Auflistung nach Autor:in "Dann, Andreas"
1 - 3 von 3
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragIdentifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary)(Software Engineering 2022, 2022) Dann, Andreas; Plate, Henrik; Hermann, Ben; Ponta, Serena Elisa; Bodden, EricThis short paper presents a study investigating the impact of typical development practices, like re-compilation, re-bundling, on the performance of vulnerability scanners to detect known vulnerabilities in used open-source dependencies. In particular, the paper studies (i) types of modifications that affect the detection of vulnerable open-source dependencies and (ii) their impact on the performance of vulnerability scanners through an empirical study on 7024 Java projects developed at SAP.
- ConferencePaperModGuard: Identifying Integrity & Confidentiality Violations in Java Modules(Software Engineering 2021, 2021) Dann, Andreas; Hermann, Ben; Bodden, EricThis short paper presents a static analysis for the novel challenge of analyzing Java modules. Since modules have only been recently introduced with Java 9, we point out the impact of modules both from the security and the static code analysis perspective. In particular, we introduce a static analysis that allows developers to assess if a module successfully encapsulates internal data, along with a formal definition of a module's entrypoints.
- KonferenzbeitragUpCy: Safely Updating Outdated Dependencies (Summary)(Software Engineering 2024 (SE 2024), 2024) Dann, Andreas; Hermann, Ben; Bodden, Eric