Bernhard Garn

is researcher at SBA Research.Bernhard Garn

  • E-Mail
  • Phone: +43 (1) 505 36 88
  • Fax: +43 (1) 505 88 88

Research Interest

His research focuses on design theory and discrete mathematics, as well as applications thereof.  With his background in mathematics, he is especially interested in the application of theoretical results to practical problems, effectively bridging the gap between discrete mathematics and application domains of information security.  His publications include papers in applied discrete mathematics, software testing (in particular, combinatorial testing) and security testing.

He is a member of the MaTRIS research group of SBA Research (https://matris.sba-research.org/team/bgarn/).

BIO

Bernhard Garn is currently researcher with SBA Research. He received a Master of Science (Diploma- Engineer) in Technical Mathematics from Vienna University of Technology.  He has developed an algebraic modelling for a special class of combinatorial designs, and has also developed combinatorial testing for software methodologies for security targeting operating systems and web technologies.

  • Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing (2015)
    • INPROCEEDINGS-true
    • Josip Bozic and Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler and Franz Wotawa
    • IEEE International Conference on Software Quality, Reliability and Security 2015
    @INPROCEEDINGS{Bozic2015Attack,
       author = {Josip Bozic and Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler and Franz Wotawa},
       authorhotlist = {true},
       title = {Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing},
       booktitle = {IEEE International Conference on Software Quality,
       Reliability and Security 2015},
       year = {2015},
       month = {8},
       pdf = {http://ieeexplore.ieee.org/document/7272934/},
    }
  • Evaluation of the IPO-Family algorithms for test case generation in web security testing (2015)
    • INPROCEEDINGS--
    • Josip Bozic and Bernhard Garn and Dimitris Simos and Franz Wotawa
    • IEEE 8th International Conference on Software Testing, Verification and Validation
    @INPROCEEDINGS{Bozic2015Evaluation,
       author = {Josip Bozic and Bernhard Garn and Dimitris Simos and Franz Wotawa},
       title = {Evaluation of the IPO-Family algorithms for test case generation in web security testing},
       booktitle = {IEEE 8th International Conference on Software Testing,
       Verification and Validation},
       year = {2015},
       month = {4},
       pdf = {http://ieeexplore.ieee.org/document/7107436/},
    }
  • On the applicability of combinatorial testing to web application security testing: A case study (2014)
    • INPROCEEDINGS--
    • Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler
    • 2014 Workshop on Joining AcadeMiA and Industry Contributions to Test Automation and Model-Based Testing
    @INPROCEEDINGS{Garn2014applicability,
       author = {Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler},
       title = {On the applicability of combinatorial testing to web application security testing: A case study},
       booktitle = { 2014 Workshop on Joining AcadeMiA and Industry Contributions to Test Automation and Model-Based Testing},
       year = {2014},
       month = {7},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/combinatorial testing 4pentesteval_jamaica_2014.pdf},
    }
  • Eris: A tool for combinatorial testing of the linux system call interface (2014)
    • INPROCEEDINGS-true
    • Bernhard Garn and Dimitris Simos
    • 2014 IEEE International Conference on Software Testing, Verification, and Validation Workshops
    @INPROCEEDINGS{Garn2014Eris,
       author = {Bernhard Garn and Dimitris Simos},
       authorhotlist = {true},
       title = {Eris: A tool for combinatorial testing of the linux system call interface},
       booktitle = {2014 IEEE International Conference on Software Testing,
       Verification,
       and Validation Workshops},
       year = {2014},
       month = {3},
       pdf = {https://www.sba-research.org/wp-content/uploads/publications/CT-Eris_ICSTW_2014.pdf},
    }
  • Weighted t-way Sequences (2018)
    • ARTICLE--
    • Bernhard Garn and Dimitris Simos
    • Electronic Notes in Discrete Mathematics
    @ARTICLE{Garn2018Weighted,
       author = {Bernhard Garn and Dimitris Simos},
       title = {Weighted t-way Sequences},
       journal = {Electronic Notes in Discrete Mathematics},
       year = {2018},
       month = {12},
       pdf = {https://www.sciencedirect.com/science/article/pii/S1571065318302026?via%3Dihub},
    }
  • Browser fingerprinting using combinatorial sequence testing (2019)
    • INPROCEEDINGS--
    • Bernhard Garn and Dimitris Simos and Stefan Zauner and R. Kuhn and R. Kacker
    • 6th Annual Symposium on Hot Topics in the Science of Security (HotSoS)
    @INPROCEEDINGS{Garn2019Browser,
       author = {Bernhard Garn and Dimitris Simos and Stefan Zauner and R. Kuhn and R. Kacker},
       title = {Browser fingerprinting using combinatorial sequence testing},
       booktitle = {6th Annual Symposium on Hot Topics in the Science of Security (HotSoS)},
       year = {2019},
       month = {4},
       pdf = {https://dl.acm.org/citation.cfm?doid=3314058.3314062},
    }
  • A Fault-Driven Combinatorial Process for Model Evolution in XSS Vulnerability Detection (2019)
    • INPROCEEDINGStrue-
    • Bernhard Garn and Marco Radavelli and Angelo Gargantini and Manuel Leithner and Dimitris Simos
    • International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems (IEA AIE)
    @INPROCEEDINGS{Garn2019FaultDriven,
       author = {Bernhard Garn and Marco Radavelli and Angelo Gargantini and Manuel Leithner and Dimitris Simos},
       sbahotlist = {true},
       title = {A Fault-Driven Combinatorial Process for Model Evolution in XSS Vulnerability Detection},
       booktitle = {International Conference on Industrial,
       Engineering and Other Applications of Applied Intelligent Systems (IEA AIE)},
       year = {2019},
       month = {6},
       pdf = {https://link.springer.com/chapter/10.1007%2F978-3-030-22999-3_19},
    }
  • Weighted Combinatorial Sequence Testing for the TLS Protocol (2019)
    • INPROCEEDINGStruetrue
    • Bernhard Garn and Dimitris Simos and Feng Duan and Yu Lei and Josip Bozic and Franz Wotawa
    • IEEE International Conference on Software Testing, Verification and Validation Workshops, (ICSTW)
    @INPROCEEDINGS{Garn2019Weighted,
       author = {Bernhard Garn and Dimitris Simos and Feng Duan and Yu Lei and Josip Bozic and Franz Wotawa},
       authorhotlist = {true},
       sbahotlist = {true},
       title = {Weighted Combinatorial Sequence Testing for the TLS Protocol},
       booktitle = {IEEE International Conference on Software Testing,
       Verification and Validation Workshops,
       (ICSTW)},
       year = {2019},
       month = {4},
       pdf = {https://ieeexplore.ieee.org/document/8728911},
    }
  • Combinatorial Methods for Modelling Composed Software Systems (2017)
    • INPROCEEDINGS--
    • Ludwig Kampel and Bernhard Garn and Dimitris Simos
    • 6th International Workshop on Combinatorial Testing (IWCT 2017)
    @INPROCEEDINGS{Kampel2017Combinatorial,
       author = {Ludwig Kampel and Bernhard Garn and Dimitris Simos},
       title = {Combinatorial Methods for Modelling Composed Software Systems},
       booktitle = {6th International Workshop on Combinatorial Testing (IWCT 2017)},
       year = {2017},
       month = {3},
       link_slides = {http://iwct2017.sba-research.org/slides/session4-talk2-simos.pdf},
    }
  • Covering arrays as set covers (2018)
    • ARTICLEtrue-
    • Ludwig Kampel and Bernhard Garn and Dimitris Simos
    • Electronic Notes in Discrete Mathematics
    @ARTICLE{Kampel2018Covering,
       author = {Ludwig Kampel and Bernhard Garn and Dimitris Simos},
       sbahotlist = {true},
       title = {Covering arrays as set covers},
       journal = {Electronic Notes in Discrete Mathematics},
       year = {2018},
    }
  • Algebraic Models for Arbitrary Strength Covering Arrays over v-ary Alphabets (2019)
    • INPROCEEDINGS--
    • Ludwig Kampel and Dimitris Simos and Bernhard Garn and Ilias Kotsireas and Evgeny Zhereshchin
    • 8th International Conference on Algebraic Informatics
    @INPROCEEDINGS{Kampel2019Algebraic,
       author = {Ludwig Kampel and Dimitris Simos and Bernhard Garn and Ilias Kotsireas and Evgeny Zhereshchin},
       title = {Algebraic Models for Arbitrary Strength Covering Arrays over v-ary Alphabets},
       booktitle = {8th International Conference on Algebraic Informatics},
       year = {2019},
       month = {6},
       pdf = {https://link.springer.com/chapter/10.1007%2F978-3-030-21363-3_15},
    }
  • A Combinatorial Approach to Analyzing Cross-Site Scripting (XSS) Vulnerabilities in Web Application Security Testing (2016)
    • INPROCEEDINGS--
    • Dimitris Simos and K. Kleine and Laleh Shikh Gholamhossein Ghandehari and Bernhard Garn and Yu Lei
    • International Conference on Testing Software and Systems (ICTSS)
    @INPROCEEDINGS{Simos2016Combinatorial,
       author = {Dimitris Simos and K. Kleine and {Laleh Shikh Gholamhossein} Ghandehari and Bernhard Garn and Yu Lei},
       title = {A Combinatorial Approach to Analyzing Cross-Site Scripting (XSS) Vulnerabilities in Web Application Security Testing},
       booktitle = {International Conference on Testing Software and Systems (ICTSS)},
       year = {2016},
       month = {10},
       pdf = {http://link.springer.com/chapter/10.1007/978-3-319-47443-4_5},
    }
  • Practical Combinatorial Testing for XSS Detection using Locally Optimized Attack Models (2019)
    • INPROCEEDINGStrue-
    • Dimitris Simos and Bernhard Garn and Jovan Zivanovic and Manuel Leithner
    • IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)
    @INPROCEEDINGS{Simos2019Practical,
       author = {Dimitris Simos and Bernhard Garn and Jovan Zivanovic and Manuel Leithner},
       sbahotlist = {true},
       title = {Practical Combinatorial Testing for XSS Detection using Locally Optimized Attack Models},
       booktitle = {IEEE International Conference on Software Testing,
       Verification and Validation Workshops (ICSTW)},
       year = {2019},
       month = {4},
       pdf = {https://ieeexplore.ieee.org/document/8728914},
    }
  • Testing TLS using planning-based combinatorial methods and execution framework (2019)
    • ARTICLE--
    • Dimitris Simos and Josip Bozic and Bernhard Garn and Manuel Leithner and Feng Duan and K. Kleine and Yu Lei and Franz Wotawa
    • Software Quality Journal
    @ARTICLE{Simos2019Testing,
       author = {Dimitris Simos and Josip Bozic and Bernhard Garn and Manuel Leithner and Feng Duan and K. Kleine and Yu Lei and Franz Wotawa},
       title = {Testing TLS using planning-based combinatorial methods and execution framework},
       journal = {Software Quality Journal},
       year = {2019},
       month = {6},
       pdf = {https://link.springer.com/article/10.1007%2Fs11219-018-9412-z},
    }

This Website uses Cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close