Leonid Glanz

Leonid Glanz M.Sc.

My research interests target reverse engineering for various kinds of detections, including malware, repackages (CodeMatch), and libraries (LibDetect).

A common threat for all these detections is obfuscation, because it hides control and data structures by transforming them to unreadable bits and bytes.

My work reverses and restructures the obfuscated code into a machine and human readable form.

Thereby I use different techniques, such as string analysis, static analysis, machine learning, and abstract interpretation.

Teaching

Term Courses
Winter 2017/18
  • Contracting entity for IBM projects in 'Open Digital Lab'
  • Advisor for the team Medical Book-in Implementation in 'Software Engineering Project'
  • Coordinator for clients in 'Software Engineering Project'
  • Instructor for quality assurance in 'Software Engineering Project'
  • Instructor for project management in 'Software Engineering Project'
Winter 2016/17
  • Advisor for the team Medical Programming Group in 'Software Engineering Project'
  • Advisor for the team Pipeline MAUS in 'Software Engineering Project'
  • Instructor for quality assurance in 'Software Engineering Project'
Summer 2016
  • Instructor for quality assurance in 'Software Engineering Project'
Winter 2015/16
  • Teaching Assistant 'Software Engineering'
  • Instructor for quality assurance in 'Software Engineering Project'
Summer 2015
  • Teaching Assistant 'Software Engineering Design & Construction'
Winter 2014/15
  • Instructor for quality assurance in 'Software Engineering Project'
  • Advisor for the team RubberDuck in 'Software Engineering Project'

Projects

I am member of CRISP. The core focus of CRISP is the topic “Security at Large”.

Through this, CRISP is pursuing an entirely new objective and redefining the focus of research conducted at Darmstadt, taking developments in diverse fields of application into account.

Cybersecurity research to date has generally only considered isolated characteristics and moderately sized systems. CRISP sets out to research security for large systems – from their individual components all the way up to their interaction within comprehensive security solutions.

The research areas “Secure Internet Infrastructure” and “Secure Web Applications” are both flagship projects at CRISP.

I am member of PEAKS. PEAKS is an acronym for “Platform for the Efficient Analysis and Secure Composition of Software Components”

A fundamental building block in making software engineering more efficient is the reuse of existing components and libraries. Applications are composed of a stack of libraries in conjunction with the respective business code. But as the code of the libraries becomes a part of the control flow of the application, it will run in the same process and thus in the same security context as the main application regardless of the actual need for such a privilege. We aim to build a tool to detect these unnecessary permissions in software libraries and to recommend procedures to limit these privileges or their impact.

I am member of the ACCEPT Project. The overall goal of ACCEPT is the development of a new approaches for security related anomaly detection, -analysis and -treatment in virtual computer systems. The detection of anomalies are performed to identify previously known and unknown security problems and especially suited for virtual computer system risks.

Publications

Group by: Date | Item type | No grouping
Jump to: 2017 | 2015
Number of items: 3.

2017

Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
CodeMatch: Obfuscation Won’t Conceal Your Repackaged App.
[Online-Edition: http://dl.acm.org/citation.cfm?id=3106305]
In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering Paderborn, Germany
[Conference or workshop item], (2017)

2015

Eichberg, Michael ; Hermann, Ben ; Mezini, Mira ; Glanz, Leonid :
Hidden Truths in Dead Software Paths.
[Online-Edition: http://doi.acm.org/10.1145/2786805.2786865]
In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA. In: ESEC/FSE 2015 . ACM , New York, NY, USA
[Conference or workshop item], (2015)

Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben :
A Vulnerability's Lifetime: Enhancing Version Information in CVE Databases.
[Online-Edition: http://doi.acm.org/10.1145/2809563.2809612]
In: Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, New York, NY, USA. In: i-KNOW '15 . ACM , New York, NY, USA
[Conference or workshop item], (2015)

This list was generated on Mon Nov 20 09:26:20 2017 CET.