Simon Koch
PhD candidate and research assistant at the IAS
Office:
IZ 211
Mühlenpfordtstr. 23
38106, Braunschweig
I am a 6th year PhD candidate and research assistant of Martin Johns at the Institute for Application Security, TU Braunschweig. My research focuses on questions surrounding mobile privacy and web security. For mobile privacy I primarily conduct dynamic traffic measurements to assess the data leaked by applications. Whereas for web security I am doing both dynamic and static program analysis research, trying to understand live deployments as well as discovering new vulnerabilities of web applications.
If some of my work peaked your interest I am always interested in new collaborations. I am looking forward to finish my PhD this year and therefore searching for new opportunities in academia to continue my research in both the mobile and web space.
news
| Aug 01, 2024 | Happy to announce, that we got accepted to PETS’25 with “The Impact of Default Mobile SDK Usage on Privacy and Data Protection”. |
|---|---|
| Jul 20, 2024 | Our artifact for our USENIX’24 paper “SSRF vs Developers: A Study of SSRF-Defenses in PHP Applications” is now available here. In tandem with the artifact we also release our PHP Bytecode CPG and its corresponding tooling in a dedicated github org for future updates and additional features. |
| Jul 05, 2024 | Our shepherd agreed with our revision of “SSRF vs Developers: A Study of SSRF-Defenses in PHP Applications” which is going to appear at USENIX’24. |
selected publications
-
The Impact of Default Mobile SDK Usage on Privacy and Data ProtectionIn Privacy Enhancing Technologies Symposium (PETS) , 2025
-
SSRF vs Developers: A Study of SSRF-Defenses in PHP ApplicationsIn USENIX Security Symposium , 2024
-
The OK is Not Enough: Large Scale Study of Consent Dialogs in Smartphone ApplicationsIn USENIX Security Symposium , 2023
-
FUZZILLI: Fuzzing for JavaScript JIT Compiler VulnerabilitiesIn Network and Distributed System Security (NDSS) Symposium , 2023