Mathy Vanhoef

Bypassing Wi-Fi Authentication in Modern WPA2/3 Networks

2024/2

A Security Analysis of WPA3-PK: Implementation and Precomputation Attacks

2024/2/29

Can you tell me the time? Security implications of the server-timing header

Proceedings of MADWeb 2023–Workshop on Measurements, Attacks, and Defenses for the Web

2023/3/3

Bypassing Tunnels: Leaking {VPN} Client Traffic by Abusing Routing Tables

2023

TunnelCrack: Leaking VPN Traffic by Manipulating Routing Tables

2023/12/6

Framing Frames: Bypassing {Wi-Fi} Encryption by Manipulating Transmit Queues

2023

Time Will Tell: Exploiting Timing Leaks Using HTTP Response Headers

2023/9/25

Recent Wi-Fi attacks & defenses: general lessons learned & open problems

2023/7/5

Testing and Improving the Correctness of Wi-Fi Frame Injection

2023/5/29

A time-memory trade-off attack on WPA3's SAE-PK

2022/5/30

On the robustness of Wi-Fi deauthentication countermeasures

2022/5/16

The Closer You Look, The More You Learn

2022

The closer you look, the more you learn: A grey-box approach to protocol state machine learning

2022/11/7

Poster: Exploiting timing side-channel leaks in web applications that tell on themselves

2022/6/7

Let numbers tell the tale: measuring security trends in wi-fi networks and best practices

2021/6/28

WiSec'21: Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi United Arab Emirates 28 June 2021-2 July 2021

2021

Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation

2021

ACM WiSec 2021: Program Committee Chairs & General Chairs Report

2021/10/17

A framework to test and fuzz wi-fi devices

2021/6/28

Timeless timing attacks: Exploiting concurrency to leak secrets over remote connections

2020