Böhme Research Group: Home

This is the MPI Software Security group lead by Dr Marcel Böhme at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany. We are interested in the automatic discovery of security flaws in software systems at the very large scale. Some of us work on the foundations of automatic vulnerability discovery and program analysis in general. For instance, we seek to identify fundamental limitations of existing techniques, we study empirical methods (incl. statistical and causal reasoning) for program analysis, and we explore the assurances that software testing provides when no bugs are found. Another part of our group develops practical vulnerability discovery tools that are widely used in software security practice. For instance, Entropic is the default power schedule in LibFuzzer which powers the largest fuzzing platforms at Google and Microsoft, fuzzing hundreds of security-critical projects on 100k machines 24/7. Our tools have discovered 100+ bugs in widely-used software systems, more than 70 of which are security-critical vulnerabilities registered as CVEs at the US National Vulnerability Database.

News

Dec 2023 Paper on the extrapolation of the current coverage rate accepted at ICSE’24! Congrats to Danushka and Seongmin!
Dec 2023 Niklas Risse wins 2nd place in the ACM ESEC/FSE Student Research Compentition. Congrats Niklas!
Oct 2023 Our discovery of a connection between fuzzing and information theory is this month’s CACM research highlight! CACM is the monthly journal sent to all members of the ACM. The CACM Technical Perspective was written by the amazing Prof Gordon Fraser.
Oct 2023 Paper on protocol fuzzing equipped with LLMs to interrogate protocol RFCs accepted at NDSS’24! Congrats Ruijie and team!
Oct 2023 Teaching a seminar on software and network security with Kevin Borgolte! Looking forward to the papers and experiments!
Aug 2023 Created a new web presence for the MPI Software Security Group.
Aug 2023 Co-organized the CASA Summer School on Software Security in Bochum. Thanks to all the speakers and participants!
Aug 2023 Two papers on statistical reasoning about programs accepted at ESEC/FSE’23 and ASE’23. Congrats Seongmin and Nikhil et al.!
Older news…

Opportunities

We are always looking to recruit 👩‍🎓 PhD students and 👩‍💻 interns in Software Security. Just reach out via email.

You'll need a strong background in one of:
* Statistics, data science, ML (causality, security flaws), and/or
* Program analysis, system building, vulnerability discovery, CTFs.

People

Graduate Students (Main advisor)

Niklas Risse

PhD Student (MPI-SP / CASA)
Ardi Madadi

Incoming PhD Student

Graduate Students (Co-advisor)

Zac Hatfield-Dodds

PhD student (ANU, on leave @ Anthropic, w/ Tony Hosking)
Philipp Görz

PhD student (CISPA / RUB, w/ Thorsten Holz)
Leon Weiß

PhD student (CASA / RUB, w/ Kevin Borgolte)
Tobias Holl

PhD student (CASA / RUB, w/ Kevin Borgolte)

Interns and Visiting Researchers

Jing Liu

UCI, USA
Haoxin Tu

SMU, Singapore

Faculty

Marcel Böhme

Faculty member

Research Fellows

Seongmin Lee

Research Fellow

Visiting Profs

Eleonora Losiouk

U of Padova, Italy

Past Research Fellows

Zahra Mirzamomen

PostDoc 2020-23. Now at Monash University.
Van-Thuan Pham

PostDoc 2018-20. Now at University of Melbourne.
Behrad Garmany

PostDoc 2022. RUB, Germany. Now at Onapsis Inc.

Alumni

Danushka Liyanage

PhD 2023. Now at University of Sydney, Australia.
Charaka Geethal Kapugama

PhD 2023. Now at University of Ruhuna, Sri Lanka.
Anjana Perera

PhD 2022 (co-adviced). Now at Oracle Labs, Australia.

Past Research Assistents

Octavio Galland

2022/23. U. of Buenos Aires, Argentina
Bharath Krish

2020-22. Monash U, Australia. Now at Deloitte.

Past Interns and Visiting Researchers

Rafaila Galanopoulou 2023. Athens University, Greece
Abhishek Shah 2023. Columbia University, USA
Simran Kathpalia 2023. Amrita University, India
Shreyas Minocha 2023. Rice University, USA
Stephan Lipp 2022. TU Munich, Germany
Nikhil Parasaram 2022. University College London, UK
Dongjia Zhang 2022. Tokyo University, Japan.
Christian Presa Schnell 2022. TU Munich, Germany

Past Undergraduate Students

Robert Stark 2022. MSc thesis (co-adviced). Moved to Bosch.
Tobias Wienand 2022. BSc thesis (co-adviced).