uni-potsdam.de

You are using an old browser with security vulnerabilities and can not use the features of this website.

Here you will see how you can easily upgrade your browser.

Publications

Journal Articles

2014

  1. Snelting, G.; Giffhorn, D.; Graf, J.; Hammer, C.; Hecker, M.; Mohr, M. and Wasserrab, D. Checking Probabilistic Noninterference Using JOANA.  In it - Information Technology, 56 (6): 280-287, 2014. doi 

2012

  1. Dolby, J.; Hammer, C.; Marino, D.; Tip, F.; Vaziri, M. and Vitek, J. A data-centric approach to synchronization.  In ACM Trans. Program. Lang. Syst., 34 (1): 4:1-4:48, 2012.

2009

  1. Hammer, C. and Snelting, G. Flow-Sensitive, Context-Sensitive, and Object-sensitive Information Flow Control Based on Program Dependence Graphs.  In International Journal of Information Security, 8 (6): 399-422, 2009.
  2. Giffhorn, D. and Hammer, C. Precise Slicing of Concurrent Programs -- An Evaluation of Precise Slicing Algorithms for Concurrent Programs.  In Journal of Automated Software Engineering, 16 (2): 197-234, 2009.

In Collections

2017

  1. Bichhawat, A.; Rajani, V.; Garg, D. and Hammer, C. WebPol: Fine-grained Information Flow Policies for Web Browsers. Accepted for publication at ESORICS 2017.
  2. Welearegai, G. and Hammer, C. Optimized Automatic Sanitizer Placement.  In Engineering Secure Software and Systems, pages 1-10, Springer, LNCS 10379, 2017.

2015

  1. Pfaff, D.; Hack, S. and Hammer, C. Learning How to Prevent Return-Oriented Programming Efficiently.  In Engineering Secure Software and Systems, pages 68-85, Springer, LNCS 8978, 2015.

2014

  1. Bichhawat, A.; Rajani, V.; Garg, D. and Hammer, C. Information Flow Control in WebKit's JavaScript Bytecode.  In Proc. 3rd Conference on Principles of Security and Trust (POST 2014), pages 159-178, Springer, LNCS 8414, 2014.

2013

  1. Bodden, E.; Schneider, M.; Kreutzer, M.; Mezini, M.; Hammer, C.; Zeller, A.; Achenbach, D.; Huber, M. and Kraschewski, D.Entwicklung sicherer Software durch Security by Design.  In SIT-TR-2013-01, Fraunhofer SIT, 2013.
  2. Backes, M.; Gerling, S.; Hammer, C.; Maffei, M. and Styp-Rekowsky, P. v. AppGuard - Enforcing User Requirements on Android Apps.  In 19th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), pages 545-550, Springer, LNCS 7795, 2013.
  3. Styp-Rekowsky, P. v.; Gerling, S.; Backes, M. and Hammer, C. Callee-site Rewriting of Sealed System Libraries.  In International Symposium on Engineering Secure Software and Systems (ESSoS'13), pages 33-41, Springer, LNCS 7781, 2013.

2012

  1. Sumner, W. N.; Hammer, C. and Dolby, J. Marathon: Detecting Atomic-Set Serializability Violations with Conflict Graphs.  In RV'11: Proc. 2nd International Conference on Runtime Verification, pages 161-176, Springer, LNCS 7186, 2012.

In Proceedings

2016

  1. Backes, M.; Bugiel, S.; Derr, E.; Gerling, S. and Hammer, C. R-Droid: Leveraging Android App Analysis with Static Slice Optimization.  In 11th ACM Symposium on Information, Computer and Communications Security (AsiaCCS'16), 2016.
  2. Backes, M.; Hammer, C.; Pfaff, D. and Skoruppa, M. Implementation-level Analysis of the JavaScript Helios Voting Client.  In 31st ACM Symposium on Applied Computing (SAC'16), 2016.

2015

  1. Backes, M.; Bugiel, S.; Hammer, C.; Schranz, O. and Styp-Rekowsky, P. v. Boxify: Full-fledged App Sandboxing for Stock Android. In 24th USENIX Security Symposium (USENIX Security 15), USENIX Association, Washington, D.C., 2015.
  2. Rajani, V.; Bichhawat, A.; Garg, D. and Hammer, C. Information Flow Control for Event Handling and the DOM in Web Browsers.  In 28th IEEE Computer Security Foundations SymposiumIEEE Computer Society, 2015.

2014

  1. Bichhawat, A.; Rajani, V.; Garg, D. and Hammer, C. Generalizing Permissive-Upgrade in Dynamic Information Flow Analysis.  In Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security, pages 15:15-15:24, ACM, New York, NY, USA, PLAS'14 , 2014.
  2. Bichhawat, A. Exception Handling for Dynamic Information Flow Control.  In Companion Proceedings of the 36th International Conference on Software Engineering (Student Research Competition), pages 718-720, ACM, New York, NY, USA, ICSE Companion 2014 , 2014.
  3. Backes, M.; Gerling, S.; Hammer, C.; Maffei, M. and Styp-Rekowsky, P. v. AppGuard -- Fine-grained Policy Enforcement for Untrusted Android Applications.  In 8th International Workshop on Data Privacy Management (DPM'13), pages 1-19, LNCS 8247, 2014.

2013

  1. Richards, G.; Hammer, C.; Zappa Nardelli, F.; Jagannathan, S. and Vitek, J. Flexible Access Control for JavaScript.  In Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages and applications, pages 305-322, ACM, New York, NY, USA, OOPSLA '13 , 2013.
  2. Bugiel, S.; Derr, E.; Gerling, S. and Hammer, C. Advances in Mobile Security.  In 8th Future Security - Security Research Conference, pages 286-295, Fraunhofer Verlag, 2013.
  3. Marino, D.; Hammer, C.; Dolby, J.; Vaziri, M.; Tip, F. and Vitek, J. Detecting Deadlock in Programs with Data-Centric Synchronization.  In ICSE '13: Proceedings of the 35th International Conference on Software Engineering, pages 322-311, 2013.
  4. Hammer, C. Efficient Algorithms for Control Closures.  In 1st International Workshop on Interference and Dependence, 2013.

2011

  1. Just, S.; Cleary, A.; Shirley, B. and Hammer, C. Information flow analysis for JavaScript.  In Proceedings of the 1st ACM SIGPLAN international workshop on Programming language and systems technologies for internet clients, pages 9-18, ACM, New York, NY, USA, PLASTIC '11 , 2011.
  2. Richards, G.; Hammer, C.; Burg, B. and Vitek, J. The Eval that Men Do -- A Large-scale Study of the Use of Eval in JavaScript Applications.  In ECOOP'11: Proceedings of the 25th European Conference on Object-Oriented Programming, pages 52-78, Springer, LNCS 6813, 2011.

2010

  1. Vaziri, M.; Tip, F.; Dolby, J.; Hammer, C. and Vitek, J. A Type System for Data-Centric Synchronization.  In ECOOP '10: Proceedings of the 24th European Conference on Object-Oriented Programming, pages 304-328, Springer, LNCS 6183, 2010.
  2. Hammer, C. Experiences with PDG-based IFC.  In International Symposium on Engineering Secure Software and Systems (ESSoS'10), pages 44-60, Springer, LNCS 5965, 2010.

2008

  1. Giffhorn, D. and Hammer, C. Precise Analysis of Java Programs using JOANA (Tool Demonstration).  In Proc. 8th IEEE International Working Conference on Source Code Analysis and Manipulation, pages 267-268, 2008.
  2. Hammer, C.; Schaade, R. and Snelting, G. Static path conditions for Java.  In PLAS '08: Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security, pages 57-66, ACM, New York, NY, USA, 2008.
  3. Hammer, C.; Dolby, J.; Vaziri, M. and Tip, F. Dynamic detection of atomic-set-serializability violations.  In ICSE '08: Proceedings of the 30th international conference on Software engineering, pages 231-240, ACM, New York, NY, USA, 2008.

2007

  1. Giffhorn, D. and Hammer, C. An Evaluation of Precise Slicing Algorithms for Concurrent Programs.  In SCAM'07: Seventh IEEE International Working Conference on Source Code Analysis and Manipulation, pages 17-26, Paris, France, 2007.

2006

  1. Hammer, C.; Krinke, J. and Snelting, G. Information Flow Control for Java Based on Path Conditions in Dependence Graphs.  In Proc. IEEE International Symposium on Secure Software Engineering (ISSSE'06), pages 87-96, 2006.
  2. Hammer, C.; Krinke, J. and Nodes, F. Intransitive Noninterference in Dependence Graphs.  In Proc. Second International Symposium on Leveraging Application of Formal Methods, Verification and Validation (ISoLA 2006), pages 119-128, IEEE Computer Society, Washington, DC, USA, 2006.
  3. Hammer, C.; Grimme, M. and Krinke, J. Dynamic path conditions in dependence graphs.  In PEPM '06: Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation, pages 58-67, ACM Press, New York, NY, USA, 2006.

2004

  1. Hammer, C. and Snelting, G. An improved slicer for Java.  In PASTE '04: Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, pages 17-22, ACM Press, New York, NY, USA, 2004.

PhD Theses

2009

  1. Hammer, C. Information Flow Control for Java - A Comprehensive Approach based on Path Conditions in Dependence Graphs. Ph.D. Thesis, Universit"at Karlsruhe (TH), Fak. f. Informatik, 2009.

Conference Proceedings

2012

  1. Hammer, C.; Dolby, J. and Gowri, M., ed. Proceedings of the Workshop on JavaScript Tools.  ACM, 2012. www 

Technical Reports

2013

  1. Backes, M.; Gerling, S.; Hammer, C.; Maffei, M. and Styp-Rekowsky, P. v. AppGuard -- Fine-grained Policy Enforcement for Untrusted Android Applications. Technical Report A/02/2013, Saarland University, Computer Science, 2013.

2012

  1. Marino, D.; Hammer, C.; Dolby, J.; Vaziri, M.; Tip, F. and Vitek, J. Detecting Deadlock in Programs with Data-Centric Synchronization. Technical Report RC25300, IBM Research Report, 2012.
  2. Backes, M.; Gerling, S.; Hammer, C.; Maffei, M. and Styp-Rekowsky, P. v. AppGuard - Real-time Policy Enforcement for Third-Party Applications. Technical Report A/02/2012, Saarland University, Computer Science, 2012.

2011

  1. Dolby, J.; Hammer, C.; Marino, D.; Tip, F.; Vaziri, M. and Vitek, J. A data-centric approach to synchronization. Technical Report RC25106, IBM Research Report, 2011.

2008

  1. Hammer, C. and Snelting, G. Flow-Sensitive, Context-Sensitive, and Object-sensitive Information Flow Control Based on Program Dependence Graphs. Technical Report 2008-16, Fakult"at f"ur Informatik, Universit"at Karlsruhe (TH), Germany, 2008.