Bio:

Michael Rodler was a research assistant at the system security lab at the University Duisburg-Essen. He did his PhD on Software (In)Security of Smart Contracts and Trusted Enclaves. Currently, he is working for Amazon Web Services (AWS).

Curriculum Vitae:

2017 - 2022

Research Assistant at University Duisburg-Essen

10/2013 - 06/2017

Master degree course Computer Science at Technical University Graz (graduated with Dipl.-Ing. equivalent to MSc)

10/2009 - 07/2013

Study program Secure Information Systems at the University of Applied Sciences Upper Austria Campus Hagenberg (graduated with BSc)

Honours and Awards:

• Finalist Cyber Security Awareness Week (CSAW) Europe 2020
• Distinguished Technical Poster Award at NDSS 2019

Publications:

• Draissi, Oussama; Cloosters, Tobias; Klein, David; Rodler, Michael; Musch, Marius; Johns, Martin; Davi, Lucas: Wemby’s Web: Hunting for Memory Corruption in WebAssembly. In: Proc. of 34th of Association for Computing and Machinery SIGSOFT International Symposium on Software Testing and Analysis (ISSTA) . Association for Computing Machinery (ACM), Trondheim, Norway, 2025. doi:10.1145/3728937Abstract Details Citation

  WebAssembly enables fast execution of performance-critical in web applications utilizing native code. However, recent research has demonstrated the potential for memory corruption errors within WebAssembly modules to exploit web applications. In this work, we present the first systematic analysis of memory corruption in WebAssembly, unveiling the prevalence of a novel threat model
  where memory corruption enables code injection on a victim’s browser. Our large-scale analysis across 37797 domains reveals that an alarming 29411 (77.81\%) of those fully trust data coming from potentially attacker-controlled sources. As a result, an attacker can exploit memory errors to manipulate the WebAssembly memory, where the data is implicitly trusted and frequently passed
  into security-sensitive functions such as eval or directly into the DOM via innerHTML. Thus, an attacker can abuse this trust to gain JavaScript code execution, i.e., Cross-Site Scripting (XSS).

  To tackle this issue, we present Wemby, the first viable approach to efficiently analyze WebAssembly-powered websites holistically. We demonstrate that Wemby is proficient at detecting remotely exposed memory corruption errors in web applications through fuzzing. For this purpose, we implement binary-only WebAssembly instrumentation that provides fine-grained memory corruption
  oracles. We applied Wemby to different websites, uncovering several memory corruption bugs, including one on the Zoom platform. In terms of performance, our ablation study demonstrates that Wemby outperforms current WebAssembly fuzzers. Specifically, Wemby achieves an average speed improvement of 232 times and delivers 46\% greater code coverage compared to the state-of-the-art.
   

• Giesen, Jens-Rene; Andreina, Sebastien; Rodler, Michael; Karame, Ghassan; Davi, Lucas: HCC: A Language-Independent Hardening Contract Compiler for Smart Contracts. In: Proc. of 23rd International Conference on Applied Cryptography and Network Security (ACNS). Springer Cham, Munich, Germany, 2025. doi:10.1007/978-3-031-95761-1_5Abstract Details Citation

  Developing secure smart contracts remains a challenging task. Existing approaches are either impractical or leave the burden to developers for fixing bugs. In this paper, we propose the first practical smart contract compiler, called HCC, which automatically inserts security hardening checks at the source-code level based on a novel and language-independent code property graph (CPG) notation. The high expressiveness of our developed CPG allows us to mitigate all of the most common smart contract vulnerabilities, namely reentrancy, integer bugs, suicidal smart contracts, improper use of tx.origin, untrusted delegate-calls, and unchecked low-level call bugs. Our large-scale evaluation on 10k real-world contracts and several sets of vulnerable contracts from related work demonstrates that HCC is highly practical, outperforms state-of-the-art contract hardening techniques, and effectively prevents all verified attack transactions without hampering functional correctness.

• Rodler, Michael; Paaßen, David; Li, Wenting; Bernhard, Lukas; Holz, Thorsten; Karame, Ghassan; Davi, Lucas: EF/CF: High Performance Smart Contract Fuzzing for Exploit Generation. In: Proc. of 8th IEEE European Symposium on Security and Privacy (EuroSP). Institute of Electrical and Electronics Engineers (IEEE), Delft, Netherlands , 2023. doi:10.1109/EuroSP57164.2023.00034Abstract Details Citation

  Smart contracts are increasingly being used to manage large numbers of high-value cryptocurrency accounts. There is a strong demand for automated, efficient, and comprehensive methods to detect security vulnerabilities in a given contract. While the literature features a plethora of analysis methods for smart contracts, the existing proposals do not address the increasing complexity of contracts. Existing analysis tools suffer from false alarms and missed bugs in today’s smart contracts that are increasingly defined by complexity and interdependencies. To scale accurate analysis to modern smart contracts, we introduce EF↯CF, a high-performance fuzzer for Ethereum smart contracts. In contrast to previous work, EF↯CF efficiently and accurately models complex smart contract interactions, such as reentrancy and cross-contract interactions, at a very high fuzzing throughput rate. To achieve this, EF↯CF transpiles smart contract bytecode into native C++ code, thereby enabling the reuse of existing, optimized fuzzing toolchains. Furthermore, EF↯CF increases fuzzing efficiency by employing a structure-aware mutation engine for smart contract transaction sequences and using a contract’s ABI to generate valid transaction inputs. In a comprehensive evaluation, we show that EF↯CF scales better—without compromising accuracy—to complex contracts compared to state-of-the-art approaches, including other fuzzers, symbolic/concolic execution, and hybrid approaches. Moreover, we show that EF↯CF can automatically generate transaction sequences that exploit reentrancy bugs to steal Ether.

• Giesen, Jens-Rene; Andreina, Sebastien; Rodler, Michael; Karame, Ghassan O.; Davi, Lucas: Tutorial: Analyzing, Exploiting, and Patching Smart Contracts in Ethereum. In: Proc. of 7th IEEE Secure Development Conference (SecDev). Institute of Electrical and Electronics Engineers (IEEE), Atlanta, GA, USA , 2022. doi:10.1109/SecDev53368.2022.00013AbstractPDF Details Citation

  Smart contracts are programs which encode business logic and execute on the blockchain. While Ethereum is the most popular blockchain platform for smart contracts, an increasing number of new blockchain platforms are also able to support smart contract execution (e.g., Solana or Cardano). Security vulnerabilities in Ethereum smart contracts have demonstrated that writing secure smart contracts is highly challenging. This is exacerbated by the fact that the exploitation of buggy smart contracts seems disproportionately easier compared to exploiting classic PC software.

  In this tutorial, we overview a number of smart contract vulnerabilities focusing on the Ethereum ecosystem. We also provide an introduction to the de-facto smart contract programming language Solidity and provide a comprehensive hands-on lab tutorial that involves analyzing vulnerable smart contracts, developing proof-of-concept exploits as well as introducing security analysis tools for testing smart contracts.

• Bernhard, Lukas; Rodler, Michael; Holz, Thorsten; Davi, Lucas: xTag: Mitigating Use-After-Free Vulnerabilities via Software-Based Pointer Tagging on Intel x86-64. In: Proc. of 7th IEEE European Symposium on Security and Privacy. Institute of Electrical and Electronics Engineers (IEEE), Genoa, Italy , 2022. doi:10.1109/EuroSP53844.2022.00038Abstract Details Full textCitation

  Memory safety in complex applications implemented in unsafe programming languages such as C/C++ is still an unresolved problem in practice. Such applications were often developed in an ad-hoc, security-ignorant fashion, and thus they contain many types of security issues. Many different types of defenses have been proposed in the past to mitigate these problems, some of which are even widely used in practice. However, advanced attacks are still able to circumvent these defenses, and the arms race is not (yet) over. On the defensive side, the most promising next step is a tighter integration of the hardware and software level: modern mitigation techniques are either accelerated using hardware extensions or implemented in the hardware by extensions of the instruction set architecture (ISA). In particular, memory tagging, as proposed by ARM or SPARC, promises to solve many issues for practical memory safety. Unfortunately, Intel x86-64, which represents the most important ISA for both the desktop and server domain, lacks support for hardware-accelerated memory tagging, so memory tagging is not considered practical for this platform. In this paper, we present the design and implementation of an efficient, software-only pointer tagging scheme for Intel x86-64 based on a novel metadata embedding scheme. The basic idea is to alias multiple virtual pages to one physical page so that we can efficiently embed tag bits into a pointer. Furthermore, we introduce several optimizations that significantly reduce the performance impact of this approach to memory tagging. Based on this scheme, we propose a novel use-after-free mitigation scheme, called xTag, that offers better performance and strong security properties compared to state-of-the-art methods. We also show how double-free vulnerabilities can be mitigated. Our approach is highly compatible, allowing pointers to be passed back and forth between instrumented and non-instrumented code without losing metadata, and it is even compatible with inline assembly. We conclude that building exploit mitigation mechanisms on top of our memory tagging scheme is feasible on Intel x86-64, as demonstrated by the effective prevention of use-after-free bugs in the Firefox web browser.

• Paaßen, David; Surminski, Sebastian; Rodler, Michael; Davi, Lucas: My Fuzzer Beats Them All! Developing a Framework for Fair Evaluation and Comparison of Fuzzers. In: Proc. of 26th European Symposium on Research in Computer Security. Springer Cham, Darmstadt, Germany, 2021. doi:10.1007/978-3-030-88418-5_9Abstract Details Citation

  Fuzzing has become one of the most popular techniques to identify bugs in software. To improve the fuzzing process, a plethora of techniques have recently appeared in academic literature. However, evaluating and comparing these techniques is challenging as fuzzers depend on randomness when generating test inputs. Commonly, existing evaluations only partially follow best practices for fuzzing evaluations. We argue that the reason for this are twofold. First, it is unclear if the proposed guidelines are necessary due to the lack of comprehensive empirical data in the case of fuzz testing. Second, there does not yet exist a framework that integrates statistical evaluation techniques to enable fair comparison of fuzzers.

  To address these limitations, we introduce a novel fuzzing evaluation framework called SENF (Statistical EvaluatioN of Fuzzers). We demonstrate the practical applicability of our framework by utilizing the most wide-spread fuzzer AFL as our baseline fuzzer and exploring the impact of different evaluation parameters (e.g., the number of repetitions or run-time), compilers, seeds, and fuzzing strategies. Using our evaluation framework, we show that supposedly small changes of the parameters can have a major influence on the measured performance of a fuzzer.

• Rodler, Michael; Li, Wenting; Karame, Ghassan O.; Davi, Lucas: EVMPatch: Timely and Automated Patching of Ethereum Smart Contracts. In: Proc. of 30th USENIX Security Symposium. USENIX Association, Vancouver, B.C., Canada, 2021. Abstract Details Full textCitation

  Recent attacks exploiting errors in smart contract code had devastating consequences thereby questioning the benefits of this technology. It is currently highly challenging to fix errors and deploy a patched contract in time. Instant patching is especially important since smart contracts are always online due to the distributed nature of blockchain systems. They also manage considerable amounts of assets, which are at risk and often beyond recovery after an attack. Existing solutions to upgrade smart contracts depend on manual and error-prone processes. This paper presents a framework, called EVMPatch, to instantly and automatically patch faulty smart contracts. EVMPatch features a bytecode rewriting engine for the popular Ethereum blockchain, and transparently/automatically rewrites common off-the-shelf contracts to upgradable contracts. The proof-of-concept implementation of EVMPatch automatically hardens smart contracts that are vulnerable to integer over/underflows and access control errors, but can be easily extended to cover more bug classes. Our evaluation on 14,000 real-world contracts demonstrates that our approach successfully blocks attack transactions launched on contracts, while keeping the intended functionality of the contract intact. We perform a study with experienced software developers, showing that EVMPatch is practical, and reduces the time for converting a given Solidity smart contract to an upgradable contract by 97.6 %, while ensuring functional equivalence to the original contract.

• Cloosters, Tobias; Rodler, Michael; Davi, Lucas: TeeRex: Discovery and Exploitation of Memory Corruption Vulnerabilities in SGX Enclaves. In: Proc. of 29th USENIX Security Symposium. USENIX Association, Boston, MA, USA, 2020. Abstract Details Full textCitation

  Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot withstand memory corruption errors inside the enclave code. In this paper, we show that the attack surface of SGX enclaves provides new challenges for enclave developers as exploitable memory corruption vulnerabilities are easily introduced into enclave code. We develop TeeRex to automatically analyze enclave binary code for vulnerabilities introduced at the host-to-enclave boundary by means of symbolic execution. Our evaluation on public enclave binaries reveal that many of them suffer from memory corruption errors allowing an attacker to corrupt function pointers or perform arbitrary memory writes. As we will show, TeeRex features a specifically tailored framework for SGX enclaves that allows simple proof-of-concept exploit construction to assess the discovered vulnerabilities. Our findings reveal vulnerabilities in multiple enclaves, including enclaves developed by Intel, Baidu, and WolfSSL, as well as biometric fingerprint software deployed on popular laptop brands.

  Full TextSlidesPresentation Video

• Adepu, Sridhar; Brasser, Ferdinand; Garcia, Luis; Rodler, Michael; Davi, Lucas; Sadeghi, Ahmad-Reza; Zonouz, Saman: Control Behavior Integrity for Distributed Cyber-Physical Systems. In: Proc. of 11th IEEE/ACM Conference on Cyber-Physical Systems (ICCPS'20). Institute of Electrical and Electronics Engineers (IEEE), Sydney, NSW, Australia , 2020. doi:10.1109/ICCPS48487.2020.00011Abstract Details Citation

  Cyber-physical control systems, such as industrial control systems (ICS), are increasingly targeted by cyberattacks. Such attacks can potentially cause tremendous damage, affect critical infrastructure or even jeopardize human life when the system does not behave as intended. Cyberattacks, however, are not new and decades of security research have developed plenty of solutions to thwart them. Unfortunately, many of these solutions cannot be easily applied to safety-critical cyber-physical systems. Further, the attack surface of ICS is quite different from what can be commonly assumed in classical IT systems. We present Scadman, a novel control-logic aware anomaly detection system for distributed cyber-physical systems. By observing the system-wide behavior, the correctness of individual controllers (like programmable logic controllers-PLCs) in ICS can be verified. This allows Scadman to detect a wide range of attacks, including malware attacks, code-reuse and dataonly attacks, as well as sensor attacks. We implemented and evaluated Scadman based on a real-world water treatment testbed for ICS security research and training. Our results show that we can detect a wide range of attacks-including attacks that have previously been undetectable by typical state estimation techniques-while causing no false-positive warning for nominal threshold values.

• Surminski, Sebastian; Rodler, Michael; Davi, Lucas: Poster: Automated Evaluation of Fuzzers - Distinguished Technical Poster Award. In: Proc. of 26th Network and Distributed System Security Symposium (NDSS). Network and Distributed System Security (NDSS) Symposium , San Diego, CA, 2019. Abstract Details Full textCitation

  Fuzzing is a well-known technique for automatically testing the robustness of software and its susceptibility to security-critical errors. Recently, many new and improved fuzzers have been presented. One critical aspect of any new fuzzer is its overall performance. However, given that there exist no standardized fuzzing evaluation methodology, we observe significant discrepancy in evaluation results making it highly challenging to  compare fuzzing techniques.

  To tackle this deficiency, we developed a new framework, called FETA, which automatically evaluates fuzzers based on a fixed and comprehensive test set enabling objective and general comparison of performance results. We apply FETA to various recently released academic and non-academic fuzzers, eventually resulting in a large scale evaluation of the current state-of-the-art fuzzing approaches.

• Rodler, Michael; Li, Wenting; Karame, Ghassan; Davi, Lucas: Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks. In: Proc. of 26th Network and Distributed System Security Symposium (NDSS). Network and Distributed System Security (NDSS) Symposium, San Diego, CA, USA, 2019. Abstract Details Full textCitation

  Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this paper, we address this problem in the context of re-entrancy exploits and propose a novel smart contract security technology, dubbed Sereum (Secure Ethereum), which protects existing, deployed contracts against re-entrancy attacks in a backwards compatible way based on run-time monitoring and validation. Sereum does neither require any modification nor any semantic knowledge of existing contracts. By means of implementation and evaluation using the Ethereum blockchain, we show that Sereum covers the actual execution flow of a smart contract to accurately detect and prevent attacks with a false positive rate as small as 0.06% and with negligible run-time overhead. As a by-product, we develop three advanced re-entrancy attacks to demonstrate the limitations of existing offline vulnerability analysis tools.

• Eder, Thomas; Rodler, Michael; Vymazal, Dieter; Zeilinger, Markus: ANANAS - A Framework for Analyzing Android Applications - Proc. of 8th International Conference on Availability, Reliability and Securit. In: Availability, Reliability and Security (ARES), 2013 Eighth International Conference on (2013). doi:10.1109/ARES.2013.93Abstract Details Full textCitation

  Android is an open software platform for mobile devices with a large market share in the smart phone sector. The openness of the system as well as its wide adoption lead to an increasing amount of malware developed for this platform. ANANAS is an expandable and modular framework for analyzing Android applications. It takes care of common needs for dynamic malware analysis and provides an interface for the development of plugins. Adaptability and expandability have been main design goals during the development process. An abstraction layer for simple user interaction and phone event simulation is also part of the framework. It allows an analyst to script the required user simulation or phone events on demand or adjust the simulation to his needs. Six plugins have been developed for ANANAS. They represent well known techniques for malware analysis, such as system call hooking and network traffic analysis. The focus clearly lies on dynamic analysis, as five of the six plugins are dynamic analysis methods.

Talks:

• Rodler, Michael: Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks. ACM AFT, 21st Oct 2019, Zürich.
• Rodler, Michael: Sereum: Protecting Existing Smart Contracts Against Re-Entrancy Attacks. Network and Distributed System Security Symposium (NDSS), 27th Feb 2019, San Diego.