Dr. Simon Koch
Post-Doc

E-mailsimon.koch@uibk.ac.at
AddressTechnikerstraße 21A, 6020 Innsbruck, Austria
OfficeICT 2W02
Dr. Simon Koch

Research Interests

  • Mobile privacy
  • Web security

Positions

since 06/2025 Postdoctoral Fellow, Security and Privacy Lab, University of Innsbruck, Austria
2018 – 2025 Research Assistant, Institute for Application Security, TU Braunschweig, Germany
2016 – 2018 Student Assistant, CISPA, Saarland University, Germany

Education

2018 – 2025 Ph.D. in Computer Science, Institute for Application Security, TU Braunschweig, Germany
2016 – 2018 M.Sc. in Computer Science, Saarland University, Germany
2012 – 2016 B.Sc. in Computer Science, Saarland University, Germany

Publications

  • Wessels, M., Koch, S., Bettels, L., Klein, D., and Johns, M. HyTrack: Resurrectable and Persistent Tracking Identifiers Across Android Apps and the Web. In USENIX Security Symposium. USENIX Association, Seattle, USA, 2025. [Publisher]
  • Kirchner, R., Koch, S., Kamangar, N., Klein, D., and Johns, M. A Black-Box Privacy Analysis of Messaging Service Providers’ Chat Message Processing. In Proceedings on Privacy Enhancing Technologies (PETS). Bristol, UK, 2024, pp. p. 674–691. [Publisher]
  • Wessels, M., Koch, S., Pellegrino, G., and Johns, M. SSRF vs. Developers: A Study of SSRF-Defenses in PHP Applications. In USENIX Security Symposium. USENIX Association, Philadelphia, USA, 2024. [Publisher]
  • Koch, S., Klein, D., and Johns, M. The Fault in Our Stars: An Analysis of GitHub Stars as an Importance Metric for Web Source Code. In Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb). San Diego, USA, 2024. [Publisher]
  • Koch, S., Altpeter, B., and Johns, M. The OK is Not Enough: Large Scale Study of Consent Dialogs in Smartphone Applications. In USENIX Security Symposium. USENIX Association, Anaheim, USA, 2023. [Publisher]
  • Groß, S., Koch, S., Bernhardt, L., Holz, T., and Johns, M. FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities. In Network and Distributed System Security (NDSS) Symposium. Internet Society, San Diego, USA, 2023. [Publisher]
  • Koch, S., Wessels, M., Altpeter, B., Olvermann, M., and Johns, M. Keeping Privacy Labels Honest. In Proceedings on Privacy Enhancing Technologies (PETS). Sydney, Australia, 2022, pp. p. 486–506. [Publisher]
  • Koch, S., Sauer, T., Johns, M., and Pellegrino, G. Raccoon: Automated Veriication of Guarded Race Conditions in Web Applications. In ACM SIGAPP Symposium on Applied Computing (SAC). ACM, Brno, Czech Republic, 2020, pp. p. 1678–1687. [Publisher]
  • Pellegrino, G., Johns, M., Koch, S., Backes, M., and Rossow, C. Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs. In ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, Dallas, USA, 2017, pp. p. 1757–1771. [Publisher]

Scientific Community Service

2025 Program Committee, Privacy Enhancing Technologies Symposium (PETS) 2026
2024 – 2025 Program Committee, MADWeb
2024 Program Committee, ACM Conference on Computer and Communications Security (CCS) 2024
2024 Program Committee, SecWeb 2024
2022 – 2025 Artifact Committee, Privacy Enhancing Technologies Symposium (PETS)

Talks

2025 DAST in Time, 5th Cyber Security Meetup at TU Braunschweig, Braunschweig
2023 Dark Patterns in Smartphone App Datenschutzdialogen, German OWASP Day, Frankfurt am Main

Awards

2023 Best presentation award, MADWeb