Talks

Industry

heise devsec()

Nowhere to hide: Effektives Reverse Engineering von Android-Applikationen
October 2017
[slides]

DEF CON 25

Bypassing Android Password Manager Apps Without Root
July 2017
[slides][video]

AppSec-Eu 2017

The Key Under the Doormat: Design Flaws and Vulnerabilities in Android Password Manager Applications
May 2017
[slides]

HackInTheBox 2017

Extracting All Your Secrets: Vulnerabilities in Android Password Managers
April 2017
[slides][video]

CeBit 2017

Smartphone Hacking
March 2017

VirusBulletin 2016

(In-) Security of Smartphone AntiVirus and Security Apps
October 2016
[slides]

MobileTechCon 2016

(In-) Security of Backend as a Service
September 2016
[slides]

DEF CON 24

How to do it Wrong: Smartphone Antivirus and Security Applications Under Fire
August 2016
[slides][video]

Amazon Headquarters Seattle

Improving Mobile Security with Static and Dynamic Code Analysis Techniques
January 2016 (Security Team)

VirusBulletin 2015

We know what you did this summer: Android banking trojan exposing its sins in the cloud
September 2015
[slides]

BlackHat Europe 2015

(In-)Security of Backend-As-A-Service Solutions
November 2015
[slides][video]

Siemens CERT Munich

Improving Mobile Security with Static and Dynamic Code Analysis Techniques
June 2015

DroidCon Berlin

Dismantling droids for breakfast - The current state of app reverse engineering
June 2015
[slides][video]

CARO 2015

Analyzing Sophisticated Android Malware with CodeInspect
Mai 2015
[slides][live-demo]

Google Headquarters Mountain View

Inspecting These DROIDS in Detail
November 2014 (Android Security Team)

McAfee Headquarters Santa Clara

Inspecting These DROIDS in Detail
September 2014 (Operations and Mobile Malware Research Group)



Academia

ICSE 2017

Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments
May 2017
[slides]

NDSS 2016

Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques
February 2016
[slides]

WISTP 2015 How Current Android Malware Seeks to Evade Automated Code Analysis
August 2015
[slides]
NDSS 2014

A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks
February 2014
[slides]