Stefan Nuernberger
M.Sc. | Researcher


  • Building E9 1, Room 2.04
  • +49 681 302 57364
  • stefan.nuernberger(aeht)dfki.de

Curriculum Vitae

I am a PhD student at the University of Saarland, Germany. I work in the Information Security & Cryptography group of Prof. Dr. Michael Backes. My main research focus is on low-level security such as operating system internals and assembler.

Projects

Code Reuse Attacks & Defenses

Run-time attacks manage to change the behaviour of a program during run-time and turn an otherwise benign program into a malicious program that the attacker controls. The most prominent example of run-time attacks re-combines existing instructions of a program to create a new meaning -- so-called Code Reuse Attacks. We develop solutions to detect, mitigate or even prevent those types of attacks and make operating systems more secure than ever before.

Publications

2017

Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying

2014

You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code

Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing

WebTrust - A Comprehensive Authenticity and Integrity Framework for HTTP

2013

Client-controlled Cryptography-as-a-Service in the Cloud

Gadge Me if You Can: Secure and Efficient Ad-Hoc Instruction-Level Randomization for x86 and ARM

2012

MoCFI: A Framework to Mitigate Control-Flow Attacks on Smartphones

XIFER: A Software Diversity Tool Against Code-Reuse Attacks

2011

AmazonIA: When Elasticity Snaps Back

Twin Clouds: An Architecture for Secure Cloud Computing

Twin Clouds: Secure Cloud Computing with Low Latency

Poster: Control-flow Integrity for Smartphones

Re-synchronizing Audio Watermarking after Non-linear Time Stretching

CFI Goes Mobile: Control-Flow Integrity for Smartphones

2010

Ray - A Secure Microkernel Architecture

2009

Security of Robust Audio Hashes