Dr.-Ing. (equiv Ph.D.) (Technische Universität Berlin, Germany)
M.Sc. CS (University of California Santa Barbara, USA)
B.Sc. CS (FH-Darmstadt, University of Applied Sciences, Germany)
I'm a postdoctoral researcher with the SECLAB at Northeastern University working with William Robertson and Engin Kirda. My research area is systems security, for details see here.
My personal weblog www.mulliner.org/blog and Google Scholar profile.
Upcoming events
- ReCON
DIMVA (planned)Black Hat USA (planned)- Defcon is still on the edge
Contact
-
EMail: crm [AT] ccs.neu.edu
Address: Room 330, Building WVH, 360 Huntington Avenue, 02115 Boston, MA, USA
Phone: +1 (857) 264-1748 (google voice: phone + sms, blocked in the night as in GMT-4!)
My official lab page and department page
Index
-
Projects
Publications
Talks and Presentations
In the Media
Professional Activities
Advisories
Trivia
Research Interests
-
Cellular device and Smartphone Security, including infrastructure
Vulnerability Analysis
Offensive Security
Software Security
Mobile Payment
Near Field Communication (NFC)
Mobile Malware
Privacy
Embedded Systems and Consumer Electronics
Network and Wireless Security (GSM/3G/LTE, WiFi, Bluetooth, ...)
Operating Systems Security (strong focus on mobile device OSes)
Projects
-
-- Protocols
SMS (Short Message Service) Security Research
-
The official SecT SMS Client Security page.
My private SMS Security Research page.
Bluetooth Security
-
various Bluetooth projects including
tools such as bt_audit (psm_scan + rfcomm_scan) and hid_attack
Near Field Communication (NFC) Security
-
Specific interested in the security of NFC mobile phones. My NFC security projects
-- Operating systems and platforms
iPhone Security
-
My iPhone Security Research page
Symbian OS Exploitation and Shellcode Development
-
See my talk on Symbian OS exploitation. My Symbian OS Security Research page
Android Security
-
Various Android Security related things.
Windows Mobile
-
Windows Mobile and MMS security
-- Mobile operator networks
Smartphone and Mobile Phone Honeypots
-
SecT Smartphone Honeypot project.
M2M security (probing mobile networks for M2M devices)
-
Probing Mobile Operator Networks
-- Privacy
GPRS HTTP Header Privacy
-
GPRS HTTP Header Privacy project page.
TOR DNS
-
TTDNSD Proxy for full DNS over TOR, now maintained by the tor project
Previous Research Labs
-
Security in Telecommunications (SecT) TU Berlin and Telekom Innovation Laboratories
Secure Mobile Systems Fraunhofer SIT
SecLab UC Santa Barbara
COSEDA project Fraunhofer IGD, group A8
Publications
-
Peer Reviewed Papers
Journal and Magazine Articles
Books / Chapters
Tech Reports
Posters
Edited Volumes
Peer Reviewed Papers
Conference Workshop Short PaperConference
- PrivExec: Private Execution as an Operating System Service In the Proceedings of the 34th IEEE Symposium on Security and Privacy San Francisco, CA, USA May 2013 PDF, BibTeX entry, Slides(acceptance rate 38/315=12%)
- Taming Mr Hayes: Mitigating Signaling Based Attacks on Smartphones
In the Proceedings of the IEEE/IFIP 41st International Conference on Dependable Systems Networks (DSN)
Boston, MA, USA 25-28 June 2012 PDF, BibTeX entry, Slides (DSN/DCCS acceptance rate 27/156 = 17.3%)
*William C. Carter Award* - SMS of Death: from analyzing to attacking mobile phones on a large scale In the Proceedings of the 20th USENIX Security Symposium San Francisco, CA, USA 10-12 August 2011 PDF, BibTeX entry, Slides (acceptance rate 35/204=17.2%)
- Rise of the iBots: 0wning a telco network In the Proceedings of the 5th IEEE International Conference on Malicious and Unwanted Software (Malware) Nancy, France 19-20 October, 2010 PDF, BibTeX entry, Slides
- Privacy Leaks in Mobile Phone Internet Access In the Proceedings of the 14th International Conference on Intelligence in Next Generation Networks (ICIN) Berlin, Germany 11-14 October, 2010 PDF, BibTeX entry, Slides *Best Paper*
- Vulnerability Analysis of MMS User Agents Proceedings of the Annual Computer Security Applications Conference (ACSAC) Miami, Florida December 2006 PDF, BibTeX entry (acceptance rate 32/135=27%)
- Using Labeling to Prevent Cross-Service Attacks Against Smart Phones Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA) Berlin, Germany July 2006 PDF, BibTeX entry, Slides (27% acceptance rate)
Workshop
- Read It Twice! A mass-storage-based TOCTTOU attack In the Proceedings of the 6th USENIX Workshop on Offensive Technologies (WOOT) Bellevue, WA, USA August 2012 PDF, BibTeX entry, Slides(acceptance rate 12/30=40%)
*Best Paper* - Injecting SMS Messages into Smart Phones for Security Analysis In the Proceedings of the 3rd USENIX Workshop on Offensive Technologies (WOOT) Montreal, Canada August 2009 PDF, BibTeX entry, Slides(acceptance rate 9/24=37.5%)
- Vulnerability Analysis and Attacks on NFC-enabled Mobile Phones In the Proceedings of the 1st International Workshop on Sensor Security (IWSS) at ARES 2009 Fukuoka, Japan March 2009 PDF, BibTeX entry, Slides
Short Paper
- SMS-based One-Time Passwords: Attacks and Defense (short paper) To appear In the Proceedings of the 10th Conference on Detection of Intrusions and Malware & Vulnerability
Assessment (DIMVA 2013) Berlin, Germany July 2013 PDF, BibTeX entry, Slides(acceptance rate 12/38=31.5%)
- Nomadic Honeypots: A Novel Concept for Smartphone Honeypots (short paper / position paper)
In the Proceedings of the Workshop on Mobile Security Technologies (MoST) San Francisco, CA May 2013 PDF, BibTeX entry, Slides(acceptance rate 11/22=50%)
Journal and Magazine Articles
- Persönliche Datenspuren bei der mobilen Internetnutzung Datenschutz und Datensicherheit (DuD) Issue 3/2012, pages 180-184 Germany March 2012 Article
- Risiko Smartphone Magazin für Computertechnik | c't (Issue 20) Germany September 2010 1, 2
Books / Chapters
- Mobile Phone Security. The Impact of the Modem.
SVH Verlag
Germany 2012
ISBN: 978-3-8381-3289-1 Amazon - Contribution to Chapter 7. Mobile Malware Attacks and Defense USA November 2008 Amazon
- Kapitel 7. Iomega ZIP-Drive Howto Linux HOWTOs: Die besten Loesungen der Linuxgemeinde. (Marco Budde Hrsg.) Germany 1999 Amazon
Tech Reports
- Countering SMS Attacks: Filter Recommendations Technical Report: 2011-09 ISSN: 1436-9915 Berlin, Germany April 2011 PDF
- Smartphone Honeypots In Proceedings of the Sixth GI SIG SIDAR Graduate Workshop on Reactive Security (SPRING) Technical Report SR-2011-01, GI FG SIDAR Bochum, Germany 21-22 March 2011 PDF, Slides
- Smartphone Botnets In Proceedings of the Fifth GI SIG SIDAR Graduate Workshop on Reactive Security (SPRING) Technical Report SR-2010-01, GI FG SIDAR Bonn, Germany 7th July 2010 PDF, Slides
- Blueprinting - Remote Device Identification based on Bluetooth Fingerprinting Techniques 21st Chaos Communication Congress (21c3) Berlin, Germany December 2004 PDF
Posters
- Poster: Towards Detecting DMA Malware 18th ACM Conference on Computer and Communications Security (CCS) Chicago, IL, USA October 17-21 2011Poster abstract PDF (acceptance rate 41/62=66.1%)
- Poster: HoneyDroid - Creating a Smart Phone Honeypot IEEE Security and Privacy Oakland, CA, USA May 22-25 2011Poster abstract PDF (acceptance rate 18/34=53%)
Edited Volumes
-
Proceedings of the Seventh GI SIG SIDAR Graduate Workshop on Reactive Security (SPRING)
Technical Report SR-2012-01, ISSN 2190-846X Berlin, Germany July 5-6 2012PDF
Conference Talks and Presentations
- Introduction to Dynamic Dalvik Instrumenation SummerCon 2013 New York City, U.S.A. June 7th, 2013PDF
- Probing Mobile Operator Networks CSAW:THREADS @ NY-Poly NYC, USA November 15th, 2012PDF, project page (invited)
- Dynamic Binary Instrumentation on Android RuxCon 2012 Melbourne, Australia October 20-21, 2012PDF (invited)
- Dynamic Binary Instrumentation on Android BreakPoint 2012 Melbourne, Australia October 17-18, 2012PDF (invited)
- Probing Mobile Operator Networks Black Hat USA Las Vegas, NV, USA July 25-26, 2012PDF, project page
- Binary Instrumentation on Android SummerCon 2012 New York City, U.S.A. June 8th, 2012PDF
- Probing Mobile Operator Networks CanSecWest 2012 Vancouver, Canada March 7-9, 2012PDF, project page
- Hacking your NFC phone and service: the good news and the bad news The 7th Workshop on RFID security and privacy (RFIDsec11) Amherst, MA, USA June 27-28th 2011
(invited) - Hacking NFC and NDEF NinjaCon / BSides Vienna 2011 Vienna, Austria June 18th 2011PDF, project page
- SMS-o-Death: from analyzing to attacking mobile phones on a large scale CanSecWest 2011 Vancouver, Canada March 9-11 2011PDF, project page
- SMS-o-Death: from analyzing to attacking mobile phones on a large scale 27th Chaos Communication Congress (27c3) Berlin, Germany December 27-30 2010
- Angriff aufs Smartphone Cisco-Expo Berlin, Germany December 1-2 2010
(invited) - Consumer Electronics Security Lab CAST Workshop - Embedded Security Darmstadt, Germany August 26th 2010
(invited) - Random tales from a mobile phone hacker CanSecWest 2010 Vancouver, Canada March 24-26th, 2010 PDF
- Fuzzing the Phone in your Phone 26th Chaos Communication Congress (26c3) Berlin, Germany December 28th 2009 PDF, project page
- Sicherheit von mobile Devices: Risiken von iPhone, Android & Co TelekomForum Mobilfunktrends 2010 Bonn, Germany September 2009
(invited) - Smart Phone Security from the Attacker's Perspective 5th Annual Mobile Device Management and Security Forum Berlin, Germany September 2009
(invited) - Fuzzing the Phone in your Phone SEC-T Stockholm, Sweden September 2009 project page (invited)
- Fuzzing the Phone in your Phone Black Hat USA 2009 Las Vegas, Nevada, USA July 2009 PDF, project page
- Data leaks through mobile phone web access PH-Neutral 0x7d9 Berlin, Germany May 2009 project page
- Exploiting Symbian 25th Chaos Communication Congress (25c3) Berlin, Germany December 2008 PDF, project page
- Attacking NFC Mobile Phones 25th Chaos Communication Congress (25c3) Berlin, Germany December 2008 PDF, project page
- Exploiting Symbian BlackHat Japan Tokyo, Japan October 9th 2008 PDF, project page
- Data Leaks Through Mobile Phone Web Access PET-Convention 2008.2 Darmstadt, Germany September 30th 2008 project page
- NFC-basierte Handy-Bezahlsysteme CAST Workshop - SmartCards und Bezahlsysteme Darmstadt, Germany July 24th 2008
(invited) - Attacking NFC Mobile Phones EuSecWest London, UK May 2008 PDF, project page
- Advanced Attacks Against PocketPC Phones SyScan Singapore, Singapore July 2007 PDF, project page(invited)
- Advanced Attacks Against PocketPC Phones 23rd Chaos Communication Congress (23c3) Berlin, Germany December 2006 PDF, project page
- Advanced Attacks Against PocketPC Phones DEFCON-14 Las Vegas N.V., U.S.A. August 2006 PDF, project page
- Exploiting PocketPC WhatTheHack! The Netherlands July 2005 PDF, project page
2013
2012
2011
2010
2009
2008
2007
2006
2005
Talks
- Mobile Security Battle Royale (panel discussion) RSA Conference San Francisco, Ca, USA Feb. 28. 2013
- NFC Phone and Service Security Digital Footprint in a Mobile Environment Workshop - at the Joint Research Center of the European Commission Ispra, Italy November 28-19. 2011
(invited) - Smartphone Malware/Trojans LKA NRW Duesseldorf, Germany June 20. 2011
(invited) - Random tales of a mobile phone hacker Ruhr-Universitaet Bochum Bochum, Germany June 1. 2011
(invited) - Attacking SMS SISCTI 36 Monterrey, Mexico March 3-5 2011
(invited) - Privacy Leaks with Mobile Phone Internet Access EPFL Lausanne, Switzerland November 3rd, 2010
(invited) - Vulnerability Analysis of SMS Implementations on Mobile and Smart Phones Columbia University New York City, New York, USA August 9th, 2010 project page
- Vulnerability Analysis of SMS Implementations on Mobile and Smart Phones Stanford University Palo Alto, CA, USA August 5th, 2010 project page(invited)
- Vulnerability Analysis of SMS Implementations on Mobile and Smart Phones Samsung R&D San Jose, CA, USA August 4th, 2010 project page
- Mobile Botnets T-Labs Workshop Berlin, Germany December 14th 2009
- Fuzzing the Phone in your Phone Recurity Labs Security Symposium (RSS) Berlin, Germany October 27th 2009 project page(invited)
- Injecting SMS Messages into Smart Phones for Security Analysis T-Labs Scientific Workshop Berlin, Germany July 2009 project page
- Exploiting Symbian Nokia Research Center Helsinki, Finland April 2009 project page(invited)
- Mobile Sicherheit Intensivseminar Hacking - Angriffe und Abwehrstrategien (Fraunhofer SIT) Darmstadt, Germany September 18th 2008
- The Home InfoPanel MetaRheinMain ChaosDays 111b Darmstadt, Germany September 5-7 2008PDF(not security research related)
- More Fun with Blue Radio Waves MetaRheinMain ChaosDays 110b Darmstadt, Germany September 14-16 2007PDF
- Exploiting PocketPC Graduate Colloquium Department of Computer Science, California State University Channel Islands, USA March 2006 project page(invited)
2013
2011
2010
2009
2008
2007
2006
Thesis
Ph.D. Thesis
- On the Impact of the Cellular Modem on the Security of Mobile Phones Ph.D. Thesis Technische Universität Berlin, Germany December 2011 PDF Advisor: Jean-Pierre Seifert
Master Thesis
- Security of Smart Phones Master's Thesis University of California Santa Barbara, U.S.A. June 2006 PDF Advisor: Giovanni Vigna
Bachelor Thesis
- IPSec Protokoll Implementierung Bachelor Thesis FH-Darmstadt, Germany April 2003 PDF Project at: Fraunhofer IGD
Advisor: Woldemar Fuhrmann
In the Media (selection)
-
2013
iOS Safer then Android, RSA panel 03.01.2013 (SC Magazin)
2012
29C3: When USB memory sticks lie 12.31.2012 (The H Security)
Scan in Mobilfunknetzen fördert tausende ungeschützte Geräte zu Tage 07.27.2012 (heise)
Your future home is vulnerable to cyberattacks 07.26.2012 (CNN Money)
O2 Says Sorry For Mobile Web Privacy Error 01.26.2012 (SKY News UK) [TV interview]
Britische O2-Handys verrieten Handynummern 01.27.2012 (Spiegel Online)
O2 accused of sending your phone number to every website you visit 01.25.2012 (Wired UK)
2011
Android NFC Bug Could Be First Of Many 06.21.2011 (Threatpost)
How to slay a cellphone with a single text - SMS of Death explained 03.21.2011 (The Register)
CanSecWest: Researchers Show Off Method For Disabling Phones Via SMS 03.09.2011 (threatpost)
Hintertüren und Killer-SMS Hacker knacken Handys und Smartphones 03.11.2011 (Der Spiegel)
Auf Nummer sicher 02.07.2011 (Der Tagesspiegel)
"SMS of Death" Could Crash Many Mobile Phones 01.04.2011 (TechnologyReview)
2010
Simplest Phones Open to 'SMS of Death' 12.28.2010 (Wired)
Viele Handymodelle lassen sich per SMS lahmlegen 12.28.2010 (Handelsblatt)
Missing Hotel Room Key? Try Your Phone 11.08.2010 (McAfee)
Designing Smartphone Botnet Command and Control Infrastructure 11.02.2010 (eWeek)
Smartphone vulnerabilities entice hackers 07.21.2010 (Golden Gate XPress)
Researcher: Mobile number leaks common but inappropriate 04.19.2010 (ZDNet)
Is your mobile phone giving out your phone number? 03.26.10 (computerworld.com)
NFC Forum spec adds digital signatures to prevent tag tampering 11.02.2010 (Near Field Communications World)
2009
Alumni-Magazin der Technischen Universität Berlin - Mobil zu telefonieren kann gefährlich sei(Page 8-9) Dec. 2009
Vorsicht - ansteckend! 09.03.09 (Technology Review)
Researchers attack my iPhone via SMS 07.29.09 (cnet.com)
How To Hijack 'Every iPhone In The World' 07.28.09 (forbs.com)
2008
25c3: NFC-Handy-Anwendungen anfällig für Hackerangriffe 12.30.08 (heise security)
Sicherheitslücke: iPhone wählt selbstständig Abzockemmer 11.20.2008 (Computer Bild)
iPhone telefoniert ferngesteuert 11.20.08 (heise security)
Hackers start poking holes in NFC 05.29.08 (The Register)
Attacks on NFC mobile phones demonstrated 05.28.08 (ZDNet)
2007
New Hacking Tools Bite Bluetooth 01.03.07 (DarkReading)
MMS führt (Schad-)Code aus 01.02.2007 (heise security)
2006
23c3: Neue Hacker-Tools für Bluetooth 12.29.06 (heise security)
Defcon: Angriff auf PocketPC-Smartphones mit MMS-Nachrichten 08.07.06 (heise security)
DefCon Delays Can't Stop the Madness 08.05.06 (Washington Post)
Professional Activities
-
Program Committee:
- 14th International Workshop on Information Security Applications (WISA2013), 2013
- 3rd International Workshop on Trustworthy Embedded Devices (TrustED), 2013
- 7th Workshop on Offensive Technologies (WOOT), 2013
- 8th ARES Conference (ARES), 2013
- 6th Workshop on Offensive Technologies (WOOT), 2012
- 9th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2012
- 1st International Workshop on Sensor Security (IWSS) at ARES, 2009
- External Reviewer for Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2013
- External Reviewer for Symposium on Hardware-Oriented Security and Trust (HOST), 2013
- External Reviewer for the 34th IEEE Symposium on Security & Privacy (Okland), 2013
- External Reviewer for the 13th International Symposium on Recent Advances in Intrusion Detection (RAID), 2010
- Reviewer for the Annual Computer Security Applications Conference (ACSAC), 2006
- Reviewer for the International Journal of Information Security, 2012
- Reviewer for the Communications of the ACM, 2010
- Publicity Chair: DIMVA 2013
- Co-Organizer (with Patrick Stewin) of SPRING 7, SIDAR Graduierten-Workshop über Reaktive Sicherheit, 2012
Reviewer Conference:
Reviewer Journal:
Misc:
Contributions
- Mobile Near Field Communications (NFC) "Tap 'n Go" - Keep it Secure and Private November, 2011
- BlueZ the Linux Bluetooth stack
Trivia
-
My Erdős number is 4.
Here is the path: Paul Erdős (0) -> Noga M. Alon (1) -> Oded Goldreich (2) -> Jean-Pierre Seifert (3) -> me (4)
My Kevin Bacon number is 4.
This is due to being an extra in the German TV show Schwarz greift ein staring Klaus Wennemann who has a distance of 3 to Kevin Bacon.
Erdős-Bacon number is 8(d) = 4 + 4(d)
updated: Mon Jun 10 18:26:49 CEST 2013