https://www.uni-passau.de/en/webservice/mnav/141753/mnav.webservice
Apply Study options Academic Advice Service Course catalogue International Office Careers and Competencies Examinations Office Graduate Centre Student Services Association University Library
Deutsch
Hauptnavigation öffnen
Suche einschränken Gesamte Universität Hilfe- und Supportportal
Chair of IT Security

Prof. Dr. Martin Johns

Research Interests

Publications

2015

18.
Braun , Bastian ; Pauli , Korbinian ; Posegga , Joachim ; Johns , Martin
LogSec: Adaptive Protection for the Wild Wild Web
the 2015 ACM Symposium on Applied Computing (SAC 2015) - to appear ,
2015

2014

17.
Braun , Bastian ; Köstler , Johannes ; Posegga , Joachim ; Johns , Martin
A Trusted UI for the Mobile Web
29th IFIP International Information Security and Privacy Conference (IFIP SEC 2014) ,
2014
DOI: http://dx.doi.org/10.1007/978-3-642-55415-5_11
http://web.sec.uni-passau.de/papers/2014_Braun_Koestler_Posegga_Johns-Trusted-UI-Mobile-Web.pdf
16.
Braun , Bastian ; Köstler , Johannes ; Johns , Martin ; Posegga , Joachim
PhishSafe: Leveraging Modern JavaScript API's for Transparent and Robust Protection
Fourth ACM Conference on Data and Application Security and Privacy (ACM CODASPY 2014) ,
2014
DOI: http://dx.doi.org/10.1145/2557547.2557553
http://web.sec.uni-passau.de/papers/2014_Braun_Koestler_Johns_Posegga-PhishSafe_Leveraging_Modern_JavaScript_APIs_for_Transparent_and_Robust_Protection.pdf

2012

15.
Braun , Bastian ; Kucher , Stefan ; Johns , Martin ; Posegga , Joachim
A User-Level Authentication Scheme to Mitigate Web Session-Based Vulnerabilities
{Trust, Privacy and Security in Digital Business (TrustBus '12)} , Seite 17-29
Herausgeber: Lecture Notes in Computer Science (LNCS), Springer
2012
DOI: http://dx.doi.org/10.1007/978-3-642-32287-7_2
ISBN: 978-3-642-32286-0
http://web.sec.uni-passau.de/papers/2012_Braun_Kucher_Johns_Posegga_SessionImagination.pdf
14.
Johns , Martin ; Lekies , Sebastian ; Braun , Bastian ; Flesch , Benjamin
BetterAuth: Web Authentication Revisited
Proceedings of the 2012 Annual Computer Security Applications Conference (ACSAC 2012) ,
2012
DOI: http://www.acsac.org/2012/openconf/modules/request.php?module=oc_program\&action=summary.php\&id=92
http://web.sec.uni-passau.de/papers/2012_Johns_Lekies_Braun_Flesch-BetterAuth.pdf

2011

13.
Johns , Martin ; Braun , Bastian ; Schrank , Michael ; Posegga , Joachim
Reliable Protection Against Session Fixation Attacks
Proceedings of the 2011 ACM Symposium on Applied Computing (SAC 2011) , Seite 1531--1537
Herausgeber: ACM , TaiChung, Taiwan
2011
DOI: http://doi.acm.org/10.1145/1982185.1982511
ISBN: 978-1-4503-0113-8
http://web.sec.uni-passau.de/papers/2011_Johns_Braun_Schrank_Posegga_SAC2011_SessionFixation.pdf

2010

12.
Johns , Martin ; Beyerlein , Christian ; Giesecke , Rosemaria ; Posegga , Joachim
Secure Code Generation for Web Applications
, Proceedings of 2nd International Symposium on Engineering Secure Software and Systems (ESSoS 2010), Pisa, Italy, February 3-4, 2010. Band 5965 aus Lecture Notes in Computer Science , Seite 96-113
Herausgeber: Springer
2010
DOI: http://dx.doi.org/10.1007/978-3-642-11747-3_8
ISBN: 978-3-642-11746-6
http://dx.doi.org/10.1007/978-3-642-11747-3_8
11.
Schrank , Michael ; Braun , Bastian ; Johns , Martin ; Posegga , Joachim
Session Fixation - the Forgotten Vulnerability?
Sicherheit 2010: Sicherheit, Schutz und Zuverlässigkeit , Seite 341-352
Herausgeber: Lecture Notes in Informatics (LNI), Springer
2010
DOI: http://subs.emis.de/LNI/Proceedings/Proceedings170/article5744.html
ISBN: 978-3-88579-264-2
http://web.sec.uni-passau.de/papers/2010_Schrank_Braun_Johns_Posegga_SICHERHEIT2010_Session_Fixation.pdf

2009

10.
Johns , Martin
Code Injection Vulnerabilities in Web Applications - Exemplified at Cross-site Scripting
University of Passau
2009
https://web.sec.uni-passau.de/theses/PhD_Johns.pdf

2008

9.
Johns , Martin ; Engelmann , Björn ; Posegga , Joachim
XSSDS: Server-Side Detection of Cross-Site Scripting Attacks
ACSAC '08: Proceedings of the 2008 Annual Computer Security Applications Conference , Seite 335--344
Herausgeber: IEEE Computer Society , Washington, DC, USA
2008
DOI: http://dx.doi.org/10.1109/ACSAC.2008.36
ISBN: 978-0-7695-3447-3
http://dx.doi.org/10.1109/ACSAC.2008.36

2007

8.
Johns , Martin ; Schreckling , Daniel
Automatisierter Code-Audit - Sicherheitsanalyse von Source Code in Theorie und Praxis
Datenschutz und Datensicherheit - DuD , 31 (12) :888--893
2007
DOI: http://dx.doi.org/10.1007/s11623-007-0286-7
7.
Schreckling , Daniel ; Johns , Martin
CISAT: Integration von sicherheitszentrierter statischer Analyse in den Enwicklungsprozess
14. DFN-CERT Workshop Sicherheit in vernetzten Systemen ,
Herausgeber: Hamburg, Germany
2007
http://web.sec.uni-passau.de/papers/2007_schreckling_johns_dfn_cert.pdf
6.
Johns , Martin
On JavaScript Malware and related threats - Web page based attacks revisited
Journal in Computer Virology, Springer Paris , 4 (3) :161-178
2007
DOI: http://dx.doi.org/10.1007/s11416-007-0076-7
http://databasement.net/docs/johns2007c_virus_journal_paper.pdf
5.
Johns , Martin ; Winter , Justus
Protecting the Intranet Against ''JavaScript Malware'' and Related Attacks
In Bernhard M. Haemmerli, Robin Sommer, Editor , Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA 2007) Band 4579 aus LNCS , Seite 40 -- 59
In Bernhard M. Haemmerli, Robin Sommer, Editor
Herausgeber: Springer
2007
http://databasement.net/docs/2007_DIMVA_Johns_Winter_Anti_JS_Malware_lncs.pdf
4.
Johns , Martin ; Beyerlein , Christian
SMask: Preventing Injection Attacks in Web Applications by Approximating Automatic Data/Code Separation
22nd ACM Symposium on Applied Computing (SAC 2007), Security Track , Seite 284 - 291
Herausgeber: ACM
2007
DOI: http://doi.acm.org/10.1145/1244002.1244071
http://databasement.net/docs/2006-ACM-SAC-string-masq_final.pdf
3.
Johns , Martin
Towards Practical Prevention of Code Injection Vulnerabilities on the Programming Language Level
Dokument Nummer: 279-07
University of Hamburg
2007
http://databasement.net/docs/2007-MJ-TechReport_279.pdf

2006

2.
Johns , Martin ; Winter , Justus
RequestRodeo: Client Side Protection against Session Riding
In Frank Piessens, Editor , Proceedings of the OWASP Europe 2006 Conference, refereed papers track, Report CW448 , Seite 5 - 17
In Frank Piessens, Editor
Herausgeber: Departement Computerwetenschappen, Katholieke Universiteit Leuven
2006
http://databasement.net/docs/2006_owasp_RequestRodeo.pdf
1.
Johns , Martin
SessionSafe: Implementing XSS Immune Session Handling
In Dieter Gollmann and Jan Meier and Andrei Sabelfeld, Editor , European Symposium on Research in Computer Security (ESORICS 2006) Band 4189 aus LNCS , Seite 444-460
In Dieter Gollmann and Jan Meier and Andrei Sabelfeld, Editor
Herausgeber: Springer
2006
http://databasement.net/docs/session-safe-lncs.pdf
Share this page

Beim Anzeigen des Videos wird Ihre IP-Adresse an einen externen Server (Vimeo.com) gesendet.

Video anzeigen