Dr.-Ing. Robert Gawlik

Member - Horst Görtz Institute for IT-Security Horst Görtz Institute for IT-Security
Former Assistant - Chair Systems Security

Address

Ruhr-University Bochum
Chair for Systems Security
Universitätsstrasse 150
44780 Bochum / Germany

Email:: robert.gawlik@rub.de PGP key

Research

Analysis of critical software vulnerabilities
Analysis and detection of malicious software targeted at web browsers
Mitigation of attacks against web browsers

Publications

Static Detection of Uninitialized Stack Variables in Binary Code

Behrad Garmany, Martin Stoffel, Robert Gawlik, Thorsten Holz - European Symposium on Research in Computer Security (ESORICS), Luxembourg, September 2019

Redqueen: Fuzzing with Input-to-State Correspondence

Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, Thorsten Holz - Network and Distributed System Security Symposium (NDSS 2019), San Diego, California, USA, February 2019

Towards Automated Generation of Exploitation Primitives for Web Browsers

Behrad Garmany, Martin Stoffel, Robert Gawlik, Philipp Koppe, Tim Blazytko, Thorsten Holz - Annual Computer Security Applications Conference (ACSAC), San Juan, Puerto Rico, USA, December 2018

SoK: Make JIT-Spray Great Again

Robert Gawlik, Thorsten Holz - USENIX Workshop on Offensive Technologies (WOOT), Baltimore, US, August 2018

On the Weaknesses of Function Table Randomization

Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz - Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Paris, France, June 2018

kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, Thorsten Holz - USENIX Security Symposium, Vancouver, Canada, August 2017

Reverse Engineering x86 Processor Microcode

Philipp Koppe, Benjamin Kollenda, Marc Fyrbiak, Christian Kison, Robert Gawlik, Christof Paar, Thorsten Holz - USENIX Security Symposium, Vancouver, Canada, August 2017

Towards Automated Discovery of Crash-Resistant Primitives in Binaries

Benjamin Kollenda, Enes Goktas, Tim Blazytko, Philipp Koppe, Robert Gawlik, R.K. Konoth, Cristiano Giuffrida, Herbert Bo, Thorsten Holz - IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Automated Multi-Architectural Discovery of CFI-Resistant Code Gadgets

Patrick Wollgast, Robert Gawlik, Behrad Garmany, Benjamin Kollenda, Thorsten Holz - European Symposium on Research in Computer Security (ESORICS), Heraklion, Greece, September 2016

Undermining Entropy-based Information Hiding (And What to do About it)

Enes Göktas, Robert Gawlik, Benjamin Kollenda, Elias Athanasopoulos, Georgios Portokalidis, Cristiano Giuffrida, Herbert Bos - 24th USENIX Security Symposium, Austin, TX, USA, August 2016

Technical Report: Detile: Fine-Grained Information Leak Detection in Script Engines

Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz - TR-HGI-2016-004, Ruhr-Universität Bochum, Horst Görtz Institut für IT-Sicherheit (HGI), July 2016

Detile: Fine-Grained Information Leak Detection in Script Engines

Robert Gawlik, Philipp Koppe, Benjamin Kollenda, Andre Pawlowski, Behrad Garmany, Thorsten Holz - Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Donostia-San Sebastián, Spain, July 2016

Enabling Client-Side Crash-Resistance to Overcome Diversification and Information Hiding

Robert Gawlik, Benjamin Kollenda, Philipp Koppe, Behrad Garmany, Thorsten Holz - Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2016

Cross-Architecture Bug Search in Binary Executables

Jannik Pewny, Behrad Garmany, Robert Gawlik, Christian Rossow, Thorsten Holz - 36th IEEE Symposium on Security and Privacy (Oakland), San Jose, May 2015

Technical Report: Towards Automated Integrity Protection of C++ Virtual Function Tables in Binary Programs

Robert Gawlik, Thorsten Holz - TR-HGI-2014-004, Ruhr-Universität Bochum, Horst Görtz Institut für IT-Sicherheit (HGI), December 2014

Towards Automated Integrity Protection of C++ Virtual Function Tables in Binary Programs

Robert Gawlik, Thorsten Holz - Annual Computer Security Applications Conference (ACSAC), New Orleans, USA, December 2014

Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data

Sebastian Vogl, Robert Gawlik, Behrad Garmany, Thomas Kittel, Jonas Pfoh, Claudia Eckert, Thorsten Holz - 23rd USENIX Security Symposium, San Diego, CA, USA, August 2014

Automated Generation of Models for Fast and Precise Detection of HTTP-Based Malware

Apostolis Zarras, Antonis Papadogiannakis, Robert Gawlik, Thorsten Holz - 12th Annual Conference on Privacy, Security and Trust (PST), Toronto, Canada, July 2014