Johannes Düsing, M.Sc.

About Me

I am a PhD Student for Secure Software Engineering at Technical University Dortmund. My goal is to increase precision of vulnerability detection by employing static analysis techniques on software projects and their dependencies. In order to do so, i generate data on a large amount of software libraries from repositories like Maven Central, a provide efficient query- and analysis-interfaces.

I earned my Master's degree at Paderborn University in 2021. During my studies, i worked as a Student Assistant Software Developer at dSPACE for five years, before being a Research Assistant at Paderborn University.

Research Interests

My research interests include:

  • Static Program Analysis, especially Callgraphs and Abstract Interpretation
  • Vulnerability Propagation and Impact Analysis
  • Software Quality Metrics
  • Evolution of Software Reuse
  • Compositional Program Analysis

Current Projects

OPAL: Modular, Collaborative Program Analysis for JVM Programs

OPAL is a framework for modular, collaborative static analysis of JVM-based programs written in Scala. It can be used to parse, analyze and write JVM bytecode, and provides various types of built-in analyses. Find out more on GitHub.

MARIN: A MAven Research INterface

MARIN enables easy implementation of large-scale program analyses on Maven Central. It allows you to focus on implementing actual analysis logic, while automatically providing facilities for incremental execution, parallelization and data aggregation. For more information, have a look at our paper or visit GitHub.

DGMF: The Dependency Graph Mining Framework

The dependency graph mining framework provides a common data format for dependency graphs of different software repositories. Based on repository-specific adapter implementations, DGMF builds whole-repository dependency graphs in different configurations. Default adapters exist for Maven Central, NPM, PyPi and NuGet. Details can be found in our paper or on GitHub.

Publications

Recent Publications

MARIN: A Research-Centric Interface for Querying Software Artifacts on Maven Repositories

In this paper, we present the Maven Central Research Interface (MARIN). It allows developers and researchers to conduct large-scale program analyses on Maven Central by only implementing the domain-specific analysis logic for a single artifact. MARIN can be found on GitHub.

All Publications

  • Johannes Düsing and Jared Chiaramonte and Ben Hermann. 2025. MARIN: A Research-Centric Interface for Querying Software Artifacts on Maven Repositories. Mining Software Repositories 2025 (MSR '25) (Just Accepted). Preprint
  • Dominik Helm and Sven Keidel and Anemone Kampkötter and Johannes Düsing and Tobias Roth and Ben Hermann and Mira Mezini. 2024. Total Recall? How Good are Static Call Graphs Really?. Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024). https://doi.org/10.1145/3650212.3652114
  • Johannes Düsing and Ben Hermann. 2023. Persisting and Reusing Results of Static Program Analyses on a Large Scale. Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023). https://doi.org/10.1109/ASE56229.2023.00080
  • Tobias Litzenberger and Johannes Düsing and Ben Hermann. 2023. DGMF: Fast Generation of Comparable, Updatable Dependency Graphs for Software Repositories. Mining Software Repositories 2023 (MSR '23). https://doi.org/10.1109/MSR59073.2023.00028
  • Johannes Düsing and Ben Hermann. 2021. Analyzing the Direct and Transitive Impact of Vulnerabilities onto Different Artifact Repositories. Digital Threats: Research and Practice. (January 2021), 27 pages. https://doi.org/10.1145/3472811

Teaching

Datastructures, Algorithms and Programming I. Bachelor Lecture
Abstract Interpretation. Bachelor Seminar.
Software Engineering. Bachelor Lecture.
Webtechnologies I. Bachelor Lecture.
Open-Source Software Reuse in Commercial and OSS Projects. Bachelor Seminar.
Implementation and Evaluation of Software Quality Metrics. Bachelor Project.

Contact

  • Mail
    johannes.duesing@tu-dortmund.de
  • Phone
    +49 231 755 7831
  • Postal
    Johannes Düsing
    Technische Universität Dortmund
    Otto-Hahn-Straße 14
    44227 Dortmund
    GERMANY