Dr.-Ing. Leonid Glanz

Software Technology Group


work +49 6151 16-21368

Work S2|02 A226
Hochschulstr. 10
64289 Darmstadt

My research interests target reverse engineering for various kinds of detections, including privacy violations (StringHound (opens in new tab)), repackaging (CodeMatch), and libraries (LibDetect).

A common threat for all these detections is obfuscation, because it hides control and data structures by transforming them to unreadable bits and bytes.

My work reverses and restructures the obfuscated code into a machine and human readable form.

Thereby I use different techniques, such as string analysis, static analysis, machine learning, and abstract interpretation.


Term Courses
Winter 2019/20
  • Advisor for the team TURLS in 'Software Engineering Project'
  • Instructor for quality assurance in 'Software Engineering Project'
Winter 2018/19
  • Coordinator for clients in 'Software Engineering Project'
  • Advisor for the Privacy Risk Assessment team in 'Bachelor Praktikum'
Summer 2018
  • Topic Instructor for Foundations of Static Analyses
Winter 2017/18
  • Contracting entity for IBM projects in 'Open Digital Lab'
  • Advisor for the team Medical Book-in Implementation in 'Software Engineering Project'
  • Coordinator for clients in 'Software Engineering Project'
  • Instructor for quality assurance in 'Software Engineering Project'
  • Instructor for project management in 'Software Engineering Project'
Winter 2016/17
  • Advisor for the team Medical Programming Group in 'Software Engineering Project'
  • Advisor for the team Pipeline MAUS in 'Software Engineering Project'
  • Instructor for quality assurance in 'Software Engineering Project'
Summer 16
  • Instructor for quality assurance in 'Software Engineering Project'
Winter 2015/16
  • Teaching Assistant 'Software Engineering'
  • Instructor for quality assurance in 'Software Engineering Project'
Summer 2015
  • Teaching Assistant 'Software Engineering Design & Construction'
Winter 2014/15
  • Instructor for quality assurance in 'Software Engineering Project'
  • Advisor for the team RubberDuck in 'Software Engineering Project'


I am a member of ATHENE. ATHENE accompanies and supports the digital transformation of society, business and the public sector to improve cybersecurity and data protection.

ATHENE develops security solutions, regularly advises business and public administration, and supports company founders and startups. In doing so, the knowledge gained from basic research at universities flows into further application-oriented research. With its research and development work, ATHENE covers a very wide range of expertise relevant to various technologies and application areas, such as the security of systems, software, applications, processes, hardware, data or the Internet infrastructures. The research center works in an agile and efficient manner and is thus able to respond to new challenges and changing threat situations even at short notice.

ATHENE is a research facility of the Fraunhofer-Gesellschaft with the participation of the Fraunhofer Institutes SIT and IGD as well as the universities TU Darmstadt and Hochschule Darmstadt. The center is funded by the German Federal Ministry of Education and Research (BMBF) and the Hessian Ministry of Science and the Arts (HMWK) and is located in the city of science Darmstadt, Germany's premier address for cybersecurity research.

I am a member of CRISP. The core focus of CRISP is the topic “Security at Large”.

Through this, CRISP is pursuing an entirely new objective and redefining the focus of research conducted at Darmstadt, taking developments in diverse fields of application into account.

Cybersecurity research to date has generally only considered isolated characteristics and moderately sized systems. CRISP sets out to research security for large systems – from their individual components all the way up to their interaction within comprehensive security solutions.

The research areas “Secure Internet Infrastructure” and “Secure Web Applications” are both flagship projects at CRISP.

Smartphone users generally expect that apps, which they download from big app stores, are safe to use. That is, the apps are not used for criminal activities, do not pose security issues and do not violate their privacy. Theses expectations are even heightened if the apps are marketed as apps for families or specifically children.

However, past research has shown that these expectations are often violated. Current approaches to detect violating apps, which use techniques such as code signatures and monitoring of the internet communication while the app is monkey tested, have shown to be insufficient to reliably detect such apps. In general, the analysis of apps is complicated by the prevalent obfuscation of the code of apps.

The goal of this research is to develop a tool that will help – in the presence of obfuscated code – to identify apps which pose security or privacy issues or which may use the phone for other criminal activities.

I am a member of the team that implements the tool to identify apps with security and privacy issues.

At the Open Digital Lab students, scientists and even companies can learn how to develop and at the same time secure, innovative applications and solutions in the areas of cybersecurity, big data analytics, and artificial intelligence. Because the threat of potential cyber attacks is becoming increasingly important, the protection of individual devices, enterprise networks, and critical infrastructures is a far-reaching concern that can only be implemented with specialized knowledge and methods.

For this endeavor, IBM will provide a platform for exchanging security information (X-Force Exchange) in addition to a variety of cloud services, which enables it to detect even complex threat scenarios.

Under the terms of the agreement, both partners plan to create an open facility with the lab that will give industry, students, and researchers in the region the opportunity to work together to deliver innovative ideas, while meeting growing security needs.

I am a member of PEAKS. PEAKS is an acronym for “Platform for the Efficient Analysis and Secure Composition of Software Components”

A fundamental building block in making software engineering more efficient is the reuse of existing components and libraries. Applications are composed of a stack of libraries in conjunction with the respective business code. But as the code of the libraries becomes a part of the control flow of the application, it will run in the same process and thus in the same security context as the main application regardless of the actual need for such a privilege. We aim to build a tool to detect these unnecessary permissions in software libraries and to recommend procedures to limit these privileges or their impact.

I am a member of the ACCEPT Project. The overall goal of ACCEPT is the development of a new approaches for security related anomaly detection, -analysis and -treatment in virtual computer systems. The detection of anomalies are performed to identify previously known and unknown security problems and especially suited for virtual computer system risks.


Loading data from TUbiblio…

Error on loading data

An error has occured when loading publications data from TUbiblio. Please try again later.

  • {{ year }}

    • ({{,4) }}):
      {{ publication.title }}.
      In: {{ publication.series }}, {{ publication.volume }}, In: {{ publication.book_title }}, In: {{ publication.publication }}, {{ publication.journal_volume}} ({{ publication.number }}), ppp. {{ publication.pagerange }}, {{ publication.place_of_pub }}, {{ publication.publisher }}, {{ publication.institution }}, {{ publication.event_location }}, {{ publication.event_dates }}, ISSN {{ publication.issn }}, e-ISSN {{ publication.eissn }}, ISBN {{ publication.isbn }}, {{ labels[publication.type]?labels[publication.type]:publication.type }}
    • […]

Number of items in this list: {{ publicationsList.length }}
Only the {{publicationsList.length}} latest publications are displayed here.

View complete list at TUbiblio View this list at TUbiblio