Contact:
Johanna Amann
International Computer Science Institute
1947 Center St., Suite 600
Berkeley, CA 94704
USA

johanna @ icir
(510) 666-2938

About me:
I am a researcher at the International Computer Science Institute, an independent non-profit research institute affiliated with the University of California, Berkeley. My main research interests lie in the areas of network security, internet measurement and applied cryptography. I spend most of my time working on the Bro Network Security Monitor and the ICSI SSL Notary Service.
Publications:
A Tangled Mass: The Android Root Certificate Stores (Best Short Paper Award)
N. Vallina-Rodriguez, J. Amann, C. Kreibich, N. Weaver and V. Paxson
ACM International Conference on emerging Networking EXperiments and Technologies (CoNEXT) 2014, December 2014

The Matter of Heartbleed (Best Paper Award)
Z. Durumeric, F. Li, J. Kasten, J. Amann, J. Beekman, M. Payer, N. Weaver, D. Adrian, V. Paxson, M. Bailey, and J. A. Halderman
14th Internet Measurement Conference (IMC'14), November 2014

Count Me In: Viable Distributed Summary Statistics for Securing High-Speed Networks (implementation & scripts)
J. Amann, S. Hall, R. Sommer
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2014

No Attack Necessary: The Surprising Dynamics of SSL Trust Relationships
B. Amann, R. Sommer, M. Vallentin, S. Hall
2013 Annual Computer Security Applications Conference, December 2013

Here's My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web (used tools and library)
D. Akhawe, B. Amann, M. Vallentin, R. Sommer
Proc. International World Wide Web Conference, May 2013

Revisiting SSL: A Large Scale Study of the Internet's Most Trusted Protocol
B. Amann, M. Vallentin, S. Hall, R. Sommer
ICSI Technical Report, December 2012

Extracting Certificates from Live Traffic: A Near Real Time SSL Notary Service
B. Amann, M. Vallentin, S. Hall, R. Sommer
ICSI Technical Report, November 2012

A Lone Wolf No More: Supporting Network Intrusion Detection with Real-Time Intelligence
B. Amann, R. Sommer, A. Sharma, S. Hall
Proc. Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2012

Redundancy and Access Permissions in Decentralized File Systems
B. Amann
Thesis, Technische Universität München, September 2011

Adding Cryptographically Enforced Permissions to Fully Decentralized File Systems
B. Amann and T. Fuhrmann
Technical Report, Technische Universität München, April 2011

A Quantitative Analysis of Redundancy Schemes for Peer-to-Peer Storage Systems
Y. Houri, B. Amann, and T. Fuhrmann
Proc. 12th International Symposium on Stabilization, Safety, and Security of Distributed Systems (SSS 2010), 2010

Cryptographically Enforced Permissions for Fully Decentralized File Systems
B. Amann and T. Fuhrmann
Proceedings of the 10th IEEE International Conference on Peer-to-Peer Computing 2010 (P2P'10), 2010

Unix-like Access Permissions in Fully Decentralized File Systems (poster)
B. Amann and T. Fuhrmann
Poster Presentation at the 8th USENIX Conference on File and Storage Technologies (FAST '10), 2010

IgorFs: A Distributed P2P File System (poster)
B. Amann, B. Elser, Y. Houri and T. Fuhrmann
Proceedings of the Eigth IEEE International Conference on Peer-to-Peer Computing (P2P'08), 2008

Secure Asynchronous Change Notifications for a Distributed File System
B. Amann
Diplomarbeit, Chair for Network Architectures, TUM 2007

Projects I am involved in:
The ICSI SSL notary service
The Bro network monitoring system

Tools and other links:
My github account containing (among other things):
A few scripts that can be useful with Bro as well as a collection of Bro scripts.
Patched version of Crypt::OpenSSL::X509
NSS bindings for Perl

Tree of trust of the SSL intermediate CAs used in the Internet as of Dec. 2012. The visualization was made with data from the ICSI SSL notary using gephi and gexf-js.

Statistics for the #Bro IRC channel on Freenode

My CPAN account.