publications

Publications in reversed chronological order.

2025

  1. The Impact of Default Mobile SDK Usage on Privacy and Data Protection
    Simon Koch, Manuel Karl , Robin Kirchner , Malte Wessels , Anne Paschke , and Martin Johns
    In Privacy Enhancing Technologies Symposium (PETS) , 2025

2024

  1. SSRF vs Developers: A Study of SSRF-Defenses in PHP Applications
    Malte Wessels , Simon Koch, Giancarlo Pellegrino , and Martin Johns
    In USENIX Security Symposium , 2024
  2. A Black-Box Privacy Analysis of Messaging Service Providers’ Chat Message Processing
    Robin Kirchner , Simon Koch, Noah Kamangar , David Klein , and Martin Johns
    In Privacy Enhancing Technologies Symposium (PETS) , 2024
  3. The Fault in Our Stars: An Analysis of GitHub Stars as an Importance Metric for Web Source Code
    Simon Koch, David Klein , and Martin Johns
    In Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) , 2024

2023

  1. Poster: The Risk of Insufficient Isolation of Database Transactions in Web Applications
    Simon Koch, Malte Wessels , David Klein , and Martin Johns
    In ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2023
  2. The OK is Not Enough: Large Scale Study of Consent Dialogs in Smartphone Applications
    Simon Koch, Benjamin Altpeter , and Martin Johns
    In USENIX Security Symposium , 2023
  3. FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities
    Samuel Groß , Simon Koch, Lukas Bernhardt , Thorsten Holz , and Martin Johns
    In Network and Distributed System Security (NDSS) Symposium , 2023

2022

  1. Keeping Privacy Labels Honest
    Simon Koch, Malte Wessels , Benjamin Altpeter , Madita Olvermann , and Martin Johns
    In Privacy Enhancing Technologies Symposium (PETS) , 2022

2020

  1. Raccoon: Automated Verification of Guarded Race Conditions in Web Applications
    Simon Koch, Tim Sauer , Martin Johns , and Giancarlo Pellegrino
    In ACM SIGAPP Symposium on Applied Computing (SAC) , 2020

2017

  1. Deemon: Detecting CSRF with dynamic analysis and property graphs
    Giancarlo Pellegrino , Martin Johns , Simon Koch, Michael Backes , and Christian Rossow
    In ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2017

2015

  1. Poster: In the net of the Spider: Measuring the Anonymity-Impact of Network-level Adversaries Against Tor
    Michael Backes , Simon Koch, Sebastian Meiser , Esfandiar Mohammadi , and Christian Rossow
    In ACM SIGSAC Conference on Computer and Communications Security (CCS) , 2015