Leonid Glanz M.Sc.
A common threat for all these detections is obfuscation, because it hides control and data structures by transforming them to unreadable bits and bytes.
My work reverses and restructures the obfuscated code into a machine and human readable form.
Thereby I use different techniques, such as string analysis, static analysis, machine learning, and abstract interpretation.
I am a member of CRISP. The core focus of CRISP is the topic “Security at Large”.
Through this, CRISP is pursuing an entirely new objective and redefining the focus of research conducted at Darmstadt, taking developments in diverse fields of application into account.
Cybersecurity research to date has generally only considered isolated characteristics and moderately sized systems. CRISP sets out to research security for large systems – from their individual components all the way up to their interaction within comprehensive security solutions.
The research areas “Secure Internet Infrastructure” and “Secure Web Applications” are both flagship projects at CRISP.
Smartphone users generally expect that apps, which they download from big app stores, are safe to use. That is, the apps are not used for criminal activities, do not pose security issues and do not violate their privacy. Theses expectations are even heightened if the apps are marketed as apps for families or specifically children.
However, past research has shown that these expectations are often violated. Current approaches to detect violating apps, which use techniques such as code signatures and monitoring of the internet communication while the app is monkey tested, have shown to be insufficient to reliably detect such apps. In general, the analysis of apps is complicated by the prevalent obfuscation of the code of apps.
The goal of this research is to develop a tool that will help – in the presence of obfuscated code – to identify apps which pose security or privacy issues or which may use the phone for other criminal activities.
I am a member of the team that implements the tool to identify apps with security and privacy issues.
At the Open Digital Lab students, scientists and even companies can learn how to develop and at the same time secure, innovative applications and solutions in the areas of cybersecurity, big data analytics, and artificial intelligence. Because the threat of potential cyber attacks is becoming increasingly important, the protection of individual devices, enterprise networks, and critical infrastructures is a far-reaching concern that can only be implemented with specialized knowledge and methods.
For this endeavor, IBM will provide a platform for exchanging security information (X-Force Exchange) in addition to a variety of cloud services, which enables it to detect even complex threat scenarios.
Under the terms of the agreement, both partners plan to create an open facility with the lab that will give industry, students, and researchers in the region the opportunity to work together to deliver innovative ideas, while meeting growing security needs.
I am a member of PEAKS. PEAKS is an acronym for “Platform for the Efficient Analysis and Secure Composition of Software Components”
A fundamental building block in making software engineering more efficient is the reuse of existing components and libraries. Applications are composed of a stack of libraries in conjunction with the respective business code. But as the code of the libraries becomes a part of the control flow of the application, it will run in the same process and thus in the same security context as the main application regardless of the actual need for such a privilege. We aim to build a tool to detect these unnecessary permissions in software libraries and to recommend procedures to limit these privileges or their impact.
I am a member of the ACCEPT Project. The overall goal of ACCEPT is the development of a new approaches for security related anomaly detection, -analysis and -treatment in virtual computer systems. The detection of anomalies are performed to identify previously known and unknown security problems and especially suited for virtual computer system risks.
Number of items: 4.
Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Mezini, Mira
Glanz, Leonid ; Amann, Sven ; Eichberg, Michael ; Reif, Michael ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira
Eichberg, Michael ; Hermann, Ben ; Mezini, Mira ; Glanz, Leonid
Glanz, Leonid ; Schmidt, Sebastian ; Wollny, Sebastian ; Hermann, Ben