Sebastian Roth

I am a PhD student at Saarland University, working as a PhD Candidate at the CISPA Helmholtz Center for Information Security. My research interest is focused on client-side Web security as well as usable security for developers. In addition to that I have taught other students as a tutor and teaching assistant in several different lectures.
During leisure time, I regularly participate in information security competitions called Capture the Flag (CTF) together with our team saarsec. Moreover, I am also interested in sports, in particular Jugger. Currently I am playing for our university team Keulen Eulen.

Educational Curriculum Vitae

PhD Student

Saarland University
March 2019 - today

Master Computer Science

Saarland University
March 2017 - March 2019

Bachelor Cybersecurity

Saarland University
October 2013 - March 2017

High School

Balthasar Neumann Technical College Trier
August 2010 - June 2013

Working Curriculum Vitae

PhD Candidate @ Information Security & Cryptography Group

CISPA Helmholtz Center for Information Security
March 2019 - today

Research Assistant @ Secure Web Applications Group

CISPA Helmholtz Center for Information Security
January 2019 - March 2019

Research Assistant @ Secure Web Applications Group

Center for IT Security, Privacy and Accountability
December 2017 - December 2018

Research Assistant @ Usable Security & Privacy Group

Center for IT Security, Privacy and Accountability
October 2015 - December 2017

Scientific Publications

A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web

Stefano Calzavara, Sebastian Roth, Alvise Rabitti, Michael Backes and Ben Stock
USENIX Security Symposium (USENIX '20)

Assessing the Impact of Script Gadgets on CSP at Scale

Sebastian Roth, Michael Backes and Ben Stock
ASIA Conference on Computer and Communications Security (AsiaCCS '20)

Complex Security Policy? – A Longitudinal Analysis of Deployed Content Security Policies

Sebastian Roth, Timothy Barron, Stefano Calzavara, Nick Nikiforakis and Ben Stock
Network and Distributed System Security Symposium (NDSS '20)

ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices

Marius Musch, Marius Steffens, Sebastian Roth, Ben Stock and Martin Johns
ASIA Conference on Computer and Communications Security (AsiaCCS '19)

Talks

A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web

USENIX Security Symposium 2020 (USENIX '20)

Restricting The Scripts, You're To Blame, You Give CSP A Bad Name

RuhrSec - IT Security Conference 2020 (RuhrSec '20)
OWASP - Global AppSec 2019 (AppSec '19)

Complex Security Policy? – A Longitudinal Analysis of Deployed Content Security Policies

Network and Distributed System Security Symposium 2020 (NDSS '20)