ISSTA Artifact Evaluation

Eric | March 14, 2016

We have put online information about ISSTA’s artifact evaluation. Note that this year you may provide artifacts ahead of time to positively influence the decision of paper acceptance!

Cross-posted from Secure Software Engineering

Comments
Comments Off on ISSTA Artifact Evaluation
Categories
Misc, Research, Uncategorized

CodeInspect Website is Online!

Eric | March 11, 2016

We are happy to announce that our CodeInspect website is now online. Please check it out at: codeinspect.de and receive a free trial version!

Cross-posted from Secure Software Engineering

Comments
Comments Off on CodeInspect Website is Online!
Categories
Misc, Research, Uncategorized

CodeInspect awarded at the HIGHEST Startup Contest

Eric | March 11, 2016

highest2016

CodeInspect was awarded the second prize at the HIGHEST startup contest at TU Darmstadt. In a multi-stage selection process, we had to convince the judges about our business concept for the need of more security in the mobile world. All in all, we competed against 74 other business ideas from different departments at the TU Darmstadt such as mechanical engineering, chemistry, etc.

More information about the other winners and the ceremony can be found here.

 

Cross-posted from Secure Software Engineering

Comments
Comments Off on CodeInspect awarded at the HIGHEST Startup Contest
Categories
Misc, Research, Uncategorized

Thanks for the positive feedback

Eric | March 10, 2016

20160310_131142Thanks for the positive feedback to my keynote at the Entwicklertag in Frankfurt! Let’s hope that the insights I shared about our BaaS-Analysis will help make the world a bit more secure…
And thanks a lot to Siegfried, Steven, Robert and Max for the great work! Keep it going!

 

Cross-posted from Secure Software Engineering

Comments
Comments Off on Thanks for the positive feedback
Categories
Misc, Research, Uncategorized

ESSoS keynotes by Karsten Nohl and David Basin

Eric | February 15, 2016

Karsten Nohl

David Basin

We have just put online information about our two keynote presentations at ESSoS by Karsten Nohl and David Basin. Karsten Nohl will ask the question How much security is too much?, citing some lessons learned from introducing security into a new, large telecommunications startup, while David Basin will elaborate on the quirks of Security Testing and what it actually all means. I am looking forward to two exciting presentations!

Cross-posted from Secure Software Engineering

Comments
Comments Off on ESSoS keynotes by Karsten Nohl and David Basin
Categories
Misc, Research, Uncategorized

ESSoS keynotes by Karsten Nohl and David Basin

Eric | February 15, 2016

Karsten Nohl

David Basin

We have just put online information about our two keynote presentations at ESSoS by Karsten Nohl and David Basin. Karsten Nohl will ask the question How much security is too much?, citing some lessons learned from introducing security into a new, large telecommunications startup, while David Basin will elaborate on the quirks of Security Testing and what it actually all means. I am looking forward to two exciting presentations!

Cross-posted from Secure Software Engineering

Comments
Comments Off on ESSoS keynotes by Karsten Nohl and David Basin
Categories
Misc, Research, Uncategorized

GaLity accepted at ESSoS 2016

Eric | February 15, 2016

We’re happy to announce that our paper “Analyzing the Gadgets – Towards a Metric to Measure Gadget Quality” has been accepted at ESSoS 2016. In this paper we present four metrics that allow assessing the usefulness of a set of gadgets (short fragments of assembly, which are the cornerstone of ROP exploits). We applied our metrics to binaries compiled with MPX, a new exploit mitigation technique by Intel, that, among other things, transforms binaries to check for buffer overflows. This transformation introduces additional gadgets and, using GaLity, we show, that such a binary contains more gadgets useful in ROP attacks than the same binary compiled without MPX.

GaLity also received the artifact evaluation award.

Cross-posted from Secure Software Engineering

Comments
Comments Off on GaLity accepted at ESSoS 2016
Categories
Misc, Research, Uncategorized

GaLity accepted at ESSoS 2016

Eric | February 15, 2016

We’re happy to announce that our paper “Analyzing the Gadgets – Towards a Metric to Measure Gadget Quality” has been accepted at ESSoS 2016. In this paper we present four metrics that allow assessing the usefulness of a set of gadgets (short fragments of assembly, which are the cornerstone of ROP exploits). We applied our metrics to binaries compiled with MPX, a new exploit mitigation technique by Intel, that, among other things, transforms binaries to check for buffer overflows. This transformation introduces additional gadgets and, using GaLity, we show, that such a binary contains more gadgets useful in ROP attacks than the same binary compiled without MPX.

GaLity also received the artifact evaluation award.

Cross-posted from Secure Software Engineering

Comments
Comments Off on GaLity accepted at ESSoS 2016
Categories
Misc, Research, Uncategorized

Eric Bodden named Associate Editor of IEEE TSE

Eric | February 9, 2016

As of today, I have joined the editorial board of the IEEE Transactions on Software Engineering (TSE) as an associate editor. I am looking forward to receiving your very best submissions!

Cross-posted from Secure Software Engineering

Comments
Comments Off on Eric Bodden named Associate Editor of IEEE TSE
Categories
Misc, Research, Uncategorized

Eric Bodden named Associate Editor of IEEE TSE

Eric | February 9, 2016

As of today, I have joined the editorial board of the IEEE Transactions on Software Engineering (TSE) as an associate editor. I am looking forward to receiving your very best submissions!

Cross-posted from Secure Software Engineering

Comments
Comments Off on Eric Bodden named Associate Editor of IEEE TSE
Categories
Misc, Research, Uncategorized