Technische Universität Braunschweig
  • Study & Teaching
    • Beginning your Studies
      • Prospective Students
      • Degree Programmes
      • Application
      • Fit4TU
      • Why Braunschweig?
    • During your Studies
      • Fresher's Hub
      • Term Dates
      • Courses
      • Practical Information
      • Beratungsnavi
      • Additional Qualifications
      • Financing and Costs
      • Special Circumstances
      • Health and Well-being
      • Campus life
    • At the End of your Studies
      • Discontinuation and Credentials Certification
      • After graduation
      • Alumni
    • For Teaching Staff
      • Strategy, Offers and Information
      • Learning Management System Stud.IP
    • Contact
      • Study Service Centre
      • Academic Advice Service
      • Student Office
      • Career Service
  • Research
    • Research Profile
      • Core Research Areas
      • Clusters of Excellence at TU Braunschweig
      • Research Projects
      • Research Centres
      • Professors‘ Research Profiles
    • Early Career Researchers
      • Support in the early stages of an academic career
      • PhD-Students
      • Postdocs
      • Junior research group leaders
      • Junior Professorship and Tenure-Track
      • Habilitation
      • Service Offers for Scientists
    • Research Data & Transparency
      • Transparency in Research
      • Research Data
      • Open Access Strategy
      • Digital Research Announcement
    • Research Funding
      • Research Funding Network
      • Research funding
    • Contact
      • Research Services
      • Academy for Graduates
  • International
    • International Students
      • Why Braunschweig?
      • Degree seeking students
      • Exchange Studies
      • TU Braunschweig Summer School
      • Refugees
      • International Student Support
      • International Career Service
    • Going Abroad
      • Studying abroad
      • Internships abroad
      • Teaching and research abroad
      • Working abroad
    • International Researchers
      • Welcome Support for International Researchers
      • Service for Host Institutes
    • Language and intercultural competence training
      • Learning German
      • Learning Foreign Languages
      • Intercultural Communication
    • International Profile
      • Internationalisation
      • International Cooperations
      • Strategic partnerships
      • International networks
    • International House
      • About us
      • Contact & Office Hours
      • News and Events
      • International Days
      • 5th Student Conference: Internationalisation of Higher Education
      • Newsletter, Podcast & Videos
      • Job Advertisements
  • TU Braunschweig
    • Our Profile
      • Aims & Values
      • Regulations and Guidelines
      • Alliances & Partners
      • The University Development Initiative 2030
      • Facts & Figures
      • Our History
    • Career
      • Working at TU Braunschweig
      • Vacancies
    • Economy & Business
      • Entrepreneurship
      • Friends & Supporters
    • General Public
      • Check-in for Students
      • CampusXperience
      • The Student House
      • Access to the University Library
    • Media Services
      • Communications and Press Service
      • Services for media
      • Film and photo permits
      • Advices for scientists
      • Topics and stories
    • Contact
      • General Contact
      • Getting here
  • Organisation
    • Presidency & Administration
      • Executive Board
      • Designated Offices
      • Administration
      • Committees
    • Faculties
      • Carl-Friedrich-Gauß-Fakultät
      • Faculty of Life Sciences
      • Faculty of Architecture, Civil Engineering and Environmental Sciences
      • Faculty of Mechanical Engineering
      • Faculty of Electrical Engineering, Information Technology, Physics
      • Faculty of Humanities and Education
    • Institutes
      • Institutes from A to Z
    • Facilities
      • University Library
      • Gauß-IT-Zentrum
      • Professional and Personnel Development
      • International House
      • The Project House of the TU Braunschweig
      • Transfer Service
      • University Sports Center
      • Facilities from A to Z
    • Equal Opportunity Office
      • Equal Opportunity Office
      • Family
      • Diversity for Students
  • Search
  • Quicklinks
    • People Search
    • Webmail
    • cloud.TU Braunschweig
    • Messenger
    • Cafeteria
    • Courses
    • Stud.IP
    • Library Catalogue
    • IT Services
    • Information Portal (employees)
    • Link Collection
    • DE
    • EN
    • Instagram
    • YouTube
    • LinkedIn
    • Mastodon
    • Bluesky
Menu
  • Organisation
  • Faculties
  • Carl-Friedrich-Gauß-Fakultät
  • Institutes
  • Institute for Application Security
Logo Institut für Anwendungssicherheit der TU Braunschweig
Dr. Marius Musch
  • Team
    • Prof. Dr. Martin Johns
    • Alexandra Dirksen
    • Jan Niklas Drescher
    • Jannik Hartung
    • Tobias Jost
    • Manuel Karl
    • Robin Kirchner
    • David Klein
    • Malte Wessels

Dr. Marius Musch

[Translate to English:] Marius Musch

Marius Musch started his PhD in October 2017 and successfully defended in November 2022. His field of research is web application security with a focus on client-side attacks and large-scale studies. He left TU Braunschweig in March 2023.

m̶.̶m̶u̶s̶c̶h̶[̶a̶t̶]̶t̶u̶-̶b̶r̶a̶u̶n̶s̶c̶h̶w̶e̶i̶g̶.̶d̶e̶

@m4riuz

Publications

Wemby’s Web: Hunting for Memory Corruption in WebAssembly
Oussama Draissi, Tobias Cloosters, David Klein, Michael Rodler, Marius Musch, Martin Johns, and Lucas Davi
34th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2025

Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting
Robin Kirchner, Jonas Möller, Marius Musch, David Klein, Konrad Rieck, and Martin Johns
Proc. of the 33th USENIX Security Symposium, 2024.
*Distinguished Paper Award Winner*

Advanced Attack and Vulnerability Scanning for the Modern Web
Marius Musch
PhD thesis, 2022

Accept All Exploits: Exploring the Security Impact of Cookie Banners
David Klein*, Marius Musch*, Thomas Barber, Moritz Kopmann, and Martin Johns
Proc. of the 37th Annual Computer Security Applications Conference (ACSAC), 2022

No Keys to the Kingdom Required: A Comprehensive Investigation of Missing Authentication Vulnerabilities in the Wild
Manuel Karl*, Marius Musch*, Guoli Ma, Martin Johns, and Sebastian Lekies
Proc. of the 22nd ACM Internet Measurement Conference (IMC), 2022

Server-Side Browsers: Exploring the Web’s Hidden Attack Surface
Marius Musch, Robin Kirchner, Max Boll, and Martin Johns
Proc. of the 17th ACM Asia Conference on Computer and Communications Security (ASIA CCS), 2022.

U Can’t Debug This: Detecting JavaScript Anti-Debugging Techniques in the Wild 
Marius Musch and Martin Johns
Proc. of the 30th USENIX Security Symposium, 2021.

Who’s Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI
Marius Steffens, Marius Musch, Martin Johns, and Ben Stock
Network and Distributed System Security Symposium (NDSS),  2021.

Thieves in the Browser: Web-based Cryptojacking in the Wild
Marius Musch, Christian Wressnegger, Martin Johns, and Konrad Rieck
Proc. of 14th Int. Conference on Availability, Reliability and Security (ARES), 2019.
*Best Paper Award Runner-up*

ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices
Marius Musch, Marius Steffens, Sebastian Roth, Ben Stock, and Martin Johns
Proc. of 14th ACM Asia Conference on Computer and Communications Security (ASIACCS), 2019.

New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild
Marius Musch, Christian Wressnegger, Martin Johns, and Konrad Rieck
Proc. of 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2019.
*Best Paper Award Runner-up*

Towards an Automatic Generation of Low-Interaction Web Application Honeypots
Marius Musch, Martin Härterich, and Martin Johns
Proc. of 13th Int. Conference on Availability, Reliability and Security (ARES), 2018.

Web-based Cryptojacking in the Wild
Marius Musch, Christian Wressnegger, Martin Johns, and Konrad Rieck
Technical report, arXiv:1808.09474, 2018.

* Denotes co-authorship with equal contribution

Talks

Server-Side Browsers: Exploring the Web’s Hidden Attack Surface [Slides]
RuhrSec, 12.05.2023, Bochum, Germany

Server-Side Browsers: Exploring the Web’s Hidden Attack Surface [Slides]
OWASP Global AppSec, 17.11.2022, San Francisco, USA

ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices [Video]
OWASP Global AppSec, 27.09.2019, Amsterdam, The Netherlands

The Now and the Future of Malicious WebAssembly [Video]
OWASP Global AppSec, 26.09.2019, Amsterdam, The Netherlands

Web-based Cryptojacking in the Wild  [Video, Slides]
35C3, 29.12.2018, Leipzig, Germany 

Chameleon: Automatic Generation of Low-Interaction Web Honeypots
German OWASP Day, 14.11.2017, Essen, Germany

Supervised Theses

Year  Degree   Title
2021 Bachelor On the Feasibility of In- and Out-of-Band JavaScript Anti-Debugging Detection and Prevention
2021 Bachelor Capability Analysis of JavaScript Anti-Bot Implementations in the Wild
2020  Bachelor  Performant and Reliable Detection of JavaScript Libraries
2020 Bachelor   An Analysis of the State of Electron Security in the Wild
2020 Master      Detecting and Fingerprinting Server-Side Requests
2020 Bachelor  Towards Automatic Generation of Universal XSS Payloads

PC Member

Year Conference
2021 SecWeb

Sub-Reviews

Year Conference
2022 S&P, Euro S&P, CODASPY, ACSAC
2021 WWW, ACSAC, CODASPY, SAC, ARES
2020 WWW, Euro S&P, ACSAC, CODASPY, SAC, ARES
2019 ACSAC, CODASPY, SAC, ICWE
2018 Euro S&P, ACSAC, CODASPY, SAC

Teaching assistant

Year Semester Name
2022 Winter Programming 1, Hacklab
2022 Summer Web Security, Seminar
2021 Winter Hacklab, Seminar
2021 Summer Web Security, SEP, Seminar
2020 Winter Programming 1, Seminar
2020 Summer Seminar
2019 Winter Seminar
2018 Summer Programming 1, SEP, Seminar
Photo credits on this page

For All Visitors

Vacancies of TU Braunschweig
Career Service' Job Exchange 
Merchandising

For Students

Term Dates
Courses
Degree Programmes
Information for Freshman
TUCard

Internal Tools

Glossary (GER-EN)
Change your Personal Data

Contact

Technische Universität Braunschweig
Universitätsplatz 2
38106 Braunschweig

P. O. Box: 38092 Braunschweig
GERMANY

Phone: +49 (0) 531 391-0

Getting here

© Technische Universität Braunschweig
Legal Notice Privacy Accessibility

TU Braunschweig uses the software Matomo for anonymised web analysis. The data serve to optimise the web offer.
You can find more information in our data protection declaration.