Tom Ganz

Latest Post

Oct 4, 2024

Privacy-Preserving Canvas Fingerprinting

Disclaimer: This post is more of a write-up and note-taking for my own exploration of HTML5 canvas fingerprinting and privacy-preserving techniques. How accurate are HTML5 canvas fingerprints? According to AmIUnique, only about 0.73% of users share the same canvas fingerprint as I do, highlighting its uniqueness. Canvas fingerprinting is a technique widely used in ad tracking and user identification systems and has recently been explored in risk-based authentication research 1. While there is extensive research into detecting and mitigating canvas fingerprinting, few studies have examined just how privacy-invasive these techniques are in practice. Read more

About

My name is Tom Ganz and I am currently living in London and working as a security engineer @Amazon. I am interested in computer security and machine learning. Feel free to send me an E-Mail using my PGP key.

Academical Merits

PhD Machine Learning and IT Security @Technical University of Berlin
Msc. Computer Science @University of Applied Sciences Karlsruhe
Bsc. Applied Computer Science @Corporate State University Karlsruhe

Patents

Directed fuzzing for vulnerability detection 2 US20240184892A1
Directed fuzzing for vulnerability detection 1 US20240184891A1

Publications

Tom Ganz: PhD Thesis: Software Defect Localization Using Explainable Deep Learning (TU Berlin 2024)
Felix Weißberg, Jonas Möller, Tom Ganz, Erik Imgrund, Lukas Pirch, Lukas Seidel, Moritz Schloegel, Thorsten Eisenhofer and Konrad Rieck: SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing (ASIACCS 2024)
Tom Ganz, Erik Imgrund, Martin Härterich, Konrad Rieck: PAVUDI: Patch-based Vulnerability Discovery using Machine Learning (ACSAC 2023)
Erik Imgrund, Tom Ganz, Martin Härterich, Lukas Pirch, Niklas Risse, Konrad Rieck: Broken Promises: Measuring Confounding Effects in Learning-based Vulnerability Discovery (CCS AISec 2023)
Tom Ganz, Erik Imgrund, Martin Härterich, Konrad Rieck: CodeGraphSMOTE - Data Augmentation for Vulnerability Discovery (DBSEC 2023)
Tom Ganz, Philipp Rall, Martin Härterich, Konrad Rieck: Hunting for Truth: Analyzing Explanation Methods in Learning-based Vulnerability Discovery (Euro S&P 2023)
Tom Ganz, Inaam Ashraf, Martin Härterich, Konrad Rieck: Detecting Backdoors in Collaboration Graphs of Software Repositories (CODASPY 2023)
Tom Ganz, Martin Härterich, Alexander Warnecke, Konrad Rieck: Explaining Graph Neural Networks for Vulnerability Discovery (CCS AISec 2021)

Academic Services

Reviews for IEEE Access
Subreviews for S&P
Reviews for CCS AISec

Other Stuff

Awards

AISec CCS Best Paper Award 2021

Invited Talks

@Memgraph Graph-based vulnerability discovery 2024
Cooperate State University Karlsruhe 2022: Lecturer for Compiler Engineering
SAP Conference on Machine Learning 2022: Explainable Fuzzing
SAP Conference on Machine Learning 2022: Graph Autoencoders - on the Hunt for Malicious Commits
SAP Development Kick-Off Meeting: Automated Analysis of Source Code Repositories using Machine Learning
SAP Conference on Machine Learning 2021: Intelligently Protect the Enterprise - What machines may learn about graphs in your software
SAP Security Expert Summit 2021: Intelligently Protect the Enterprise - What machines may learn about graphs in your software

Check out my LinkedIn to see my current CV.

Introduction theme for Hugo. Made with and by open source contributors.

Hi, I’m Tom

Latest Post

About