cv

General Information

Full Name Sriteja Kummita
Date of Birth 16th November 1994
Languages English, German (A2)

Education

  • Nov 2020 - Present
    PhD
    Paderborn University, Paderborn, Germany
    • Research interests - evaluating fuzzing, combining static analysis and fuzzing
  • 2020
    Master of Science in Computer Science
    Paderborn University, Paderborn, Germany
    • Evaluation of Call Graph construction for PYTHON (Master Thesis)
      • As one of the most popular programming languages, PYTHON has become a relevant target language for static analysis tools. The primary data structure for performing an inter-procedural static analysis is call-graph (CG), which links call sites to potential call targets in a program. There exists multiple algorithms for constructing callgraphs, tailored to specific languages. However, comparatively few implementations target PYTHON. Moreover, there is still lack of empirical evidence as to how these few algorithms perform in terms of precision and recall. This paper thus presents EVAL_CG, an extensible framework for comparative analysis of Python call-graphs. We conducted two experiments which run the CG algorithms on different Python programming constructs and real-world applications. In both experiments, we evaluate three CG generation frameworks namely, Code2flow, Pyan, and Wala. We record precision, recall, and running time, and identify sources of unsoundness of each framework. Our evaluation shows that none of the current CG construction frameworks produce a sound CG. Moreover, the static CGs contain many spurious edges. Code2flow is also comparatively slow. Hence, further research is needed to support CG generation for Python programs.
    • Integration of the Static Analysis Results Interchange Format in CogniCrypt (Seminar Thesis)
      • Software companies increasingly rely on static analysis tools to detect potential bugs and security vulnerabilities in their software products. In the past decade, more and more commercial and open-source static analysis tools have been developed and are maintained. Each tool comes with its own reporting format, preventing an easy integration of multiple analysis tools in a single interface, such as the Static Analysis Server Protocol (SASP). In 2017, a collaborative effort in industry, including Microsoft and GrammaTech, has proposed the Static Analysis Results Interchange Format (SARIF) to address this issue. SARIF is a standardized format in which static analysis warnings can be encoded, to allow the import and export of analysis reports between different tools. This paper explains the SARIF format through examples and presents a proof of concept of the connector that allows the static analysis tool CogniCrypt to generate and export its results in SARIF format.
  • 2015
    Bachelor of Technology in Information Technology
    Sri Sivasubramaniya Nadar College of Engineering, Anna University, Chennai (India)

Experience

  • Nov 2020 - Today
    Research Associate
    Fraunhofer IEM, Paderborn
  • July 2018 - Sep 2020
    Student Assistant (Studentische Hilfskraft)
    Fraunhofer IEM, Paderborn
  • Jul 2015 - Feb 2018
    Software Engineer
    GAIN Credit, Chennai
    • Gained experience in Python, Django, MySQL, and Docker by working as a full-stack developer in an agile working environment

Honors and Awards

  • 2015
    • Best Outgoing Student of Sri Sivasubramaniya Nadar College of Engineering

Academic Interests

  • Static Analysis
  • Dynamic Analysis
    • Fuzzing

Other Interests

  • Hobbies: Badminton, Harmonica, Running, Cycling