- 2025
- Innocenti, Tommaso; Jannett, Louis; Mainka, Christian; Mladenov, Vladislav; Kirda, Engin
"Only as Strong as the Weakest Link": On the Security of Brokered Single Sign-On on the Web
IEEE Symposium on Security and Privacy (S&P), Seite 24—24
Herausgeber: IEEE Computer Society
Mai 2025 - 2024
- Nachtigall, Valentina; Krug, Maximilian; Kracht, Frédéric; Mainka, Christian; Özcan, Fatih; Reichenberger, Sven; Renner, Gerrit; Siegmund, Daniel
Examining the Impact of Video Production Quality and Presenter Identity in Science Communication on Knowledge Acquisition and Attitude Change
:1—17
Oktober 2024
Herausgeber: Routledge
ISSN: 2154-8455 - Jannett, Louis; Westers, Maximilian; Wich, Tobias; Mainka, Christian; Mayer, Andreas; Mladenov, Vladislav
SoK: SSO-MONITOR — The Current State and Future Research Directions in Single Sign-On Security Measurements
European Symposium on Security and Privacy (Euro S&P)
Herausgeber: IEEE
Juli 2024 - 2023
- Noß, Dominik; Knittel, Lukas; Mainka, Christian; Niemietz, Marcus; Schwenk, Jörg
Finding All Cross-Site Needles in the DOM Stack: A Comprehensive Methodology for the Automatic XS-Leak Detection in Web Browsers
ACM SIGSAC Conference on Computer and Communications Security
Herausgeber: ACM Press
November 2023 - Rohlmann, Simon; Mladenov, Vladislav; Mainka, Christian; Hirschberger, Daniel; Schwenk, Jörg
Every Signature Is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures
USENIX Security Symposium, Seite 18
Herausgeber: USENIX Association
August 2023 - Schenkel, Johanna; Mainka, Christian
Die Financial-grade API (FAPI): PSD2-konforme Absicherung von APIs im Finanzsektor
47 (3) :154—159
März 2023
ISSN: 1614-0702, 1862-2607 - 2022
- Jannett, Louis; Mladenov, Vladislav; Mainka, Christian; Schwenk, Jörg
DISTINCT: Identity Theft Using In-Browser Communications in Dual-Window Single Sign-On
ACM SIGSAC Conference on Computer and Communications Security, Seite 15
Herausgeber: ACM Press
November 2022 - Rohlmann, Simon; Mainka, Christian; Mladenov, Vladislav; Schwenk, Jörg
Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures
USENIX Security Symposium, Seite 18
Herausgeber: USENIX Association
August 2022 - 2021
- Knittel, Lukas; Mainka, Christian; Niemietz, Marcus; Noß, Dominik; Schwenk, Jörg
XSinator.Com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers
ACM SIGSAC Conference on Computer and Communications Security
Herausgeber: ACM Press
November 2021 - Rohlmann, Simon; Mladenov, Vladislav; Mainka, Christian; Schwenk, Jörg
Breaking the Specification: PDF Certification
IEEE Symposium on Security and Privacy (S&P), Seite 1485—1501
Herausgeber: IEEE Computer Society
Mai 2021 - Müller, Jens; Noß, Dominik; Mainka, Christian; Mladenov, Vladislav; Schwenk, Jörg
Processing Dangerous Paths - On Security and Privacy of the Portable Document Format
Network and Distributed System Security Symposium
Herausgeber: Internet Society
Februar 2021 - Mainka, Christian; Mladenov, Vladislav; Rohlmann, Simon
Shadow Attacks: Hiding and Replacing Content in Signed PDFs
Network and Distributed System Security Symposium
Herausgeber: Internet Society
Februar 2021 - 2020
- Müller, Jens; Ising, Fabian; Mainka, Christian; Mladenov, Vladislav; Schinzel, Sebastian
Office Document Security and Privacy
USENIX Workshop on Offensive Technologies (WOOT), Seite 13
2020 - 2019
- Mladenov, Vladislav; Mainka, Christian; Meyer zu Selhausen, Karsten; Grothe, Martin; Schwenk, Jörg
1 Trillion Dollar Refund: How To Spoof PDF Signatures
ACM SIGSAC Conference on Computer and Communications Security, Seite 1—14
Herausgeber: ACM Press
November 2019 - Müller, Jens; Ising, Fabian; Mladenov, Vladislav; Mainka, Christian; Schinzel, Sebastian; Schwenk, Jörg
Practical Decryption exFiltration: Breaking PDF Encryption
ACM SIGSAC Conference on Computer and Communications Security, Seite 15—29
Herausgeber: ACM Press
November 2019 - 2017
- Detering, Dennis; Mainka, Christian; Mladenov, Vladislav; Schwenk, Jörg
On the (in-)Security of JavaScript Object Signing and Encryption
ROOTS: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium
November 2017 - Schwenk, Jörg; Niemietz, Marcus; Mainka, Christian
Same-Origin Policy: Evaluation in Modern Browsers
USENIX Security Symposium, Seite 713—727
Herausgeber: USENIX Association
August 2017 - Felsch, Dennis; Mainka, Christian; Mladenov, Vladislav; Schwenk, Jörg
SECRET: On the Feasibility of a Secure, Efficient, and Collaborative Real-Time Web Editor
ACM Asia Conference on Computer and Communications Security (ASIACCS)
Herausgeber: ACM Press
April 2017 - Mainka, Christian; Mladenov, Vladislav; Wich, Tobias; Schwenk, Jörg
SoK: Single Sign-On Security – An Evaluation of OpenID Connect
European Symposium on Security and Privacy (Euro S&P)
Herausgeber: IEEE
April 2017 - 2016
- Grothe, Martin; Mainka, Christian; Rösler, Paul; Schwenk, Jörg
How to Break Microsoft Rights Management Services
USENIX Workshop on Offensive Technologies (WOOT)
Herausgeber: USENIX Association
August 2016 - Späth, Christopher; Mainka, Christian; Mladenov, Vladislav; Schwenk, Jörg
SoK: XML Parser Vulnerabilities
USENIX Workshop on Offensive Technologies (WOOT)
August 2016 - Grothe, Martin; Rösler, Paul; Jupke, Johanna; Kaiser, Jan; Mainka, Christian; Schwenk, Jörg
Your Cloud in My Company: Modern Rights Management Services Revisited
International Conference on Availability, Reliability and Security (ARES)
August 2016 - 2015
- Mainka, Christian; Mladenov, Vladislav; Guenther, Tim; Schwenk, Jörg
Automatic Recognition, Processing and Attacking of Single Sign-on Protocols with Burp Suite
Open Identity Summit
November 2015 - Altmeier, Christian; Mainka, Christian; Somorovsky, Juraj; Schwenk, Jörg
AdIDoS – Adaptive and Intelligent Fully-Automatic Detection of Denial-of-Service Weaknesses in Web Services
International Workshop on Quantitative Aspects of Security Assurance (QASA)
Herausgeber: ESORICS
September 2015 - Kupser, Dennis; Mainka, Christian; Somorovsky, Juraj; Schwenk, Jörg
How to Break XML Encryption – Automatically
USENIX Workshop on Offensive Technologies (WOOT)
Herausgeber: USENIX Association
August 2015 - Niemietz, Marcus; Somorovsky, Juraj; Mainka, Christian; Schwenk, Jörg
Not so Smart: On Smart TV Apps
International Workshop on Secure Internet of Things (SIoT), Seite 72—81
IEEE
Herausgeber: IEEE Computer Society
2015 - 2014
- Mainka, Christian; Mladenov, Vladislav; Feldmann, Florian; Krautwald, Julian; Schwenk, Jörg
Your Software at My Service: Security Analysis of SaaS Single Sign-on Solutions in the Cloud
Proceedings of the 6th Edition of the ACM Workshop on Cloud Computing Security
Oktober 2014 - 2013
- Falkenberg, Andreas; Mainka, Christian; Somorovsky, Juraj; Schwenk, Jörg
A New Approach towards DoS Penetration Testing on Web Services
International Conference on Web Services (ICWS), Seite 491—498
Herausgeber: IEEE
Juni 2013 - Mainka, Christian; Mladenov, Vladislav
Current Threats to Web Services and Other XML-based Services
März 2013 - Elsafie, Abeer; Mainka, Christian; Schwenk, Jörg
A New Approach for WS-Policy Intersection Using Partial Ordered Sets
, Services and Their Composition (ZEUS)Band1029ausCEUR Workshop Proceedings, Seite 45—48
Herausgeber: CEUR-WS.org
Februar 2013 - Mainka, Christian; Mladenov, Vladislav; Somorovsky, Juraj; Schwenk, Jörg
Penetration Test Tool for XML-based Web Services
ESSoS Doctoral Symposium, Seite 31
Februar 2013 - 2012
- Mainka, Christian; Somorovsky, Juraj; Schwenk, Jörg
Penetration Testing Tool for Web Services Security
World Congress on Services (SERVICES)
Juni 2012 - Jensen, Meiko; Junker, Holger; Iacono, Luigi Lo; Mainka, Christian; Schwenk, Jörg
XML Signature Wrapping Angriffe wirksam unterbinden
36 (4) :236—240
April 2012
ISSN: 1614-0702, 1862-2607 - Mainka, Christian; Jensen, Meiko; Iacono, Luigi Lo; Schwenk, Jörg
XSpRES: Robust and Effective XML Signatures for Web Services
International Conference on Cloud Computing and Services Science (CLOSER), Seite 187—197
April 2012
