Dr.-Ing. Ben Hermann

Jump to content Log in | Deutsch

Dr.-Ing. Ben Hermann

I am a researcher at the Software Technology Group at TU Darmstadt. You can find more information on my personal website. If you are interested in current information you can also consult my blog.

Research Interests

  • Vulnerability Detection using Static Analysis
  • Risk Assessment of Software Libraries
  • Security Guarantees in Type Systems
  • Language-based Security

Supervised Theses

Title Author Thesis type
Automated Analysis of Transitive Threat Propagation for Native Calls in the Java Runtime Environment Tim Kranz Bachelor thesis
Analysis of Safe Guard and Sanitizer Placements for Native Methods in the Java Class Library Henriette Röger Master thesis
Cross-language Static Analysis of Java and Native Code Dominik Helm & Florian Kübler Bachelor thesis
A Security Classification of the Java Class Library's Native Methods by a Static Analysis of Their Implementation Florian Wendel Master thesis
Modelling the Propagation of Threat from Native Methods in the Java Class Library Johann Wiedmeier Bachelor thesis

Publications

Group by: Date | Item type | No grouping
Jump to: 2017 | 2016 | 2015 | 2014 | 2013
Number of items: 15.

2017

Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
CodeMatch: Obfuscation Won’t Conceal Your Repackaged App.
 [Online-Edition: http://dl.acm.org/citation.cfm?id=3106305]
In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering Paderborn, Germany
[ Conference item] , (2017)

Reif, Michael ; Eichberg, Michael ; Hermann, Ben ; Mezini, Mira :
Hermes: assessment and creation of effective test corpora.
 [Online-Edition: http://dl.acm.org/citation.cfm?id=3088523&CFID=886861998&CFT...]
In: Proceeding SOAP 2017 Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. , S. 43-48.
[Book section] , (2017)

Holzinger, Philipp ; Hermann, Ben ; Lerch, Johannes ; Bodden, Eric ; Mezini, Mira :
Hardening Java's Access Control by Abolishing Implicit Privilege Elevation.
 2017 IEEE Symposium on Security and Privacy (SP 2017) Curran Associates, Inc
[ Conference item] , (2017)

Kübler, Florian ; Müller, Patrick ; Hermann, Ben :
SootKeeper: Runtime Reusability for Modular Static Analysis.
 [Online-Edition: http://doi.acm.org/10.1145/3088515.3088518]
In: Proceedings of the 6th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, New York, NY, USA. In: SOAP 2017 . ACM , New York, NY, USA
[ Conference item] , (2017)

Hermann, Ben ; Li, Ximeng ; Mantel, Heiko ; Mezini, Mira ; Tasch, Markus ; Wendel, Florian ; Weber, Friedrich :
Requirements for a Specification Language for Data and Information Flow, and A Literature Review of Analytical and Constructive Research on the Java Native Interface.
[Report] , (2017)

2016

Hermann, Ben :
Full-Stack Static Security Analysis for the Java Platform.
 [Online-Edition: http://tuprints.ulb.tu-darmstadt.de/5807]
Technische Universität Darmstadt , Darmstadt
[PhD thesis], (2016)

Reif, Michael ; Eichberg, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
Call graph construction for Java libraries.
 In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering.
[ Conference item] , (2016)

2015

Lerch, Johannes ; Hermann, Ben :
Design Your Analysis: A Case Study on Implementation Reusability of Data-flow Functions.
 [Online-Edition: http://doi.acm.org/10.1145/2771284.2771289]
In: Proceedings of the 4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, New York, NY, USA. In: SOAP 2015 . ACM , New York, NY, USA
[ Conference item] , (2015)

Eichberg, Michael ; Hermann, Ben ; Mezini, Mira ; Glanz, Leonid :
Hidden Truths in Dead Software Paths.
 [Online-Edition: http://doi.acm.org/10.1145/2786805.2786865]
In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA. In: ESEC/FSE 2015 . ACM , New York, NY, USA
[ Conference item] , (2015)

Hermann, Ben ; Reif, Michael ; Eichberg, Michael ; Mezini, Mira :
Getting to Know You: Towards a Capability Model for Java.
 [Online-Edition: http://doi.acm.org/10.1145/2786805.2786829]
In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, New York, NY, USA. In: ESEC/FSE 2015 . ACM , New York, NY, USA
[ Conference item] , (2015)

Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben :
A Vulnerability's Lifetime: Enhancing Version Information in CVE Databases.
 [Online-Edition: http://doi.acm.org/10.1145/2809563.2809612]
In: Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, New York, NY, USA. In: i-KNOW '15 . ACM , New York, NY, USA
[ Conference item] , (2015)

Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben :
A vulnerability's lifetime: enhancing version information in CVE databases.
 [Online-Edition: http://doi.acm.org/10.1145/2809563.2809612]
In: Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, I-KNOW '15, Graz, Austria, October 21-23, 2015.
[ Conference item] , (2015)

2014

Lerch, Johannes ; Hermann, Ben ; Bodden, Eric ; Mezini, Mira :
FlowTwist: Efficient Context-sensitive Inside-out Taint Analysis for Large Codebases.
 [Online-Edition: http://doi.acm.org/10.1145/2635868.2635878]
In: Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering. In: FSE 2014 . ACM , New York, NY, USA
[ Conference item] , (2014)

Eichberg, Michael ; Hermann, Ben :
A Software Product Line for Static Analyses: The OPAL Framework.
 [Online-Edition: http://doi.acm.org/10.1145/2614628.2614630]
In: Proceedings of the 3rd ACM SIGPLAN International Workshop on the State of the Art in Java Program Analysis, New York, NY, USA. In: SOAP '14 . ACM , New York, NY, USA
[ Conference item] , (2014)

2013

Bodden, Eric ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira :
Reducing human factors in software security architectures.
 [Online-Edition: http://www.bodden.de/pubs/blh+13reducing.pdf]
In: Future Security Conference 2013.
[ Conference item] , (2013)

This list was generated on Mon Mar 18 06:09:51 2019 CET.