Security Research
My primary research objective is to understand and improve the
security properties of firmware and operating systems. I like to
think about complex, interconnected systems, and attempt to
understand security vulnerabilities in the context in which they
occur.
I think that, rather than focusing on a certain type of vulnerability,
mitigation, or technique, security vulnerabilities should be seen
as the result of systematic issues. This motivates my research.
Accepted papers
Instructions Unclear: Undefined Behaviour in Cellular Network Specifications
Authors: Daniel Klischies, Moritz Schloegel, Tobias Scharnowski, Mikhail Bogodukhov, David Rupprecht, Veelasha Moonsamy To appear at USENIX Security Symposium 2023. In this paper, we investigate the presence and impact of undefined behavior in cellular network specifications on modems used in smartphones. In doing so, we found multiple gaps in the LTE specifications that lead to insecure implementations resulting in three high-severity CVEs. → Read more
Prior to conducting security reseach I have dabbled in medical
informatics and the detection of speech disorders. You can find
some papers on this on my Google Scholar page.