We at the Institute of Application Security are interested in the broad spectrum of security and privacy that exist on the application level.
This includes the detection of vulnerabilities in source code or protocols, identification of novel security issues, and the development of procedures and tools to prevent security vulnerabilities.
Our current research focus is on the topics of software security including web application security, honeypots, fuzzing, novel privacy securing measures, the design and evaluation of security relevant protocols.
| 08/2022 | Marius Musch presented a poster of "U Can’t Debug This: Detecting JavaScript Anti-Debugging Techniques in the Wild" at Usenix 2022 in Boston, USA. This was our first in-person presentation of this topic, due to the conference going virtual last year. more... |
| 06/2022 | David Klein presented our work on “Hand Sanitizers in the Wild: A Large-scale Study of Custom JavaScript Sanitizer Functions” at the 7th IEEE European Symposium on Security and Privacy in Genoa, Italy. more... |
| 06/2022 | Japan! Marius Musch and Robin Kirchner presented our work on “Server-Side Browsers: Exploring the Web’s Hidden Attack Surface” at the Asia CSS in Nagasaki. more... |
| 05/2022 | A new member has joined our institute - we welcome Malte Wessels to our team! |
| 04/2022 | David Klein will present our work on “Hand Sanitizers in the Wild: A Large-scale Study of Custom JavaScript Sanitizer Functions” at EuroS&P 2022 in June! Joint work with SAP Security Research and Ben Stock at CISPA. |
| 02/2022 | The first iteration of our Hacklab was a success! Congratulations to all participants who hacked their way through a variety of fields such as web, reverse engineering and vehicle networking! |
| 02/2022 | Marius Musch and Robin Kirchner will present our work on “Server-Side Browsers: Exploring the Web’s Hidden Attack Surface” at this year's Asia CCS conference in May! |