Paper-Conference

The Power of Words: A Comprehensive Analysis of Rationales and Their Effects on Users’ Permission Decisions

Feb 24, 2025

Work-in-Progress: Northcape: Embedded Real-Time Capability-Based Addressing

Jul 8, 2024

Measuring the Effects of Stack Overflow Code Snippet Evolution on Open-Source Software Security

Jan 1, 2024

TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors

Jan 1, 2023

A Systematic Study of the Consistency of Two-Factor Authentication User Journeys on Top-Ranked Websites

Jan 1, 2023

Explanation Beats Context: The Effect of Timing & Rationales on Users' Runtime Permission Decisions

Jan 1, 2021

Bringing Balance to the Force: Dynamic Analysis of the Android Application Framework

Jan 1, 2021

A11y and Privacy don't have to be mutually exclusive: Constraining Accessibility Service Misuse on Android

Jan 1, 2021

Up2Dep: Android Tool Support to Fix Insecure Code Dependencies

Jan 1, 2020

Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication

Jan 1, 2020

Up-To-Crash: Evaluating Third-Party Library Updatability on Android

Jan 1, 2019

simTPM: User-centric TPM for Mobile Devices

Jan 1, 2019

Short Text, Large Effect: Measuring the Impact of User Reviews on Android App Security & Privacy

Jan 1, 2019

Secure Multi-execution in Android

Jan 1, 2019

DroidCap: OS Support for Capability-based Permissions in Android

Jan 1, 2019

The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators

Jan 1, 2018

Better managed than memorized? Studying the Impact of Managers on Password Strength and Reuse

Jan 1, 2018

The ART of App Compartmentalization: Compiler-based Library Privilege Separation on Stock Android

Jan 1, 2017

Seamless In-App Ad Blocking on Stock Android

Jan 1, 2017

Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android

Jan 1, 2017

ARTist: The Android Runtime Instrumentation and Security Toolkit

Jan 1, 2017

SoK: Lessons Learned From Android Security Research For Appified Software Platforms

Jan 1, 2016

Reliable Third-Party Library Detection in Android and its Security Applications

Jan 1, 2016

R-Droid: Leveraging Android App Analysis with Static Slice Optimization

Jan 1, 2016

On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis

Jan 1, 2016

Boxify: Full-fledged App Sandboxing for Stock Android

Jan 1, 2015

Scippa: System-Centric IPC Provenance on Android

Jan 1, 2014

Android Security Framework: Extensible Multi-Layered Access Control on Android

Jan 1, 2014

Flexible and Fine-Grained Mandatory Access Control on Android for Diverse Security and Privacy Policies

Jan 1, 2013

Client-controlled Cryptography-as-a-Service in the Cloud

Jan 1, 2013

Advances in Mobile Security

Jan 1, 2013

Towards Taming Privilege-Escalation Attacks on Android

Jan 1, 2012

Softer Smartcards: Usable Cryptographic Tokens with Secure Execution

Jan 1, 2012

Twin Clouds: Secure Cloud Computing with Low Latency

Jan 1, 2011

Twin Clouds: An Architecture for Secure Cloud Computing (Extended Abstract)

Jan 1, 2011

Scalable Trust Establishment with Software Reputation

Jan 1, 2011

Practical and Lightweight Domain Isolation on Android

Jan 1, 2011

AmazonIA: When Elasticity Snaps Back

Jan 1, 2011

TruWalletM: Secure Web Authentication on Mobile Platforms

Jan 1, 2010

Implementing an Application-Specific Credential Platform Using Late-Launched Mobile Trusted Module

Jan 1, 2010

Trust in a Small Package: Minimized MRTM Software Implementation for Mobile Secure Environments

Jan 1, 2009