Moritz Bley

Logo

Profile

My name is Moritz Bley and I am a third year PhD student in Prof. Thorsten Holz’s System Security group at the Max Planck Institute for Security and Privacy. I originally started my PhD at CISPA Helmholtz in November 2023 and only recently moved to MPI-SP.

Before starting at my PhD I studied computer science at the Friedrich-Alexander University Erlangen and IT security at the Ruhr University Bochum. During my bachelor’s studies in Erlangen I already started working on security-related topics. For my Bachelors thesis on Breaking the Trusted Firmware in Huawei Devices I was awarded first place in the CAST award.

Afterward, I relocated to Bochum and studied IT-Security at the Ruhr University Bochum, which I completed in 2023. During this time I already started working in the System Security group, which - back then - was located at the Ruhr University Bochum, where I mainly did research on firmware security as a research assistant.

My main research interest is the automated security analysis of firmware through rehosting. This technique utilizes fuzzing to run monolithic firmware on a powerful host using an emulator. Building on previous research I want to improve scalable security analysis in this field to ultimately make firmware more secure.

Beyond that I am also interested in the general field of fuzzing as a tool to detect vulnerabilities

If you are interested in any of these topics or have other ideas you would like to explore in a bachelor’s or master’s thesis feel free to contact me!

Contact me

If you are interested in collaborating for a project or want to write a thesis, you can contact me by e-mail: moritz.bley@mpi-sp.org PGP

Service

2026 IEEE Transactions on Software Engineering (TSE) Reviewer

2026 NDSS Artifact Evaluation Distinguished Artifact Reviewer 🏆

Teaching

2025 Summer Term: Fuzzing lab course @ Ruhr-Universitaet Bochum

Publications

2025

VMIGen: Utilizing Virtual Machine Introspection for Fuzzing Complex Closed-Source Targets
Florian Schweins, Moritz Schloegel, Moritz Bley, Nico Schiller, Thorsten Holz Annual Computer Security Applications Conference (ACSAC)
[pdf][code]

Protocol-Aware Firmware Rehosting for Effective Fuzzing of Embedded Network Stacks
Moritz Bley, Tobias Scharnowski, Simon Wörner, Moritz Schloegel, Thorsten Holz
ACM Conference on Computer and Communications Security (CCS)
[pdf][code]

GDMA: Fully Automated DMA Rehosting via Iterative Type Overlays
Tobias Scharnowski, Simeon Hoffmann, Moritz Bley, Simon Wörner, Daniel Klischies, Felix Buchmann, Nils Ole Tippenhauer, Thorsten Holz, Marius Muench
USENIX Security Symposium
[pdf][code]

legal