Recent publications
Article
Corteggiani, N, Camurati, G, Muench, M, Poeplau, S & Francillon, A 2021, 'SoC Security Evaluation: Reflections on Methodology and Tooling', IEEE Design and Test, vol. 38, no. 1, pp. 7-13. https://doi.org/10.1109/MDAT.2020.3013827
Conference contribution
Klischies, D, Goos, D, Hirsch, D, Milburn, A, Muench, M & Moonsamy, V 2025, BaseBridge: Bridging the Gap Between Over-the-Air and Emulation Testing for Cellular Baseband Firmware. in 2025 IEEE Symposium on Security and Privacy (SP)., 11023426, Proceedings of the IEEE Symposium on Security and Privacy, IEEE, pp. 1101-1119, 2025 IEEE Symposium on Security and Privacy (SP), 12/05/25. https://doi.org/10.1109/SP61157.2025.00142
Scharnowski, T, Hoffman, S, Bley, M, Wörner, S, Klischies, D, Buchmann, F, Tippenhauer, NO, Holz, T & Muench, M 2025, GDMA: Fully Automated DMA Rehosting via Iterative Type Overlays. in Proceedings of the 34th USENIX Security Symposium. USENIX Conference Proceedings, USENIX Association, pp. 1827-1845, 34th USENIX Security Symposium, Seattle, Washington, United States, 13/08/25. <https://www.usenix.org/conference/usenixsecurity25/presentation/scharnowski>
Muench, M, Cullen, A, Courdesses, K, Roth, T & Zonenberg, A 2025, Security through Transparency: Tales from the RP2350 Hacking Challenge. in Proceedings of the 19th USENIX WOOT Conference on Offensive Technologies (WOOT ’25). USENIX Conference Proceedings, USENIX Association, pp. 1-18, 19th USENIX WOOT Conference on Offensive Technologies, Seattle, Washington, United States, 11/08/25. <https://www.usenix.org/conference/woot25/presentation/muench>
Henes, J, Muench, M, Oswald, D & Ragab, H 2025, Talk: Transient-execution attacks on the CHERI Morello platform. in 2025: Proceedings of the Microarchitecture Security Conference (uASC '25). Proceedings of the Microarchitecture Security Conference, vol. 1, Ruhr University Bochum, Bochum, 1st Microarchitecture Security Conference, Bochum, North Rhine-Westphalia, Germany, 19/02/25. https://doi.org/10.46586/uasc.2025.104
Schloegel, M, Bars, N, Schiller, N, Bernhard, L, Scharnowski, T, Crump, A, Ale-Ebrahim, A, Bissantz, N, Muench, M & Holz, T 2024, SoK: Prudent Evaluation Practices for Fuzzing. in 2024 IEEE Symposium on Security and Privacy (SP). Proceedings of the IEEE Symposium on Security and Privacy, IEEE, Los Alamitos, CA, USA, 2024 IEEE Symposium on Security and Privacy (SP), San Francisco, California, United States, 19/05/24. https://doi.org/10.1109/SP54263.2024.00137
Seidel, L, Maier, D & Muench, M 2023, Forming Faster Firmware Fuzzers. in Proceedings of the 32nd USENIX Security Symposium. USENIX Conference Proceedings, USENIX Association, pp. 2903-2920, 32nd USENIX Security Symposium, Anaheim, California, United States, 9/08/23. <https://www.usenix.org/conference/usenixsecurity23/presentation/seidel>
Duta, V, Freyer, F, Pagani, F, Muench, M & Giuffrida, C 2023, Let Me Unwind That For You: Exceptions to Backward-Edge Protection. in NDSS Symposium 2023 Accepted Papers., s295, The Internet Society, pp. 1-18, Network and Distributed System Security (NDSS) Symposium 2023, San Diego, California, United States, 27/02/23. https://doi.org/10.14722/ndss.2023.232295
Hertogh, M, Wiesinger, M, Österlund, S, Muench, M, Amit, N, Bos, H & Giuffrida, C 2023, Quarantine: Mitigating Transient Execution Attacks with Physical Domain Isolation. in RAID '23: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. RAID: Research in Attacks, Intrusions and Defenses, Association for Computing Machinery (ACM), pp. 207–221, RAID 2023, Hong Kong, Hong Kong, 16/10/23. https://doi.org/10.1145/3607199.3607248
Barberis, E, Frigo, P, Muench, M, Bos, H & Giuffrida, C 2022, Branch History Injection: On the Effectiveness of Hardware Mitigations Against Cross-Privilege Spectre-v2 Attacks. in Proceedings of the 31st USENIX Security Symposium. USENIX Association, pp. 971-988, 31st USENIX Security Symposium, Boston, Massachusetts, United States, 10/08/22. <https://www.usenix.org/conference/usenixsecurity22/presentation/barberis>
Hernandez, G, Muench, M, Maier, D, Milburn, A, Park, S, Scharnowski, T, Tucker, T, Traynor, P & Butler, KRB 2022, FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware. in NDSS Symposium 2022 Accepted Papers., 136, The Internet Society, pp. 1-19, Network and Distributed Systems Security (NDSS) Symposium 2022, San Diego, California, United States, 24/04/22. https://doi.org/10.14722/ndss.2022.23136
Scharnowski, T, Bars, N, Schloegel, M, Gustafson, E, Muench, M, Vigna, G, Kruegel, C, Holz, T & Abbasi, A 2022, Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing. in Proceedings of the 31st USENIX Security Symposium. USENIX Association, pp. 1239-1256, 31st USENIX Security Symposium, Boston, Massachusetts, United States, 10/08/22. <https://www.usenix.org/conference/usenixsecurity22/presentation/scharnowski>
Fasano, A, Ballo, T, Muench, M, Leek, T, Bulekov, A, Dolan-Gavitt, B, Egele, M, Francillon, A, Lu, L, Gregory, N, Balzarotti, D & Robertson, W 2021, SoK: Enabling Security Analyses of Embedded Systems via Rehosting. in ASIA CCS '21: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security. ASIA CCS: ACM Symposium on Information, Computer and Communications Security, Association for Computing Machinery (ACM), New York, pp. 687–701, ASIA CCS '21, Hong Kong, China, 7/06/21. https://doi.org/10.1145/3433210.3453093
Gustafson, E, Muench, M, Spensky, C, Redini, N, Machiry, A, Fratantonio, Y, Balzarotti, D, Francillon, A, Choe, YR, Kruegel, C & Vigna, G 2019, Toward the Analysis of Embedded Firmware through Automated Re-hosting. in 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2019). USENIX Association, Chaoyang District, Beijing, pp. 135-150. <https://www.usenix.org/conference/raid2019/presentation/gustafson>
Paper
Olivier, PLR, Muench, M & Francillon, A 2024, '0x41414141: Avatar2 Artifacts, Advances & Analysis', Paper presented at 2024 Annual Computer Security Applications Conference (ACSAC), Waikiki, United States, 9/12/24 - 13/12/24.
View all publications in research portal