Publications

2022

Lorenz Hüther, Bernhard J. Berger, Stefan Edelkamp, Sebastian Eken, Lara Luhrmann, Hendrik Rothe, Marcus-Sebastian Schröder and Karsten Sohr. Machine Learning in the Context of Static Application Security Testing - ML-SAST. Editor: Federal Office for Information Security, 2022. Online

Christina Plump, Bernhard J. Berger and Rolf Drechsler. Using density of training data to improve evolutionary algorithms with approximative fitness functions. In 2022 IEEE Congress on Evolutionary Computation (CEC), 2022. DOI

Christina Plump, Bernhard J. Berger and Rolf Drechsler. Adapting mutation and recombination operators to range-aware relations in real-world application data. In The Genetic and Evolutionary Computation Conference (GECCO Companion), 2022. DOI

Bernhard J. Berger. Automatic detection of architectural security flaws. Doctoral Thesis, 2022. DOI

Christina Plump, Bernhard J. Berger and Rolf Drechsler. Choosing the right technique for the right restriction - a domain-specific approach for enforcing search-space restrictions in evolutionary algorithms. In Proceedings of the 8th International Conference on Dynamics in Logistics – LDIC 2022, 2022. DOI

2021

Marc Asendorf, Hasanur Jaman Seam, Christian Maeder, Salva Daneshgadeh Çakmakçı and Bernhard J. Berger. Where are my containers?. In Proceedings of the first European Workshop on Maritime Systems Resilience and Security (MARESEC 2021), 2021. DOI

Bernhard J. Berger, Christian Maeder and Salva Daneshgadeh Çakmakçı. Threat Modeling Knowledge for the Maritime Community. In Proceedings of the first European Workshop on Maritime Systems Resilience and Security (MARESEC 2021), 2021. DOI

Rodrigue W. Nguempnang, Bernhard J. Berger and Karsten Sohr. eNYPD - Entry Points Detector - Jakarta Server Faces Use Case. In Proceedings of the 21th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), IEEE Computer Society Press, 2021. DOI

Christina Plump, Bernhard J. Berger, Rolf Drechsler. Improving Evolutionary Algorithms by Enhancing an Approximative Fitness Function Through Prediction Intervals. In 2021 IEEE Congress on Evolutionary Computation (CEC), 2021. DOI

Christina Plump, Bernhard J. Berger, Rolf Drechsler. Domain-driven Correlation-aware Recombination and Mutation Operators for Complex Real-world Applications. In 2021 IEEE Congress on Evolutionary Computation (CEC), 2021. DOI

2020

Bernhard J. Berger, Rodrigue W. Nguempnang, Karsten Sohr and Rainer Koschke. Static Extraction of Enforced Authorization Policies - SeeAuthz. In Proceedings of the 20th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), IEEE Computer Society Press, 2020. DOI

2019

Bernhard J. Berger, Karsten Sohr, Rainer Koschke. The Architectural Security Tool Suite - ArchSec. In Proceedings of the 19th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), Cleveland, Ohio, 2019. DOI Best Engineering Paper Award.

Bernhard J. Berger, Christian Maeder, Rodrigue W. Nguempnang, Karsten Sohr, Carlos E. Rubio-Medrano. Towards Effective Verification of Multi-Model Access Control Properties. In Proceedings of the 24th ACM Symposium on Access Control Models and Technologies (SACMAT 2019), Toronto, Kanada, 2019. DOI

2018

Rainer Koschke, Urs-Bjoern Schmidt, Bernhard J. Berger. Built-in Clone Detection in Meta Languages. In Proceedings of the Conference on Source Code Analysis and Manipulation (SCAM), IEEE Computer Society Press, 2018. DOI

2016

Bernhard J. Berger, Karsten Sohr and Rainer Koschke. Automatically Extracting Threats from Extended Data Flow Diagrams. In Proceedings of the 8th International Symposium on Engineering Secure Software and Systems (ESSoS), London, April, 2016. DOI

2015

Marc-Andre Laverdiere, Bernhard J. Berger and Ettore Merlot. Taint Analysis of Manual Service Compositions using Cross-Application Call Graphs. In 22nd International Conference on Software Analysis, Evolution and Reengineering (SANER), 2015, IEEE Computer Society Press, 2015. DOI

2014

Bernhard J. Berger and Karsten Sohr and Udo H. Kalinna. Architekturelle Sicherheitsanalyse für Android. In D-A-CH Security 2014: Bestandsaufnahme - Konzepte - Anwendungen - Perspektiven, SysSec, 2014.

Steffen Bartsch, Bernhard J. Berger, Eric Bodden, Achim D. Brucker, Jens Heider, Mehmet Kus, Sönke Maseberg, Karsten Sohr and Melanie Volkamer. Zertifizierte Datensicherheit für Android-Anwendungen auf Basis statischer Programmanalysen. In GI Sicherheit 2014, Lecture Notes in Informatics, GI, 2014.

2013

Steffen Bartsch, Bernhard J. Berger, Michaela Bunke and Karsten Sohr. The Transitivity-of-Trust Problem in Android Application Interaction. In Proceedings of the 8th International Conference on Availability, Reliability and Security, 2013 DOI.

Bernhard J. Berger, Karsten Sohr and Rainer Koschke. Extracting and Analyzing the Implemented Security Architecture of Business Applications. In Proceedings of the 17th European Conference on Software Maintenance and Reengineering, IEEE Computer Society Press, 2013. DOI

2012

Bernhard J. Berger and Karsten Sohr. An Approach to Detecting Inter-Session Data Flow Induced by Object Pooling. In Information Security and Privacy Research - IFIP Advances in Information and Communication Technology, Volume 376/2012, Springer, 2012. DOI

2011

Bernhard J. Berger, Michaela Bunke and Karsten Sohr. An Android Security Case Study with Bauhaus. In Proceedings of the 18th Working Conference on Reverse Engineering. IEEE Computer Society, 2011. DOI

Bernhard J. Berger and Michaela Bunke. Software Security Comprehension. In WSR 2011 / Softwaretechnik-Trends, 31(2), 2011.

2010

Karsten Sohr and Bernhard J. Berger. Idea: Towards Architecture-Centric Security Analysis of Software. In Proceedings of the Second International Symposium on Engineering Secure Software and Systems (ESSoS). Springer, 2010. DOI

2008

Bernhard J. Berger, Rainer Koschke. Reduzierung der Programmgröße durch Klonerkennung. In GI Jahrestagung(2). Gesellschaft für Informatik, 2008.

2007

Bernhard J. Berger. Klonmanagement: Klonerkennung für eingebettete Systeme. Diploma Thesis, Universität Bremen, 2007.

Updated: