Dr.-Ing. Mario Heiderich

  • Postdoc - Chair Network and Data Security
Heiderich, Mario

Address

Ruhr-Universität Bochum
Lehrstuhl für Netz- und Datensicherheit
Universitätsstraße 150
D-44801 Bochum

Room
ID 2/145
Phone:
(+49)(0)234 / 32 - 27706
Fax:
(+49)(0)234 / 32 - 14347
Email:
mario.heiderich@rub.de
Website:
http://mario.heideri.ch/

Publications

2015
How Private is Your Private Cloud?: Security Analysis of Cloud Control Interfaces

Dennis Felsch, Mario Heiderich, Frederic Schulz, Jörg Schwenk - ACM CCSW 2015 in conjunction with the ACM Conference on Computer and Communications Security (CCS) October 16, 2015, The Denver Marriot City Center, Denver, Colorado, USA.

Waiting for CSP — Securing Legacy Web Applications with JSAgents

Mario Heiderich, Marcus Niemietz, Jörg Schwenk - Waiting for CSP — Securing Legacy Web Applications with JSAgents, ESORICS 2015, 20th European Symposium on Research in Computer Security

2014
Scriptless Timing Attacks on Web Browser Privacy

Bin Liang, Wei You, Liangkun Liu, Wenchang Shi, Mario Heiderich - 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks

Scriptless attacks: Stealing more pie without touching the sill

Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk - Journal of Computer Security, Volume 22, Number 4 / 2014, Web Application Security – Web @ 25

2013
mXSS Attacks: Attacking well-secured Web-Applications by using innerHTML Mutations

Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius, Edward Z. Yang - 20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 2013

2012
SS-FP: Browser Fingerprinting using HTML Parser Quirks

Erwan Abgrall, Yves Le Traon, Martin Monperrus, Sylvain Gombault, Mario Heiderich, Alain Ribault

Scriptless Attacks – Stealing the Pie Without Touching the Sill

Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, Jörg Schwenk - 19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, October 2012

On the Fragility and Limitations of Current Browser-provided Clickjacking Protection Schemes

Sebastian Lekies, Mario Heiderich, Dennis Appelt, Thorsten Holz, Martin Johns - 6th USENIX Workshop on Offensive Technologies (WOOT), Bellevue, WA, August 2012

2011
Crouching Tiger - Hidden Payload: Security Risks of Scalable Vectors Graphics

Mario Heiderich, Tilman Frosch, Meiko Jensen, Thorsten Holz - 18th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, October 2011

The Bug that made me President: A Browser- and Web-Security Case Study on Helios Voting

Mario Heiderich, Tilman Frosch, Marcus Niemietz, Jörg Schwenk - International Conference on E-voting and Identity (VoteID), 2011, Tallinn, Estonia, September 2011

IceShield: Detection and Mitigation of Malicious Websites with a Frozen DOM

Mario Heiderich, Tilman Frosch, Thorsten Holz - 14th International Symposium on Recent Advances in Intrusion Detection (RAID), Menlo Park, CA, September 2011

All Your Clouds are Belong to us – Security Analysis of Cloud Management Interfaces

Juraj Somorovsky, Mario Heiderich, Meiko Jensen, Jörg Schwenk, Nils Gruschka, Luigi Lo Iacono - In Proceedings of the ACM Cloud Computing Security Workshop (CCSW), 2011.

2008
Sichere Webanwendungen

Mario Heiderich, Christian Matthies, Johannes Dahse, fukami - GALILEO PRESS, Auflage 1, ISBN-10: 3836211947, ISBN-13: 978-3836211949