Dr.-Ing. Ben Hermann

I am a researcher at the Software Technology Group at TU Darmstadt. You can find more information on my personal website. If you are interested in current information you can also consult my blog.

Research Interests

Vulnerability Detection using Static Analysis
Risk Assessment of Software Libraries
Security Guarantees in Type Systems
Language-based Security

Supervised Theses

Title	Author	Thesis type
Automated Analysis of Transitive Threat Propagation for Native Calls in the Java Runtime Environment	Tim Kranz	Bachelor thesis
Analysis of Safe Guard and Sanitizer Placements for Native Methods in the Java Class Library	Henriette Röger	Master thesis
Cross-language Static Analysis of Java and Native Code	Dominik Helm & Florian Kübler	Bachelor thesis
A Security Classification of the Java Class Library's Native Methods by a Static Analysis of Their Implementation	Florian Wendel	Master thesis
Modelling the Propagation of Threat from Native Methods in the Java Class Library	Johann Wiedmeier	Bachelor thesis

Publications

Group by: Date | Item type | No grouping

Jump to: 2017 | 2016 | 2015 | 2014 | 2013

Number of items: 14.

2017

Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
CodeMatch: Obfuscation Won’t Conceal Your Repackaged App.
[Online-Edition: http://dl.acm.org/citation.cfm?id=3106305]
In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering Paderborn, Germany
[Conference or workshop item], (2017)

Reif, Michael ; Eichberg, Michael ; Hermann, Ben ; Mezini, Mira :
Hermes: assessment and creation of effective test corpora.
[Online-Edition: http://dl.acm.org/citation.cfm?id=3088523&CFID=886861998&CFT...]
In: Proceeding SOAP 2017 Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. , pp. 43-48.
[Book section], (2017)

Holzinger, Philipp ; Hermann, Ben ; Lerch, Johannes ; Bodden, Eric ; Mezini, Mira :
Hardening Java's Access Control by Abolishing Implicit Privilege Elevation.
2017 IEEE Symposium on Security and Privacy (SP 2017) Curran Associates, Inc
[Conference or workshop item], (2017)

Kübler, Florian ; Müller, Patrick ; Hermann, Ben :
SootKeeper: Runtime Reusability for Modular Static Analysis.
[Online-Edition: http://doi.acm.org/10.1145/3088515.3088518]
In: Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, New York, NY, USA. In: SOAP 2017 . ACM , New York, NY, USA
[Conference or workshop item], (2017)

Hermann, Ben ; Li, Ximeng ; Mantel, Heiko ; Mezini, Mira ; Tasch, Markus ; Wendel, Florian ; Weber, Friedrich :
Requirements for a Specification Language for Data and Information Flow, and A Literature Review of Analytical and Constructive Research on the Java Native Interface.

[Report], (2017)

2016

Hermann, Ben :
Full-Stack Static Security Analysis for the Java Platform.
[Online-Edition: http://tuprints.ulb.tu-darmstadt.de/5807]
Technische Universität Darmstadt , Darmstadt
[PhD thesis], (2016)

Reif, Michael ; Eichberg, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
Call graph construction for Java libraries.
In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering.
[Conference or workshop item], (2016)

2015

Lerch, Johannes ; Hermann, Ben :
Design Your Analysis: A Case Study on Implementation Reusability of Data-flow Functions.
[Online-Edition: http://doi.acm.org/10.1145/2771284.2771289]
In: Proceedings of the 4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, New York, NY, USA. In: SOAP 2015 . ACM , New York, NY, USA
[Conference or workshop item], (2015)

Eichberg, Michael ; Hermann, Ben ; Mezini, Mira ; Glanz, Leonid :
Hidden Truths in Dead Software Paths.
[Online-Edition: http://doi.acm.org/10.1145/2786805.2786865]
In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA. In: ESEC/FSE 2015 . ACM , New York, NY, USA
[Conference or workshop item], (2015)

Hermann, Ben ; Reif, Michael ; Eichberg, Michael ; Mezini, Mira :
Getting to Know You: Towards a Capability Model for Java.
[Online-Edition: http://doi.acm.org/10.1145/2786805.2786829]
In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA. In: ESEC/FSE 2015 . ACM , New York, NY, USA
[Conference or workshop item], (2015)

Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben :
A Vulnerability's Lifetime: Enhancing Version Information in CVE Databases.
[Online-Edition: http://doi.acm.org/10.1145/2809563.2809612]
In: Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, New York, NY, USA. In: i-KNOW '15 . ACM , New York, NY, USA
[Conference or workshop item], (2015)

2014

Lerch, Johannes ; Hermann, Ben ; Bodden, Eric ; Mezini, Mira :
FlowTwist: Efficient Context-sensitive Inside-out Taint Analysis for Large Codebases.
[Online-Edition: http://doi.acm.org/10.1145/2635868.2635878]
In: Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering. In: FSE 2014 . ACM , New York, NY, USA
[Conference or workshop item], (2014)

Eichberg, Michael ; Hermann, Ben :
A Software Product Line for Static Analyses: The OPAL Framework.
[Online-Edition: http://doi.acm.org/10.1145/2614628.2614630]
In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis, New York, NY, USA. In: SOAP '14 . ACM , New York, NY, USA
[Conference or workshop item], (2014)

2013

Bodden, Eric ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
Reducing human factors in software security architectures.
[Online-Edition: http://www.bodden.de/pubs/blh+13reducing.pdf]
In: Future Security Conference 2013.
[Conference or workshop item], (2013)

This list was generated on Fri Sep 21 05:04:30 2018 CEST.