My primary research interests include:
- Vulnerability Research and Hardening Mechanisms
- Program Analysis
- Secure Software Development
- Applied Cryptology
Previously I worked on dynamic analysis of Android applications. In the
malware-lab of the FH Hagenberg Secure Informations Systems we started a
project that provides a dynamic analysis platform for Android applications.
This resulted in my first publication.
Later I also patched Taintdroid to contain taint sinks/sources/tags for
cryptography APIs, which can result in insights how an application uses
cryptography to protect user data.
I started a small project that does compile time function call
instrumentation in LLVM. You could call it aspect oriented programming ;). It's
focused on analysis though and does come with a significant overhead.
I did my master thesis at the IAIK Secure Systems groups, where I build
upon the results of the Write Integrity Testing paper.
"ANANAS - A Framework For Analyzing Android Applications"
Thomas Eder, Michael Rodler, Dieter Vymazal, Markus Zeilinger
First International Workshop on Emerging Cyberthreats and Countermeasures (Regensburg, 2013), IEE.
"ROP CFI RAP XNR CPI WTF? – Navigating the Exploit Mitigation Jungle"
at BsidesLjubljana 2017 (2017-03-10)
"A CTF Hackers Toolbox - Competitive hacking for fun and (non-)profit"
with Stefan More
at Grazer Linuxtage 2016 (2016-04-30)
"Weird Machines on Little Robots - Intro to binary exploitation on Android smartphones"
at Hacking Night SS 2013 (2013-06-06)
"evil maid on droids"
at Hacking Night WS 2012 (2012-12-06)
"Oh Noes, Another Android Malware Talk"
with Thomas Eder
at Insights Track at Security Forum 2012 (2012-04-18)
"Downgrade Attacks by Example"
at BSidesVienna 2012 (2012-01-21)
"Downgrade Attacks: Compatibility Breaks Security"
at Hacking Night WS 2011 (2011-12-14)
"Hackinggroup – Python Workshop"
with Thomas Kastner
at Hackinggroup Workshop (2010-12-07 and 2010-12-16)
"Tatort Internet: Wer geht mit mir phishen?"
with Sebastian Neuner
at Hacking Night WS 2010 (2010-11-25)
"git for noobs"
at Hackinggroup Workshop (2010-10-27)