Dr.-Ing. Ben Hermann

Jump to content Log in | Deutsch

Dr.-Ing. Ben Hermann

I am a researcher at the Software Technology Group at TU Darmstadt. You can find more information on my personal website. If you are interested in current information you can also consult my blog.

Research Interests

  • Vulnerability Detection using Static Analysis
  • Risk Assessment of Software Libraries
  • Security Guarantees in Type Systems
  • Language-based Security

Supervised Theses

Title Author Thesis type
Automated Analysis of Transitive Threat Propagation for Native Calls in the Java Runtime Environment Tim Kranz Bachelor thesis
Analysis of Safe Guard and Sanitizer Placements for Native Methods in the Java Class Library Henriette Röger Master thesis
Cross-language Static Analysis of Java and Native Code Dominik Helm & Florian Kübler Bachelor thesis
A Security Classification of the Java Class Library's Native Methods by a Static Analysis of Their Implementation Florian Wendel Master thesis
Modelling the Propagation of Threat from Native Methods in the Java Class Library Johann Wiedmeier Bachelor thesis

Publications

Exportieren als [feed] Atom [feed] RSS 1.0 [feed] RSS 2.0
Group by: Date | Item type | No grouping
Jump to: 2020 | 2019 | 2017 | 2016 | 2015 | 2014 | 2013
Number of items: 17.

2020

Reif, Michael ; Kübler, Florian ; Helm, Dominik ; Hermann, Ben ; Eichberg, Michael ; Mezini, Mira (2020):
TACAI: An Intermediate Representation Based on Abstract Interpretation.
In: SOAP 2020-9th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis, London, UK, June 2020, S. 2-7, ISBN 9781450379977,
DOI: 10.1145/3394451.3397204,
[Online-Edition: https://pldi20.sigplan.org/home/SOAP-2020],
[Conference item]

2019

Krüger, Stefan ; Hermann, Ben (2019):
Can an online service predict gender?: on the state-of-the-art in gender identification from texts.
In: GE@ICSE 2019 : 2nd Workshop on Gender Equality in Software Engineering, Montreal, Canada, May 27, 2019, DOI: 10.1109/GE.2019.00012,
[Online-Edition: https://dl.acm.org/citation.cfm?id=3339011],
[Conference item]

2017

Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira (2017):
CodeMatch: Obfuscation Won’t Conceal Your Repackaged App.
In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, Paderborn, Germany, In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, S. 638-648, ISBN 978-1-4503-5105-8,
DOI: 10.1145/3106237.3106305,
[Online-Edition: http://dl.acm.org/citation.cfm?id=3106305],
[Conference item]

Reif, Michael ; Eichberg, Michael ; Hermann, Ben ; Mezini, Mira (2017):
Hermes: assessment and creation of effective test corpora.
In: Proceeding SOAP 2017 Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, S. 43-48, [Online-Edition: http://dl.acm.org/citation.cfm?id=3088523&CFID=886861998&CFT...],
[Book section]

Holzinger, Philipp ; Hermann, Ben ; Lerch, Johannes ; Bodden, Eric ; Mezini, Mira (2017):
Hardening Java's Access Control by Abolishing Implicit Privilege Elevation.
2In: 2017 IEEE Symposium on Security and Privacy (SP 2017), Curran Associates, Inc, San Jose, CA, USA, S. 1.109, ISBN 978-1-5090-5534-0,
[Conference item]

Kübler, Florian ; Müller, Patrick ; Hermann, Ben (2017):
SootKeeper: Runtime Reusability for Modular Static Analysis.
In: SOAP 2017, New York, NY, USA, ACM, In: Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, New York, NY, USA, S. 19-24, ISBN 978-1-4503-5072-3,
DOI: 10.1145/3088515.3088518,
[Online-Edition: http://doi.acm.org/10.1145/3088515.3088518],
[Conference item]

Hermann, Ben ; Li, Ximeng ; Mantel, Heiko ; Mezini, Mira ; Tasch, Markus ; Wendel, Florian ; Weber, Friedrich (2017):
Requirements for a Specification Language for Data and Information Flow, and A Literature Review of Analytical and Constructive Research on the Java Native Interface.
[Report]

2016

Hermann, Ben (2016):
Full-Stack Static Security Analysis for the Java Platform.
Darmstadt, Technische Universität Darmstadt, [Online-Edition: http://tuprints.ulb.tu-darmstadt.de/5807],
[PhD thesis]

Reif, Michael ; Eichberg, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira (2016):
Call graph construction for Java libraries.
In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, S. 474-486, DOI: 10.1145/2950290.2950312,
[Conference item]

2015

Lerch, Johannes ; Hermann, Ben (2015):
Design Your Analysis: A Case Study on Implementation Reusability of Data-flow Functions.
In: SOAP 2015, New York, NY, USA, ACM, In: Proceedings of the 4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, New York, NY, USA, S. 26-30, ISBN 978-1-4503-3585-0,
[Online-Edition: http://doi.acm.org/10.1145/2771284.2771289],
[Conference item]

Eichberg, Michael ; Hermann, Ben ; Mezini, Mira ; Glanz, Leonid (2015):
Hidden Truths in Dead Software Paths.
In: ESEC/FSE 2015, New York, NY, USA, ACM, In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA, S. 474-484, ISBN 978-1-4503-3675-8,
[Online-Edition: http://doi.acm.org/10.1145/2786805.2786865],
[Conference item]

Hermann, Ben ; Reif, Michael ; Eichberg, Michael ; Mezini, Mira (2015):
Getting to Know You: Towards a Capability Model for Java.
In: ESEC/FSE 2015, New York, NY, USA, ACM, In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA, S. 758-769, ISBN 978-1-4503-3675-8,
[Online-Edition: http://doi.acm.org/10.1145/2786805.2786829],
[Conference item]

Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben (2015):
A Vulnerability's Lifetime: Enhancing Version Information in CVE Databases.
In: i-KNOW '15, New York, NY, USA, ACM, In: Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, New York, NY, USA, S. 28:1-28:4, ISBN 978-1-4503-3721-2,
[Online-Edition: http://doi.acm.org/10.1145/2809563.2809612],
[Conference item]

Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben (2015):
A vulnerability's lifetime: enhancing version information in CVE databases.
In: Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, I-KNOW '15, Graz, Austria, October 21-23, 2015, S. 28:1-28:4, DOI: 10.1145/2809563.2809612,
[Online-Edition: http://doi.acm.org/10.1145/2809563.2809612],
[Conference item]

2014

Lerch, Johannes ; Hermann, Ben ; Bodden, Eric ; Mezini, Mira (2014):
FlowTwist: Efficient Context-sensitive Inside-out Taint Analysis for Large Codebases.
In: FSE 2014, New York, NY, USA, ACM, In: Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, S. 98-108, [Online-Edition: http://doi.acm.org/10.1145/2635868.2635878],
[Conference item]

Eichberg, Michael ; Hermann, Ben (2014):
A Software Product Line for Static Analyses: The OPAL Framework.
In: SOAP '14, New York, NY, USA, ACM, In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis, New York, NY, USA, S. 1-6, ISBN 978-1-4503-2919-4,
[Online-Edition: http://doi.acm.org/10.1145/2614628.2614630],
[Conference item]

2013

Bodden, Eric ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira (2013):
Reducing human factors in software security architectures.
In: Future Security Conference 2013, [Online-Edition: http://www.bodden.de/pubs/blh+13reducing.pdf],
[Conference item]

This list was generated on Fri Aug 7 05:34:13 2020 CEST.