Michael Weissbacher

Michael Weissbacher

General Information

I am a PhD student of Engin Kirda at the SecLab of Northeastern University in Boston, MA. Before coming to Boston I was a student at the Technical University Vienna, where I received BS/MSĀ degrees. As for CTFs, I am somewhat involved with Boston Key Party and Shellphish. I have a homepage for rare blogging: mweissbacher.com and a Twitter feed for infrequent updates. Also, GitHub.

Research Interests

My research interests include detection of web vulnerabilities and malware.

Publications

  • ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities
    Michael Weissbacher, William Robertson, Engin Kirda, Christopher Kruegel, Giovanni Vigna
    USENIX Security Symposium (USENIX)
    Washington DC, USA, August 2015
    Paper. Bibtex. Slides.
    Acceptance rate: 15.7%, 67/426

  • BabelCrypt: The Universal Encryption Layer for Mobile Messaging Applications
    Ahmet Talha Ozcan, Can Gemicioglu, Kaan Onarlioglu, Michael Weissbacher, Collin Mulliner, William Robertson, Engin Kirda
    Financial Cryptography and Data Security (FC)
    Isla Verde, Puerto Rico, January 2015
    Paper. Bibtex. Slides.
    Acceptance rate: 25%, 23/92

  • Why is CSP Failing? Trends and Challenges in CSP Adoption
    Michael Weissbacher, Tobias Lauinger, William Robertson
    International Symposium on Research in Attacks, Intrusions and Defenses (RAID)
    Gothenburg, Sweden, September 2014
    Paper. Blog post about the paper. Bibtex. Slides.
    Acceptance rate: 19.4%, 22/113

  • ZigZag - Hardening Web Applications against CSV Attacks
    Masters Thesis
    Vienna, Austria, August 2014
    Paper.

  • Searching in Anubis Reports
    Technical Report (Bachelors Thesis)
    Vienna, Austria, December 2011
    Paper. Anubis project website.

Talks

  • Content Security Policy. How to Reap Benefits and Avoid Pitfalls.
    Michael Weissbacher
    Paperlesspost, New York, NY, USA, November 2015.

  • ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities.
    Michael Weissbacher
    Seminar On practical Security (SOS), Boston University, Boston, MA, USA, August 2015.

  • Why is CSP Failing? Trends and Challenges in CSP Adoption.
    Michael Weissbacher
    OWASP Boston Application Security Conference BASC, Cambridge, MA, USA, October 2014.

  • Why is CSP Failing? Trends and Challenges in CSP Adoption.
    Michael Weissbacher.
    EURECOM Seminars, Antibes, France, September 2014.

Contact

360 Huntington Ave
208 West Village H
College of Computer and Information Science
Northeastern University
Boston, MA 02115
United States

Map

$ echo "name@iseclab.org" | sed -re 's!name!mweissbacher!'

Press

  • Threatpost article regarding GMail and CSP. December 2014
  • Threatpost article on our CSP paper. July 2014

Trivia

Fun fact: a blog post from 2011 ended up in a book on memory forensics and multiple slide sets. Even today it is the most visited section of my website.


Last Modified: Sun Mar 8 03:02:06 CET 2015


International Secure Systems Lab www.iseclab.org