SNOOP-IT: Dynamische Analyse und Manipulation von Apple iOS Apps
Sicherheit 2014 — Sicherheit, Schutz und Zuverlässigkeit (7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V.), Vienna · March 2014 · Peer-reviewed conference paper
Mobile applications process data that affects user privacy, but at the time of publication, there were few tools available to easily check how apps actually handle this data. The paper presented Snoop-It, a runtime analysis and black-box security assessment tool for iOS apps that addressed this gap.
App-geschaut: Analyse und Manipulation von iOS-Apps zur Laufzeit
c't — Magazin für Computertechnik · September 2013 · Magazine article
How can users actually understand what smartphone apps do with their data? The article explored runtime analysis techniques for iOS apps, using Snoop-It as the primary example. Aimed at a technical-interested but not security-specialist readership.
Master's Thesis: Planung und Entwicklung einer iOS Schadsoftware unter Berücksichtigung des Apple App Store Freigabeverfahrens für mobile Apps
Heidelberg University / Heilbronn University · 2014
Explored how malware apps could be designed to evade Apple's App Store Review process. Raised questions about the actual security guarantees provided by curated app stores.
Bachelor's Thesis: Entwurf und Implementierung eines Konzepts zur Absicherung mobiler Geräte am Beispiel von Apple iOS
Heidelberg University / Heilbronn University · 2012
Focused on improving system security on iOS 5. Resulted in the development of Gorilla 2, a security app that let users control which data apps could access.