Tom Ganz

Latest Post

Oct 4, 2022

Short story about evading Antivirus Detection

Lately I came across an interesting paper where the authors use Reinforcement Learning (RL) to obfuscate malicious Portable Executable (PE) files to evade detection by antivirus (AV) scanners. The authors use actions as, for instance, random byte padding, packing the binary, adding benign strings to the .text section, modifying timestamps, adding function imports, etc… to obfuscate the binary file. After applying these actions, the modified PE file will be checked against an AV to see if the detection rate decreases. Read more

Sep 14, 2020

Brief introduction to Differentially Private Machine Learning

In this post, I want to briefly introduce Differential Privacy to you, which, in my honest opinion, needs to get more attention in the software developer community. During my Master thesis, I evaluated the use of Differential Privacy for Federated Learning (I might explain Federated Learning in another post). The Theory Differential Privacy, originally $\epsilon$-Differential Privacy (DP)1, is a way to secure the privacy of individuals in a statistical database. A statistical database is a database, where only aggregation functions like “sum”, “average”, “count”, et cetera… can be executed. Read more

Sep 4, 2020

3D-GAN

Did you ever wonder what it would look like if we combine a chair and an airplane? Turns out it doesn’t look that good. Before we get to this Chairplane, lets first outline this post’s topic: I am going to demonstrate you some possibilities of an 3D Generative Adversarial Network. That is: A GAN not applied to images, but to 3D Voxel objects. But what is a GAN? A GAN consists of two deep neural networks that try to game each other. Read more

All Posts

About

My name is Tom Ganz and I am currently living in Karlsruhe, Germany. I am currently pursuing my PhD in computer security and machine learning. Feel free to send me an E-Mail using my PGP key.

Academical Merits

Currently: PhD @SAP SE and TU Berlin
Msc. Computer Science @University of Applied Sciences Karlsruhe
Bsc. Applied Computer Science @Corporate State University Karlsruhe

Publications

Tom Ganz, Erik Imgrund, Martin Härterich, Konrad Rieck (2023): PAVUDI: Patch-based Vulnerability Discovery using Machine Learning (ACSAC)
Erik Imgrund, Tom Ganz, Martin Härterich, Lukas Pirch, Niklas Risse, Konrad Rieck (2023): Broken Promises: Measuring Confounding Effects in Learning-based Vulnerability Discovery (CCS AISec)
Tom Ganz, Erik Imgrund, Martin Härterich, Konrad Rieck (2023): CodeGraphSMOTE - Data Augmentation for Vulnerability Discovery (DBSEC)
Tom Ganz, Philipp Rall, Martin Härterich, Konrad Rieck (2023): Hunting for Truth: Analyzing Explanation Methods in Learning-based Vulnerability Discovery (Euro S&P)
Tom Ganz, Inaam Ashraf, Martin Härterich, Konrad Rieck (2023): Detecting Backdoors in Collaboration Graphs of Software Repositories (CODASPY)
Tom Ganz, Martin Härterich, Alexander Warnecke, Konrad Rieck (2021): Explaining Graph Neural Networks for Vulnerability Discovery (CCS AISec)

Academic Services

Reviews for IEEE Access
Subreviews for S&P
Reviews for CCS AISec

Other Contributions

Hash Collisions in Java
Cruzzer
Freelancer as System Administrator
My (inactive) Hackerrank

Awards

AISec CCS Best Paper Award 2021

Invited Talks

Cooperate State University Karlsruhe 2022: Lecturer for Compiler Engineering
SAP Conference on Machine Learning 2022: Explainable Fuzzing
SAP Conference on Machine Learning 2022: Graph Autoencoders - on the Hunt for Malicious Commits
SAP Development Kick-Off Meeting: Automated Analysis of Source Code Repositories using Machine Learning
SAP Conference on Machine Learning 2021: Intelligently Protect the Enterprise - What machines may learn about graphs in your software
SAP Security Expert Summit 2021: Intelligently Protect the Enterprise - What machines may learn about graphs in your software

Check out my LinkedIn to see my current CV.

Hi, I’m Tom

Latest Post

About