117 Publications
2024 | Conference Paper | LibreCat-ID: 52235
Khedkar M, Bodden E. Toward an Android Static Analysis Approach for Data Protection. In: Proceedings of the 9th International Conference on Mobile Software Engineering and Systems. ; 2024.
LibreCat
| Files available
| arXiv
2024 | Misc | LibreCat-ID: 52663
Wickert A-K, Schlichtig M, Vogel M, Winter L, Mezini M, Bodden E. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability.; 2024.
LibreCat
| Download (ext.)
2024 | Journal Article | LibreCat-ID: 52587
Bodden E, Pottebaum J, Fockel M, Gräßler I. Evaluating Security Through Isolation and Defense in Depth. IEEE Security & Privacy. 2024;22(1):69-72. doi:10.1109/msec.2023.3336028
LibreCat
| DOI
2024 | Conference Paper | LibreCat-ID: 53938
Karakaya K, Bodden E. Symbol-Specific Sparsification of Interprocedural Distributive Environment Problems. In: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. ACM; 2024. doi:10.1145/3597503.3639092
LibreCat
| DOI
2024 | Book Chapter | LibreCat-ID: 53942
Karakaya K, Schott S, Klauke J, et al. SootUp: A Redesign of the Soot Static Analysis Framework. In: Tools and Algorithms for the Construction and Analysis of Systems. Springer Nature Switzerland; 2024. doi:10.1007/978-3-031-57246-3_13
LibreCat
| DOI
2024 | Conference Paper | LibreCat-ID: 53958
Johnson O, Piskachev G, Krishnamurthy R, Bodden E. Detecting Security-Relevant Methods using Multi-label Machine Learning. In: Proceedings of the 46th International Conference on Software Engineering, IDE Workshop. ; 2024. doi:10.48550/ARXIV.2403.07501
LibreCat
| DOI
2024 | Conference Paper | LibreCat-ID: 53959
Shivarpatna Venkatesh AP, Sabu S, Wang J, Mir AM, Li L, Bodden E. TypeEvalPy: A Micro-benchmarking Framework for Python Type Inference Tools. In: Proceedings of the 46th International Conference on Software Engineering, Tool Demo Track. ; 2024.
LibreCat
| arXiv
2023 | Conference Paper | LibreCat-ID: 35083
Dann AP, Hermann B, Bodden E. UpCy: Safely Updating Outdated Dependencies. Published online 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 36522 | 
Shivarpatna Venkatesh AP, Wang J, Li L, Bodden E. Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis. In: IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering); 2023. doi:10.48550/ARXIV.2301.04419
LibreCat
| Files available
| DOI
2023 | Conference Paper | LibreCat-ID: 41812
Luo L, Piskachev G, Krishnamurthy R, Dolby J, Schäf M, Bodden E. Model Generation For Java Frameworks. In: IEEE International Conference on Software Testing, Verification and Validation (ICST). ; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 41813
Shivarpatna Venkatesh AP, Wang J, Li L, Bodden E. Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis. In: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2023.
LibreCat
2023 | Journal Article | LibreCat-ID: 46816
Torres A, Costa P, Amaral L, et al. Runtime Verification of Crypto APIs: An Empirical Study. IEEE Transactions on Software Engineering. 2023;49(10):4510-4525. doi:10.1109/tse.2023.3301660
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 49439
Piskachev G, Becker M, Bodden E. Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study. Empirical Software Engineering. 2023;28(5). doi:10.1007/s10664-023-10354-3
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
Krüger S, Reif M, Wickert A-K, et al. Securing Your Crypto-API Usage Through Tool Support - A Usability Study. In: 2023 IEEE Secure Development Conference (SecDev). IEEE; 2023. doi:10.1109/secdev56634.2023.00015
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 48946
Gräßler I, Bodden E, Wiechel D, Pottebaum J. Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security. Konstruktion. 2023;75(11-12):60-65. doi:10.37544/0720-5953-2023-11-12-60
LibreCat
| DOI
2023 | Book Chapter | LibreCat-ID: 52662
Nachtigall M, Schlichtig M, Bodden E. Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:95–96.
LibreCat
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 52660
Schlichtig M, Sassalla S, Narasimhan K, Bodden E. Introducing FUM: A Framework for API Usage Constraint and Misuse Classification. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:105–106.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2023:379-385. doi:10.1109/eurospw59978.2023.00048
LibreCat
| DOI
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 45888 |
Wehrheim H, Platzner M, Bodden E, Schubert P, Pauck F, Jakobs M-C. Verifying Software and Reconfigurable Hardware Services. In: Haake C-J, Meyer auf der Heide F, Platzner M, Wachsmuth H, Wehrheim H, eds. On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets. Vol 412. Verlagsschriftenreihe des Heinz Nixdorf Instituts. Heinz Nixdorf Institut, Universität Paderborn; 2023:125-144. doi:10.5281/zenodo.8068583
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 29844
Koch T, Trippel S, Dziwok S, Bodden E. Integrating Security Protocols in Scenario-based Requirements Specifications. In: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications; 2022. doi:10.5220/0010783300003119
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 31844
Fischer A, Fuhry B, Kußmaul J, Janneck J, Kerschbaum F, Bodden E. Computation on Encrypted Data Using Dataflow Authentication. ACM Transactions on Privacy and Security. 2022;25(3):1-36. doi:10.1145/3513005
LibreCat
| DOI
2022 | Misc | LibreCat-ID: 32409
Schlichtig M, Wickert A-K, Krüger S, Bodden E, Mezini M. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite.; 2022. doi:10.48550/ARXIV.2204.06447
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 32410
Nachtigall M, Schlichtig M, Bodden E. A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools. In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM; 2022:532-543. doi:10.1145/3533767
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 31133
Schlichtig M, Sassalla S, Narasimhan K, Bodden E. FUM - A Framework for API Usage constraint and Misuse Classification. In: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2022:673-684. doi:https://doi.org/10.1109/SANER53432.2022.00085
LibreCat
| Files available
| DOI
2022 | Journal Article | LibreCat-ID: 30511 |
Schubert P, Gazzillo P, Patterson Z, et al. Static data-flow analysis for software product lines in C. Automated Software Engineering. 2022;29(1). doi:10.1007/s10515-022-00333-1
LibreCat
| DOI
| Download (ext.)
2022 | Journal Article | LibreCat-ID: 33835
Sayar I, Bartel A, Bodden E, Le Traon Y. An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities. ACM Transactions on Software Engineering and Methodology. Published online 2022. doi:10.1145/3554732
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 33836
Piskachev G, Späth J, Budde I, Bodden E. Fluently specifying taint-flow queries with fluentTQL. Empirical Software Engineering. 2022;27(5):1–33.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33838
Krishnamurthy R, Piskachev G, Bodden E. To what extent can we analyze Kotlin programs using existing Java taint analysis tools? Published online 2022.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33837
Piskachev G, Dziwok S, Koch T, Merschjohann S, Bodden E. How far are German companies in improving security through static program analysis tools? Published online 2022.
LibreCat
2022 | Journal Article | LibreCat-ID: 53952
Massacci F, Sabetta A, Mirkovic J, et al. “Free” as in Freedom to Protest? IEEE Security & Privacy. 2022;20(5):16-21. doi:10.1109/msec.2022.3185845
LibreCat
| DOI
2021 | Journal Article | LibreCat-ID: 27045 |
Luo L, Pauck F, Piskachev G, et al. TaintBench: Automatic real-world malware benchmarking of Android taint analyses. Empirical Software Engineering. Published online 2021. doi:10.1007/s10664-021-10013-5
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21595
Stockmann L, Laux S, Bodden E. Using Architectural Runtime Verification for Offline Data Analysis. Journal of Automotive Software Engineering. Published online 2021. doi:10.2991/jase.d.210205.001
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21597
Holzinger P, Bodden E. A Systematic Hardening of Java’s Information Hiding. International Symposium on Advanced Security on Software and Systems (ASSS). Published online 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21599
Bonifacio R, Krüger S, Narasimhan K, Bodden E, Mezini M. Dealing with Variability in API Misuse Specification. European Conference on Object-Oriented Programming (ECOOP). Published online 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22462
Shivarpatna Venkatesh AP, Bodden E. Automated Cell Header Generator for Jupyter Notebooks. In: International Workshop on AI and Software Testing/Analysis (AISTA). ; 2021. doi:10.1145/3464968.3468410
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 23388
Kummita S, Piskachev G, Spaeth J, Bodden E. Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON. In: Proceedings of the 2021 International Conference on Code Quality (ICCQ). ; 2021. doi:10.1109/ICCQ51190.2021.9392986
LibreCat
| DOI
| Download (ext.)
2021 | Conference Paper | LibreCat-ID: 21598 |
Schubert P, Hermann B, Bodden E. Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis. In: European Conference on Object-Oriented Programming (ECOOP). ; 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 31132
Dann AP, Plate H, Hermann B, Ponta SE, Bodden E. Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite. IEEE Transactions on Software Engineering. Published online 2021:1-1. doi:10.1109/tse.2021.3101739
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 26407
Piskachev G, Krishnamurthy R, Bodden E. SecuCheck: Engineering configurable taint analysis for software developers. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22463
Luo L, Schäf M, Sanchez D, Bodden E. IDE Support for Cloud-Based Static Analyses. In: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 33840
Karakaya K, Bodden E. SootFX: A Static Code Feature Extraction Tool for Java and Android. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021:181–186.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26406
Schubert P, Hermann B, Bodden E, Leer R. Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++. In: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track). ; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26405
Schubert P, Sattler F, Schiebel F, Hermann B, Bodden E. Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
2020 | Journal Article | LibreCat-ID: 20507
Geismann J, Bodden E. A systematic literature review of model-driven security engineering for cyber–physical systems. Journal of Systems and Software. 2020;169:110697. doi:https://doi.org/10.1016/j.jss.2020.110697
LibreCat
| DOI
2020 | Journal Article | LibreCat-ID: 20508
Nguyen Quang Do L, Bodden E. Explaining Static Analysis with Rule Graphs. IEEE Transactions on Software Engineering. Published online 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20509
Fischer A, Janneck J, Kussmaul J, Krätzschmar N, Kerschbaum F, Bodden E. PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage. In: 2020 IEEE Computer Security Foundations Symposium (CSF). ; 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20510
Benz M, Krogh Kristensen E, Luo L, P. Borges Jr. N, Bodden E, Zeller A. Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis. In: International Conference for Software Engineering (ICSE). ; 2020.
LibreCat
2020 | Conference Paper | LibreCat-ID: 20511
Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Dataflow Authentication. In: Privacy Enhancing Technologies Symposium (PETS/PoPETS). ; 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20518
Koch T, Dziwok S, Holtmann J, Bodden E. Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers. In: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM; 2020. doi:10.1145/3365438.3410946
LibreCat
| DOI
2020 | Report | LibreCat-ID: 20712
Schubert P, Bodden E, Hermann B. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries.; 2020.
LibreCat
| Files available
2020 | Book Chapter | LibreCat-ID: 20891
Knüppel A, Krüger S, Thüm T, et al. Using Abstract Contracts for Verifying Evolving Features and Their Interactions. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-64354-6_5
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 16214
Pauck F, Bodden E, Wehrheim H. Reproducing Taint-Analysis Results with ReproDroid. In: Felderer M, Hasselbring W, Rabiser R, Jung R, eds. Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria. {LNI}. Gesellschaft f{\"{u}}r Informatik e.V.; 2020:123-124. doi:10.18420/SE2020_36
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 23521
Gräßler I, Bodden E, Pottebaum J, Geismann J, Roesmann D. Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems. In: Advanced, Contemporary Control, Advances in Intelligent Systems and Computing. Vol 1196. Springer International Publishing; 2020:1458-1469.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20525
Stockmann L, Laux S, Bodden E. Architectural Runtime Verification. In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C). ; 2019:77-84. doi:10.1109/ICSA-C.2019.00021
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20527
Hazhirpasand M, Ghafari M, Krüger S, Bodden E, Nierstrasz O. The Impact of Developer Experience in Using Java Cryptography. In: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). ; 2019:1-6. doi:10.1109/ESEM.2019.8870184
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20528
Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-state Analysis for Access-control Vulnerabilities. In: 10th Workshop on Tools for Automatic Program Analysis (TAPAS). ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20529
Nachtigall M, Nguyen Quang Do L, Bodden E. Explaining Static Analysis -- A Perspective. In: 1st International Workshop on Explainable Software (EXPLAIN) at ASE. ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20531
Luo L, Bodden E, Späth J. A Qualitative Analysis of Android Taint-Analysis Results. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019). ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20532
Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track. ; 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20533
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/TSE.2019.2948910
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20534
Piskachev G, Nguyen Quang Do L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods. In: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA). ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20535
Luo L, Dolby J, Bodden E. MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors. In: European Conference on Object-Oriented Programming (ECOOP). ; 2019.
LibreCat
| Download (ext.)
2019 | Report | LibreCat-ID: 20537
Piskachev G, Nguyen L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods.; 2019.
LibreCat
2019 | Conference Paper | LibreCat-ID: 20538
Albert Gorski Iii S, Andow B, Nadkarni A, et al. ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware. In: ACM Conference on Data and Application Security and Privacy (CODASPY 2019). ; 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20539
Späth J, Ali K, Bodden E. Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems. Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages. 2019;3(POPL):48:1-48:29. doi:10.1145/3290361
LibreCat
| DOI
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 14896
Dann A, Hermann B, Bodden E. ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/tse.2019.2931331
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 14897
Dann A, Hermann B, Bodden E. SootDiff: bytecode comparison across different Java compilers. In: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019. ; 2019. doi:10.1145/3315568.3329966
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 7626 |
Schubert P, Hermann B, Bodden E. PhASAR: An Inter-Procedural Static Analysis Framework for C/C++. In: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019). Vol II. ; 2019:393-410. doi:10.1007/978-3-030-17465-1_22
LibreCat
| Files available
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 14898
Schubert P, Leer R, Hermann B, Bodden E. Know your analysis: how instrumentation aids understanding static analysis. In: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019. ; 2019. doi:10.1145/3315568.3329965
LibreCat
| DOI
2018 | Preprint | LibreCat-ID: 2711
Pauck F, Bodden E, Wehrheim H. Do Android Taint Analysis Tools Keep their Promises? arXiv:180402903. 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20530
Bodden E, Nguyen Quang Do L. Explainable Static Analysis. In: Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany. {LNI}. ; 2018:205-208.
LibreCat
| Download (ext.)
2018 | Journal Article | LibreCat-ID: 20543
Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. Debugging Static Analysis. IEEE Transactions on Software Engineering. Published online 2018:1-1. doi:10.1109/TSE.2018.2868349
LibreCat
| DOI
| Download (ext.)
2018 | Conference (Editor) | LibreCat-ID: 20544
Tichy M, Bodden E, Kuhrmann M, Wagner S, Steghöfer J-P, eds. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Vol {P-279}. Gesellschaft für Informatik; 2018.
LibreCat
2018 | Conference Paper | LibreCat-ID: 20546
Gerking C, Schubert D, Bodden E. Model Checking the Information Flow Security of Real-Time Systems. In: Payer M, Rashid A, Such JM, eds. Engineering Secure Software and Systems. Springer International Publishing; 2018:27-43.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20547
Nguyen Quang Do L, Bodden E. Gamifying Static Analysis. In: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2018. ACM; 2018:714-718. doi:10.1145/3236024.3264830
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20548
Bodden E. The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them). In: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018). ISSTA ’18. ACM; 2018:85-93. doi:10.1145/3236454.3236500
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20549
Geismann J, Gerking C, Bodden E. Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes. In: International Conference on Software and System Processes (ICSSP). ; 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20550
Bodden E. Self-adaptive Static Analysis. In: Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results. ICSE-NIER ’18. ACM; 2018:45-48. doi:10.1145/3183399.3183401
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 20551
Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. VISUFLOW, a Debugging Environment for Static Analyses. In: International Conference for Software Engineering (ICSE), Tool Demonstrations Track. ; 2018.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 4999
Pauck F, Bodden E, Wehrheim H. Do Android taint analysis tools keep their promises? In: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018. ACM Press; 2018. doi:10.1145/3236024.3236029
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 5203
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. In: European Conference on Object-Oriented Programming (ECOOP). ; 2018:10:1-10:27.
LibreCat
| Files available
| Download (ext.)
2017 | Misc | LibreCat-ID: 28231
Bodden E, Dressler F, Meyer auf der Heide F, Scheytt C, Trächtler A. Intelligente technische Systeme. Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn; 2017.
LibreCat
2017 | Book | LibreCat-ID: 24221
Gausemeier J, Bodden E, Dressler F, et al. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn; 2017. doi:10.17619/UNIPB/1-93
LibreCat
| Files available
| DOI
2017 | Book (Editor) | LibreCat-ID: 27415
Gausemeier J, Bodden E, Dressler F, et al., eds. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369. Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts; 2017.
LibreCat
2017 | Book Chapter | LibreCat-ID: 20552
Gerking C, Bodden E, Schäfer W. Industrial Security by Design. In: Maier GW, Engels G, Steffen E, eds. Handbuch Gestaltung Digitaler Und Vernetzter Arbeitswelten. Springer Berlin Heidelberg; 2017:1-24. doi:10.1007/978-3-662-52903-4_8-1
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 20553
Ben Othmane L, Chehrazi G, Bodden E, Tsalovski P, Brucker AD. Time for Addressing Software Security Issues: Prediction Models and Impacting Factors. Data Science and Engineering. 2017;2(2):107-124. doi:https://doi.org/10.1007/s41019-016-0019-8
LibreCat
| Files available
| DOI
2017 | Report | LibreCat-ID: 20554
Bodden E. Self-Adaptive Static Analysis.; 2017.
LibreCat
| Download (ext.)
2017 | Report | LibreCat-ID: 20555
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: Validating Correct Usage of Cryptographic APIs.; 2017.
LibreCat
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 20557
Lillack M, Kästner C, Bodden E. Tracking Load-time Configuration Options. IEEE Transactions on Software Engineering. 2017;PP(99):1-1. doi:10.1109/TSE.2017.2756048
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20558
Krüger S, Nadi S, Reif M, et al. CogniCrypt: Supporting Developers in using Cryptography. In: International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track. ; 2017.
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20559
Do LNQ, Ali K, Livshits B, Bodden E, Smith J, Murphy-Hill E. Just-in-time Static Analysis. In: Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis. ISSTA 2017. ACM; 2017:307-317. doi:10.1145/3092703.3092705
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20715
Nguyen Quang Do L, Ali K, Livshits B, Bodden E, Smith J, Murphy-Hill E. Cheetah: Just-in-Time Taint Analysis for Android Apps. In: International Conference for Software Engineering (ICSE), Tool Demonstrations Track. ; 2017.
LibreCat
| Download (ext.)
2017 | Book | LibreCat-ID: 23010
Gausemeier J, Bodden E, Dressler F, et al. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn; 2017.
LibreCat
2017 | Conference Paper | LibreCat-ID: 5725
Holzinger P, Hermann B, Lerch J, Bodden E, Mezini M. Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE; 2017. doi:10.1109/sp.2017.16
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 5204
Späth J, Ali K, Bodden E. IDEal: Efficient and Precise Alias-aware Dataflow Analysis. In: 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH). ACM Press; 2017.
LibreCat
| Files available
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 5209
Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Data Flow Authentication. CoRR. 2017;abs/1710.00390.
LibreCat
| Files available
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20556
Bodden E, I Pun K, Steffen M, Stolz V, Wickert A-K. Information Flow Analysis for Go. In: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}. ; 2016:431-445. doi:10.1007/978-3-319-47166-2_30
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20716
Bodden E, Eichberg M, I Pun K, Steffen M, Stolz V, Wickert A-K. Don’t let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go. In: Nordic Workshop on Programming Theory (NWPT’16). ; 2016.
LibreCat
| Download (ext.)
2016 | Report | LibreCat-ID: 20717
Nguyen Quang Do L, Ali K, Livshits B, Bodden E, Smith J, Murphy-Hill E. Just-in-Time Static Analysis.; 2016. doi:http://dx.doi.org/10.7939/DVN/10859
LibreCat
| DOI
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20718
Rasthofer S, Arzt S, Bodden E, Miltenberger M. Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen. Datenschutz und Datensicherheit. Published online 2016:718-722. doi:https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20719
Holzinger P, Triller S, Bartel A, Bodden E. An In-Depth Study of More Than Ten Years of Java Exploitation. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. CCS ’16. ; 2016:779-790. doi:http://doi.acm.org/10.1145/2976749.2978361
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20720
Follner A, Bartel A, Peng H, et al. PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution. In: International Workshop on Security and Trust Management (STM). ; 2016:212-228.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20721
Nguyen Quang Do L, Eichberg M, Bodden E. Toward an Automated Benchmark Management System. In: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. SOAP 2016. ; 2016:13-17.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20722
Arzt S, Kussmaul T, Bodden E. Towards Cross-Platform Cross-Language Analysis with Soot. In: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. SOAP 2016. ; 2016:1-6.
LibreCat
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20724
Follner A, Bodden E. ROPocop — Dynamic mitigation of code-reuse attacks. Journal of Information Security and Applications . 2016;29:16-26. doi:http://dx.doi.org/10.1016/j.jisa.2016.01.002
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20725
Follner A, Bartel A, Bodden E. Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality. In: International Symposium on Engineering Secure Software and Systems (ESSoS). ; 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20726
Falzon K, Bodden E. Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels. In: Piessens F, Vigan’o L, eds. Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings. Springer Berlin Heidelberg; 2016:116-138. doi:10.1007/978-3-662-49635-0_7
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20727
Rasthofer S, Arzt S, Miltenberger M, Bodden E. Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques. In: Network and Distributed System Security Symposium (NDSS). ; 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20728
Nadi S, Krüger S, Mezini M, Bodden E. Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs? In: International Conference for Software Engineering (ICSE). ; 2016:935-946.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20729
Arzt S, Bodden E. StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework. In: International Conference for Software Engineering (ICSE). ; 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20730
Eling N, Rasthofer S, Kolhagen M, Bodden E, Buxmann P. Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment. In: 2016 49th Hawaii International Conference on System Sciences (HICSS). ; 2016:3666-3675. doi:10.1109/HICSS.2016.458
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 5205
Späth J, Nguyen Quang Do L, Ali K, Bodden E. Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java. In: European Conference on Object-Oriented Programming (ECOOP). ; 2016.
LibreCat
| Files available
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 5207
Li L, Bartel A, Bissyande TF, et al. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps. In: 2015 International Conference on Software Engineering (ICSE). ; 2015:280-291.
LibreCat
| Files available
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5734
Lerch J, Hermann B, Bodden E, Mezini M. FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014. ACM Press; 2014. doi:10.1145/2635868.2635878
LibreCat
| DOI
2014 | Conference Paper | LibreCat-ID: 5189
Arzt S, Rasthofer S, Fritz C, et al. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14. ACM Press; 2014. doi:10.1145/2594291.2594299
LibreCat
| Files available
| DOI
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5190
Arzt S, Rasthofer S, Lovat E, Bodden E. DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android. In: International Conference on Availability, Reliability and Security (ARES 2014). IEEE; 2014:40-49.
LibreCat
| Files available
| Download (ext.)
2012 | Journal Article | LibreCat-ID: 5183
Bodden E, Lam P, Hendren L. Partially Evaluating Finite-State Runtime Monitors Ahead of Time. ACM Transactions on Programming Languages and Systems. 2012;34(2):1-52. doi:10.1145/2220365.2220366
LibreCat
| Files available
| DOI
| Download (ext.)
117 Publications
2024 | Conference Paper | LibreCat-ID: 52235
Khedkar M, Bodden E. Toward an Android Static Analysis Approach for Data Protection. In: Proceedings of the 9th International Conference on Mobile Software Engineering and Systems. ; 2024.
LibreCat
| Files available
| arXiv
2024 | Misc | LibreCat-ID: 52663
Wickert A-K, Schlichtig M, Vogel M, Winter L, Mezini M, Bodden E. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability.; 2024.
LibreCat
| Download (ext.)
2024 | Journal Article | LibreCat-ID: 52587
Bodden E, Pottebaum J, Fockel M, Gräßler I. Evaluating Security Through Isolation and Defense in Depth. IEEE Security & Privacy. 2024;22(1):69-72. doi:10.1109/msec.2023.3336028
LibreCat
| DOI
2024 | Conference Paper | LibreCat-ID: 53938
Karakaya K, Bodden E. Symbol-Specific Sparsification of Interprocedural Distributive Environment Problems. In: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. ACM; 2024. doi:10.1145/3597503.3639092
LibreCat
| DOI
2024 | Book Chapter | LibreCat-ID: 53942
Karakaya K, Schott S, Klauke J, et al. SootUp: A Redesign of the Soot Static Analysis Framework. In: Tools and Algorithms for the Construction and Analysis of Systems. Springer Nature Switzerland; 2024. doi:10.1007/978-3-031-57246-3_13
LibreCat
| DOI
2024 | Conference Paper | LibreCat-ID: 53958
Johnson O, Piskachev G, Krishnamurthy R, Bodden E. Detecting Security-Relevant Methods using Multi-label Machine Learning. In: Proceedings of the 46th International Conference on Software Engineering, IDE Workshop. ; 2024. doi:10.48550/ARXIV.2403.07501
LibreCat
| DOI
2024 | Conference Paper | LibreCat-ID: 53959
Shivarpatna Venkatesh AP, Sabu S, Wang J, Mir AM, Li L, Bodden E. TypeEvalPy: A Micro-benchmarking Framework for Python Type Inference Tools. In: Proceedings of the 46th International Conference on Software Engineering, Tool Demo Track. ; 2024.
LibreCat
| arXiv
2023 | Conference Paper | LibreCat-ID: 35083
Dann AP, Hermann B, Bodden E. UpCy: Safely Updating Outdated Dependencies. Published online 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 36522 |
Shivarpatna Venkatesh AP, Wang J, Li L, Bodden E. Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis. In: IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering); 2023. doi:10.48550/ARXIV.2301.04419
LibreCat
| Files available
| DOI
2023 | Conference Paper | LibreCat-ID: 41812
Luo L, Piskachev G, Krishnamurthy R, Dolby J, Schäf M, Bodden E. Model Generation For Java Frameworks. In: IEEE International Conference on Software Testing, Verification and Validation (ICST). ; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 41813
Shivarpatna Venkatesh AP, Wang J, Li L, Bodden E. Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis. In: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2023.
LibreCat
2023 | Journal Article | LibreCat-ID: 46816
Torres A, Costa P, Amaral L, et al. Runtime Verification of Crypto APIs: An Empirical Study. IEEE Transactions on Software Engineering. 2023;49(10):4510-4525. doi:10.1109/tse.2023.3301660
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 49439
Piskachev G, Becker M, Bodden E. Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study. Empirical Software Engineering. 2023;28(5). doi:10.1007/s10664-023-10354-3
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
Krüger S, Reif M, Wickert A-K, et al. Securing Your Crypto-API Usage Through Tool Support - A Usability Study. In: 2023 IEEE Secure Development Conference (SecDev). IEEE; 2023. doi:10.1109/secdev56634.2023.00015
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 48946
Gräßler I, Bodden E, Wiechel D, Pottebaum J. Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security. Konstruktion. 2023;75(11-12):60-65. doi:10.37544/0720-5953-2023-11-12-60
LibreCat
| DOI
2023 | Book Chapter | LibreCat-ID: 52662
Nachtigall M, Schlichtig M, Bodden E. Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:95–96.
LibreCat
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 52660
Schlichtig M, Sassalla S, Narasimhan K, Bodden E. Introducing FUM: A Framework for API Usage Constraint and Misuse Classification. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:105–106.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2023:379-385. doi:10.1109/eurospw59978.2023.00048
LibreCat
| DOI
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 45888 |
Wehrheim H, Platzner M, Bodden E, Schubert P, Pauck F, Jakobs M-C. Verifying Software and Reconfigurable Hardware Services. In: Haake C-J, Meyer auf der Heide F, Platzner M, Wachsmuth H, Wehrheim H, eds. On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets. Vol 412. Verlagsschriftenreihe des Heinz Nixdorf Instituts. Heinz Nixdorf Institut, Universität Paderborn; 2023:125-144. doi:10.5281/zenodo.8068583
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 29844
Koch T, Trippel S, Dziwok S, Bodden E. Integrating Security Protocols in Scenario-based Requirements Specifications. In: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications; 2022. doi:10.5220/0010783300003119
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 31844
Fischer A, Fuhry B, Kußmaul J, Janneck J, Kerschbaum F, Bodden E. Computation on Encrypted Data Using Dataflow Authentication. ACM Transactions on Privacy and Security. 2022;25(3):1-36. doi:10.1145/3513005
LibreCat
| DOI
2022 | Misc | LibreCat-ID: 32409
Schlichtig M, Wickert A-K, Krüger S, Bodden E, Mezini M. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite.; 2022. doi:10.48550/ARXIV.2204.06447
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 32410
Nachtigall M, Schlichtig M, Bodden E. A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools. In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM; 2022:532-543. doi:10.1145/3533767
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 31133
Schlichtig M, Sassalla S, Narasimhan K, Bodden E. FUM - A Framework for API Usage constraint and Misuse Classification. In: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2022:673-684. doi:https://doi.org/10.1109/SANER53432.2022.00085
LibreCat
| Files available
| DOI
2022 | Journal Article | LibreCat-ID: 30511 |
Schubert P, Gazzillo P, Patterson Z, et al. Static data-flow analysis for software product lines in C. Automated Software Engineering. 2022;29(1). doi:10.1007/s10515-022-00333-1
LibreCat
| DOI
| Download (ext.)
2022 | Journal Article | LibreCat-ID: 33835
Sayar I, Bartel A, Bodden E, Le Traon Y. An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities. ACM Transactions on Software Engineering and Methodology. Published online 2022. doi:10.1145/3554732
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 33836
Piskachev G, Späth J, Budde I, Bodden E. Fluently specifying taint-flow queries with fluentTQL. Empirical Software Engineering. 2022;27(5):1–33.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33838
Krishnamurthy R, Piskachev G, Bodden E. To what extent can we analyze Kotlin programs using existing Java taint analysis tools? Published online 2022.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33837
Piskachev G, Dziwok S, Koch T, Merschjohann S, Bodden E. How far are German companies in improving security through static program analysis tools? Published online 2022.
LibreCat
2022 | Journal Article | LibreCat-ID: 53952
Massacci F, Sabetta A, Mirkovic J, et al. “Free” as in Freedom to Protest? IEEE Security & Privacy. 2022;20(5):16-21. doi:10.1109/msec.2022.3185845
LibreCat
| DOI
2021 | Journal Article | LibreCat-ID: 27045 |
Luo L, Pauck F, Piskachev G, et al. TaintBench: Automatic real-world malware benchmarking of Android taint analyses. Empirical Software Engineering. Published online 2021. doi:10.1007/s10664-021-10013-5
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21595
Stockmann L, Laux S, Bodden E. Using Architectural Runtime Verification for Offline Data Analysis. Journal of Automotive Software Engineering. Published online 2021. doi:10.2991/jase.d.210205.001
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21597
Holzinger P, Bodden E. A Systematic Hardening of Java’s Information Hiding. International Symposium on Advanced Security on Software and Systems (ASSS). Published online 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21599
Bonifacio R, Krüger S, Narasimhan K, Bodden E, Mezini M. Dealing with Variability in API Misuse Specification. European Conference on Object-Oriented Programming (ECOOP). Published online 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22462
Shivarpatna Venkatesh AP, Bodden E. Automated Cell Header Generator for Jupyter Notebooks. In: International Workshop on AI and Software Testing/Analysis (AISTA). ; 2021. doi:10.1145/3464968.3468410
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 23388
Kummita S, Piskachev G, Spaeth J, Bodden E. Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON. In: Proceedings of the 2021 International Conference on Code Quality (ICCQ). ; 2021. doi:10.1109/ICCQ51190.2021.9392986
LibreCat
| DOI
| Download (ext.)
2021 | Conference Paper | LibreCat-ID: 21598 |
Schubert P, Hermann B, Bodden E. Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis. In: European Conference on Object-Oriented Programming (ECOOP). ; 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 31132
Dann AP, Plate H, Hermann B, Ponta SE, Bodden E. Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite. IEEE Transactions on Software Engineering. Published online 2021:1-1. doi:10.1109/tse.2021.3101739
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 26407
Piskachev G, Krishnamurthy R, Bodden E. SecuCheck: Engineering configurable taint analysis for software developers. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22463
Luo L, Schäf M, Sanchez D, Bodden E. IDE Support for Cloud-Based Static Analyses. In: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 33840
Karakaya K, Bodden E. SootFX: A Static Code Feature Extraction Tool for Java and Android. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021:181–186.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26406
Schubert P, Hermann B, Bodden E, Leer R. Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++. In: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track). ; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26405
Schubert P, Sattler F, Schiebel F, Hermann B, Bodden E. Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
2020 | Journal Article | LibreCat-ID: 20507
Geismann J, Bodden E. A systematic literature review of model-driven security engineering for cyber–physical systems. Journal of Systems and Software. 2020;169:110697. doi:https://doi.org/10.1016/j.jss.2020.110697
LibreCat
| DOI
2020 | Journal Article | LibreCat-ID: 20508
Nguyen Quang Do L, Bodden E. Explaining Static Analysis with Rule Graphs. IEEE Transactions on Software Engineering. Published online 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20509
Fischer A, Janneck J, Kussmaul J, Krätzschmar N, Kerschbaum F, Bodden E. PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage. In: 2020 IEEE Computer Security Foundations Symposium (CSF). ; 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20510
Benz M, Krogh Kristensen E, Luo L, P. Borges Jr. N, Bodden E, Zeller A. Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis. In: International Conference for Software Engineering (ICSE). ; 2020.
LibreCat
2020 | Conference Paper | LibreCat-ID: 20511
Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Dataflow Authentication. In: Privacy Enhancing Technologies Symposium (PETS/PoPETS). ; 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20518
Koch T, Dziwok S, Holtmann J, Bodden E. Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers. In: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM; 2020. doi:10.1145/3365438.3410946
LibreCat
| DOI
2020 | Report | LibreCat-ID: 20712
Schubert P, Bodden E, Hermann B. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries.; 2020.
LibreCat
| Files available
2020 | Book Chapter | LibreCat-ID: 20891
Knüppel A, Krüger S, Thüm T, et al. Using Abstract Contracts for Verifying Evolving Features and Their Interactions. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-64354-6_5
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 16214
Pauck F, Bodden E, Wehrheim H. Reproducing Taint-Analysis Results with ReproDroid. In: Felderer M, Hasselbring W, Rabiser R, Jung R, eds. Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria. {LNI}. Gesellschaft f{\"{u}}r Informatik e.V.; 2020:123-124. doi:10.18420/SE2020_36
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 23521
Gräßler I, Bodden E, Pottebaum J, Geismann J, Roesmann D. Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems. In: Advanced, Contemporary Control, Advances in Intelligent Systems and Computing. Vol 1196. Springer International Publishing; 2020:1458-1469.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20525
Stockmann L, Laux S, Bodden E. Architectural Runtime Verification. In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C). ; 2019:77-84. doi:10.1109/ICSA-C.2019.00021
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20527
Hazhirpasand M, Ghafari M, Krüger S, Bodden E, Nierstrasz O. The Impact of Developer Experience in Using Java Cryptography. In: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). ; 2019:1-6. doi:10.1109/ESEM.2019.8870184
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20528
Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-state Analysis for Access-control Vulnerabilities. In: 10th Workshop on Tools for Automatic Program Analysis (TAPAS). ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20529
Nachtigall M, Nguyen Quang Do L, Bodden E. Explaining Static Analysis -- A Perspective. In: 1st International Workshop on Explainable Software (EXPLAIN) at ASE. ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20531
Luo L, Bodden E, Späth J. A Qualitative Analysis of Android Taint-Analysis Results. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019). ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20532
Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track. ; 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20533
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/TSE.2019.2948910
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20534
Piskachev G, Nguyen Quang Do L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods. In: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA). ; 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20535
Luo L, Dolby J, Bodden E. MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors. In: European Conference on Object-Oriented Programming (ECOOP). ; 2019.
LibreCat
| Download (ext.)
2019 | Report | LibreCat-ID: 20537
Piskachev G, Nguyen L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods.; 2019.
LibreCat
2019 | Conference Paper | LibreCat-ID: 20538
Albert Gorski Iii S, Andow B, Nadkarni A, et al. ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware. In: ACM Conference on Data and Application Security and Privacy (CODASPY 2019). ; 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20539
Späth J, Ali K, Bodden E. Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems. Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages. 2019;3(POPL):48:1-48:29. doi:10.1145/3290361
LibreCat
| DOI
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 14896
Dann A, Hermann B, Bodden E. ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/tse.2019.2931331
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 14897
Dann A, Hermann B, Bodden E. SootDiff: bytecode comparison across different Java compilers. In: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019. ; 2019. doi:10.1145/3315568.3329966
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 7626 |
Schubert P, Hermann B, Bodden E. PhASAR: An Inter-Procedural Static Analysis Framework for C/C++. In: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019). Vol II. ; 2019:393-410. doi:10.1007/978-3-030-17465-1_22
LibreCat
| Files available
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 14898
Schubert P, Leer R, Hermann B, Bodden E. Know your analysis: how instrumentation aids understanding static analysis. In: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019. ; 2019. doi:10.1145/3315568.3329965
LibreCat
| DOI
2018 | Preprint | LibreCat-ID: 2711
Pauck F, Bodden E, Wehrheim H. Do Android Taint Analysis Tools Keep their Promises? arXiv:180402903. 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20530
Bodden E, Nguyen Quang Do L. Explainable Static Analysis. In: Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany. {LNI}. ; 2018:205-208.
LibreCat
| Download (ext.)
2018 | Journal Article | LibreCat-ID: 20543
Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. Debugging Static Analysis. IEEE Transactions on Software Engineering. Published online 2018:1-1. doi:10.1109/TSE.2018.2868349
LibreCat
| DOI
| Download (ext.)
2018 | Conference (Editor) | LibreCat-ID: 20544
Tichy M, Bodden E, Kuhrmann M, Wagner S, Steghöfer J-P, eds. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Vol {P-279}. Gesellschaft für Informatik; 2018.
LibreCat
2018 | Conference Paper | LibreCat-ID: 20546
Gerking C, Schubert D, Bodden E. Model Checking the Information Flow Security of Real-Time Systems. In: Payer M, Rashid A, Such JM, eds. Engineering Secure Software and Systems. Springer International Publishing; 2018:27-43.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20547
Nguyen Quang Do L, Bodden E. Gamifying Static Analysis. In: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ESEC/FSE 2018. ACM; 2018:714-718. doi:10.1145/3236024.3264830
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20548
Bodden E. The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them). In: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018). ISSTA ’18. ACM; 2018:85-93. doi:10.1145/3236454.3236500
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20549
Geismann J, Gerking C, Bodden E. Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes. In: International Conference on Software and System Processes (ICSSP). ; 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20550
Bodden E. Self-adaptive Static Analysis. In: Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results. ICSE-NIER ’18. ACM; 2018:45-48. doi:10.1145/3183399.3183401
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 20551
Nguyen Quang Do L, Krüger S, Hill P, Ali K, Bodden E. VISUFLOW, a Debugging Environment for Static Analyses. In: International Conference for Software Engineering (ICSE), Tool Demonstrations Track. ; 2018.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 4999
Pauck F, Bodden E, Wehrheim H. Do Android taint analysis tools keep their promises? In: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018. ACM Press; 2018. doi:10.1145/3236024.3236029
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 5203
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. In: European Conference on Object-Oriented Programming (ECOOP). ; 2018:10:1-10:27.
LibreCat
| Files available
| Download (ext.)
2017 | Misc | LibreCat-ID: 28231
Bodden E, Dressler F, Meyer auf der Heide F, Scheytt C, Trächtler A. Intelligente technische Systeme. Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn; 2017.
LibreCat
2017 | Book | LibreCat-ID: 24221
Gausemeier J, Bodden E, Dressler F, et al. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn; 2017. doi:10.17619/UNIPB/1-93
LibreCat
| Files available
| DOI
2017 | Book (Editor) | LibreCat-ID: 27415
Gausemeier J, Bodden E, Dressler F, et al., eds. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369. Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts; 2017.
LibreCat
2017 | Book Chapter | LibreCat-ID: 20552
Gerking C, Bodden E, Schäfer W. Industrial Security by Design. In: Maier GW, Engels G, Steffen E, eds. Handbuch Gestaltung Digitaler Und Vernetzter Arbeitswelten. Springer Berlin Heidelberg; 2017:1-24. doi:10.1007/978-3-662-52903-4_8-1
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 20553
Ben Othmane L, Chehrazi G, Bodden E, Tsalovski P, Brucker AD. Time for Addressing Software Security Issues: Prediction Models and Impacting Factors. Data Science and Engineering. 2017;2(2):107-124. doi:https://doi.org/10.1007/s41019-016-0019-8
LibreCat
| Files available
| DOI
2017 | Report | LibreCat-ID: 20554
Bodden E. Self-Adaptive Static Analysis.; 2017.
LibreCat
| Download (ext.)
2017 | Report | LibreCat-ID: 20555
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: Validating Correct Usage of Cryptographic APIs.; 2017.
LibreCat
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 20557
Lillack M, Kästner C, Bodden E. Tracking Load-time Configuration Options. IEEE Transactions on Software Engineering. 2017;PP(99):1-1. doi:10.1109/TSE.2017.2756048
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20558
Krüger S, Nadi S, Reif M, et al. CogniCrypt: Supporting Developers in using Cryptography. In: International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track. ; 2017.
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20559
Do LNQ, Ali K, Livshits B, Bodden E, Smith J, Murphy-Hill E. Just-in-time Static Analysis. In: Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis. ISSTA 2017. ACM; 2017:307-317. doi:10.1145/3092703.3092705
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20715
Nguyen Quang Do L, Ali K, Livshits B, Bodden E, Smith J, Murphy-Hill E. Cheetah: Just-in-Time Taint Analysis for Android Apps. In: International Conference for Software Engineering (ICSE), Tool Demonstrations Track. ; 2017.
LibreCat
| Download (ext.)
2017 | Book | LibreCat-ID: 23010
Gausemeier J, Bodden E, Dressler F, et al. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn; 2017.
LibreCat
2017 | Conference Paper | LibreCat-ID: 5725
Holzinger P, Hermann B, Lerch J, Bodden E, Mezini M. Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE; 2017. doi:10.1109/sp.2017.16
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 5204
Späth J, Ali K, Bodden E. IDEal: Efficient and Precise Alias-aware Dataflow Analysis. In: 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH). ACM Press; 2017.
LibreCat
| Files available
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 5209
Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Data Flow Authentication. CoRR. 2017;abs/1710.00390.
LibreCat
| Files available
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20556
Bodden E, I Pun K, Steffen M, Stolz V, Wickert A-K. Information Flow Analysis for Go. In: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}. ; 2016:431-445. doi:10.1007/978-3-319-47166-2_30
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20716
Bodden E, Eichberg M, I Pun K, Steffen M, Stolz V, Wickert A-K. Don’t let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go. In: Nordic Workshop on Programming Theory (NWPT’16). ; 2016.
LibreCat
| Download (ext.)
2016 | Report | LibreCat-ID: 20717
Nguyen Quang Do L, Ali K, Livshits B, Bodden E, Smith J, Murphy-Hill E. Just-in-Time Static Analysis.; 2016. doi:http://dx.doi.org/10.7939/DVN/10859
LibreCat
| DOI
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20718
Rasthofer S, Arzt S, Bodden E, Miltenberger M. Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen. Datenschutz und Datensicherheit. Published online 2016:718-722. doi:https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20719
Holzinger P, Triller S, Bartel A, Bodden E. An In-Depth Study of More Than Ten Years of Java Exploitation. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. CCS ’16. ; 2016:779-790. doi:http://doi.acm.org/10.1145/2976749.2978361
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20720
Follner A, Bartel A, Peng H, et al. PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution. In: International Workshop on Security and Trust Management (STM). ; 2016:212-228.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20721
Nguyen Quang Do L, Eichberg M, Bodden E. Toward an Automated Benchmark Management System. In: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. SOAP 2016. ; 2016:13-17.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20722
Arzt S, Kussmaul T, Bodden E. Towards Cross-Platform Cross-Language Analysis with Soot. In: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. SOAP 2016. ; 2016:1-6.
LibreCat
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20724
Follner A, Bodden E. ROPocop — Dynamic mitigation of code-reuse attacks. Journal of Information Security and Applications . 2016;29:16-26. doi:http://dx.doi.org/10.1016/j.jisa.2016.01.002
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20725
Follner A, Bartel A, Bodden E. Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality. In: International Symposium on Engineering Secure Software and Systems (ESSoS). ; 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20726
Falzon K, Bodden E. Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels. In: Piessens F, Vigan’o L, eds. Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings. Springer Berlin Heidelberg; 2016:116-138. doi:10.1007/978-3-662-49635-0_7
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20727
Rasthofer S, Arzt S, Miltenberger M, Bodden E. Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques. In: Network and Distributed System Security Symposium (NDSS). ; 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20728
Nadi S, Krüger S, Mezini M, Bodden E. Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs? In: International Conference for Software Engineering (ICSE). ; 2016:935-946.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20729
Arzt S, Bodden E. StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework. In: International Conference for Software Engineering (ICSE). ; 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20730
Eling N, Rasthofer S, Kolhagen M, Bodden E, Buxmann P. Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment. In: 2016 49th Hawaii International Conference on System Sciences (HICSS). ; 2016:3666-3675. doi:10.1109/HICSS.2016.458
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 5205
Späth J, Nguyen Quang Do L, Ali K, Bodden E. Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java. In: European Conference on Object-Oriented Programming (ECOOP). ; 2016.
LibreCat
| Files available
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 5207
Li L, Bartel A, Bissyande TF, et al. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps. In: 2015 International Conference on Software Engineering (ICSE). ; 2015:280-291.
LibreCat
| Files available
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5734
Lerch J, Hermann B, Bodden E, Mezini M. FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014. ACM Press; 2014. doi:10.1145/2635868.2635878
LibreCat
| DOI
2014 | Conference Paper | LibreCat-ID: 5189
Arzt S, Rasthofer S, Fritz C, et al. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14. ACM Press; 2014. doi:10.1145/2594291.2594299
LibreCat
| Files available
| DOI
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5190
Arzt S, Rasthofer S, Lovat E, Bodden E. DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android. In: International Conference on Availability, Reliability and Security (ARES 2014). IEEE; 2014:40-49.
LibreCat
| Files available
| Download (ext.)
2012 | Journal Article | LibreCat-ID: 5183
Bodden E, Lam P, Hendren L. Partially Evaluating Finite-State Runtime Monitors Ahead of Time. ACM Transactions on Programming Languages and Systems. 2012;34(2):1-52. doi:10.1145/2220365.2220366
LibreCat
| Files available
| DOI
| Download (ext.)