642-39235-1\_6},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/dimva/Johns13.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/raid/JohnsL13,
author = {Martin Johns and
Sebastian Lekies},
editor = {Salvatore J. Stolfo and
Angelos Stavrou and
Charles V. Wright},
title = {Tamper-Resistant LikeJacking Protection},
booktitle = {Research in Attacks, Intrusions, and Defenses - 16th International
Symposium, {RAID} 2013, Rodney Bay, St. Lucia, October 23-25, 2013.
Proceedings},
series = {Lecture Notes in Computer Science},
volume = {8145},
pages = {265--285},
publisher = {Springer},
year = {2013},
url = {https://doi.org/10.1007/978-3-642-41284-4\_14},
doi = {10.1007/978-3-642-41284-4\_14},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/raid/JohnsL13.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/uss/JohnsLS13,
author = {Martin Johns and
Sebastian Lekies and
Ben Stock},
editor = {Samuel T. King},
title = {Eradicating {DNS} Rebinding with the Extended Same-origin Policy},
booktitle = {Proceedings of the 22th {USENIX} Security Symposium, Washington, DC,
USA, August 14-16, 2013},
pages = {621--636},
publisher = {{USENIX} Association},
year = {2013},
url = {https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/johns},
timestamp = {Mon, 01 Feb 2021 08:42:56 +0100},
biburl = {https://dblp.org/rec/conf/uss/JohnsLS13.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dud/Johns12,
author = {Martin Johns},
title = {HTML5-Security - Sicherer Umgang mit den neuen JavaScript APIs},
journal = {Datenschutz und Datensicherheit},
volume = {36},
number = {4},
pages = {231--235},
year = {2012},
url = {https://doi.org/10.1007/s11623-012-0090-x},
doi = {10.1007/S11623-012-0090-X},
timestamp = {Sat, 27 May 2017 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/dud/Johns12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/JohnsLBF12,
author = {Martin Johns and
Sebastian Lekies and
Bastian Braun and
Benjamin Flesch},
editor = {Robert H'obbes' Zakon},
title = {BetterAuth: web authentication revisited},
booktitle = {28th Annual Computer Security Applications Conference, {ACSAC} 2012,
Orlando, FL, USA, 3-7 December 2012},
pages = {169--178},
publisher = {{ACM}},
year = {2012},
url = {https://doi.org/10.1145/2420950.2420977},
doi = {10.1145/2420950.2420977},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/acsac/JohnsLBF12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/raid/LekiesNTPJ12,
author = {Sebastian Lekies and
Nick Nikiforakis and
Walter Tighzert and
Frank Piessens and
Martin Johns},
editor = {Davide Balzarotti and
Salvatore J. Stolfo and
Marco Cova},
title = {{DEMACRO:} Defense against Malicious Cross-Domain Requests},
booktitle = {Research in Attacks, Intrusions, and Defenses - 15th International
Symposium, {RAID} 2012, Amsterdam, The Netherlands, September 12-14,
2012. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {7462},
pages = {254--273},
publisher = {Springer},
year = {2012},
url = {https://doi.org/10.1007/978-3-642-33338-5\_13},
doi = {10.1007/978-3-642-33338-5\_13},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/raid/LekiesNTPJ12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sicherheit/LekiesTJ12,
author = {Sebastian Lekies and
Walter Tighzert and
Martin Johns},
editor = {Neeraj Suri and
Michael Waidner},
title = {Towards stateless, client-side driven Cross-Site Request Forgery protection
for Web applications},
booktitle = {Sicherheit 2012: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
Beitr{\"{a}}ge der 6. Jahrestagung des Fachbereichs Sicherheit
der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 7.-9. M{\"{a}}rz
2012 in Darmstadt},
series = {{LNI}},
volume = {{P-195}},
pages = {111--121},
publisher = {{GI}},
year = {2012},
url = {https://dl.gi.de/handle/20.500.12116/18267},
timestamp = {Tue, 04 Jul 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sicherheit/LekiesTJ12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/trustbus/BraunKJP12,
author = {Bastian Braun and
Stefan Kucher and
Martin Johns and
Joachim Posegga},
editor = {Simone Fischer{-}H{\"{u}}bner and
Sokratis K. Katsikas and
Gerald Quirchmayr},
title = {A User-Level Authentication Scheme to Mitigate Web Session-Based Vulnerabilities},
booktitle = {Trust, Privacy and Security in Digital Business - 9th International
Conference, TrustBus 2012, Vienna, Austria, September 3-7, 2012. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {7449},
pages = {17--29},
publisher = {Springer},
year = {2012},
url = {https://doi.org/10.1007/978-3-642-32287-7\_2},
doi = {10.1007/978-3-642-32287-7\_2},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/trustbus/BraunKJP12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/trustbus/JohnsP12,
author = {Martin Johns and
Joachim Posegga},
editor = {Simone Fischer{-}H{\"{u}}bner and
Sokratis K. Katsikas and
Gerald Quirchmayr},
title = {WebSand: Server-Driven Outbound Web-Application Sandboxing},
booktitle = {Trust, Privacy and Security in Digital Business - 9th International
Conference, TrustBus 2012, Vienna, Austria, September 3-7, 2012. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {7449},
pages = {216--217},
publisher = {Springer},
year = {2012},
url = {https://doi.org/10.1007/978-3-642-32287-7\_20},
doi = {10.1007/978-3-642-32287-7\_20},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/trustbus/JohnsP12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dagstuhl-reports/DesmetJLS12,
author = {Lieven Desmet and
Martin Johns and
Benjamin Livshits and
Andrei Sabelfeld},
title = {Web Application Security (Dagstuhl Seminar 12401)},
journal = {Dagstuhl Reports},
volume = {2},
number = {10},
pages = {1--37},
year = {2012},
url = {https://doi.org/10.4230/DagRep.2.10.1},
doi = {10.4230/DAGREP.2.10.1},
timestamp = {Thu, 14 Oct 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/dagstuhl-reports/DesmetJLS12.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@phdthesis{DBLP:phd/de/Johns2011,
author = {Martin Johns},
title = {Code Injection Vulnerabilities in Web Applications: Exemplified at
Cross-site Scripting},
school = {University of Passau},
year = {2011},
url = {http://www.opus-bayern.de/uni-passau/volltexte/2011/2362/},
urn = {urn:nbn:de:bvb:739-opus-23626},
timestamp = {Sat, 17 Jul 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/phd/de/Johns2011.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/it/Johns11,
author = {Martin Johns},
title = {Code-injection Vulnerabilities in Web Applications - Exemplified at
Cross-site Scripting},
journal = {it Inf. Technol.},
volume = {53},
number = {5},
pages = {256},
year = {2011},
url = {https://doi.org/10.1524/itit.2011.0651},
doi = {10.1524/ITIT.2011.0651},
timestamp = {Mon, 28 Aug 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/it/Johns11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/JawurekJR11,
author = {Marek Jawurek and
Martin Johns and
Konrad Rieck},
editor = {Robert H'obbes' Zakon and
John P. McDermott and
Michael E. Locasto},
title = {Smart metering de-pseudonymization},
booktitle = {Twenty-Seventh Annual Computer Security Applications Conference, {ACSAC}
2011, Orlando, FL, USA, 5-9 December 2011},
pages = {227--236},
publisher = {{ACM}},
year = {2011},
url = {https://doi.org/10.1145/2076732.2076764},
doi = {10.1145/2076732.2076764},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/acsac/JawurekJR11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/JohnsL11,
author = {Martin Johns and
Sebastian Lekies},
editor = {Thorsten Holz and
Herbert Bos},
title = {Biting the Hand That Serves You: {A} Closer Look at Client-Side Flash
Proxies for Cross-Domain Requests},
booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment
- 8th International Conference; {DIMVA} 2011, Amsterdam, The Netherlands,
July 7-8, 2011. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {6739},
pages = {85--103},
publisher = {Springer},
year = {2011},
url = {https://doi.org/10.1007/978-3-642-22424-9\_6},
doi = {10.1007/978-3-642-22424-9\_6},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/dimva/JohnsL11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/essos/NikiforakisMYJJ11,
author = {Nick Nikiforakis and
Wannes Meert and
Yves Younan and
Martin Johns and
Wouter Joosen},
editor = {{\'{U}}lfar Erlingsson and
Roel J. Wieringa and
Nicola Zannone},
title = {SessionShield: Lightweight Protection against Session Hijacking},
booktitle = {Engineering Secure Software and Systems - Third International Symposium,
ESSoS 2011, Madrid, Spain, February 9-10, 2011. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {6542},
pages = {87--100},
publisher = {Springer},
year = {2011},
url = {https://doi.org/10.1007/978-3-642-19125-1\_7},
doi = {10.1007/978-3-642-19125-1\_7},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/essos/NikiforakisMYJJ11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/eurosec/NikiforakisJJ11,
author = {Nick Nikiforakis and
Wouter Joosen and
Martin Johns},
editor = {Engin Kirda and
Steven Hand},
title = {Abusing locality in shared web hosting},
booktitle = {Proceedings of the Fourth European Workshop on System Security, EUROSEC'11,
April 10, 2011, Salzburg, Austria},
pages = {2},
publisher = {{ACM}},
year = {2011},
url = {https://doi.org/10.1145/1972551.1972553},
doi = {10.1145/1972551.1972553},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/eurosec/NikiforakisJJ11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/icst/JohnsJ11,
author = {Martin Johns and
Moritz Jodeit},
title = {Scanstud: {A} Methodology for Systematic, Fine-Grained Evaluation
of Static Analysis Tools},
booktitle = {Fourth {IEEE} International Conference on Software Testing, Verification
and Validation, {ICST} 2012, Berlin, Germany, 21-25 March, 2011, Workshop
Proceedings},
pages = {523--530},
publisher = {{IEEE} Computer Society},
year = {2011},
url = {https://doi.org/10.1109/ICSTW.2011.32},
doi = {10.1109/ICSTW.2011.32},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/icst/JohnsJ11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/pet/JawurekJK11,
author = {Marek Jawurek and
Martin Johns and
Florian Kerschbaum},
editor = {Simone Fischer{-}H{\"{u}}bner and
Nicholas Hopper},
title = {Plug-In Privacy for Smart Metering Billing},
booktitle = {Privacy Enhancing Technologies - 11th International Symposium, {PETS}
2011, Waterloo, ON, Canada, July 27-29, 2011. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {6794},
pages = {192--210},
publisher = {Springer},
year = {2011},
url = {https://doi.org/10.1007/978-3-642-22263-4\_11},
doi = {10.1007/978-3-642-22263-4\_11},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/pet/JawurekJK11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/JohnsBSP11,
author = {Martin Johns and
Bastian Braun and
Michael Schrank and
Joachim Posegga},
editor = {William C. Chu and
W. Eric Wong and
Mathew J. Palakal and
Chih{-}Cheng Hung},
title = {Reliable protection against session fixation attacks},
booktitle = {Proceedings of the 2011 {ACM} Symposium on Applied Computing (SAC),
TaiChung, Taiwan, March 21 - 24, 2011},
pages = {1531--1537},
publisher = {{ACM}},
year = {2011},
url = {https://doi.org/10.1145/1982185.1982511},
doi = {10.1145/1982185.1982511},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sac/JohnsBSP11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@incollection{DBLP:reference/crypt/Johns11,
author = {Martin Johns},
editor = {Henk C. A. van Tilborg and
Sushil Jajodia},
title = {Session Hijacking Attacks},
booktitle = {Encyclopedia of Cryptography and Security, 2nd Ed},
pages = {1189--1190},
publisher = {Springer},
year = {2011},
url = {https://doi.org/10.1007/978-1-4419-5906-5\_661},
doi = {10.1007/978-1-4419-5906-5\_661},
timestamp = {Wed, 12 Jul 2017 01:00:00 +0200},
biburl = {https://dblp.org/rec/reference/crypt/Johns11.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/essos/JohnsBGP10,
author = {Martin Johns and
Christian Beyerlein and
Rosemaria Giesecke and
Joachim Posegga},
editor = {Fabio Massacci and
Dan S. Wallach and
Nicola Zannone},
title = {Secure Code Generation for Web Applications},
booktitle = {Engineering Secure Software and Systems, Second International Symposium,
ESSoS 2010, Pisa, Italy, February 3-4, 2010. Proceedings},
series = {Lecture Notes in Computer Science},
volume = {5965},
pages = {96--113},
publisher = {Springer},
year = {2010},
url = {https://doi.org/10.1007/978-3-642-11747-3\_8},
doi = {10.1007/978-3-642-11747-3\_8},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/essos/JohnsBGP10.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/isse/JawurekJ10,
author = {Marek Jawurek and
Martin Johns},
editor = {Norbert Pohlmann and
Helmut Reimer and
Wolfgang Schneider},
title = {Security Challenges of a Changing Energy Landscape},
booktitle = {{ISSE} 2010 - Securing Electronic Business Processes, Highlights of
the Information Security Solutions Europe 2010 Conference, Berlin,
Germany, October 5-7, 2010},
pages = {249--259},
publisher = {Vieweg+Teubner},
year = {2010},
url = {https://doi.org/10.1007/978-3-8348-9788-6\_24},
doi = {10.1007/978-3-8348-9788-6\_24},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/isse/JawurekJ10.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sicherheit/SchrankBJP10,
author = {Michael Schrank and
Bastian Braun and
Martin Johns and
Joachim Posegga},
editor = {Felix C. Freiling},
title = {Session Fixation - The Forgotten Vulnerability?},
booktitle = {Sicherheit 2010: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit,
Beitr{\"{a}}ge der 5. Jahrestagung des Fachbereichs Sicherheit
der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 5.-7. Oktober
2010 in Berlin},
series = {{LNI}},
volume = {{P-170}},
pages = {341--352},
publisher = {{GI}},
year = {2010},
url = {https://dl.gi.de/handle/20.500.12116/19794},
timestamp = {Tue, 04 Jul 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sicherheit/SchrankBJP10.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/corr/abs-1012-2248,
author = {Marek Jawurek and
Martin Johns and
Florian Kerschbaum},
title = {Plug-in privacy for Smart Metering billing},
journal = {CoRR},
volume = {abs/1012.2248},
year = {2010},
url = {http://arxiv.org/abs/1012.2248},
eprinttype = {arXiv},
eprint = {1012.2248},
timestamp = {Mon, 13 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/corr/abs-1012-2248.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@incollection{DBLP:conf/gi/Johns09,
author = {Martin Johns},
editor = {Abraham Bernstein and
Steffen H{\"{o}}lldobler and
G{\"{u}}nter Hotz and
Klaus{-}Peter L{\"{o}}hr and
Paul Molitor and
Gustaf Neumann and
R{\"{u}}diger Reischuk and
Dietmar Saupe and
Myra Spiliopoulou and
Harald St{\"{o}}rrle and
Dorothea Wagner},
title = {Code-injection Verwundbarkeit in Web Anwendungen am Beispiel von Cross-site
Scripting},
booktitle = {Ausgezeichnete Informatikdissertationen 2009},
series = {{LNI}},
volume = {{D-10}},
pages = {111--120},
publisher = {{GI}},
year = {2009},
url = {https://dl.gi.de/handle/20.500.12116/33660},
timestamp = {Tue, 04 Jul 2023 17:43:57 +0200},
biburl = {https://dblp.org/rec/conf/gi/Johns09.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@proceedings{DBLP:conf/dagstuhl/2009P9141,
editor = {Dan Boneh and
{\'{U}}lfar Erlingsson and
Martin Johns and
Benjamin Livshits},
title = {Web Application Security, 29.03. - 03.04.2009},
series = {Dagstuhl Seminar Proceedings},
volume = {09141},
publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany},
year = {2009},
url = {http://drops.dagstuhl.de/portals/09141/},
timestamp = {Thu, 10 Jun 2021 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/dagstuhl/2009P9141.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dagstuhl/BonehEJL09,
author = {Dan Boneh and
{\'{U}}lfar Erlingsson and
Martin Johns and
Benjamin Livshits},
editor = {Dan Boneh and
{\'{U}}lfar Erlingsson and
Martin Johns and
Benjamin Livshits},
title = {09141 Abstracts Collection - Web Application Security},
booktitle = {Web Application Security, 29.03. - 03.04.2009},
series = {Dagstuhl Seminar Proceedings},
volume = {09141},
publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany},
year = {2009},
url = {http://drops.dagstuhl.de/opus/volltexte/2010/2726/},
timestamp = {Thu, 10 Jun 2021 13:02:09 +0200},
biburl = {https://dblp.org/rec/conf/dagstuhl/BonehEJL09.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dagstuhl/BonehEJL09a,
author = {Dan Boneh and
{\'{U}}lfar Erlingsson and
Martin Johns and
Benjamin Livshits},
editor = {Dan Boneh and
{\'{U}}lfar Erlingsson and
Martin Johns and
Benjamin Livshits},
title = {09141 Executive Summary - Web Application Security},
booktitle = {Web Application Security, 29.03. - 03.04.2009},
series = {Dagstuhl Seminar Proceedings},
volume = {09141},
publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany},
year = {2009},
url = {http://drops.dagstuhl.de/opus/volltexte/2010/2725/},
timestamp = {Thu, 23 Aug 2018 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/dagstuhl/BonehEJL09a.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/virology/Johns08,
author = {Martin Johns},
title = {On JavaScript Malware and related threats},
journal = {J. Comput. Virol.},
volume = {4},
number = {3},
pages = {161--178},
year = {2008},
url = {https://doi.org/10.1007/s11416-007-0076-7},
doi = {10.1007/S11416-007-0076-7},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/journals/virology/Johns08.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/acsac/JohnsEP08,
author = {Martin Johns and
Bj{\"{o}}rn Engelmann and
Joachim Posegga},
title = {{XSSDS:} Server-Side Detection of Cross-Site Scripting Attacks},
booktitle = {Twenty-Fourth Annual Computer Security Applications Conference, {ACSAC}
2008, Anaheim, California, USA, 8-12 December 2008},
pages = {335--344},
publisher = {{IEEE} Computer Society},
year = {2008},
url = {https://doi.org/10.1109/ACSAC.2008.36},
doi = {10.1109/ACSAC.2008.36},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/acsac/JohnsEP08.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@article{DBLP:journals/dud/JohnsS07,
author = {Martin Johns and
Daniel Schreckling},
title = {Automatisierter Code-Audit - Sicherheitsanalyse von Source Code in
Theorie und Praxis},
journal = {Datenschutz und Datensicherheit},
volume = {31},
number = {12},
pages = {888--893},
year = {2007},
url = {https://doi.org/10.1007/s11623-007-0286-7},
doi = {10.1007/S11623-007-0286-7},
timestamp = {Wed, 16 Mar 2022 00:00:00 +0100},
biburl = {https://dblp.org/rec/journals/dud/JohnsS07.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/dimva/JohnsW07,
author = {Martin Johns and
Justus Winter},
editor = {Bernhard M. H{\"{a}}mmerli and
Robin Sommer},
title = {Protecting the Intranet Against "JavaScript Malware" and
Related Attacks},
booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment,
4th International Conference, {DIMVA} 2007, Lucerne, Switzerland,
July 12-13, 2007, Proceedings},
series = {Lecture Notes in Computer Science},
volume = {4579},
pages = {40--59},
publisher = {Springer},
year = {2007},
url = {https://doi.org/10.1007/978-3-540-73614-1\_3},
doi = {10.1007/978-3-540-73614-1\_3},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/dimva/JohnsW07.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/sac/JohnsB07,
author = {Martin Johns and
Christian Beyerlein},
editor = {Yookun Cho and
Roger L. Wainwright and
Hisham Haddad and
Sung Y. Shin and
Yong Wan Koo},
title = {SMask: preventing injection attacks in web applications by approximating
automatic data/code separation},
booktitle = {Proceedings of the 2007 {ACM} Symposium on Applied Computing (SAC),
Seoul, Korea, March 11-15, 2007},
pages = {284--291},
publisher = {{ACM}},
year = {2007},
url = {https://doi.org/10.1145/1244002.1244071},
doi = {10.1145/1244002.1244071},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/sac/JohnsB07.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/esorics/Johns06,
author = {Martin Johns},
editor = {Dieter Gollmann and
Jan Meier and
Andrei Sabelfeld},
title = {SessionSafe: Implementing {XSS} Immune Session Handling},
booktitle = {Computer Security - {ESORICS} 2006, 11th European Symposium on Research
in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings},
series = {Lecture Notes in Computer Science},
volume = {4189},
pages = {444--460},
publisher = {Springer},
year = {2006},
url = {https://doi.org/10.1007/11863908\_27},
doi = {10.1007/11863908\_27},
timestamp = {Mon, 26 Jun 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/esorics/Johns06.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
@inproceedings{DBLP:conf/biosig/Johns03,
author = {Martin Johns},
editor = {Arslan Br{\"{o}}mme and
Christoph Busch},
title = {Pseudonyme Biometrik: Ein signatur-basierter Ansatz},
booktitle = {{BIOSIG} 2003, Proceedings of the 1st Conference on Biometrics and
Electronic Signatures of the {GI} Working Group BIOSIG, 24 July 2003,
Darmstadt, Germany},
series = {{LNI}},
volume = {{P-31}},
pages = {113--120},
publisher = {{GI}},
year = {2003},
url = {https://dl.gi.de/handle/20.500.12116/29651},
timestamp = {Tue, 04 Jul 2023 01:00:00 +0200},
biburl = {https://dblp.org/rec/conf/biosig/Johns03.bib},
bibsource = {dblp computer science bibliography, https://dblp.org}
}
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
last updated on 2024-09-04 01:25 CEST by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint
dblp was originally created in 1993 at:
since 2018, dblp has been operated and maintained by:
the dblp computer science bibliography is funded and supported by:
