Leonid Glanz M.Sc.
A common threat for all these detections is obfuscation, because it hides control and data structures by transforming them to unreadable bits and bytes.
My work reverses and restructures the obfuscated code into a machine and human readable form.
Thereby I use different techniques, such as string analysis, static analysis, machine learning, and abstract interpretation.
I am member of CRISP. The core focus of CRISP is the topic “Security at Large”.
Through this, CRISP is pursuing an entirely new objective and redefining the focus of research conducted at Darmstadt, taking developments in diverse fields of application into account.
Cybersecurity research to date has generally only considered isolated characteristics and moderately sized systems. CRISP sets out to research security for large systems – from their individual components all the way up to their interaction within comprehensive security solutions.
The research areas “Secure Internet Infrastructure” and “Secure Web Applications” are both flagship projects at CRISP.
I am member of PEAKS. PEAKS is an acronym for “Platform for the Efficient Analysis and Secure Composition of Software Components”
A fundamental building block in making software engineering more efficient is the reuse of existing components and libraries. Applications are composed of a stack of libraries in conjunction with the respective business code. But as the code of the libraries becomes a part of the control flow of the application, it will run in the same process and thus in the same security context as the main application regardless of the actual need for such a privilege. We aim to build a tool to detect these unnecessary permissions in software libraries and to recommend procedures to limit these privileges or their impact.
I am member of the ACCEPT Project. The overall goal of ACCEPT is the development of a new approaches for security related anomaly detection, -analysis and -treatment in virtual computer systems. The detection of anomalies are performed to identify previously known and unknown security problems and especially suited for virtual computer system risks.
Number of items: 3.
Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira
Eichberg, Michael ; Hermann, Ben ; Mezini, Mira ; Glanz, Leonid
Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben