Software Engineering

Prof. Dr.-Ing. Christian Hammer

Announcement for the Research Seminar

Service and Software Engineering in WS 2016 / 2017

Instructor:	Prof. Dr.-Ing. Christian Hammer
Course of Studies:	Bachelor and Master
Course Material:	Slides and papers suggested during the course
Language:	English
SWS:	2
Credits:	3

Enrollment and Submissions:

In accordance with the provisions of the Institute for Computer Science Instituts für Informatik, the enrollment and course assignments are handled electronically:

https://puls.sb-portal.uni-potsdam.de.

Schedule:

Day	Timing	Room	Beginning	Lecturer
Thursday	10:15-11:45	3.04.0.02	20.10¹⁾	Christian Hammer

Note:: ¹⁾ Christmas holidays from 22.12.2016 to 29.12.2016

Content:: This seminar will cover static and dynamic approaches to enforce security policies in programs, in particular on platforms like the Web or Android. Examples are standard notions like safety properties or noninterference that e.g. guarantee that no secret may leak to public output and related concepts.

Events:

20.10.2016	Abhishek Tiwari	~~Applying Privacy Case Law to the Right to be Forgotten~~
27.10.2016	Kai Wallisch	Thoth: Comprehensive Policy Compliance in Data Retrieval Systems
03.11.2016	Mohammadreza Ashouri	Automatic Exploit Generation
10.11.2016	Abhishek Tiwari	End-to-End Verification of Information-Flow Security for C and Assembly Programs
17.11.2016	Kai Wallisch	Policy auditing over incomplete logs: theory, implementation and applications
24.11.2016	Gebrehiwet Biyane	Correlation Tracking for Points-To Analysis of JavaScript
01.12.2016	Frederick Brumm	liquid documentation - automatic documentation generation in a large software system.
08.12.2016	Mohammadreza Ashouri	CRiOS: Toward Large-Scale iOS Application Analysis
15.12.2016	Klaus Mueller	Using JOANA for Information Flow Control in Java Programs.
12.01.2017	Marlou Schweitzer	AndroidLeaks: Automatically Detecting Potential Privacy Leaks In Android Applications on a Large Scale.
19.01.2017	Gebrehiwet Biyane	Precise Interprocedural Dataflow Analysis via Graph Reachability.
26.01.2017	Kapelle	Analyzing inter app communication in Android.
09.02.2017	Abhishek Tiwari	How to present good research talks.

Papers:

R-Droid	Leveraging Android App Analysis with Static Slice Optimization.
DexHunter	Towards extracting Hidden Code from packed Android Applications
DroidSafe	Information-Flow Analysis of Android Applications in DroidSafe.
SCanDroid	Automated Security Certification of Android Applications.
JOANA	Using JOANA for Information Flow Control in Java Programs.
FlowDroid	Precise Context, Flow, Field, Object-Sensitive and Lifecycle-aware Taint Analysis for Android Apps.
AndroidLeaks	Automatically Detecting Potential Privacy Leaks in Android Applications on a large scale.
DroidDisintegrator	Intra-Application Information Flow Control in Android Apps.
Amandroid	A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps.
Inter-App Communication	Analyzing inter app communication in Android.

Criteria for Obtaining Credit Points:: In order to get the credits, students will have to present at least one of the given paper at the end of the semester. In order to get the initial reviews for the slides, students have to send their slides two weeks before to their actual presentation date.