Andreas Dann

Andreas Dann

Security Researcher

Biography

I’m currently finishing my Ph.D. as an external research associate in the Secure Software Engineering Group, advised by Prof. Dr. Eric Bodden and Prof. Dr. Ben Hermann at Paderborn. I received an MSc in Computer Science from Paderborn University in 2016.

My research comprises the detection of vulnerable open-source libraries, evaluating their usage, and providing automated approaches for updating them by applying static code analysis and empirical software engineering methods.

While persuing my Ph.D., I’ve been Co-Founder at CodeShield GmbH and an AWS community builder.

Interests
  • Static Code Analysis
  • Open-Source Software Security
  • Software Supply Chain Security
Education
  • PhD Student in Computer Science, 2016

    Paderborn University

  • MSc in Computer Science, 2016

    Paderborn University

  • BSc in Computer Science, 2013

    Paderborn University

Skills

Languages: Java, Python (beginner), Neo4j, PostgresSQL
Frontend: HTML, Bootstrap
CI/CD: AWS, Docker, Gitlab CI, Jenkins
DataScience: Jupyter, Pandas
Static Code Analysis: Soot, WALA, JavaParser, Eclipse Steady

Recent Publications

Quickly discover relevant content by filtering publications.
(2023). UpCy: Safely Updating Outdated Dependencies. 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE).

Cite DOI

(2022). Blinder Alarm: Kontext als Schlüssel zur sicheren Cloud. Heise Online.

URL

(2021). Identifying Challenges for OSS Vulnerability Scanners - A Study amp; Test Suite. IEEE Transactions on Software Engineering.

Cite DOI

(2021). ModGuard : Identifying Integrity amp; Confidentiality Violations in Java Modules. IEEE Transactions on Software Engineering.

Cite DOI

(2021). Presentation - ModGuard: Identifying Integrity & Confidentiality Violations in Java Modules. Software Engineering 2021.

Cite

(2019). SootDiff: Bytecode Comparison across Different Java Compilers. Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis.

Cite DOI URL

(2014). Modellierung von Hardwareplattformen für die modellgetriebene Softwareentwicklung. Informatiktage 2014 - Big (Data) is beautiful.

Cite

(2014). Viewpoints and Views in Hardware Platform Modeling for Safe Deployment. Proceedings of the 2nd Workshop on View-Based, Aspect-Oriented and Orthographic Software Modelling.

Cite DOI URL

Academic Services

  • Reviewer, ACM Transactions on Software Engineering and Methodology (TOSEM), 2022.

  • Reviewer, ACM Transactions on Software Engineering and Methodology (TOSEM), 2021.

  • Student Volunteer, Joint Meeting of the European Software Engineering Conference and the ACM Sigsoft Symposium on the Foundations of Software Engineering (ESEC/FSE), 2017.

Contact