Dr.-Ing. Jürgen Graf

	Contact	IPD Prof. Snelting Room 022, Building 50.34 Am Fasanengarten 5 76131 Karlsruhe Germany
	Consultation Hours: Di 13-14h oder nach Vereinbarung

Research interests

Speeding up slicing

Currently I'm interested in finding new ways to speed up interprocedural dependence graph creation by using modular analysis.

Research prototypes

The JOANA information flow framework for Java programs is available for research purposes at http://joana.ipd.kit.edu/.

The non-interference analysis for the client server encryption example of the CSF 2012 paper is available at https://github.com/jgf/crypto-client-ifc. It also contains a simple interface to our ifc tools (Joana), so you can try to modifiy it to analyze your own code.

Courses

• Übungsschein: Programmieren für Wiederholer , Sommersemester 2012
• Seminary: Software security , Sommersemester 2011
• Lecture: Software Engineering Practice: DivingComputerApp - Security-sensitive Applications for Android , Wintersemester 2010/2011
• Übungsschein: Programmieren für Wiederholer , Sommersemester 2010
• Lecture: Programmieren , Wintersemester 2009/2010
• Tutorial: Tutorien zu Programmieren , Wintersemester 2009/2010
• Common Excercises: Übungen zu Compiler II , Sommersemester 2009
• Laboratory: Compilerpraktikum , Sommersemester 2009

Publications

2018

• Low-Deterministic Security For Low-Nondeterministic Programs
  Journal of Computer Security 2018, pp. 335--366 : S. Bischof, J. Breitner, J. Graf, M. Hecker, M. Mohr, G. Snelting

2016

• Information Flow Control with System Dependence Graphs -- Improving Modularity, Scalability and Precision for Object Oriented Languages
  November 2016 : J. Graf
• On Improvements Of Low-Deterministic Security
  Principles of Security and Trust - 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2-8, 2016, Proceedings 2016, pp. 68--88 (POST 16) : J. Breitner, J. Graf, M. Hecker, M. Mohr, G. Snelting
• Sicherheitsanalyse mit JOANA
  Sicherheit 2016: Sicherheit, Schutz und Zuverl{\"A}ssigkeit, Beitr{\"A}ge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft f{\"U}r Informatik e.V. (GI), 5.-7. April 2016, Bonn 2016, pp. 11--22 : J. Graf, M. Hecker, M. Mohr, G. Snelting
• Tool Demonstration: JOANA
  Principles of Security and Trust - 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2-8, 2016, Proceedings 2016, pp. 89--93 (POST 16) : J. Graf, M. Hecker, M. Mohr, G. Snelting

2015

• Checking Applications using Security APIs with JOANA
  July 2015 (ASA 2015) : J. Graf, M. Hecker, M. Mohr, G. Snelting
• JoDroid: Adding Android Support to a Static Information Flow Control Tool
  Gemeinsamer Tagungsband der Workshops der Tagung Software Engineering 2015, Dresden, Germany, 17.-18. M{\"A}rz 2015. 2015, pp. 140--145 : M. Mohr, J. Graf, M. Hecker

2014

• Checking Probabilistic Noninterference Using JOANA
  it - Information Technology November 2014, pp. 280--287 : G. Snelting, D. Giffhorn, J. Graf, C. Hammer, M. Hecker, M. Mohr, D. Wasserrab
• Extending and Applying a Framework for the Cryptographic Verification of Java Programs
  Principles of Security and Trust, POST 2014, Part of ETAPS 2014, Grenoble, France, April 5-13, 2014 2014, pp. 220--239 (POST 14) : R. Küsters, E. Scapin, T. Truderung, J. Graf
• (accompanying technical report) Extending and Applying a Framework for the Cryptographic Verification of Java Programs.
  2014 : R. Küsters, E. Scapin, T. Truderung, J. Graf

2013

• A Hybrid Approach for Proving Noninterference and Applications to the Cryptographic Verification of Java Programs
  April 2013 (GRSRD 2013) : R. Küsters, T. Truderung, B. Beckert, D. Bruns, J. Graf, C. Scheben
• Using JOANA for Information Flow Control in Java Programs - A Practical Guide
  Proceedings of the 6th Working Conference on Programming Languages (ATPS'13) February 2013, pp. 123--138 (ATPS 2013) : J. Graf, M. Hecker, M. Mohr
• Lock-sensitive Interference Analysis for Java: Combining Program Dependence Graphs with Dynamic Pushdown Networks
  January 2013 (ID 2013) : J. Graf, M. Hecker, M. Mohr, B. Nordhoff

2012

• A Framework for the Cryptographic Verification of Java-like Programs
  Computer Security Foundations Symposium (CSF), 2012 IEEE 25th June 2012 (CSF 2012) : R. Küsters, T. Truderung, J. Graf
• (accompanying technical report) A Framework for the Cryptographic Verification of Java-like Programs
  March 2012 : R. Küsters, T. Truderung, J. Graf
• Using JOANA for Information Flow Control in Java Programs - A Practical Guide
  Karlsruhe Reports in Informatics 2012 : J. Graf, M. Hecker, M. Mohr

2010

• Speeding up context-, object- and field-sensitive SDG generation
  9th IEEE International Working Conference on Source Code Analysis and Manipulation September 2010, pp. 105--114 (SCAM 2010) : J. Graf

2009

• Improving and Evaluating the Scalability of Precise System Dependence Graphs for Objectoriented Languages
  2009 : J. Graf

2005

• Using Pointcut Delta Analysis to Support Evolution of Aspect-Oriented Software
  International Conference on Software Maintenance 2005 (ICSM 2005) : M. Störzer, J. Graf

Projects

• IFC for Mobile Components
• JOANA Framework Open-Source
• VALSOFT/Joana

Advised thesis projects

finished

• Automated Model Generation for the Lifecycle of Android Applications, Diploma thesis
• Comparing Algorithmic and Logic based Points-to Analyses , Diploma thesis
• Android bytecode: Dalvik frontend for program analysis tool, bachelor/study thesis
• Eclipse-Plugin: Visualize Threadproperties, bachelor/study thesis
• Converting System Dependence Graphs from the CodeSurfer tool, bachelor/study thesis
• Dataflow analysis: Enhance controlflow precision for exceptions, study thesis