C.A. (Christian) Hammerschmidt
C.A. (Christian) Hammerschmidt
I work on machine learning methods for reverse engineering. Together with Sicco Verwer, I apply these methods both in network security and software testing.
Before coming to Delft, I successfully defended my Ph.D. thesis at the Interdisciplinary Centre for Security, Reliability and Trust, which is part of the University of Luxembourg. I spent my time in the Service and Data Management (SEDAN) group headed by Radu State. I still regularly work with SEDAN.
Prior to starting my Ph.D., I obtained a German diploma in computer science at the FAU Erlangen-Nuremberg. During that time, I also worked on a DFG research project on concurrency theory with Uwe Nestman at TU Berlin.
I am interested in machine learning and its applications, in particular in protocol and program inference, and program analysis with applications in software engineering and cyber-security. More specifically, and I want to learn a model that converts a sequence of observations (or inputs) into a sequence of responses (or outputs). Ideally, the model is not just a magic black box, but is a description of an operational or computational process, explaining how to convert the input to the output. With that in mind, I like to think about interpretability and explainability. Recent work of interest in the field of machine learning includes neural models for program synthesis (and to a lesser extent, also induction).
Recently, I am also working, though to a lesser extent, on learning representations of discrete and structured data.
During my Ph.D. in Luxembourg, I focused on learning models that at their core have a finite state space: (probabilistic) finite state machines, deterministic transducers like Mealy machines, and ad-hoc defined variants of finite models. Despite their limited expressive power (compared to Turing complete universal computation models), there are many useful applications of these models in computer sciences. Together with Nino Pellegrino and Qin Lin at TU Delft, we looked at network traffic and summary statistics to build models that profile and fingerprint hosts on networks.
I also built on Sicco Verwer’s DFASAT tool to build flexfringe, a tool to define heuristics to learn a wide range of automaton models using a red-blue type of state-merging algorithm.
Using Clustering to Build Network Behavioral Profiles of Malware Families
A. Nadeem / C.A. Hammerschmidt / C. Hernandez Ganan / S.E. Verwer
Auto Semi-supervised Outlier Detection for Malicious Authentication Events
Georgios Kaiafas / Christian Hammerschmidt / Sofiane Lagraa / Radu State
Federated learning for cyber security
Ekaterina Khramtsova / Christian Hammerschmidt / Sofian Lagraa / Radu State
The Robust Malware Detection Challenge and Greedy Random Accelerated Multi-Bit Search
S.E. Verwer / A. Nadeem / C.A. Hammerschmidt / L. Bliek / Abdullah Al-Dujaili / Una-May O’Reilly
Learning behavioral fingerprints from Netflows using Timed Automata
Nino Pellegrino / Qin Lin / Christian Hammerschmidt / Sicco Verwer