default search action
BibTeX records: Martin Johns
@article{DBLP:journals/popets/BoussahaHBRRKJCAB24, author = {Soumaya Boussaha and Lukas Hock and Miguel Bermejo and Rub{\'{e}}n Cuevas Rum{\'{\i}}n and {\'{A}}ngel Cuevas Rum{\'{\i}}n and David Klein and Martin Johns and Luca Compagna and Daniele Antonioli and Thomas Barber}, title = {FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking and Entropy-based Thresholds}, journal = {Proc. Priv. Enhancing Technol.}, volume = {2024}, number = {3}, pages = {540--560}, year = {2024}, url = {https://doi.org/10.56553/popets-2024-0092}, doi = {10.56553/POPETS-2024-0092}, timestamp = {Thu, 18 Jul 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/popets/BoussahaHBRRKJCAB24.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/popets/KirchnerKKKJ24, author = {Robin Kirchner and Simon Koch and Noah Kamangar and David Klein and Martin Johns}, title = {A Black-Box Privacy Analysis of Messaging Service Providers' Chat Message Processing}, journal = {Proc. Priv. Enhancing Technol.}, volume = {2024}, number = {3}, pages = {674--691}, year = {2024}, url = {https://doi.org/10.56553/popets-2024-0099}, doi = {10.56553/POPETS-2024-0099}, timestamp = {Thu, 18 Jul 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/popets/KirchnerKKKJ24.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/hicss/WarneckeBBBDHJP24, author = {Joana M. Warnecke and Christian Baumgartner and Michael H. Breitner and Dominique F. Briechle and Thomas M. Deserno and Maximilian Heumann and Martin Johns and Alexander Picker and Andreas Rausch and Lars C. Wolf}, editor = {Tung X. Bui}, title = {Continuous Health Monitoring on Shared Mobility Devices: {A} Health-eScooter Prototype}, booktitle = {57th Hawaii International Conference on System Sciences, {HICSS} 2024, Hilton Hawaiian Village Waikiki Beach Resort, Hawaii, USA, January 3-6, 2024}, pages = {3485--3494}, publisher = {ScholarSpace}, year = {2024}, url = {https://hdl.handle.net/10125/106805}, timestamp = {Mon, 02 Sep 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/hicss/WarneckeBBBDHJP24.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sp/KleinJ24, author = {David Klein and Martin Johns}, title = {Parse Me, Baby, One More Time: Bypassing {HTML} Sanitizer via Parsing Differentials}, booktitle = {{IEEE} Symposium on Security and Privacy, {SP} 2024, San Francisco, CA, USA, May 19-23, 2024}, pages = {203--221}, publisher = {{IEEE}}, year = {2024}, url = {https://doi.org/10.1109/SP54263.2024.00177}, doi = {10.1109/SP54263.2024.00177}, timestamp = {Sat, 21 Sep 2024 14:24:56 +0200}, biburl = {https://dblp.org/rec/conf/sp/KleinJ24.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/KirchnerMM0RJ24, author = {Robin Kirchner and Jonas M{\"{o}}ller and Marius Musch and David Klein and Konrad Rieck and Martin Johns}, editor = {Davide Balzarotti and Wenyuan Xu}, title = {Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting}, booktitle = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia, PA, USA, August 14-16, 2024}, publisher = {{USENIX} Association}, year = {2024}, url = {https://www.usenix.org/conference/usenixsecurity24/presentation/kirchner}, timestamp = {Mon, 22 Jul 2024 17:10:49 +0200}, biburl = {https://dblp.org/rec/conf/uss/KirchnerMM0RJ24.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/WesselsKPJ24, author = {Malte Wessels and Simon Koch and Giancarlo Pellegrino and Martin Johns}, editor = {Davide Balzarotti and Wenyuan Xu}, title = {{SSRF} vs. Developers: {A} Study of SSRF-Defenses in {PHP} Applications}, booktitle = {33rd {USENIX} Security Symposium, {USENIX} Security 2024, Philadelphia, PA, USA, August 14-16, 2024}, publisher = {{USENIX} Association}, year = {2024}, url = {https://www.usenix.org/conference/usenixsecurity24/presentation/wessels}, timestamp = {Mon, 22 Jul 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/uss/WesselsKPJ24.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/KleinRBKJ23, author = {David Klein and Benny Rolle and Thomas Barber and Manuel Karl and Martin Johns}, editor = {Weizhi Meng and Christian Damsgaard Jensen and Cas Cremers and Engin Kirda}, title = {General Data Protection Runtime: Enforcing Transparent {GDPR} Compliance for Existing Applications}, booktitle = {Proceedings of the 2023 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2023, Copenhagen, Denmark, November 26-30, 2023}, pages = {3343--3357}, publisher = {{ACM}}, year = {2023}, url = {https://doi.org/10.1145/3576915.3616604}, doi = {10.1145/3576915.3616604}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/KleinRBKJ23.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/KochWKJ23, author = {Simon Koch and Malte Wessels and David Klein and Martin Johns}, editor = {Weizhi Meng and Christian Damsgaard Jensen and Cas Cremers and Engin Kirda}, title = {Poster: The Risk of Insufficient Isolation of Database Transactions in Web Applications}, booktitle = {Proceedings of the 2023 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2023, Copenhagen, Denmark, November 26-30, 2023}, pages = {3576--3578}, publisher = {{ACM}}, year = {2023}, url = {https://doi.org/10.1145/3576915.3624394}, doi = {10.1145/3576915.3624394}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/KochWKJ23.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ndss/GrossKBHJ23, author = {Samuel Gro{\ss} and Simon Koch and Lukas Bernhard and Thorsten Holz and Martin Johns}, title = {{FUZZILLI:} Fuzzing for JavaScript {JIT} Compiler Vulnerabilities}, booktitle = {30th Annual Network and Distributed System Security Symposium, {NDSS} 2023, San Diego, California, USA, February 27 - March 3, 2023}, publisher = {The Internet Society}, year = {2023}, url = {https://www.ndss-symposium.org/ndss-paper/fuzzilli-fuzzing-for-javascript-jit-compiler-vulnerabilities/}, timestamp = {Thu, 15 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ndss/GrossKBHJ23.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/KochAJ23, author = {Simon Koch and Benjamin Altpeter and Martin Johns}, editor = {Joseph A. Calandrino and Carmela Troncoso}, title = {The {OK} Is Not Enough: {A} Large Scale Study of Consent Dialogs in Smartphone Applications}, booktitle = {32nd {USENIX} Security Symposium, {USENIX} Security 2023, Anaheim, CA, USA, August 9-11, 2023}, pages = {5467--5484}, publisher = {{USENIX} Association}, year = {2023}, url = {https://www.usenix.org/conference/usenixsecurity23/presentation/koch}, timestamp = {Wed, 18 Oct 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/uss/KochAJ23.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/popets/KochWAOJ22, author = {Simon Koch and Malte Wessels and Benjamin Altpeter and Madita Olvermann and Martin Johns}, title = {Keeping Privacy Labels Honest}, journal = {Proc. Priv. Enhancing Technol.}, volume = {2022}, number = {4}, pages = {486--506}, year = {2022}, url = {https://doi.org/10.56553/popets-2022-0119}, doi = {10.56553/POPETS-2022-0119}, timestamp = {Sat, 30 Sep 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/popets/KochWAOJ22.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/acsac/KleinMBKJ22, author = {David Klein and Marius Musch and Thomas Barber and Moritz Kopmann and Martin Johns}, title = {Accept All Exploits: Exploring the Security Impact of Cookie Banners}, booktitle = {Annual Computer Security Applications Conference, {ACSAC} 2022, Austin, TX, USA, December 5-9, 2022}, pages = {911--922}, publisher = {{ACM}}, year = {2022}, url = {https://doi.org/10.1145/3564625.3564647}, doi = {10.1145/3564625.3564647}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/acsac/KleinMBKJ22.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/asiaccs/MuschKBJ22, author = {Marius Musch and Robin Kirchner and Max Boll and Martin Johns}, editor = {Yuji Suga and Kouichi Sakurai and Xuhua Ding and Kazue Sako}, title = {Server-Side Browsers: Exploring the Web's Hidden Attack Surface}, booktitle = {{ASIA} {CCS} '22: {ACM} Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022 - 3 June 2022}, pages = {1168--1181}, publisher = {{ACM}}, year = {2022}, url = {https://doi.org/10.1145/3488932.3517414}, doi = {10.1145/3488932.3517414}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/asiaccs/MuschKBJ22.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/eurosp/KleinBBSJ22, author = {David Klein and Thomas Barber and Souphiane Bensalim and Ben Stock and Martin Johns}, title = {Hand Sanitizers in the Wild: {A} Large-scale Study of Custom JavaScript Sanitizer Functions}, booktitle = {7th {IEEE} European Symposium on Security and Privacy, EuroS{\&}P 2022, Genoa, Italy, June 6-10, 2022}, pages = {236--250}, publisher = {{IEEE}}, year = {2022}, url = {https://doi.org/10.1109/EuroSP53844.2022.00023}, doi = {10.1109/EUROSP53844.2022.00023}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/eurosp/KleinBBSJ22.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/imc/KarlMMJL22, author = {Manuel Karl and Marius Musch and Guoli Ma and Martin Johns and Sebastian Lekies}, editor = {Chadi Barakat and Cristel Pelsser and Theophilus A. Benson and David R. Choffnes}, title = {No keys to the kingdom required: a comprehensive investigation of missing authentication vulnerabilities in the wild}, booktitle = {Proceedings of the 22nd {ACM} Internet Measurement Conference, {IMC} 2022, Nice, France, October 25-27, 2022}, pages = {619--632}, publisher = {{ACM}}, year = {2022}, url = {https://doi.org/10.1145/3517745.3561446}, doi = {10.1145/3517745.3561446}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/imc/KarlMMJL22.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/popets/DirksenKMSRJ21, author = {Alexandra Dirksen and David Klein and Robert Michael and Tilman Stehr and Konrad Rieck and Martin Johns}, title = {LogPicker: Strengthening Certificate Transparency Against Covert Adversaries}, journal = {Proc. Priv. Enhancing Technol.}, volume = {2021}, number = {4}, pages = {184--202}, year = {2021}, url = {https://doi.org/10.2478/popets-2021-0066}, doi = {10.2478/POPETS-2021-0066}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/popets/DirksenKMSRJ21.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/eurosec/BensalimKBJ21, author = {Souphiane Bensalim and David Klein and Thomas Barber and Martin Johns}, title = {Talking About My Generation: Targeted DOM-based {XSS} Exploit Generation using Dynamic Data Flow Analysis}, booktitle = {EuroSec '21: Proceedings of the 14th European Workshop on Systems Security, Virtual Event / Edinburgh, Scotland, UK, April 26, 2021}, pages = {27--33}, publisher = {{ACM}}, year = {2021}, url = {https://doi.org/10.1145/3447852.3458718}, doi = {10.1145/3447852.3458718}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/eurosec/BensalimKBJ21.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ndss/SteffensMJS21, author = {Marius Steffens and Marius Musch and Martin Johns and Ben Stock}, title = {Who's Hosting the Block Party? Studying Third-Party Blockage of {CSP} and {SRI}}, booktitle = {28th Annual Network and Distributed System Security Symposium, {NDSS} 2021, virtually, February 21-25, 2021}, publisher = {The Internet Society}, year = {2021}, url = {https://www.ndss-symposium.org/ndss-paper/whos-hosting-the-block-party-studying-third-party-blockage-of-csp-and-sri/}, timestamp = {Thu, 17 Jun 2021 15:42:26 +0200}, biburl = {https://dblp.org/rec/conf/ndss/SteffensMJS21.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/MuschJ21, author = {Marius Musch and Martin Johns}, editor = {Michael D. Bailey and Rachel Greenstadt}, title = {U Can't Debug This: Detecting JavaScript Anti-Debugging Techniques in the Wild}, booktitle = {30th {USENIX} Security Symposium, {USENIX} Security 2021, August 11-13, 2021}, pages = {2935--2950}, publisher = {{USENIX} Association}, year = {2021}, url = {https://www.usenix.org/conference/usenixsecurity21/presentation/musch}, timestamp = {Mon, 20 Nov 2023 08:57:49 +0100}, biburl = {https://dblp.org/rec/conf/uss/MuschJ21.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccsw-ws/JohnsD20, author = {Martin Johns and Alexandra Dirksen}, editor = {Yinqian Zhang and Radu Sion}, title = {Towards Enabling Secure Web-Based Cloud Services using Client-Side Encryption}, booktitle = {CCSW'20, Proceedings of the 2020 {ACM} {SIGSAC} Conference on Cloud Computing Security Workshop, Virtual Event, USA, November 9, 2020}, pages = {67--76}, publisher = {{ACM}}, year = {2020}, url = {https://doi.org/10.1145/3411495.3421364}, doi = {10.1145/3411495.3421364}, timestamp = {Thu, 12 Oct 2023 12:32:08 +0200}, biburl = {https://dblp.org/rec/conf/ccsw-ws/JohnsD20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sac/KochSJP20, author = {Simon Koch and Tim Sauer and Martin Johns and Giancarlo Pellegrino}, editor = {Chih{-}Cheng Hung and Tom{\'{a}}s Cern{\'{y}} and Dongwan Shin and Alessio Bechini}, title = {Raccoon: automated verification of guarded race conditions in web applications}, booktitle = {{SAC} '20: The 35th {ACM/SIGAPP} Symposium on Applied Computing, online event, [Brno, Czech Republic], March 30 - April 3, 2020}, pages = {1678--1687}, publisher = {{ACM}}, year = {2020}, url = {https://doi.org/10.1145/3341105.3373855}, doi = {10.1145/3341105.3373855}, timestamp = {Sat, 30 Sep 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sac/KochSJP20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sac/LochJHMS20, author = {Florian D. Loch and Martin Johns and Martin Hecker and Martin Mohr and Gregor Snelting}, editor = {Chih{-}Cheng Hung and Tom{\'{a}}s Cern{\'{y}} and Dongwan Shin and Alessio Bechini}, title = {Hybrid taint analysis for Java {EE}}, booktitle = {{SAC} '20: The 35th {ACM/SIGAPP} Symposium on Applied Computing, online event, [Brno, Czech Republic], March 30 - April 3, 2020}, pages = {1716--1725}, publisher = {{ACM}}, year = {2020}, url = {https://doi.org/10.1145/3341105.3373887}, doi = {10.1145/3341105.3373887}, timestamp = {Thu, 29 Oct 2020 00:00:00 +0100}, biburl = {https://dblp.org/rec/conf/sac/LochJHMS20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/QuiringKAJR20, author = {Erwin Quiring and David Klein and Daniel Arp and Martin Johns and Konrad Rieck}, editor = {Srdjan Capkun and Franziska Roesner}, title = {Adversarial Preprocessing: Understanding and Preventing Image-Scaling Attacks in Machine Learning}, booktitle = {29th {USENIX} Security Symposium, {USENIX} Security 2020, August 12-14, 2020}, pages = {1363--1380}, publisher = {{USENIX} Association}, year = {2020}, url = {https://www.usenix.org/conference/usenixsecurity20/presentation/quiring}, timestamp = {Tue, 28 May 2024 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/uss/QuiringKAJR20.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/IEEEares/MuschWJR19, author = {Marius Musch and Christian Wressnegger and Martin Johns and Konrad Rieck}, title = {Thieves in the Browser: Web-based Cryptojacking in the Wild}, booktitle = {Proceedings of the 14th International Conference on Availability, Reliability and Security, {ARES} 2019, Canterbury, UK, August 26-29, 2019}, pages = {4:1--4:10}, publisher = {{ACM}}, year = {2019}, url = {https://doi.org/10.1145/3339252.3339261}, doi = {10.1145/3339252.3339261}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/IEEEares/MuschWJR19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/MuschSRSJ19, author = {Marius Musch and Marius Steffens and Sebastian Roth and Ben Stock and Martin Johns}, editor = {Steven D. Galbraith and Giovanni Russello and Willy Susilo and Dieter Gollmann and Engin Kirda and Zhenkai Liang}, title = {ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices}, booktitle = {Proceedings of the 2019 {ACM} Asia Conference on Computer and Communications Security, AsiaCCS 2019, Auckland, New Zealand, July 09-12, 2019}, pages = {391--402}, publisher = {{ACM}}, year = {2019}, url = {https://doi.org/10.1145/3321705.3329841}, doi = {10.1145/3321705.3329841}, timestamp = {Sat, 30 Sep 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/MuschSRSJ19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/dimva/MuschWJR19, author = {Marius Musch and Christian Wressnegger and Martin Johns and Konrad Rieck}, editor = {Roberto Perdisci and Cl{\'{e}}mentine Maurice and Giorgio Giacinto and Magnus Almgren}, title = {New Kid on the Web: {A} Study on the Prevalence of WebAssembly in the Wild}, booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, {DIMVA} 2019, Gothenburg, Sweden, June 19-20, 2019, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {11543}, pages = {23--42}, publisher = {Springer}, year = {2019}, url = {https://doi.org/10.1007/978-3-030-22038-9\_2}, doi = {10.1007/978-3-030-22038-9\_2}, timestamp = {Sun, 04 Aug 2024 19:42:33 +0200}, biburl = {https://dblp.org/rec/conf/dimva/MuschWJR19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ndss/SteffensRJS19, author = {Marius Steffens and Christian Rossow and Martin Johns and Ben Stock}, title = {Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild}, booktitle = {26th Annual Network and Distributed System Security Symposium, {NDSS} 2019, San Diego, California, USA, February 24-27, 2019}, publisher = {The Internet Society}, year = {2019}, url = {https://www.ndss-symposium.org/ndss-paper/dont-trust-the-locals-investigating-the-prevalence-of-persistent-client-side-cross-site-scripting-in-the-wild/}, timestamp = {Mon, 01 Feb 2021 08:42:22 +0100}, biburl = {https://dblp.org/rec/conf/ndss/SteffensRJS19.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/IEEEares/MuschHJ18, author = {Marius Musch and Martin H{\"{a}}rterich and Martin Johns}, editor = {Sebastian Doerr and Mathias Fischer and Sebastian Schrittwieser and Dominik Herrmann}, title = {Towards an Automatic Generation of Low-Interaction Web Application Honeypots}, booktitle = {Proceedings of the 13th International Conference on Availability, Reliability and Security, {ARES} 2018, Hamburg, Germany, August 27-30, 2018}, pages = {27:1--27:6}, publisher = {{ACM}}, year = {2018}, url = {https://doi.org/10.1145/3230833.3230839}, doi = {10.1145/3230833.3230839}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/IEEEares/MuschHJ18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/corr/abs-1808-09474, author = {Marius Musch and Christian Wressnegger and Martin Johns and Konrad Rieck}, title = {Web-based Cryptojacking in the Wild}, journal = {CoRR}, volume = {abs/1808.09474}, year = {2018}, url = {http://arxiv.org/abs/1808.09474}, eprinttype = {arXiv}, eprint = {1808.09474}, timestamp = {Mon, 03 Sep 2018 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/corr/abs-1808-09474.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/dagstuhl-reports/JohnsNVW18, author = {Martin Johns and Nick Nikiforakis and Melanie Volkamer and John Wilander}, title = {Web Application Security (Dagstuhl Seminar 18321)}, journal = {Dagstuhl Reports}, volume = {8}, number = {8}, pages = {1--17}, year = {2018}, url = {https://doi.org/10.4230/DagRep.8.8.1}, doi = {10.4230/DAGREP.8.8.1}, timestamp = {Fri, 22 Feb 2019 00:00:00 +0100}, biburl = {https://dblp.org/rec/journals/dagstuhl-reports/JohnsNVW18.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/LekiesKGNJ17, author = {Sebastian Lekies and Krzysztof Kotowicz and Samuel Gro{\ss} and Eduardo A. Vela Nava and Martin Johns}, editor = {Bhavani Thuraisingham and David Evans and Tal Malkin and Dongyan Xu}, title = {Code-Reuse Attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets}, booktitle = {Proceedings of the 2017 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2017, Dallas, TX, USA, October 30 - November 03, 2017}, pages = {1709--1723}, publisher = {{ACM}}, year = {2017}, url = {https://doi.org/10.1145/3133956.3134091}, doi = {10.1145/3133956.3134091}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/LekiesKGNJ17.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/PellegrinoJ0BR17, author = {Giancarlo Pellegrino and Martin Johns and Simon Koch and Michael Backes and Christian Rossow}, editor = {Bhavani Thuraisingham and David Evans and Tal Malkin and Dongyan Xu}, title = {Deemon: Detecting {CSRF} with Dynamic Analysis and Property Graphs}, booktitle = {Proceedings of the 2017 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2017, Dallas, TX, USA, October 30 - November 03, 2017}, pages = {1757--1771}, publisher = {{ACM}}, year = {2017}, url = {https://doi.org/10.1145/3133956.3133959}, doi = {10.1145/3133956.3133959}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/PellegrinoJ0BR17.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/StockJS017, author = {Ben Stock and Martin Johns and Marius Steffens and Michael Backes}, editor = {Engin Kirda and Thomas Ristenpart}, title = {How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security}, booktitle = {26th {USENIX} Security Symposium, {USENIX} Security 2017, Vancouver, BC, Canada, August 16-18, 2017}, pages = {971--987}, publisher = {{USENIX} Association}, year = {2017}, url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/stock}, timestamp = {Mon, 01 Feb 2021 08:42:59 +0100}, biburl = {https://dblp.org/rec/conf/uss/StockJS017.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/corr/abs-1708-08786, author = {Giancarlo Pellegrino and Martin Johns and Simon Koch and Michael Backes and Christian Rossow}, title = {Deemon: Detecting {CSRF} with Dynamic Analysis and Property Graphs}, journal = {CoRR}, volume = {abs/1708.08786}, year = {2017}, url = {http://arxiv.org/abs/1708.08786}, eprinttype = {arXiv}, eprint = {1708.08786}, timestamp = {Mon, 13 Aug 2018 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/corr/abs-1708-08786.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/ac/FeldererBJBBP16, author = {Michael Felderer and Matthias B{\"{u}}chler and Martin Johns and Achim D. Brucker and Ruth Breu and Alexander Pretschner}, title = {Security Testing: {A} Survey}, journal = {Adv. Comput.}, volume = {101}, pages = {1--51}, year = {2016}, url = {https://doi.org/10.1016/bs.adcom.2015.11.003}, doi = {10.1016/BS.ADCOM.2015.11.003}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/ac/FeldererBJBBP16.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/dud/StockJ16, author = {Ben Stock and Martin Johns}, title = {Client-Side {XSS} in Theorie und Praxis}, journal = {Datenschutz und Datensicherheit}, volume = {40}, number = {11}, pages = {707--712}, year = {2016}, url = {https://doi.org/10.1007/s11623-016-0688-5}, doi = {10.1007/S11623-016-0688-5}, timestamp = {Sat, 27 May 2017 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/dud/StockJ16.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/StockPRJ016, author = {Ben Stock and Giancarlo Pellegrino and Christian Rossow and Martin Johns and Michael Backes}, editor = {Edgar R. Weippl and Stefan Katzenbeisser and Christopher Kruegel and Andrew C. Myers and Shai Halevi}, title = {{POSTER:} Mapping the Landscape of Large-Scale Vulnerability Notifications}, booktitle = {Proceedings of the 2016 {ACM} {SIGSAC} Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016}, pages = {1787--1789}, publisher = {{ACM}}, year = {2016}, url = {https://doi.org/10.1145/2976749.2989057}, doi = {10.1145/2976749.2989057}, timestamp = {Tue, 10 Nov 2020 20:00:49 +0100}, biburl = {https://dblp.org/rec/conf/ccs/StockPRJ016.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sac/GroefSJPD16, author = {Willem De Groef and Deepak Subramanian and Martin Johns and Frank Piessens and Lieven Desmet}, editor = {Sascha Ossowski}, title = {Ensuring endpoint authenticity in WebRTC peer-to-peer communication}, booktitle = {Proceedings of the 31st Annual {ACM} Symposium on Applied Computing, Pisa, Italy, April 4-8, 2016}, pages = {2103--2110}, publisher = {{ACM}}, year = {2016}, url = {https://doi.org/10.1145/2851613.2851804}, doi = {10.1145/2851613.2851804}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sac/GroefSJPD16.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/StockPRJ016, author = {Ben Stock and Giancarlo Pellegrino and Christian Rossow and Martin Johns and Michael Backes}, editor = {Thorsten Holz and Stefan Savage}, title = {Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification}, booktitle = {25th {USENIX} Security Symposium, {USENIX} Security 16, Austin, TX, USA, August 10-12, 2016}, pages = {1015--1032}, publisher = {{USENIX} Association}, year = {2016}, url = {https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/stock}, timestamp = {Mon, 01 Feb 2021 08:43:18 +0100}, biburl = {https://dblp.org/rec/conf/uss/StockPRJ016.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/StockPKLJ15, author = {Ben Stock and Stephan Pfistner and Bernd Kaiser and Sebastian Lekies and Martin Johns}, editor = {Indrajit Ray and Ninghui Li and Christopher Kruegel}, title = {From Facepalm to Brain Bender: Exploring Client-Side Cross-Site Scripting}, booktitle = {Proceedings of the 22nd {ACM} {SIGSAC} Conference on Computer and Communications Security, Denver, CO, USA, October 12-16, 2015}, pages = {1419--1430}, publisher = {{ACM}}, year = {2015}, url = {https://doi.org/10.1145/2810103.2813625}, doi = {10.1145/2810103.2813625}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/StockPKLJ15.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sac/BraunPPJ15, author = {Bastian Braun and Korbinian Pauli and Joachim Posegga and Martin Johns}, editor = {Roger L. Wainwright and Juan Manuel Corchado and Alessio Bechini and Jiman Hong}, title = {LogSec: adaptive protection for the wild wild web}, booktitle = {Proceedings of the 30th Annual {ACM} Symposium on Applied Computing, Salamanca, Spain, April 13-17, 2015}, pages = {2149--2156}, publisher = {{ACM}}, year = {2015}, url = {https://doi.org/10.1145/2695664.2695709}, doi = {10.1145/2695664.2695709}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sac/BraunPPJ15.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/LekiesSWJ15, author = {Sebastian Lekies and Ben Stock and Martin Wentzel and Martin Johns}, editor = {Jaeyeon Jung and Thorsten Holz}, title = {The Unexpected Dangers of Dynamic JavaScript}, booktitle = {24th {USENIX} Security Symposium, {USENIX} Security 15, Washington, D.C., USA, August 12-14, 2015}, pages = {723--735}, publisher = {{USENIX} Association}, year = {2015}, url = {https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/lekies}, timestamp = {Mon, 01 Feb 2021 08:42:57 +0100}, biburl = {https://dblp.org/rec/conf/uss/LekiesSWJ15.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@book{DBLP:series/sbcs/RyckDPJ14, author = {Philippe De Ryck and Lieven Desmet and Frank Piessens and Martin Johns}, title = {Primer on Client-Side Web Security}, series = {Springer Briefs in Computer Science}, publisher = {Springer}, year = {2014}, url = {https://doi.org/10.1007/978-3-319-12226-7}, doi = {10.1007/978-3-319-12226-7}, isbn = {978-3-319-12225-0}, timestamp = {Tue, 16 May 2017 01:00:00 +0200}, biburl = {https://dblp.org/rec/series/sbcs/RyckDPJ14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/internet/DesmetJ14, author = {Lieven Desmet and Martin Johns}, title = {Real-Time Communications Security on the Web}, journal = {{IEEE} Internet Comput.}, volume = {18}, number = {6}, pages = {8--10}, year = {2014}, url = {https://doi.org/10.1109/MIC.2014.117}, doi = {10.1109/MIC.2014.117}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/internet/DesmetJ14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/istr/Johns14, author = {Martin Johns}, title = {Script-templates for the Content Security Policy}, journal = {J. Inf. Secur. Appl.}, volume = {19}, number = {3}, pages = {209--223}, year = {2014}, url = {https://doi.org/10.1016/j.jisa.2014.03.007}, doi = {10.1016/J.JISA.2014.03.007}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/istr/Johns14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/jcs/DesmetJLS14, author = {Lieven Desmet and Martin Johns and Benjamin Livshits and Andrei Sabelfeld}, title = {Preface}, journal = {J. Comput. Secur.}, volume = {22}, number = {4}, pages = {467--468}, year = {2014}, url = {https://doi.org/10.3233/JCS-140506}, doi = {10.3233/JCS-140506}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/jcs/DesmetJLS14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/StockJ14, author = {Ben Stock and Martin Johns}, editor = {Shiho Moriai and Trent Jaeger and Kouichi Sakurai}, title = {Protecting users against XSS-based password manager abuse}, booktitle = {9th {ACM} Symposium on Information, Computer and Communications Security, {ASIA} {CCS} '14, Kyoto, Japan - June 03 - 06, 2014}, pages = {183--194}, publisher = {{ACM}}, year = {2014}, url = {https://doi.org/10.1145/2590296.2590336}, doi = {10.1145/2590296.2590336}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/StockJ14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/codaspy/BraunJKP14, author = {Bastian Braun and Martin Johns and Johannes K{\"{o}}stler and Joachim Posegga}, editor = {Elisa Bertino and Ravi S. Sandhu and Jaehong Park}, title = {PhishSafe: leveraging modern JavaScript API's for transparent and robust protection}, booktitle = {Fourth {ACM} Conference on Data and Application Security and Privacy, CODASPY'14, San Antonio, TX, {USA} - March 03 - 05, 2014}, pages = {61--72}, publisher = {{ACM}}, year = {2014}, url = {https://doi.org/10.1145/2557547.2557553}, doi = {10.1145/2557547.2557553}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/codaspy/BraunJKP14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sec/BraunKPJ14, author = {Bastian Braun and Johannes K{\"{o}}stler and Joachim Posegga and Martin Johns}, editor = {Nora Cuppens{-}Boulahia and Fr{\'{e}}d{\'{e}}ric Cuppens and Sushil Jajodia and Anas Abou El Kalam and Thierry Sans}, title = {A Trusted {UI} for the Mobile Web}, booktitle = {{ICT} Systems Security and Privacy Protection - 29th {IFIP} {TC} 11 International Conference, {SEC} 2014, Marrakech, Morocco, June 2-4, 2014. Proceedings}, series = {{IFIP} Advances in Information and Communication Technology}, volume = {428}, pages = {127--141}, publisher = {Springer}, year = {2014}, url = {https://doi.org/10.1007/978-3-642-55415-5\_11}, doi = {10.1007/978-3-642-55415-5\_11}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sec/BraunKPJ14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sicherheit/StockLJ14, author = {Ben Stock and Sebastian Lekies and Martin Johns}, editor = {Stefan Katzenbeisser and Volkmar Lotz and Edgar R. Weippl}, title = {DOM-basiertes Cross-Site Scripting im Web: Reise in ein unerforschtes Land}, booktitle = {Sicherheit 2014: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit, Beitr{\"{a}}ge der 7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 19.-21. M{\"{a}}rz 2014, Wien, {\"{O}}sterreich}, series = {{LNI}}, volume = {{P-228}}, pages = {53--64}, publisher = {{GI}}, year = {2014}, url = {https://dl.gi.de/handle/20.500.12116/20068}, timestamp = {Tue, 04 Jul 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sicherheit/StockLJ14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/StockLMSJ14, author = {Ben Stock and Sebastian Lekies and Tobias Mueller and Patrick Spiegel and Martin Johns}, editor = {Kevin Fu and Jaeyeon Jung}, title = {Precise Client-side Protection against DOM-based Cross-Site Scripting}, booktitle = {Proceedings of the 23rd {USENIX} Security Symposium, San Diego, CA, USA, August 20-22, 2014}, pages = {655--670}, publisher = {{USENIX} Association}, year = {2014}, url = {https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/stock}, timestamp = {Mon, 01 Feb 2021 08:43:04 +0100}, biburl = {https://dblp.org/rec/conf/uss/StockLMSJ14.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/ccs/LekiesSJ13, author = {Sebastian Lekies and Ben Stock and Martin Johns}, editor = {Ahmad{-}Reza Sadeghi and Virgil D. Gligor and Moti Yung}, title = {25 million flows later: large-scale detection of DOM-based {XSS}}, booktitle = {2013 {ACM} {SIGSAC} Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013}, pages = {1193--1204}, publisher = {{ACM}}, year = {2013}, url = {https://doi.org/10.1145/2508859.2516703}, doi = {10.1145/2508859.2516703}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/ccs/LekiesSJ13.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/dimva/Johns13, author = {Martin Johns}, editor = {Konrad Rieck and Patrick Stewin and Jean{-}Pierre Seifert}, title = {PreparedJS: Secure Script-Templates for JavaScript}, booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment - 10th International Conference, {DIMVA} 2013, Berlin, Germany, July 18-19, 2013. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {7967}, pages = {102--121}, publisher = {Springer}, year = {2013}, url = {https://doi.org/10.1007/978-3-642-39235-1\_6}, doi = {10.1007/978-3-642-39235-1\_6}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/dimva/Johns13.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/raid/JohnsL13, author = {Martin Johns and Sebastian Lekies}, editor = {Salvatore J. Stolfo and Angelos Stavrou and Charles V. Wright}, title = {Tamper-Resistant LikeJacking Protection}, booktitle = {Research in Attacks, Intrusions, and Defenses - 16th International Symposium, {RAID} 2013, Rodney Bay, St. Lucia, October 23-25, 2013. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {8145}, pages = {265--285}, publisher = {Springer}, year = {2013}, url = {https://doi.org/10.1007/978-3-642-41284-4\_14}, doi = {10.1007/978-3-642-41284-4\_14}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/raid/JohnsL13.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/uss/JohnsLS13, author = {Martin Johns and Sebastian Lekies and Ben Stock}, editor = {Samuel T. King}, title = {Eradicating {DNS} Rebinding with the Extended Same-origin Policy}, booktitle = {Proceedings of the 22th {USENIX} Security Symposium, Washington, DC, USA, August 14-16, 2013}, pages = {621--636}, publisher = {{USENIX} Association}, year = {2013}, url = {https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/johns}, timestamp = {Mon, 01 Feb 2021 08:42:56 +0100}, biburl = {https://dblp.org/rec/conf/uss/JohnsLS13.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/dud/Johns12, author = {Martin Johns}, title = {HTML5-Security - Sicherer Umgang mit den neuen JavaScript APIs}, journal = {Datenschutz und Datensicherheit}, volume = {36}, number = {4}, pages = {231--235}, year = {2012}, url = {https://doi.org/10.1007/s11623-012-0090-x}, doi = {10.1007/S11623-012-0090-X}, timestamp = {Sat, 27 May 2017 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/dud/Johns12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/acsac/JohnsLBF12, author = {Martin Johns and Sebastian Lekies and Bastian Braun and Benjamin Flesch}, editor = {Robert H'obbes' Zakon}, title = {BetterAuth: web authentication revisited}, booktitle = {28th Annual Computer Security Applications Conference, {ACSAC} 2012, Orlando, FL, USA, 3-7 December 2012}, pages = {169--178}, publisher = {{ACM}}, year = {2012}, url = {https://doi.org/10.1145/2420950.2420977}, doi = {10.1145/2420950.2420977}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/acsac/JohnsLBF12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/raid/LekiesNTPJ12, author = {Sebastian Lekies and Nick Nikiforakis and Walter Tighzert and Frank Piessens and Martin Johns}, editor = {Davide Balzarotti and Salvatore J. Stolfo and Marco Cova}, title = {{DEMACRO:} Defense against Malicious Cross-Domain Requests}, booktitle = {Research in Attacks, Intrusions, and Defenses - 15th International Symposium, {RAID} 2012, Amsterdam, The Netherlands, September 12-14, 2012. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {7462}, pages = {254--273}, publisher = {Springer}, year = {2012}, url = {https://doi.org/10.1007/978-3-642-33338-5\_13}, doi = {10.1007/978-3-642-33338-5\_13}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/raid/LekiesNTPJ12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sicherheit/LekiesTJ12, author = {Sebastian Lekies and Walter Tighzert and Martin Johns}, editor = {Neeraj Suri and Michael Waidner}, title = {Towards stateless, client-side driven Cross-Site Request Forgery protection for Web applications}, booktitle = {Sicherheit 2012: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit, Beitr{\"{a}}ge der 6. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 7.-9. M{\"{a}}rz 2012 in Darmstadt}, series = {{LNI}}, volume = {{P-195}}, pages = {111--121}, publisher = {{GI}}, year = {2012}, url = {https://dl.gi.de/handle/20.500.12116/18267}, timestamp = {Tue, 04 Jul 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sicherheit/LekiesTJ12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/trustbus/BraunKJP12, author = {Bastian Braun and Stefan Kucher and Martin Johns and Joachim Posegga}, editor = {Simone Fischer{-}H{\"{u}}bner and Sokratis K. Katsikas and Gerald Quirchmayr}, title = {A User-Level Authentication Scheme to Mitigate Web Session-Based Vulnerabilities}, booktitle = {Trust, Privacy and Security in Digital Business - 9th International Conference, TrustBus 2012, Vienna, Austria, September 3-7, 2012. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {7449}, pages = {17--29}, publisher = {Springer}, year = {2012}, url = {https://doi.org/10.1007/978-3-642-32287-7\_2}, doi = {10.1007/978-3-642-32287-7\_2}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/trustbus/BraunKJP12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/trustbus/JohnsP12, author = {Martin Johns and Joachim Posegga}, editor = {Simone Fischer{-}H{\"{u}}bner and Sokratis K. Katsikas and Gerald Quirchmayr}, title = {WebSand: Server-Driven Outbound Web-Application Sandboxing}, booktitle = {Trust, Privacy and Security in Digital Business - 9th International Conference, TrustBus 2012, Vienna, Austria, September 3-7, 2012. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {7449}, pages = {216--217}, publisher = {Springer}, year = {2012}, url = {https://doi.org/10.1007/978-3-642-32287-7\_20}, doi = {10.1007/978-3-642-32287-7\_20}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/trustbus/JohnsP12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/dagstuhl-reports/DesmetJLS12, author = {Lieven Desmet and Martin Johns and Benjamin Livshits and Andrei Sabelfeld}, title = {Web Application Security (Dagstuhl Seminar 12401)}, journal = {Dagstuhl Reports}, volume = {2}, number = {10}, pages = {1--37}, year = {2012}, url = {https://doi.org/10.4230/DagRep.2.10.1}, doi = {10.4230/DAGREP.2.10.1}, timestamp = {Thu, 14 Oct 2021 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/dagstuhl-reports/DesmetJLS12.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@phdthesis{DBLP:phd/de/Johns2011, author = {Martin Johns}, title = {Code Injection Vulnerabilities in Web Applications: Exemplified at Cross-site Scripting}, school = {University of Passau}, year = {2011}, url = {http://www.opus-bayern.de/uni-passau/volltexte/2011/2362/}, urn = {urn:nbn:de:bvb:739-opus-23626}, timestamp = {Sat, 17 Jul 2021 01:00:00 +0200}, biburl = {https://dblp.org/rec/phd/de/Johns2011.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/it/Johns11, author = {Martin Johns}, title = {Code-injection Vulnerabilities in Web Applications - Exemplified at Cross-site Scripting}, journal = {it Inf. Technol.}, volume = {53}, number = {5}, pages = {256}, year = {2011}, url = {https://doi.org/10.1524/itit.2011.0651}, doi = {10.1524/ITIT.2011.0651}, timestamp = {Mon, 28 Aug 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/it/Johns11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/acsac/JawurekJR11, author = {Marek Jawurek and Martin Johns and Konrad Rieck}, editor = {Robert H'obbes' Zakon and John P. McDermott and Michael E. Locasto}, title = {Smart metering de-pseudonymization}, booktitle = {Twenty-Seventh Annual Computer Security Applications Conference, {ACSAC} 2011, Orlando, FL, USA, 5-9 December 2011}, pages = {227--236}, publisher = {{ACM}}, year = {2011}, url = {https://doi.org/10.1145/2076732.2076764}, doi = {10.1145/2076732.2076764}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/acsac/JawurekJR11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/dimva/JohnsL11, author = {Martin Johns and Sebastian Lekies}, editor = {Thorsten Holz and Herbert Bos}, title = {Biting the Hand That Serves You: {A} Closer Look at Client-Side Flash Proxies for Cross-Domain Requests}, booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment - 8th International Conference; {DIMVA} 2011, Amsterdam, The Netherlands, July 7-8, 2011. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {6739}, pages = {85--103}, publisher = {Springer}, year = {2011}, url = {https://doi.org/10.1007/978-3-642-22424-9\_6}, doi = {10.1007/978-3-642-22424-9\_6}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/dimva/JohnsL11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/essos/NikiforakisMYJJ11, author = {Nick Nikiforakis and Wannes Meert and Yves Younan and Martin Johns and Wouter Joosen}, editor = {{\'{U}}lfar Erlingsson and Roel J. Wieringa and Nicola Zannone}, title = {SessionShield: Lightweight Protection against Session Hijacking}, booktitle = {Engineering Secure Software and Systems - Third International Symposium, ESSoS 2011, Madrid, Spain, February 9-10, 2011. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {6542}, pages = {87--100}, publisher = {Springer}, year = {2011}, url = {https://doi.org/10.1007/978-3-642-19125-1\_7}, doi = {10.1007/978-3-642-19125-1\_7}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/essos/NikiforakisMYJJ11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/eurosec/NikiforakisJJ11, author = {Nick Nikiforakis and Wouter Joosen and Martin Johns}, editor = {Engin Kirda and Steven Hand}, title = {Abusing locality in shared web hosting}, booktitle = {Proceedings of the Fourth European Workshop on System Security, EUROSEC'11, April 10, 2011, Salzburg, Austria}, pages = {2}, publisher = {{ACM}}, year = {2011}, url = {https://doi.org/10.1145/1972551.1972553}, doi = {10.1145/1972551.1972553}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/eurosec/NikiforakisJJ11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/icst/JohnsJ11, author = {Martin Johns and Moritz Jodeit}, title = {Scanstud: {A} Methodology for Systematic, Fine-Grained Evaluation of Static Analysis Tools}, booktitle = {Fourth {IEEE} International Conference on Software Testing, Verification and Validation, {ICST} 2012, Berlin, Germany, 21-25 March, 2011, Workshop Proceedings}, pages = {523--530}, publisher = {{IEEE} Computer Society}, year = {2011}, url = {https://doi.org/10.1109/ICSTW.2011.32}, doi = {10.1109/ICSTW.2011.32}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/icst/JohnsJ11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/pet/JawurekJK11, author = {Marek Jawurek and Martin Johns and Florian Kerschbaum}, editor = {Simone Fischer{-}H{\"{u}}bner and Nicholas Hopper}, title = {Plug-In Privacy for Smart Metering Billing}, booktitle = {Privacy Enhancing Technologies - 11th International Symposium, {PETS} 2011, Waterloo, ON, Canada, July 27-29, 2011. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {6794}, pages = {192--210}, publisher = {Springer}, year = {2011}, url = {https://doi.org/10.1007/978-3-642-22263-4\_11}, doi = {10.1007/978-3-642-22263-4\_11}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/pet/JawurekJK11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sac/JohnsBSP11, author = {Martin Johns and Bastian Braun and Michael Schrank and Joachim Posegga}, editor = {William C. Chu and W. Eric Wong and Mathew J. Palakal and Chih{-}Cheng Hung}, title = {Reliable protection against session fixation attacks}, booktitle = {Proceedings of the 2011 {ACM} Symposium on Applied Computing (SAC), TaiChung, Taiwan, March 21 - 24, 2011}, pages = {1531--1537}, publisher = {{ACM}}, year = {2011}, url = {https://doi.org/10.1145/1982185.1982511}, doi = {10.1145/1982185.1982511}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sac/JohnsBSP11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@incollection{DBLP:reference/crypt/Johns11, author = {Martin Johns}, editor = {Henk C. A. van Tilborg and Sushil Jajodia}, title = {Session Hijacking Attacks}, booktitle = {Encyclopedia of Cryptography and Security, 2nd Ed}, pages = {1189--1190}, publisher = {Springer}, year = {2011}, url = {https://doi.org/10.1007/978-1-4419-5906-5\_661}, doi = {10.1007/978-1-4419-5906-5\_661}, timestamp = {Wed, 12 Jul 2017 01:00:00 +0200}, biburl = {https://dblp.org/rec/reference/crypt/Johns11.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/essos/JohnsBGP10, author = {Martin Johns and Christian Beyerlein and Rosemaria Giesecke and Joachim Posegga}, editor = {Fabio Massacci and Dan S. Wallach and Nicola Zannone}, title = {Secure Code Generation for Web Applications}, booktitle = {Engineering Secure Software and Systems, Second International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010. Proceedings}, series = {Lecture Notes in Computer Science}, volume = {5965}, pages = {96--113}, publisher = {Springer}, year = {2010}, url = {https://doi.org/10.1007/978-3-642-11747-3\_8}, doi = {10.1007/978-3-642-11747-3\_8}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/essos/JohnsBGP10.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/isse/JawurekJ10, author = {Marek Jawurek and Martin Johns}, editor = {Norbert Pohlmann and Helmut Reimer and Wolfgang Schneider}, title = {Security Challenges of a Changing Energy Landscape}, booktitle = {{ISSE} 2010 - Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe 2010 Conference, Berlin, Germany, October 5-7, 2010}, pages = {249--259}, publisher = {Vieweg+Teubner}, year = {2010}, url = {https://doi.org/10.1007/978-3-8348-9788-6\_24}, doi = {10.1007/978-3-8348-9788-6\_24}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/isse/JawurekJ10.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sicherheit/SchrankBJP10, author = {Michael Schrank and Bastian Braun and Martin Johns and Joachim Posegga}, editor = {Felix C. Freiling}, title = {Session Fixation - The Forgotten Vulnerability?}, booktitle = {Sicherheit 2010: Sicherheit, Schutz und Zuverl{\"{a}}ssigkeit, Beitr{\"{a}}ge der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\"{u}}r Informatik e.V. (GI), 5.-7. Oktober 2010 in Berlin}, series = {{LNI}}, volume = {{P-170}}, pages = {341--352}, publisher = {{GI}}, year = {2010}, url = {https://dl.gi.de/handle/20.500.12116/19794}, timestamp = {Tue, 04 Jul 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sicherheit/SchrankBJP10.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/corr/abs-1012-2248, author = {Marek Jawurek and Martin Johns and Florian Kerschbaum}, title = {Plug-in privacy for Smart Metering billing}, journal = {CoRR}, volume = {abs/1012.2248}, year = {2010}, url = {http://arxiv.org/abs/1012.2248}, eprinttype = {arXiv}, eprint = {1012.2248}, timestamp = {Mon, 13 Aug 2018 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/corr/abs-1012-2248.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@incollection{DBLP:conf/gi/Johns09, author = {Martin Johns}, editor = {Abraham Bernstein and Steffen H{\"{o}}lldobler and G{\"{u}}nter Hotz and Klaus{-}Peter L{\"{o}}hr and Paul Molitor and Gustaf Neumann and R{\"{u}}diger Reischuk and Dietmar Saupe and Myra Spiliopoulou and Harald St{\"{o}}rrle and Dorothea Wagner}, title = {Code-injection Verwundbarkeit in Web Anwendungen am Beispiel von Cross-site Scripting}, booktitle = {Ausgezeichnete Informatikdissertationen 2009}, series = {{LNI}}, volume = {{D-10}}, pages = {111--120}, publisher = {{GI}}, year = {2009}, url = {https://dl.gi.de/handle/20.500.12116/33660}, timestamp = {Tue, 04 Jul 2023 17:43:57 +0200}, biburl = {https://dblp.org/rec/conf/gi/Johns09.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@proceedings{DBLP:conf/dagstuhl/2009P9141, editor = {Dan Boneh and {\'{U}}lfar Erlingsson and Martin Johns and Benjamin Livshits}, title = {Web Application Security, 29.03. - 03.04.2009}, series = {Dagstuhl Seminar Proceedings}, volume = {09141}, publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany}, year = {2009}, url = {http://drops.dagstuhl.de/portals/09141/}, timestamp = {Thu, 10 Jun 2021 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/dagstuhl/2009P9141.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/dagstuhl/BonehEJL09, author = {Dan Boneh and {\'{U}}lfar Erlingsson and Martin Johns and Benjamin Livshits}, editor = {Dan Boneh and {\'{U}}lfar Erlingsson and Martin Johns and Benjamin Livshits}, title = {09141 Abstracts Collection - Web Application Security}, booktitle = {Web Application Security, 29.03. - 03.04.2009}, series = {Dagstuhl Seminar Proceedings}, volume = {09141}, publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany}, year = {2009}, url = {http://drops.dagstuhl.de/opus/volltexte/2010/2726/}, timestamp = {Thu, 10 Jun 2021 13:02:09 +0200}, biburl = {https://dblp.org/rec/conf/dagstuhl/BonehEJL09.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/dagstuhl/BonehEJL09a, author = {Dan Boneh and {\'{U}}lfar Erlingsson and Martin Johns and Benjamin Livshits}, editor = {Dan Boneh and {\'{U}}lfar Erlingsson and Martin Johns and Benjamin Livshits}, title = {09141 Executive Summary - Web Application Security}, booktitle = {Web Application Security, 29.03. - 03.04.2009}, series = {Dagstuhl Seminar Proceedings}, volume = {09141}, publisher = {Schloss Dagstuhl - Leibniz-Zentrum f{\"{u}}r Informatik, Germany}, year = {2009}, url = {http://drops.dagstuhl.de/opus/volltexte/2010/2725/}, timestamp = {Thu, 23 Aug 2018 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/dagstuhl/BonehEJL09a.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/virology/Johns08, author = {Martin Johns}, title = {On JavaScript Malware and related threats}, journal = {J. Comput. Virol.}, volume = {4}, number = {3}, pages = {161--178}, year = {2008}, url = {https://doi.org/10.1007/s11416-007-0076-7}, doi = {10.1007/S11416-007-0076-7}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/journals/virology/Johns08.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/acsac/JohnsEP08, author = {Martin Johns and Bj{\"{o}}rn Engelmann and Joachim Posegga}, title = {{XSSDS:} Server-Side Detection of Cross-Site Scripting Attacks}, booktitle = {Twenty-Fourth Annual Computer Security Applications Conference, {ACSAC} 2008, Anaheim, California, USA, 8-12 December 2008}, pages = {335--344}, publisher = {{IEEE} Computer Society}, year = {2008}, url = {https://doi.org/10.1109/ACSAC.2008.36}, doi = {10.1109/ACSAC.2008.36}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/acsac/JohnsEP08.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@article{DBLP:journals/dud/JohnsS07, author = {Martin Johns and Daniel Schreckling}, title = {Automatisierter Code-Audit - Sicherheitsanalyse von Source Code in Theorie und Praxis}, journal = {Datenschutz und Datensicherheit}, volume = {31}, number = {12}, pages = {888--893}, year = {2007}, url = {https://doi.org/10.1007/s11623-007-0286-7}, doi = {10.1007/S11623-007-0286-7}, timestamp = {Wed, 16 Mar 2022 00:00:00 +0100}, biburl = {https://dblp.org/rec/journals/dud/JohnsS07.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/dimva/JohnsW07, author = {Martin Johns and Justus Winter}, editor = {Bernhard M. H{\"{a}}mmerli and Robin Sommer}, title = {Protecting the Intranet Against "JavaScript Malware" and Related Attacks}, booktitle = {Detection of Intrusions and Malware, and Vulnerability Assessment, 4th International Conference, {DIMVA} 2007, Lucerne, Switzerland, July 12-13, 2007, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {4579}, pages = {40--59}, publisher = {Springer}, year = {2007}, url = {https://doi.org/10.1007/978-3-540-73614-1\_3}, doi = {10.1007/978-3-540-73614-1\_3}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/dimva/JohnsW07.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/sac/JohnsB07, author = {Martin Johns and Christian Beyerlein}, editor = {Yookun Cho and Roger L. Wainwright and Hisham Haddad and Sung Y. Shin and Yong Wan Koo}, title = {SMask: preventing injection attacks in web applications by approximating automatic data/code separation}, booktitle = {Proceedings of the 2007 {ACM} Symposium on Applied Computing (SAC), Seoul, Korea, March 11-15, 2007}, pages = {284--291}, publisher = {{ACM}}, year = {2007}, url = {https://doi.org/10.1145/1244002.1244071}, doi = {10.1145/1244002.1244071}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/sac/JohnsB07.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/esorics/Johns06, author = {Martin Johns}, editor = {Dieter Gollmann and Jan Meier and Andrei Sabelfeld}, title = {SessionSafe: Implementing {XSS} Immune Session Handling}, booktitle = {Computer Security - {ESORICS} 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings}, series = {Lecture Notes in Computer Science}, volume = {4189}, pages = {444--460}, publisher = {Springer}, year = {2006}, url = {https://doi.org/10.1007/11863908\_27}, doi = {10.1007/11863908\_27}, timestamp = {Mon, 26 Jun 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/esorics/Johns06.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
@inproceedings{DBLP:conf/biosig/Johns03, author = {Martin Johns}, editor = {Arslan Br{\"{o}}mme and Christoph Busch}, title = {Pseudonyme Biometrik: Ein signatur-basierter Ansatz}, booktitle = {{BIOSIG} 2003, Proceedings of the 1st Conference on Biometrics and Electronic Signatures of the {GI} Working Group BIOSIG, 24 July 2003, Darmstadt, Germany}, series = {{LNI}}, volume = {{P-31}}, pages = {113--120}, publisher = {{GI}}, year = {2003}, url = {https://dl.gi.de/handle/20.500.12116/29651}, timestamp = {Tue, 04 Jul 2023 01:00:00 +0200}, biburl = {https://dblp.org/rec/conf/biosig/Johns03.bib}, bibsource = {dblp computer science bibliography, https://dblp.org} }
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.