Anatoli Kalysch

Dr.-Ing. Anatoli Kalysch

Department of Computer Science
Chair of Computer Science 1 (IT Security Infrastructures)

Email: anatoli.kalysch@fau.de
Website: https://www.kalysch.com

About

I’m a security researcher in the field of mobile security associated with the IT Security Infrastructures Lab. Prior, I was a research fellow and Ph.D. candidate at Dr.-Ing. Tilo Müller’s System Security and Software Protection group here at the i1 lab. My main interests are authentication, app & backend security, and app hardening.

Research Interests

Machine Learning Approaches:

Supervised Learning;
Natural Language Processing;
Reinforcement Learning;

Mobile Security:

Application UI Security and Data Leakage;
Application Packers and Protectors;
Emulation and Analysis Detection;
Security of Cross-Compilation Frameworks;

Program Analysis Techniques:

Taint-tracking;
Code similarity measures;
Symbolic execution;
Fuzzing;

Obfuscation Techniques:

Virtualization-based Obfuscation;
Opaque Predicates;

Professional Activities

18th International Conference on Applied Cryptography and Network Security (ACNS 2020), SecMT2020 Track, Rome, Italy, Speaker (On the Evolution of Security Issues in Android App Versions)
15th International Conference on Availability, Reliability and Security (ARES 2020), Dublin, Ireland, PC Member
Lange Nacht der Wissenschaften 2019, Live Hacking Demonstration, Speaker alongside Dr.-Ing. Tilo Müller, Davide Bove, Marcel Busch, and Tobias Groß
14th International Conference on Availability, Reliability and Security (ARES 2019), Canterbury, UK, Speaker (The Internet Banking [in]Security Spiral)
Research visit (February / March 2019) at the Universidade Federal do Paraná (UFPR), Brazil, Visiting Researcher
14th International Conference on Availability, Reliability and Security (ARES 2019), Canterbury, UK, PC Member
2nd Reversing and Offensive-oriented Trends Symposium (ROOTS 2018), Vienna, Austria, Speaker (How Android’s UI Security is Undermined by Accessibility): [Watch] [Slides]
21st Information Security Conference (ISC 2018), Guildford, UK, Speaker (Lumus: Dynamically Uncovering Evasive Android Applications)
13th International Conference on Availability, Reliability and Security (ARES 2018), Hamburg, Germany, Speaker (Tackling Androids Native Library Malware with Robust, Efficient, and Accurate Similarity Measures) [Slides]
13th International Conference on Availability, Reliability and Security (ARES 2018), Hamburg, Germany, PC Member
RRZE 50 year anniversary (2018), Live Hacking Demonstration, Speaker alongside Dr.-Ing. Tilo Müller, Dr.-Ing. Johannes Götzfried, Marcel Busch, and Tobias Groß
FAUST-CTF 2017, Erlangen, Service Author (TempSense)
Lange Nacht der Wissenschaften 2017, Live Hacking Demonstration, Speaker alongside Dr.-Ing. Tilo Müller, Dr.-Ing. Johannes Götzfried, Marcel Busch, and Tobias Groß
12th International Conference on Availability, Reliability and Security (ARES 2017), Reggio Calabria, Italy, Speaker (VMAttack: Deobfuscating Virtualization-Based Packed Binaries)

Supervised Student Theses

(Master’s Thesis) An Empirical Study of Malicious Native Libraries on Android (WiSe2017)
(Master’s Thesis) Evaluating the Effectiveness of Machine Learning for Android Packer Detection and Classification (WiSe2017)
(Master’s Thesis) Clickjacking Revised: An Automated Framework for Clickjacking Attacks (SoSe2018)
(Master’s Thesis) Dismantling On-Device Android Malware Protection (SoSe2018)
(Bachelor’s Thesis) Android UI-Instrumentation for Malware Analysis and Forensic Trace Generation (WiSe2018)
(Bachelor’s Thesis) Automated Static Vulnerability Detection for Android Third Party Applications (WiSe2018)
(Master’s Thesis) Enhancing Malware Analysis Through Automated IR-based Functionality Extraction (WiSe2018)
(Bachelor’s Thesis) Android Inter-Process Communication Fuzzing (WiSe2018)
(Master’s Thesis) Opaque Predicate and Junk Code resistant Decompilation (WiSe2018)
(Master’s Thesis) Automated Entropy-Based Detection of Cryptographic Functions in Binaries (WiSe2018)
(Master’s Thesis) A Study on Code and Functionality Reuse among Android Mass Malware Families (WiSe2018)
(Bachelor’s Thesis) Code and Vulnerability Reuse in Android 3rd Party Frameworks and Applications (SoSe2019)
(Master’s Thesis) Virtualization-Based Android App Obfuscation (SoSe2019)
(Master’s Thesis) Deep Learning in Automated Vulnerability Assessments for Android Applications (WiSe2019)
(Master’s Thesis) A Common Baseline for the Comparison of Code Similarity Measures (SoSe2020)

Supervised Seminar Papers

Location obfuscation techniques on Android-based devices (WiSe2016)
An anonymity conscious analysis of selected available cryptocurrency solutions (SoSe2017)
Evolution of Clickjacking on Android (WiSe2017)
Malware Analysis for Android – An Overview (WiSe2017)
Architecture Centric Security Analysis (WiSe2017)
A Post-Quantum Cryptography-based Evaluation of Banking Frontends (WiSe2018)
Beyond Record and Replay – UI-based Android Application Testing (WiSe2018)
Automated and Machine Learning Approaches at Malware Analysis on Android (SoSe2019)
Systematischer Vergleich der Sicherheitsfeatures von Android and iOS (SoSe2019)

Teaching

IT Security Seminar [WiSe 16/17 | SoSe 17 | Wise 17/18 | SoSe 18 | WiSe 18/19 | SoSe 19 | WiSe 19/20 | SoSe 20], with Prof. Dr.-Ing. Felix Freiling
Proseminar [SoSe 17 | SoSe 18], with Dr. Werner Massonne and Prof. Dr.-Ing. Felix Freiling
Hackerpraktikum [WiSe 16/17 | Wise 17/18 | WiSe 18/19 | WiSe 19/20], with Dr.-Ing. Tilo Müller, Dr.-Ing. Johannes Götzfried, Dr.-Ing. Marcel Busch, Tobias Groß, Dr.-Ing. Vincent Haupert, Davide Bove and Ralph Palutke
Software Reverse Engineering (Role: Tutor) [SoSe 17 | SoSe 18 | SoSe 19 | SoSe 20], with Dr.-Ing. Tilo Müller
Reverse Engineering (Role: Tutor) [SoSe 17 | WiSe 18/19 | SoSe 19], with Dr. Werner Massonne
IT Forensics – Live Analysis (Role: Tutor) [SoSe 17 | SoSe 18 | SoSe 19 | SoSe 20], with Prof. Dr.-Ing. Felix Freiling
IT Security Lab for International Students [WiSe 18/19], with Dr.-Ing. Tilo Müller, Dr.-Ing. Johannes Götzfried, Dr.-Ing. Marcel Busch, Tobias Groß, Dr.-Ing. Vincent Haupert, and Ralph Palutke

PGP

ID:	F95069D5
SHA1 Fingerprint:	0470 4645 32E3 4C29 7732 7CFA 9B04 DCF8 F950 69D5
Public Key:	ASCII Armored

Publications

2022

Körber, M., Kalysch, A., Massonne, W., & Benenson, Z. (2022). Usability of Antivirus Tools in a Threat Detection Scenario. In Weizhi Meng, Simone Fischer-Hübner, Christian D. Jensen (Eds.), IFIP Advances in Information and Communication Technology (pp. 306-322). Copenhagen, DNK: Springer Science and Business Media Deutschland GmbH.

2020

Kalysch, A. (2020). Android Application Hardening: Attack Surface Reduction and IP Protection Mechanisms (Dissertation).
URL: https://opus4.kobv.de/opus4-fau/frontdoor/index/index/docId/14149
Kalysch, A., Deutel, M., & Müller, T. (2020). Template-based Android inter-process communication fuzzing. In Melanie Volkamer, Christian Wressnegger (Eds.), Proceedings of the 15th International Conference on Availability, Reliability and Security (pp. 1 - 6). Virtual Event, Dublin, Ireland: New York, United States: Association for Computing Machinery.
URL: https://dl.acm.org/doi/10.1145/3407023.3407052
Kalysch, A., Schilling, J., & Müller, T. (2020). On the Evolution of Security Issues in Android App Versions. In Jianying Zhou, Mauro Conti, Chuadhry Mujeeb Ahmed, Man Ho Au, Lejla Batina, Zhou Li, Jingqiang Lin, Eleonora Losiouk, Bo Luo, Suryadipta Majumdar, Weizhi Meng, Martín Ochoa, Stjepan Picek, Georgios Portokalidis, Cong Wang, Kehuan Zhang (Eds.), ACNS: International Conference on Applied Cryptography and Network Security. (pp. 523 - 541). Cham, Switzerland: Springer Nature Switzerland AG.
URL: https://link.springer.com/chapter/10.1007/978-3-030-61638-0_29

2019

Botacin, M., Kalysch, A., & Grégio, A. (2019). The Internet Banking [in]Security Spiral: Past, Present, and Future of Online Banking Protection Mechanisms based on a Brazilian case study. In Edgar Weippl, SBA Research, Austria A Min Tjoa, TU Vienna, Austria (Eds.), Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES 2019) (ARES ’19) (pp. 102 - 112). Canterbury, United Kingdom: New York, (NY), USA: Association for Computing Machinery.
Bove, D., & Kalysch, A. (2019). In pursuit of a secure UI: The cycle of breaking and fixing Android’s UI. it - Information Technology, Methods and Applications of Informatics and Information Technology. https://doi.org/10.1515/itit-2018-0023

2018

Afonso, V., Kalysch, A., Müller, T., Oliveira, D., Grégio, A., & De Geus, P.L. (2018). Lumus: Dynamically Uncovering Evasive Android Applications. In Liqun Chen, Mark Manulis, Steve Schneider (Eds.), Information Security - 21th International Conference (pp. 47-66). Guildford, UK: Guildford, UK: Springer.
URL: https://link.springer.com/chapter/10.1007/978-3-319-99136-8_3
Kalysch, A., Bove, D., & Müller, T. (2018). How Android’s UI Security is Undermined by Accessibility. In Proceedings of the 2nd Reversing and Offensive-oriented Trends Symposium (pp. 2:1--2:10). Vienna, AT: New York, NY, USA: ACM International Conference Proceedings Series (ICPS).
URL: https://dl.acm.org/citation.cfm?id=3289597
Kalysch, A., Milisterfer, O., Protsenko, M., & Müller, T. (2018). Tackling Android's Native Library Malware with Robust, Efficient and Accurate Similarity Measures. In ACM (Eds.), Proceedings of the 13th International Conference on Availability, Reliability and Security (pp. 58:1--58:10). Hamburg, Germany: Hamburg: Association for Computing Machinery.
URL: http://doi.acm.org/10.1145/3230833.3232828

2017

Kalysch, A., Götzfried, J., & Müller, T. (2017). VMAttack: Deobfuscating Virtualization-Based Packed Binaries. In 12th International Conference on Availability, Reliability and Security (pp. 2:1--2:10). Reggio Calabria, Italy: ACM.
URL: https://dl.acm.org/citation.cfm?doid=3098954.3098995