Dr.-Ing. Vladislav Mladenov

Postdoc - Lehrstuhl Netz- und Datensicherheit

Adresse

Ruhr-Universität Bochum
Lehrstuhl für Netz- und Datensicherheit
Universitätsstraße 150
D-44801 Bochum

Raum: ID 2/457
Telefon:: (+49)(0)234 / 32 - 26742
Fax:: (+49)(0)234 / 32 - 14347
E-Mail:: vladislav.mladenov@rub.de PGP Schlüssel

Lehrveranstaltungen

141252: Message-Level Security

Veröffentlichungen

Breaking the Specification: PDF Certification

Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Jörg Schwenk - 42nd IEEE Symposium on Security and Privacy (S&P 2021)

Vulnerability Report: Attacks on PDF Certification

Simon Rohlmann, Vladislav Mladenov, Christian Mainka, Jörg Schwenk

Processing Dangerous Paths - On Security and Privacy of the Portable Document Format

Jens Müller, Dominik Noß, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - 28th Network and Distributed System Security Symposium (NDSS 2021)

Shadow Attacks: Hiding and Replacing Content in Signed PDFs

Christian Mainka, Vladislav Mladenov, Simon Rohlmann - 28th Network and Distributed System Security Symposium (NDSS 2021)

Vulnerability Report Attacks bypassing the signature validation in PDF (Shadow Attacks)

Christian Mainka, Vladislav Mladenov, Simon Rohlmann, Jörg Schwenk

Office Document Security and Privacy

Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk - 14th USENIX Workshop on Offensive Technologies (WOOT 2020)

Practical Decryption exFiltration: Breaking PDF Encryption

Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk - 26th ACM Conference on Computer and Communications Security

Vulnerability Report: Attacks bypassing confidentiality in encrypted PDF

Jens Müller, Fabian Ising, Vladislav Mladenov, Christian Mainka, Sebastian Schinzel, Jörg Schwenk

1 Trillion Dollar Refund – How To Spoof PDF Signatures

Vladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk - 26th ACM Conference on Computer and Communications Security

Sicherheitsanalyse von eID/eIDAS-Diensten

Nils Engelbertz, Nurullah Erinola, David Herring, Juraj Somorovsky, Vladislav Mladenov, Jörg Schwenk - 16. Deutscher IT-Sicherheitskongress

Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS)

Nils Engelbertz, Vladislav Mladenov, Juraj Somorovsky, Nurullah Erinnola, David Herring, Jörg Schwenk

Vulnerability Report: Attacks bypassing the signature validation in PDF

Vladislav Mladenov, Christian Mainka, Karsten Meyer zu Selhausen, Martin Grothe, Jörg Schwenk

PostScript Undead: Pwning the Web with a 35 Years Old Language

Jens Müller, Vladislav Mladenov, Dennis Felsch, Jörg Schwenk - 21st International Symposium on Research in Attacks, Intrusions, and Defenses (RAID 2018)

Security Analysis of eIDAS – The Cross-Country Authentication Scheme in Europe

Nils Engelbertz, Nurullah Erinola, David Herring, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - 12th USENIX Workshop on Offensive Technologies (WOOT '18)

Evaluation of eID and Trust Services

Nils Engelbertz, Nurullah Erinola, David Herring, Juraj Somorovsky, Vladislav Mladenov

On The (In-)Security Of JavaScript Object Signing And Encryption

Dennis Detering, Juraj Somorovsky, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - ROOTS, November 16–17, 2017, Vienna, Austria

SECRET: On the Feasibility of a Secure, Efficient, and Collaborative Real-Time Web Editor

Dennis Felsch, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - ACM Asia Conference on Computer and Communications Security (ASIACCS) 2017

SoK: Exploiting Network Printers

Jens Müller, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - 38th IEEE Symposium on Security and Privacy (S&P 2017)

SoK: Single Sign-On Security – An Evaluation of OpenID Connect

Christian Mainka, Vladislav Mladenov, Tobias Wich, Jörg Schwenk - IEEE European Symposium on Security and Privacy (EuroS&P 2017)

SoK: XML Parser Vulnerabilities

Christopher Späth, Christian Mainka, Vladislav Mladenov, Jörg Schwenk - 10th USENIX Workshop on Offensive Technologies (WOOT '16)

Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On

Christian Mainka, Vladislav Mladenov, Jörg Schwenk - IEEE European Symposium on Security and Privacy (EuroS&P 2016)

Attacks on OpenID Connect

Vladislav Mladenov, Christian Mainka

Automatic Recognition, Processing and Attacking of Single Sign-On Protocols with Burp Suite

Christian Mainka, Vladislav Mladenov, Tim Guenther, Jörg Schwenk - Open Identity Summit 2015

Your Software at my Service

Vladislav Mladenov, Christian Mainka, Florian Feldmann, Julian Krautwald, Jörg Schwenk - ACM CCSW 2014 in conjunction with the ACM Conference on Computer and Communications Security (CCS) November 7, 2014, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA.

On the Security of Holder-of-Key Single Sign-On

Andreas Mayer, Vladislav Mladenov, Jörg Schwenk - Sicherheit 2014: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 19.-21. März 2014, Wien, Österreich

Strengthening Web Authentication through TLS - Beyond TLS Client Certificates

Vladislav Mladenov, Florian Feldmann, Christopher Meyer, Andreas Mayer, Jörg Schwenk - Open Identity Summit 2014 September 4th - 6th 2014, Frauenhofer IZS, Stuttgart, Germany, http://?openidentity.?eu

Guardians of the Clouds: When Identity Providers Fail

Andreas Mayer, Marcus Niemietz, Vladislav Mladenov, Jörg Schwenk - ACM CCSW 2014 in conjunction with the ACM Conference on Computer and Communications Security (CCS) November 7, 2014, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA.

Options for Integrating eID and SAML

Hühnlein, Detlef, Jörg Schwenk, Tobias Wich, Vladislav Mladenov, Florian Feldmann, Andreas Mayer, Schmölz, Johannes, Bruegger, Bud P., Horsch, Moritz - CCS 2013 Post-Conference Workshop, Digital Identity Management (DIM)

Penetration Test Tool for XML-based Web Services

Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jörg Schwenk - International Symposium on Engineering Secure Software and Systems 2013