Experience Report: An Empirical Study of PHP Security Mechanism Usage

2015 - Johannes Dahse, Thorsten Holz

International Symposium on Software Testing and Analysis (ISSTA) [PDF]

Code Reuse Attacks in PHP: Automated POP Chain Generation

2014 - Johannes Dahse, Nikolai Krein, Thorsten Holz

21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA, November 2014 - ** Best Student Paper Award ** [PDF]

Static Detection of Second-Order Vulnerabilities in Web Applications

2014 - Johannes Dahse, Thorsten Holz

23rd USENIX Security Symposium, San Diego, CA, USA, August 2014 - ** Internet Defense Prize by Facebook ** [PDF]

Simulation of Built-in PHP features for Precise Static Code Analysis

2014 - Johannes Dahse, Thorsten Holz

Annual Network & Distributed System Security Symposium (NDSS), San Diego, February 2014 [PDF]

Slicing Droids: Program Slicing for Smali Code

2013 - Johannes Hoffmann, Martin Ussath, Michael Spreitzenbarth, Thorsten Holz

28th In­ter­na­tio­nal ACM Sym­po­si­um on Ap­p­lied Com­pu­ting (SAC), Co­im­bra, Por­tu­gal, March 2013 [pdf]