112 Publications
2024 | Conference Paper | LibreCat-ID: 52235
@inproceedings{Khedkar_Bodden_2024, title={Toward an Android Static Analysis Approach for Data Protection}, booktitle={Proceedings of the 9th International Conference on Mobile Software Engineering and Systems}, author={Khedkar, Mugdha and Bodden, Eric}, year={2024} }
LibreCat
| Files available
| arXiv
2024 | Journal Article | LibreCat-ID: 52587
@article{Bodden_Pottebaum_Fockel_Gräßler_2024, title={Evaluating Security Through Isolation and Defense in Depth}, volume={22}, DOI={10.1109/msec.2023.3336028}, number={1}, journal={IEEE Security & Privacy}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Bodden, Eric and Pottebaum, Jens and Fockel, Markus and Gräßler, Iris}, year={2024}, pages={69–72} }
LibreCat
| DOI
2024 | Misc | LibreCat-ID: 52663
@book{Wickert_Schlichtig_Vogel_Winter_Mezini_Bodden_2024, title={Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability}, author={Wickert, Anna-Katharina and Schlichtig, Michael and Vogel, Marvin and Winter, Lukas and Mezini, Mira and Bodden, Eric}, year={2024} }
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 35083
@article{Dann_Hermann_Bodden_2023, series={International Conference on Software Engineering (ICSE)}, title={UpCy: Safely Updating Outdated Dependencies}, author={Dann, Andreas Peter and Hermann, Ben and Bodden, Eric}, year={2023}, collection={International Conference on Software Engineering (ICSE)} }
LibreCat
2023 | Conference Paper | LibreCat-ID: 36522 | 
@inproceedings{Shivarpatna Venkatesh_Wang_Li_Bodden_2023, title={Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis}, DOI={10.48550/ARXIV.2301.04419}, publisher={IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Wang, Jiawei and Li, Li and Bodden, Eric}, year={2023} }
LibreCat
| Files available
| DOI
2023 | Conference Paper | LibreCat-ID: 41812
@inproceedings{Luo_Piskachev_Krishnamurthy_Dolby_Schäf_Bodden_2023, title={Model Generation For Java Frameworks}, booktitle={IEEE International Conference on Software Testing, Verification and Validation (ICST)}, author={Luo, Linghui and Piskachev, Goran and Krishnamurthy, Ranjith and Dolby, Julian and Schäf, Martin and Bodden, Eric}, year={2023} }
LibreCat
2023 | Conference Paper | LibreCat-ID: 41813
@inproceedings{Shivarpatna Venkatesh_Wang_Li_Bodden_2023, title={Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis}, booktitle={IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Wang, Jiawei and Li, Li and Bodden, Eric}, year={2023} }
LibreCat
2023 | Book Chapter | LibreCat-ID: 45888 |
@inbook{Wehrheim_Platzner_Bodden_Schubert_Pauck_Jakobs_2023, place={Paderborn}, series={Verlagsschriftenreihe des Heinz Nixdorf Instituts}, title={Verifying Software and Reconfigurable Hardware Services}, volume={412}, DOI={10.5281/zenodo.8068583}, booktitle={On-The-Fly Computing -- Individualized IT-services in dynamic markets}, publisher={Heinz Nixdorf Institut, Universität Paderborn}, author={Wehrheim, Heike and Platzner, Marco and Bodden, Eric and Schubert, Philipp and Pauck, Felix and Jakobs, Marie-Christine}, editor={Haake, Claus-Jochen and Meyer auf der Heide, Friedhelm and Platzner, Marco and Wachsmuth, Henning and Wehrheim, Heike}, year={2023}, pages={125–144}, collection={Verlagsschriftenreihe des Heinz Nixdorf Instituts} }
LibreCat
| Files available
| DOI
2023 | Journal Article | LibreCat-ID: 46816
@article{Torres_Costa_Amaral_Pastro_Bonifácio_d’Amorim_Legunsen_Bodden_Dias Canedo_2023, title={Runtime Verification of Crypto APIs: An Empirical Study}, volume={49}, DOI={10.1109/tse.2023.3301660}, number={10}, journal={IEEE Transactions on Software Engineering}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Torres, Adriano and Costa, Pedro and Amaral, Luis and Pastro, Jonata and Bonifácio, Rodrigo and d’Amorim, Marcelo and Legunsen, Owolabi and Bodden, Eric and Dias Canedo, Edna}, year={2023}, pages={4510–4525} }
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 49439
@article{Piskachev_Becker_Bodden_2023, title={Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study}, volume={28}, DOI={10.1007/s10664-023-10354-3}, number={5118}, journal={Empirical Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Piskachev, Goran and Becker, Matthias and Bodden, Eric}, year={2023} }
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
@inproceedings{Krüger_Reif_Wickert_Nadi_Ali_Bodden_Acar_Mezini_Fahl_2023, title={Securing Your Crypto-API Usage Through Tool Support - A Usability Study}, DOI={10.1109/secdev56634.2023.00015}, booktitle={2023 IEEE Secure Development Conference (SecDev)}, publisher={IEEE}, author={Krüger, Stefan and Reif, Michael and Wickert, Anna-Katharina and Nadi, Sarah and Ali, Karim and Bodden, Eric and Acar, Yasemin and Mezini, Mira and Fahl, Sascha}, year={2023} }
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 48946
@article{Gräßler_Bodden_Wiechel_Pottebaum_2023, title={Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security}, volume={75}, DOI={10.37544/0720-5953-2023-11-12-60}, number={11–12}, journal={Konstruktion}, publisher={VDI Fachmedien GmbH and Co. KG}, author={Gräßler, Iris and Bodden, Eric and Wiechel, Dominik and Pottebaum, Jens}, year={2023}, pages={60–65} }
LibreCat
| DOI
2023 | Book Chapter | LibreCat-ID: 52662
@inbook{Nachtigall_Schlichtig_Bodden_2023, place={Bonn}, title={Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2023}, pages={95–96} }
LibreCat
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 52660
@inbook{Schlichtig_Sassalla_Narasimhan_Bodden_2023, place={Bonn}, title={Introducing FUM: A Framework for API Usage Constraint and Misuse Classification}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2023}, pages={105–106} }
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
@inproceedings{Pottebaum_Rossel_Somorovsky_Acar_Fahr_Arias Cabarcos_Bodden_Gräßler_2023, title={Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth}, DOI={10.1109/eurospw59978.2023.00048}, booktitle={2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}, publisher={IEEE}, author={Pottebaum, Jens and Rossel, Jost and Somorovsky, Juraj and Acar, Yasemin and Fahr, René and Arias Cabarcos, Patricia and Bodden, Eric and Gräßler, Iris}, year={2023}, pages={379–385} }
LibreCat
| DOI
| Download (ext.)
2022 | Conference Paper | LibreCat-ID: 29844
@inproceedings{Koch_Trippel_Dziwok_Bodden_2022, title={Integrating Security Protocols in Scenario-based Requirements Specifications}, DOI={10.5220/0010783300003119}, booktitle={Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development}, publisher={SCITEPRESS - Science and Technology Publications}, author={Koch, Thorsten and Trippel, Sascha and Dziwok, Stefan and Bodden, Eric}, year={2022} }
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 31844
@article{Fischer_Fuhry_Kußmaul_Janneck_Kerschbaum_Bodden_2022, title={Computation on Encrypted Data Using Dataflow Authentication}, volume={25}, DOI={10.1145/3513005}, number={3}, journal={ACM Transactions on Privacy and Security}, publisher={Association for Computing Machinery (ACM)}, author={Fischer, Andreas and Fuhry, Benny and Kußmaul, Jörn and Janneck, Jonas and Kerschbaum, Florian and Bodden, Eric}, year={2022}, pages={1–36} }
LibreCat
| DOI
2022 | Misc | LibreCat-ID: 32409
@book{Schlichtig_Wickert_Krüger_Bodden_Mezini_2022, title={CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite}, DOI={10.48550/ARXIV.2204.06447}, author={Schlichtig, Michael and Wickert, Anna-Katharina and Krüger, Stefan and Bodden, Eric and Mezini, Mira}, year={2022} }
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 32410
@inproceedings{Nachtigall_Schlichtig_Bodden_2022, title={A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools}, DOI={10.1145/3533767}, booktitle={Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis}, publisher={ACM}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2022}, pages={532–543} }
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 31133
@inproceedings{Schlichtig_Sassalla_Narasimhan_Bodden_2022, title={FUM - A Framework for API Usage constraint and Misuse Classification}, DOI={https://doi.org/10.1109/SANER53432.2022.00085}, booktitle={2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2022}, pages={673–684} }
LibreCat
| Files available
| DOI
2022 | Journal Article | LibreCat-ID: 30511 |
@article{Schubert_Gazzillo_Patterson_Braha_Schiebel_Hermann_Wei_Bodden_2022, title={Static data-flow analysis for software product lines in C}, volume={29}, DOI={10.1007/s10515-022-00333-1}, number={135}, journal={Automated Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Schubert, Philipp and Gazzillo, Paul and Patterson, Zach and Braha, Julian and Schiebel, Fabian and Hermann, Ben and Wei, Shiyi and Bodden, Eric}, year={2022} }
LibreCat
| DOI
| Download (ext.)
2022 | Journal Article | LibreCat-ID: 33835
@article{Sayar_Bartel_Bodden_Le Traon_2022, title={An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities}, DOI={10.1145/3554732}, journal={ACM Transactions on Software Engineering and Methodology}, publisher={Association for Computing Machinery (ACM)}, author={Sayar, Imen and Bartel, Alexandre and Bodden, Eric and Le Traon, Yves}, year={2022} }
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 33836
@article{Piskachev_Späth_Budde_Bodden_2022, title={Fluently specifying taint-flow queries with fluentTQL}, volume={27}, number={5}, journal={Empirical Software Engineering}, publisher={Springer}, author={Piskachev, Goran and Späth, Johannes and Budde, Ingo and Bodden, Eric}, year={2022}, pages={1–33} }
LibreCat
2022 | Conference Paper | LibreCat-ID: 33838
@article{Krishnamurthy_Piskachev_Bodden_2022, series={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)}, title={To what extent can we analyze Kotlin programs using existing Java taint analysis tools?}, author={Krishnamurthy, Ranjith and Piskachev, Goran and Bodden, Eric}, year={2022}, collection={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)} }
LibreCat
2022 | Conference Paper | LibreCat-ID: 33837
@article{Piskachev_Dziwok_Koch_Merschjohann_Bodden_2022, series={IEEE Secure Development Conference (SecDev)}, title={How far are German companies in improving security through static program analysis tools?}, author={Piskachev, Goran and Dziwok, Stefan and Koch, Thorsten and Merschjohann, Sven and Bodden, Eric}, year={2022}, collection={IEEE Secure Development Conference (SecDev)} }
LibreCat
2021 | Journal Article | LibreCat-ID: 27045 |
@article{Luo_Pauck_Piskachev_Benz_Pashchenko_Mory_Bodden_Hermann_Massacci_2021, title={TaintBench: Automatic real-world malware benchmarking of Android taint analyses}, DOI={10.1007/s10664-021-10013-5}, journal={Empirical Software Engineering}, author={Luo, Linghui and Pauck, Felix and Piskachev, Goran and Benz, Manuel and Pashchenko, Ivan and Mory, Martin and Bodden, Eric and Hermann, Ben and Massacci, Fabio}, year={2021} }
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21595
@article{Stockmann_Laux_Bodden_2021, title={Using Architectural Runtime Verification for Offline Data Analysis}, DOI={10.2991/jase.d.210205.001}, journal={Journal of Automotive Software Engineering}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2021} }
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21597
@article{Holzinger_Bodden_2021, title={A Systematic Hardening of Java’s Information Hiding}, journal={International Symposium on Advanced Security on Software and Systems (ASSS)}, author={Holzinger, Philipp and Bodden, Eric}, year={2021} }
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21599
@article{Bonifacio_Krüger_Narasimhan_Bodden_Mezini_2021, title={Dealing with Variability in API Misuse Specification}, journal={European Conference on Object-Oriented Programming (ECOOP)}, author={Bonifacio, Rodrigo and Krüger, Stefan and Narasimhan, Krishna and Bodden, Eric and Mezini, Mira}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 22462
@inproceedings{Shivarpatna Venkatesh_Bodden_2021, title={Automated Cell Header Generator for Jupyter Notebooks}, DOI={10.1145/3464968.3468410}, booktitle={International Workshop on AI and Software Testing/Analysis (AISTA)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Bodden, Eric}, year={2021} }
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 23388
@inproceedings{Kummita_Piskachev_Spaeth_Bodden_2021, title={Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON}, DOI={10.1109/ICCQ51190.2021.9392986}, booktitle={Proceedings of the 2021 International Conference on Code Quality (ICCQ)}, author={Kummita, Sriteja and Piskachev, Goran and Spaeth, Johannes and Bodden, Eric}, year={2021} }
LibreCat
| DOI
| Download (ext.)
2021 | Conference Paper | LibreCat-ID: 21598 |
@inproceedings{Schubert_Hermann_Bodden_2021, title={Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric}, year={2021} }
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 31132
@article{Dann_Plate_Hermann_Ponta_Bodden_2021, title={Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite}, DOI={10.1109/tse.2021.3101739}, journal={IEEE Transactions on Software Engineering}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Dann, Andreas Peter and Plate, Henrik and Hermann, Ben and Ponta, Serena Elisa and Bodden, Eric}, year={2021}, pages={1–1} }
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 26407
@inproceedings{Piskachev_Krishnamurthy_Bodden_2021, title={SecuCheck: Engineering configurable taint analysis for software developers}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Piskachev, Goran and Krishnamurthy, Ranjith and Bodden, Eric}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 22463
@inproceedings{Luo_Schäf_Sanchez_Bodden_2021, title={IDE Support for Cloud-Based Static Analyses}, booktitle={Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, author={Luo, Linghui and Schäf, Martin and Sanchez, Daniel and Bodden, Eric}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 33840
@inproceedings{Karakaya_Bodden_2021, title={SootFX: A Static Code Feature Extraction Tool for Java and Android}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Karakaya, Kadiray and Bodden, Eric}, year={2021}, pages={181–186} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 26406
@inproceedings{Schubert_Hermann_Bodden_Leer_2021, title={Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++}, booktitle={SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric and Leer, Richard}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 26405
@inproceedings{Schubert_Sattler_Schiebel_Hermann_Bodden_2021, title={Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Schubert, Philipp and Sattler, Florian and Schiebel, Fabian and Hermann, Ben and Bodden, Eric}, year={2021} }
LibreCat
2020 | Journal Article | LibreCat-ID: 20507
@article{Geismann_Bodden_2020, title={A systematic literature review of model-driven security engineering for cyber–physical systems}, volume={169}, DOI={https://doi.org/10.1016/j.jss.2020.110697}, journal={Journal of Systems and Software}, author={Geismann, Johannes and Bodden, Eric}, year={2020}, pages={110697} }
LibreCat
| DOI
2020 | Journal Article | LibreCat-ID: 20508
@article{Nguyen Quang Do_Bodden_2020, title={Explaining Static Analysis with Rule Graphs}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2020} }
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20509
@inproceedings{Fischer_Janneck_Kussmaul_Krätzschmar_Kerschbaum_Bodden_2020, title={PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage}, booktitle={2020 IEEE Computer Security Foundations Symposium (CSF)}, author={Fischer, Andreas and Janneck, Jonas and Kussmaul, Jörn and Krätzschmar, Nikolas and Kerschbaum, Florian and Bodden, Eric}, year={2020} }
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20510
@inproceedings{Benz_Krogh Kristensen_Luo_P. Borges Jr._Bodden_Zeller_2020, title={Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis}, booktitle={International Conference for Software Engineering (ICSE)}, author={Benz, Manuel and Krogh Kristensen, Erik and Luo, Linghui and P. Borges Jr., Nataniel and Bodden, Eric and Zeller, Andreas}, year={2020} }
LibreCat
2020 | Conference Paper | LibreCat-ID: 20511
@inproceedings{Fischer_Fuhry_Kerschbaum_Bodden_2020, title={Computation on Encrypted Data using Dataflow Authentication}, booktitle={Privacy Enhancing Technologies Symposium (PETS/PoPETS)}, author={Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}, year={2020} }
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20518
@inproceedings{Koch_Dziwok_Holtmann_Bodden_2020, title={Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers}, DOI={10.1145/3365438.3410946}, booktitle={ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20)}, publisher={ACM}, author={Koch, Thorsten and Dziwok, Stefan and Holtmann, Jörg and Bodden, Eric}, year={2020} }
LibreCat
| DOI
2020 | Report | LibreCat-ID: 20712
@book{Schubert_Bodden_Hermann_2020, title={Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries}, author={Schubert, Philipp and Bodden, Eric and Hermann, Ben}, year={2020} }
LibreCat
| Files available
2020 | Book Chapter | LibreCat-ID: 20891
@inbook{Knüppel_Krüger_Thüm_Bubel_Krieter_Bodden_Schaefer_2020, place={Cham}, title={Using Abstract Contracts for Verifying Evolving Features and Their Interactions}, DOI={10.1007/978-3-030-64354-6_5}, booktitle={Lecture Notes in Computer Science}, author={Knüppel, Alexander and Krüger, Stefan and Thüm, Thomas and Bubel, Richard and Krieter, Sebastian and Bodden, Eric and Schaefer, Ina}, year={2020} }
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 16214
@inproceedings{Pauck_Bodden_Wehrheim_2020, series={{LNI}}, title={Reproducing Taint-Analysis Results with ReproDroid}, DOI={10.18420/SE2020_36}, booktitle={Software Engineering 2020, Fachtagung des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria}, publisher={Gesellschaft f{\"{u}}r Informatik e.V.}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, editor={Felderer, Michael and Hasselbring, Wilhelm and Rabiser, Rick and Jung, Reiner}, year={2020}, pages={123–124}, collection={{LNI}} }
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 23521
@inproceedings{Gräßler_Bodden_Pottebaum_Geismann_Roesmann_2020, title={Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems}, volume={1196}, booktitle={Advanced, Contemporary Control, Advances in Intelligent Systems and Computing}, publisher={Springer International Publishing}, author={Gräßler, Iris and Bodden, Eric and Pottebaum, Jens and Geismann, Johannes and Roesmann, Daniel}, year={2020}, pages={1458–1469} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20525
@inproceedings{Stockmann_Laux_Bodden_2019, title={Architectural Runtime Verification}, DOI={10.1109/ICSA-C.2019.00021}, booktitle={2019 IEEE International Conference on Software Architecture Companion (ICSA-C)}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2019}, pages={77–84} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20527
@inproceedings{Hazhirpasand_Ghafari_Krüger_Bodden_Nierstrasz_2019, title={The Impact of Developer Experience in Using Java Cryptography}, DOI={10.1109/ESEM.2019.8870184}, booktitle={2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)}, author={Hazhirpasand, Mohammadreza and Ghafari, Mohammad and Krüger, Stefan and Bodden, Eric and Nierstrasz, Oskar}, year={2019}, pages={1–6} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20528
@inproceedings{Piskachev_Petrasch_Späth_Bodden_2019, title={AuthCheck: Program-state Analysis for Access-control Vulnerabilities}, booktitle={10th Workshop on Tools for Automatic Program Analysis (TAPAS)}, author={Piskachev, Goran and Petrasch, Tobias and Späth, Johannes and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20529
@inproceedings{Nachtigall_Nguyen Quang Do_Bodden_2019, title={Explaining Static Analysis -- A Perspective}, booktitle={1st International Workshop on Explainable Software (EXPLAIN) at ASE}, author={Nachtigall, Marcus and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20531
@inproceedings{Luo_Bodden_Späth_2019, title={A Qualitative Analysis of Android Taint-Analysis Results}, booktitle={IEEE/ACM International Conference on Automated Software Engineering (ASE 2019)}, author={Luo, Linghui and Bodden, Eric and Späth, Johannes}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20532
@inproceedings{Piskachev_Nguyen Quang Do_Johnson_Bodden_2019, title={SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods}, booktitle={IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20533
@article{Krüger_Späth_Ali_Bodden_Mezini_2019, title={CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}, DOI={10.1109/TSE.2019.2948910}, journal={IEEE Transactions on Software Engineering}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2019}, pages={1–1} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20534
@inproceedings{Piskachev_Nguyen Quang Do_Bodden_2019, title={Codebase-Adaptive Detection of Security-Relevant Methods}, booktitle={ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA)}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20535
@inproceedings{Luo_Dolby_Bodden_2019, title={MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Luo, Linghui and Dolby, Julian and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Report | LibreCat-ID: 20537
@book{Piskachev_Nguyen_Bodden_2019, title={Codebase-Adaptive Detection of Security-Relevant Methods}, author={Piskachev, Goran and Nguyen, Lisa and Bodden, Eric}, year={2019} }
LibreCat
2019 | Conference Paper | LibreCat-ID: 20538
@inproceedings{Albert Gorski Iii_Andow_Nadkarni_Manandhar_Enck_Bodden_Bartel_2019, title={ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware}, booktitle={ACM Conference on Data and Application Security and Privacy (CODASPY 2019)}, author={Albert Gorski Iii, Sigmund and Andow, Benjamin and Nadkarni, Adwait and Manandhar, Sunil and Enck, William and Bodden, Eric and Bartel, Alexandre}, year={2019} }
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20539
@article{Späth_Ali_Bodden_2019, title={Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems}, volume={3}, DOI={10.1145/3290361}, number={POPL}, journal={Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages}, publisher={ACM}, author={Späth, Johannes and Ali, Karim and Bodden, Eric}, year={2019}, pages={48:1-48:29} }
LibreCat
| DOI
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 14896
@article{Dann_Hermann_Bodden_2019, title={ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules}, DOI={10.1109/tse.2019.2931331}, journal={IEEE Transactions on Software Engineering}, author={Dann, Andreas and Hermann, Ben and Bodden, Eric}, year={2019}, pages={1–1} }
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 14897
@inproceedings{Dann_Hermann_Bodden_2019, title={SootDiff: bytecode comparison across different Java compilers}, DOI={10.1145/3315568.3329966}, booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019}, author={Dann, Andreas and Hermann, Ben and Bodden, Eric}, year={2019} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 7626 |
@inproceedings{Schubert_Hermann_Bodden_2019, title={PhASAR: An Inter-Procedural Static Analysis Framework for C/C++}, volume={II}, DOI={10.1007/978-3-030-17465-1_22}, booktitle={Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric}, year={2019}, pages={393–410} }
LibreCat
| Files available
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 14898
@inproceedings{Schubert_Leer_Hermann_Bodden_2019, title={Know your analysis: how instrumentation aids understanding static analysis}, DOI={10.1145/3315568.3329965}, booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019}, author={Schubert, Philipp and Leer, Richard and Hermann, Ben and Bodden, Eric}, year={2019} }
LibreCat
| DOI
2018 | Preprint | LibreCat-ID: 2711
@article{Pauck_Bodden_Wehrheim_2018, title={Do Android Taint Analysis Tools Keep their Promises?}, journal={arXiv:1804.02903}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, year={2018} }
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20530
@inproceedings{Bodden_Nguyen Quang Do_2018, series={{LNI}}, title={Explainable Static Analysis}, booktitle={Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany.}, author={Bodden, Eric and Nguyen Quang Do, Lisa}, year={2018}, pages={205–208}, collection={{LNI}} }
LibreCat
| Download (ext.)
2018 | Journal Article | LibreCat-ID: 20543
@article{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={Debugging Static Analysis}, DOI={10.1109/TSE.2018.2868349}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018}, pages={1–1} }
LibreCat
| DOI
| Download (ext.)
2018 | Conference (Editor) | LibreCat-ID: 20544
@book{Tichy_Bodden_Kuhrmann_Wagner_Steghöfer_2018, series={{LNI}}, title={Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany}, volume={{P-279}}, publisher={Gesellschaft für Informatik}, year={2018}, collection={{LNI}} }
LibreCat
2018 | Conference Paper | LibreCat-ID: 20546
@inproceedings{Gerking_Schubert_Bodden_2018, place={Cham}, title={Model Checking the Information Flow Security of Real-Time Systems}, booktitle={Engineering Secure Software and Systems}, publisher={Springer International Publishing}, author={Gerking, Christopher and Schubert, David and Bodden, Eric}, editor={Payer, Mathias and Rashid, Awais and Such, Jose M.}, year={2018}, pages={27–43} }
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20547
@inproceedings{Nguyen Quang Do_Bodden_2018, place={New York, NY, USA}, series={ESEC/FSE 2018}, title={Gamifying Static Analysis}, DOI={10.1145/3236024.3264830}, booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, publisher={ACM}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2018}, pages={714–718}, collection={ESEC/FSE 2018} }
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20548
@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ISSTA ’18}, title={The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)}, DOI={10.1145/3236454.3236500}, booktitle={ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018)}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={85–93}, collection={ISSTA ’18} }
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20549
@inproceedings{Geismann_Gerking_Bodden_2018, title={Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes}, booktitle={International Conference on Software and System Processes (ICSSP)}, author={Geismann, Johannes and Gerking, Christopher and Bodden, Eric}, year={2018} }
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20550
@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ICSE-NIER ’18}, title={Self-adaptive Static Analysis}, DOI={10.1145/3183399.3183401}, booktitle={Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={45–48}, collection={ICSE-NIER ’18} }
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 20551
@inproceedings{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={VISUFLOW, a Debugging Environment for Static Analyses}, booktitle={International Conference for Software Engineering (ICSE), Tool Demonstrations Track}, author={Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018} }
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 4999
@inproceedings{Pauck_Bodden_Wehrheim_2018, title={Do Android taint analysis tools keep their promises?}, DOI={10.1145/3236024.3236029}, booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018}, publisher={ACM Press}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, year={2018} }
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 5203
@inproceedings{Krüger_Späth_Ali_Bodden_Mezini_2018, title={CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2018}, pages={10:1-10:27} }
LibreCat
| Files available
| Download (ext.)
2017 | Misc | LibreCat-ID: 28231
@book{Bodden_Dressler_Meyer auf der Heide_Scheytt_Trächtler_2017, series={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, title={Intelligente technische Systeme}, volume={369}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, author={Bodden, Eric and Dressler, Falko and Meyer auf der Heide, Friedhelm and Scheytt, Christoph and Trächtler, Ansgar}, year={2017}, collection={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn} }
LibreCat
2017 | Book | LibreCat-ID: 24221
@book{Gausemeier_Bodden_Dressler_Dumitrescu_Meyer auf der Heide_Scheytt_Trächtler_2017, series={369}, title={Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)}, volume={369}, DOI={10.17619/UNIPB/1-93}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, author={Gausemeier, Jürgen and Bodden, Eric and Dressler, Falko and Dumitrescu, Roman and Meyer auf der Heide, Friedhelm and Scheytt, Christoph and Trächtler, Ansgar}, year={2017}, collection={369} }
LibreCat
| Files available
| DOI
2017 | Book (Editor) | LibreCat-ID: 27415
@book{Gausemeier_Bodden_Dressler_Dumitrescu_Meyer auf der Heide_Scheytt_Trächtler_2017, place={Paderborn}, title={Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369}, volume={369}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts}, year={2017} }
LibreCat
2017 | Book Chapter | LibreCat-ID: 20552
@inbook{Gerking_Bodden_Schäfer_2017, place={Berlin, Heidelberg}, title={Industrial Security by Design}, DOI={10.1007/978-3-662-52903-4_8-1}, booktitle={Handbuch Gestaltung digitaler und vernetzter Arbeitswelten}, publisher={Springer Berlin Heidelberg}, author={Gerking, Christopher and Bodden, Eric and Schäfer, Wilhelm}, editor={Maier, Günter W. and Engels, Gregor and Steffen, Eckhard}, year={2017}, pages={1–24} }
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 20553
@article{Ben Othmane_Chehrazi_Bodden_Tsalovski_Brucker_2017, title={Time for Addressing Software Security Issues: Prediction Models and Impacting Factors}, volume={2}, DOI={https://doi.org/10.1007/s41019-016-0019-8}, number={2}, journal={Data Science and Engineering}, author={Ben Othmane, Lotfi and Chehrazi, Golriz and Bodden, Eric and Tsalovski, Petar and Brucker, Achim D.}, year={2017}, pages={107–124} }
LibreCat
| Files available
| DOI
2017 | Report | LibreCat-ID: 20554
@book{Bodden_2017, title={Self-adaptive static analysis}, author={Bodden, Eric}, year={2017} }
LibreCat
| Download (ext.)
2017 | Report | LibreCat-ID: 20555
@book{Krüger_Späth_Ali_Bodden_Mezini_2017, title={CrySL: Validating Correct Usage of Cryptographic APIs}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2017} }
LibreCat
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 20557
@article{Lillack_Kästner_Bodden_2017, title={Tracking Load-time Configuration Options}, volume={PP}, DOI={10.1109/TSE.2017.2756048}, number={99}, journal={IEEE Transactions on Software Engineering}, author={Lillack, Max and Kästner, Christian and Bodden, Eric}, year={2017}, pages={1–1} }
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20558
@inproceedings{Krüger_Nadi_Reif_Ali_Mezini_Bodden_Göpfert_Günther_Weinert_Demmler_et al._2017, title={CogniCrypt: Supporting Developers in using Cryptography}, booktitle={International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track}, author={Krüger, Stefan and Nadi, Sarah and Reif, Michael and Ali, Karim and Mezini, Mira and Bodden, Eric and Göpfert, Florian and Günther, Felix and Weinert, Christian and Demmler, Daniel and et al.}, year={2017} }
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20559
@inproceedings{Do_Ali_Livshits_Bodden_Smith_Murphy-Hill_2017, place={New York, NY, USA}, series={ISSTA 2017}, title={Just-in-time Static Analysis}, DOI={10.1145/3092703.3092705}, booktitle={Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis}, publisher={ACM}, author={Do, Lisa Nguyen Quang and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}, year={2017}, pages={307–317}, collection={ISSTA 2017} }
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20715
@inproceedings{Nguyen Quang Do_Ali_Livshits_Bodden_Smith_Murphy-Hill_2017, title={Cheetah: Just-in-Time Taint Analysis for Android Apps}, booktitle={International Conference for Software Engineering (ICSE), Tool Demonstrations Track}, author={Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}, year={2017} }
LibreCat
| Download (ext.)
2017 | Book | LibreCat-ID: 23010
@book{Gausemeier_Bodden_Dressler_Dumitrescu_Meyer auf der Heide_Scheytt_Trächtler_2017, title={Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)}, volume={369}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, author={Gausemeier, Jürgen and Bodden, Eric and Dressler, Falko and Dumitrescu, Roman and Meyer auf der Heide, Friedhelm and Scheytt, Christoph and Trächtler, Ansgar}, year={2017} }
LibreCat
2017 | Conference Paper | LibreCat-ID: 5725
@inproceedings{Holzinger_Hermann_Lerch_Bodden_Mezini_2017, title={Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation}, DOI={10.1109/sp.2017.16}, booktitle={2017 IEEE Symposium on Security and Privacy (SP)}, publisher={IEEE}, author={Holzinger, Philipp and Hermann, Ben and Lerch, Johannes and Bodden, Eric and Mezini, Mira}, year={2017} }
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 5204
@inproceedings{Späth_Ali_Bodden_2017, title={IDEal: Efficient and Precise Alias-aware Dataflow Analysis}, booktitle={2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH)}, publisher={ACM Press}, author={Späth, Johannes and Ali, Karim and Bodden, Eric}, year={2017} }
LibreCat
| Files available
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 5209
@article{Fischer_Fuhry_Kerschbaum_Bodden_2017, title={Computation on Encrypted Data using Data Flow Authentication}, volume={abs/1710.00390}, journal={CoRR}, author={Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}, year={2017} }
LibreCat
| Files available
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20556
@inproceedings{Bodden_I Pun_Steffen_Stolz_Wickert_2016, title={Information Flow Analysis for Go}, DOI={10.1007/978-3-319-47166-2_30}, booktitle={Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}}, author={Bodden, Eric and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}, year={2016}, pages={431–445} }
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20716
@inproceedings{Bodden_Eichberg_I Pun_Steffen_Stolz_Wickert_2016, title={Don’t let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go}, booktitle={Nordic Workshop on Programming Theory (NWPT’16)}, author={Bodden, Eric and Eichberg, Michael and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}, year={2016} }
LibreCat
| Download (ext.)
2016 | Report | LibreCat-ID: 20717
@book{Nguyen Quang Do_Ali_Livshits_Bodden_Smith_Murphy-Hill_2016, title={Just-in-Time Static Analysis}, DOI={http://dx.doi.org/10.7939/DVN/10859}, author={Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}, year={2016} }
LibreCat
| DOI
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20718
@article{Rasthofer_Arzt_Bodden_Miltenberger_2016, title={Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen}, DOI={https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536}, journal={Datenschutz und Datensicherheit}, author={Rasthofer, Siegfried and Arzt, Steven and Bodden, Eric and Miltenberger, Marc}, year={2016}, pages={718–722} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20719
@inproceedings{Holzinger_Triller_Bartel_Bodden_2016, series={CCS ’16}, title={An In-Depth Study of More Than Ten Years of Java Exploitation}, DOI={http://doi.acm.org/10.1145/2976749.2978361}, booktitle={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, author={Holzinger, Philipp and Triller, Stefan and Bartel, Alexandre and Bodden, Eric}, year={2016}, pages={779–790}, collection={CCS ’16} }
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20720
@inproceedings{Follner_Bartel_Peng_Chang_Ispoglou_Payer_Bodden_2016, title={PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution}, booktitle={International Workshop on Security and Trust Management (STM)}, author={Follner, Andreas and Bartel, Alexandre and Peng, Hui and Chang, Yu-Chen and Ispoglou, Kyriakos and Payer, Mathias and Bodden, Eric}, year={2016}, pages={212–228} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20721
@inproceedings{Nguyen Quang Do_Eichberg_Bodden_2016, series={SOAP 2016}, title={Toward an Automated Benchmark Management System}, booktitle={Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}, author={Nguyen Quang Do, Lisa and Eichberg, Michael and Bodden, Eric}, year={2016}, pages={13–17}, collection={SOAP 2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20722
@inproceedings{Arzt_Kussmaul_Bodden_2016, series={SOAP 2016}, title={Towards Cross-Platform Cross-Language Analysis with Soot}, booktitle={Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}, author={Arzt, Steven and Kussmaul, Tobias and Bodden, Eric}, year={2016}, pages={1–6}, collection={SOAP 2016} }
LibreCat
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20724
@article{Follner_Bodden_2016, title={ROPocop — Dynamic mitigation of code-reuse attacks}, volume={29}, DOI={http://dx.doi.org/10.1016/j.jisa.2016.01.002}, journal={Journal of Information Security and Applications }, author={Follner, Andreas and Bodden, Eric}, year={2016}, pages={16–26} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20725
@inproceedings{Follner_Bartel_Bodden_2016, title={Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality}, booktitle={International Symposium on Engineering Secure Software and Systems (ESSoS)}, author={Follner, Andreas and Bartel, Alexandre and Bodden, Eric}, year={2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20726
@inproceedings{Falzon_Bodden_2016, place={Berlin, Heidelberg}, title={Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels}, DOI={10.1007/978-3-662-49635-0_7}, booktitle={Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings}, publisher={Springer Berlin Heidelberg}, author={Falzon, Kevin and Bodden, Eric}, editor={Piessens, Frank and Vigan’o, Luca}, year={2016}, pages={116–138} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20727
@inproceedings{Rasthofer_Arzt_Miltenberger_Bodden_2016, title={Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques}, booktitle={Network and Distributed System Security Symposium (NDSS)}, author={Rasthofer, Siegfried and Arzt, Steven and Miltenberger, Marc and Bodden, Eric}, year={2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20728
@inproceedings{Nadi_Krüger_Mezini_Bodden_2016, title={Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?}, booktitle={International Conference for Software Engineering (ICSE)}, author={Nadi, Sarah and Krüger, Stefan and Mezini, Mira and Bodden, Eric}, year={2016}, pages={935–946} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20729
@inproceedings{Arzt_Bodden_2016, title={StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework}, booktitle={International Conference for Software Engineering (ICSE)}, author={Arzt, Steven and Bodden, Eric}, year={2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20730
@inproceedings{Eling_Rasthofer_Kolhagen_Bodden_Buxmann_2016, title={Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment}, DOI={10.1109/HICSS.2016.458}, booktitle={2016 49th Hawaii International Conference on System Sciences (HICSS)}, author={Eling, N. and Rasthofer, S. and Kolhagen, M. and Bodden, Eric and Buxmann, P.}, year={2016}, pages={3666–3675} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 5205
@inproceedings{Späth_Nguyen Quang Do_Ali_Bodden_2016, title={Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Späth, Johannes and Nguyen Quang Do, Lisa and Ali, Karim and Bodden, Eric}, year={2016} }
LibreCat
| Files available
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 5207
@inproceedings{Li_Bartel_Bissyande_Klein_Le Traon_Arzt_Rasthofer_Bodden_Octeau_McDaniel_2015, title={IccTA: Detecting Inter-Component Privacy Leaks in Android Apps}, booktitle={2015 International Conference on Software Engineering (ICSE)}, author={Li, Li and Bartel, Alexandre and Bissyande, Tegawende F. and Klein, Jacques and Le Traon, Yves and Arzt, Steven and Rasthofer, Siegfried and Bodden, Eric and Octeau, Damien and McDaniel, Patrick}, year={2015}, pages={280–291} }
LibreCat
| Files available
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5734
@inproceedings{Lerch_Hermann_Bodden_Mezini_2014, title={FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases}, DOI={10.1145/2635868.2635878}, booktitle={Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014}, publisher={ACM Press}, author={Lerch, Johannes and Hermann, Ben and Bodden, Eric and Mezini, Mira}, year={2014} }
LibreCat
| DOI
2014 | Conference Paper | LibreCat-ID: 5189
@inproceedings{Arzt_Rasthofer_Fritz_Bodden_Bartel_Klein_Le Traon_Octeau_McDaniel_2014, title={FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps}, DOI={10.1145/2594291.2594299}, booktitle={Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14}, publisher={ACM Press}, author={Arzt, Steven and Rasthofer, Siegfried and Fritz, Christian and Bodden, Eric and Bartel, Alexandre and Klein, Jacques and Le Traon, Yves and Octeau, Damien and McDaniel, Patrick}, year={2014} }
LibreCat
| Files available
| DOI
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5190
@inproceedings{Arzt_Rasthofer_Lovat_Bodden_2014, title={DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android}, booktitle={International Conference on Availability, Reliability and Security (ARES 2014)}, publisher={IEEE}, author={Arzt, Steven and Rasthofer, Siegfried and Lovat, Enrico and Bodden, Eric}, year={2014}, pages={40–49} }
LibreCat
| Files available
| Download (ext.)
2012 | Journal Article | LibreCat-ID: 5183
@article{Bodden_Lam_Hendren_2012, title={Partially Evaluating Finite-State Runtime Monitors Ahead of Time}, volume={34}, DOI={10.1145/2220365.2220366}, number={2}, journal={ACM Transactions on Programming Languages and Systems}, publisher={Association for Computing Machinery (ACM)}, author={Bodden, Eric and Lam, Patrick and Hendren, Laurie}, year={2012}, pages={1–52} }
LibreCat
| Files available
| DOI
| Download (ext.)
Search
Filter Publications
Display / Sort
Export / Embed
112 Publications
2024 | Conference Paper | LibreCat-ID: 52235
@inproceedings{Khedkar_Bodden_2024, title={Toward an Android Static Analysis Approach for Data Protection}, booktitle={Proceedings of the 9th International Conference on Mobile Software Engineering and Systems}, author={Khedkar, Mugdha and Bodden, Eric}, year={2024} }
LibreCat
| Files available
| arXiv
2024 | Journal Article | LibreCat-ID: 52587
@article{Bodden_Pottebaum_Fockel_Gräßler_2024, title={Evaluating Security Through Isolation and Defense in Depth}, volume={22}, DOI={10.1109/msec.2023.3336028}, number={1}, journal={IEEE Security & Privacy}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Bodden, Eric and Pottebaum, Jens and Fockel, Markus and Gräßler, Iris}, year={2024}, pages={69–72} }
LibreCat
| DOI
2024 | Misc | LibreCat-ID: 52663
@book{Wickert_Schlichtig_Vogel_Winter_Mezini_Bodden_2024, title={Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability}, author={Wickert, Anna-Katharina and Schlichtig, Michael and Vogel, Marvin and Winter, Lukas and Mezini, Mira and Bodden, Eric}, year={2024} }
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 35083
@article{Dann_Hermann_Bodden_2023, series={International Conference on Software Engineering (ICSE)}, title={UpCy: Safely Updating Outdated Dependencies}, author={Dann, Andreas Peter and Hermann, Ben and Bodden, Eric}, year={2023}, collection={International Conference on Software Engineering (ICSE)} }
LibreCat
2023 | Conference Paper | LibreCat-ID: 36522 |
@inproceedings{Shivarpatna Venkatesh_Wang_Li_Bodden_2023, title={Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis}, DOI={10.48550/ARXIV.2301.04419}, publisher={IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Wang, Jiawei and Li, Li and Bodden, Eric}, year={2023} }
LibreCat
| Files available
| DOI
2023 | Conference Paper | LibreCat-ID: 41812
@inproceedings{Luo_Piskachev_Krishnamurthy_Dolby_Schäf_Bodden_2023, title={Model Generation For Java Frameworks}, booktitle={IEEE International Conference on Software Testing, Verification and Validation (ICST)}, author={Luo, Linghui and Piskachev, Goran and Krishnamurthy, Ranjith and Dolby, Julian and Schäf, Martin and Bodden, Eric}, year={2023} }
LibreCat
2023 | Conference Paper | LibreCat-ID: 41813
@inproceedings{Shivarpatna Venkatesh_Wang_Li_Bodden_2023, title={Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis}, booktitle={IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Wang, Jiawei and Li, Li and Bodden, Eric}, year={2023} }
LibreCat
2023 | Book Chapter | LibreCat-ID: 45888 |
@inbook{Wehrheim_Platzner_Bodden_Schubert_Pauck_Jakobs_2023, place={Paderborn}, series={Verlagsschriftenreihe des Heinz Nixdorf Instituts}, title={Verifying Software and Reconfigurable Hardware Services}, volume={412}, DOI={10.5281/zenodo.8068583}, booktitle={On-The-Fly Computing -- Individualized IT-services in dynamic markets}, publisher={Heinz Nixdorf Institut, Universität Paderborn}, author={Wehrheim, Heike and Platzner, Marco and Bodden, Eric and Schubert, Philipp and Pauck, Felix and Jakobs, Marie-Christine}, editor={Haake, Claus-Jochen and Meyer auf der Heide, Friedhelm and Platzner, Marco and Wachsmuth, Henning and Wehrheim, Heike}, year={2023}, pages={125–144}, collection={Verlagsschriftenreihe des Heinz Nixdorf Instituts} }
LibreCat
| Files available
| DOI
2023 | Journal Article | LibreCat-ID: 46816
@article{Torres_Costa_Amaral_Pastro_Bonifácio_d’Amorim_Legunsen_Bodden_Dias Canedo_2023, title={Runtime Verification of Crypto APIs: An Empirical Study}, volume={49}, DOI={10.1109/tse.2023.3301660}, number={10}, journal={IEEE Transactions on Software Engineering}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Torres, Adriano and Costa, Pedro and Amaral, Luis and Pastro, Jonata and Bonifácio, Rodrigo and d’Amorim, Marcelo and Legunsen, Owolabi and Bodden, Eric and Dias Canedo, Edna}, year={2023}, pages={4510–4525} }
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 49439
@article{Piskachev_Becker_Bodden_2023, title={Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study}, volume={28}, DOI={10.1007/s10664-023-10354-3}, number={5118}, journal={Empirical Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Piskachev, Goran and Becker, Matthias and Bodden, Eric}, year={2023} }
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
@inproceedings{Krüger_Reif_Wickert_Nadi_Ali_Bodden_Acar_Mezini_Fahl_2023, title={Securing Your Crypto-API Usage Through Tool Support - A Usability Study}, DOI={10.1109/secdev56634.2023.00015}, booktitle={2023 IEEE Secure Development Conference (SecDev)}, publisher={IEEE}, author={Krüger, Stefan and Reif, Michael and Wickert, Anna-Katharina and Nadi, Sarah and Ali, Karim and Bodden, Eric and Acar, Yasemin and Mezini, Mira and Fahl, Sascha}, year={2023} }
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 48946
@article{Gräßler_Bodden_Wiechel_Pottebaum_2023, title={Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security}, volume={75}, DOI={10.37544/0720-5953-2023-11-12-60}, number={11–12}, journal={Konstruktion}, publisher={VDI Fachmedien GmbH and Co. KG}, author={Gräßler, Iris and Bodden, Eric and Wiechel, Dominik and Pottebaum, Jens}, year={2023}, pages={60–65} }
LibreCat
| DOI
2023 | Book Chapter | LibreCat-ID: 52662
@inbook{Nachtigall_Schlichtig_Bodden_2023, place={Bonn}, title={Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2023}, pages={95–96} }
LibreCat
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 52660
@inbook{Schlichtig_Sassalla_Narasimhan_Bodden_2023, place={Bonn}, title={Introducing FUM: A Framework for API Usage Constraint and Misuse Classification}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2023}, pages={105–106} }
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
@inproceedings{Pottebaum_Rossel_Somorovsky_Acar_Fahr_Arias Cabarcos_Bodden_Gräßler_2023, title={Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth}, DOI={10.1109/eurospw59978.2023.00048}, booktitle={2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}, publisher={IEEE}, author={Pottebaum, Jens and Rossel, Jost and Somorovsky, Juraj and Acar, Yasemin and Fahr, René and Arias Cabarcos, Patricia and Bodden, Eric and Gräßler, Iris}, year={2023}, pages={379–385} }
LibreCat
| DOI
| Download (ext.)
2022 | Conference Paper | LibreCat-ID: 29844
@inproceedings{Koch_Trippel_Dziwok_Bodden_2022, title={Integrating Security Protocols in Scenario-based Requirements Specifications}, DOI={10.5220/0010783300003119}, booktitle={Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development}, publisher={SCITEPRESS - Science and Technology Publications}, author={Koch, Thorsten and Trippel, Sascha and Dziwok, Stefan and Bodden, Eric}, year={2022} }
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 31844
@article{Fischer_Fuhry_Kußmaul_Janneck_Kerschbaum_Bodden_2022, title={Computation on Encrypted Data Using Dataflow Authentication}, volume={25}, DOI={10.1145/3513005}, number={3}, journal={ACM Transactions on Privacy and Security}, publisher={Association for Computing Machinery (ACM)}, author={Fischer, Andreas and Fuhry, Benny and Kußmaul, Jörn and Janneck, Jonas and Kerschbaum, Florian and Bodden, Eric}, year={2022}, pages={1–36} }
LibreCat
| DOI
2022 | Misc | LibreCat-ID: 32409
@book{Schlichtig_Wickert_Krüger_Bodden_Mezini_2022, title={CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite}, DOI={10.48550/ARXIV.2204.06447}, author={Schlichtig, Michael and Wickert, Anna-Katharina and Krüger, Stefan and Bodden, Eric and Mezini, Mira}, year={2022} }
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 32410
@inproceedings{Nachtigall_Schlichtig_Bodden_2022, title={A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools}, DOI={10.1145/3533767}, booktitle={Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis}, publisher={ACM}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2022}, pages={532–543} }
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 31133
@inproceedings{Schlichtig_Sassalla_Narasimhan_Bodden_2022, title={FUM - A Framework for API Usage constraint and Misuse Classification}, DOI={https://doi.org/10.1109/SANER53432.2022.00085}, booktitle={2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2022}, pages={673–684} }
LibreCat
| Files available
| DOI
2022 | Journal Article | LibreCat-ID: 30511 |
@article{Schubert_Gazzillo_Patterson_Braha_Schiebel_Hermann_Wei_Bodden_2022, title={Static data-flow analysis for software product lines in C}, volume={29}, DOI={10.1007/s10515-022-00333-1}, number={135}, journal={Automated Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Schubert, Philipp and Gazzillo, Paul and Patterson, Zach and Braha, Julian and Schiebel, Fabian and Hermann, Ben and Wei, Shiyi and Bodden, Eric}, year={2022} }
LibreCat
| DOI
| Download (ext.)
2022 | Journal Article | LibreCat-ID: 33835
@article{Sayar_Bartel_Bodden_Le Traon_2022, title={An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities}, DOI={10.1145/3554732}, journal={ACM Transactions on Software Engineering and Methodology}, publisher={Association for Computing Machinery (ACM)}, author={Sayar, Imen and Bartel, Alexandre and Bodden, Eric and Le Traon, Yves}, year={2022} }
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 33836
@article{Piskachev_Späth_Budde_Bodden_2022, title={Fluently specifying taint-flow queries with fluentTQL}, volume={27}, number={5}, journal={Empirical Software Engineering}, publisher={Springer}, author={Piskachev, Goran and Späth, Johannes and Budde, Ingo and Bodden, Eric}, year={2022}, pages={1–33} }
LibreCat
2022 | Conference Paper | LibreCat-ID: 33838
@article{Krishnamurthy_Piskachev_Bodden_2022, series={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)}, title={To what extent can we analyze Kotlin programs using existing Java taint analysis tools?}, author={Krishnamurthy, Ranjith and Piskachev, Goran and Bodden, Eric}, year={2022}, collection={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)} }
LibreCat
2022 | Conference Paper | LibreCat-ID: 33837
@article{Piskachev_Dziwok_Koch_Merschjohann_Bodden_2022, series={IEEE Secure Development Conference (SecDev)}, title={How far are German companies in improving security through static program analysis tools?}, author={Piskachev, Goran and Dziwok, Stefan and Koch, Thorsten and Merschjohann, Sven and Bodden, Eric}, year={2022}, collection={IEEE Secure Development Conference (SecDev)} }
LibreCat
2021 | Journal Article | LibreCat-ID: 27045 |
@article{Luo_Pauck_Piskachev_Benz_Pashchenko_Mory_Bodden_Hermann_Massacci_2021, title={TaintBench: Automatic real-world malware benchmarking of Android taint analyses}, DOI={10.1007/s10664-021-10013-5}, journal={Empirical Software Engineering}, author={Luo, Linghui and Pauck, Felix and Piskachev, Goran and Benz, Manuel and Pashchenko, Ivan and Mory, Martin and Bodden, Eric and Hermann, Ben and Massacci, Fabio}, year={2021} }
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21595
@article{Stockmann_Laux_Bodden_2021, title={Using Architectural Runtime Verification for Offline Data Analysis}, DOI={10.2991/jase.d.210205.001}, journal={Journal of Automotive Software Engineering}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2021} }
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21597
@article{Holzinger_Bodden_2021, title={A Systematic Hardening of Java’s Information Hiding}, journal={International Symposium on Advanced Security on Software and Systems (ASSS)}, author={Holzinger, Philipp and Bodden, Eric}, year={2021} }
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21599
@article{Bonifacio_Krüger_Narasimhan_Bodden_Mezini_2021, title={Dealing with Variability in API Misuse Specification}, journal={European Conference on Object-Oriented Programming (ECOOP)}, author={Bonifacio, Rodrigo and Krüger, Stefan and Narasimhan, Krishna and Bodden, Eric and Mezini, Mira}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 22462
@inproceedings{Shivarpatna Venkatesh_Bodden_2021, title={Automated Cell Header Generator for Jupyter Notebooks}, DOI={10.1145/3464968.3468410}, booktitle={International Workshop on AI and Software Testing/Analysis (AISTA)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Bodden, Eric}, year={2021} }
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 23388
@inproceedings{Kummita_Piskachev_Spaeth_Bodden_2021, title={Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON}, DOI={10.1109/ICCQ51190.2021.9392986}, booktitle={Proceedings of the 2021 International Conference on Code Quality (ICCQ)}, author={Kummita, Sriteja and Piskachev, Goran and Spaeth, Johannes and Bodden, Eric}, year={2021} }
LibreCat
| DOI
| Download (ext.)
2021 | Conference Paper | LibreCat-ID: 21598 |
@inproceedings{Schubert_Hermann_Bodden_2021, title={Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric}, year={2021} }
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 31132
@article{Dann_Plate_Hermann_Ponta_Bodden_2021, title={Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite}, DOI={10.1109/tse.2021.3101739}, journal={IEEE Transactions on Software Engineering}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Dann, Andreas Peter and Plate, Henrik and Hermann, Ben and Ponta, Serena Elisa and Bodden, Eric}, year={2021}, pages={1–1} }
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 26407
@inproceedings{Piskachev_Krishnamurthy_Bodden_2021, title={SecuCheck: Engineering configurable taint analysis for software developers}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Piskachev, Goran and Krishnamurthy, Ranjith and Bodden, Eric}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 22463
@inproceedings{Luo_Schäf_Sanchez_Bodden_2021, title={IDE Support for Cloud-Based Static Analyses}, booktitle={Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, author={Luo, Linghui and Schäf, Martin and Sanchez, Daniel and Bodden, Eric}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 33840
@inproceedings{Karakaya_Bodden_2021, title={SootFX: A Static Code Feature Extraction Tool for Java and Android}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Karakaya, Kadiray and Bodden, Eric}, year={2021}, pages={181–186} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 26406
@inproceedings{Schubert_Hermann_Bodden_Leer_2021, title={Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++}, booktitle={SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric and Leer, Richard}, year={2021} }
LibreCat
2021 | Conference Paper | LibreCat-ID: 26405
@inproceedings{Schubert_Sattler_Schiebel_Hermann_Bodden_2021, title={Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Schubert, Philipp and Sattler, Florian and Schiebel, Fabian and Hermann, Ben and Bodden, Eric}, year={2021} }
LibreCat
2020 | Journal Article | LibreCat-ID: 20507
@article{Geismann_Bodden_2020, title={A systematic literature review of model-driven security engineering for cyber–physical systems}, volume={169}, DOI={https://doi.org/10.1016/j.jss.2020.110697}, journal={Journal of Systems and Software}, author={Geismann, Johannes and Bodden, Eric}, year={2020}, pages={110697} }
LibreCat
| DOI
2020 | Journal Article | LibreCat-ID: 20508
@article{Nguyen Quang Do_Bodden_2020, title={Explaining Static Analysis with Rule Graphs}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2020} }
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20509
@inproceedings{Fischer_Janneck_Kussmaul_Krätzschmar_Kerschbaum_Bodden_2020, title={PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage}, booktitle={2020 IEEE Computer Security Foundations Symposium (CSF)}, author={Fischer, Andreas and Janneck, Jonas and Kussmaul, Jörn and Krätzschmar, Nikolas and Kerschbaum, Florian and Bodden, Eric}, year={2020} }
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20510
@inproceedings{Benz_Krogh Kristensen_Luo_P. Borges Jr._Bodden_Zeller_2020, title={Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis}, booktitle={International Conference for Software Engineering (ICSE)}, author={Benz, Manuel and Krogh Kristensen, Erik and Luo, Linghui and P. Borges Jr., Nataniel and Bodden, Eric and Zeller, Andreas}, year={2020} }
LibreCat
2020 | Conference Paper | LibreCat-ID: 20511
@inproceedings{Fischer_Fuhry_Kerschbaum_Bodden_2020, title={Computation on Encrypted Data using Dataflow Authentication}, booktitle={Privacy Enhancing Technologies Symposium (PETS/PoPETS)}, author={Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}, year={2020} }
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20518
@inproceedings{Koch_Dziwok_Holtmann_Bodden_2020, title={Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers}, DOI={10.1145/3365438.3410946}, booktitle={ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20)}, publisher={ACM}, author={Koch, Thorsten and Dziwok, Stefan and Holtmann, Jörg and Bodden, Eric}, year={2020} }
LibreCat
| DOI
2020 | Report | LibreCat-ID: 20712
@book{Schubert_Bodden_Hermann_2020, title={Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries}, author={Schubert, Philipp and Bodden, Eric and Hermann, Ben}, year={2020} }
LibreCat
| Files available
2020 | Book Chapter | LibreCat-ID: 20891
@inbook{Knüppel_Krüger_Thüm_Bubel_Krieter_Bodden_Schaefer_2020, place={Cham}, title={Using Abstract Contracts for Verifying Evolving Features and Their Interactions}, DOI={10.1007/978-3-030-64354-6_5}, booktitle={Lecture Notes in Computer Science}, author={Knüppel, Alexander and Krüger, Stefan and Thüm, Thomas and Bubel, Richard and Krieter, Sebastian and Bodden, Eric and Schaefer, Ina}, year={2020} }
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 16214
@inproceedings{Pauck_Bodden_Wehrheim_2020, series={{LNI}}, title={Reproducing Taint-Analysis Results with ReproDroid}, DOI={10.18420/SE2020_36}, booktitle={Software Engineering 2020, Fachtagung des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria}, publisher={Gesellschaft f{\"{u}}r Informatik e.V.}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, editor={Felderer, Michael and Hasselbring, Wilhelm and Rabiser, Rick and Jung, Reiner}, year={2020}, pages={123–124}, collection={{LNI}} }
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 23521
@inproceedings{Gräßler_Bodden_Pottebaum_Geismann_Roesmann_2020, title={Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems}, volume={1196}, booktitle={Advanced, Contemporary Control, Advances in Intelligent Systems and Computing}, publisher={Springer International Publishing}, author={Gräßler, Iris and Bodden, Eric and Pottebaum, Jens and Geismann, Johannes and Roesmann, Daniel}, year={2020}, pages={1458–1469} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20525
@inproceedings{Stockmann_Laux_Bodden_2019, title={Architectural Runtime Verification}, DOI={10.1109/ICSA-C.2019.00021}, booktitle={2019 IEEE International Conference on Software Architecture Companion (ICSA-C)}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2019}, pages={77–84} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20527
@inproceedings{Hazhirpasand_Ghafari_Krüger_Bodden_Nierstrasz_2019, title={The Impact of Developer Experience in Using Java Cryptography}, DOI={10.1109/ESEM.2019.8870184}, booktitle={2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)}, author={Hazhirpasand, Mohammadreza and Ghafari, Mohammad and Krüger, Stefan and Bodden, Eric and Nierstrasz, Oskar}, year={2019}, pages={1–6} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20528
@inproceedings{Piskachev_Petrasch_Späth_Bodden_2019, title={AuthCheck: Program-state Analysis for Access-control Vulnerabilities}, booktitle={10th Workshop on Tools for Automatic Program Analysis (TAPAS)}, author={Piskachev, Goran and Petrasch, Tobias and Späth, Johannes and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20529
@inproceedings{Nachtigall_Nguyen Quang Do_Bodden_2019, title={Explaining Static Analysis -- A Perspective}, booktitle={1st International Workshop on Explainable Software (EXPLAIN) at ASE}, author={Nachtigall, Marcus and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20531
@inproceedings{Luo_Bodden_Späth_2019, title={A Qualitative Analysis of Android Taint-Analysis Results}, booktitle={IEEE/ACM International Conference on Automated Software Engineering (ASE 2019)}, author={Luo, Linghui and Bodden, Eric and Späth, Johannes}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20532
@inproceedings{Piskachev_Nguyen Quang Do_Johnson_Bodden_2019, title={SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods}, booktitle={IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Johnson, Oshando and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20533
@article{Krüger_Späth_Ali_Bodden_Mezini_2019, title={CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}, DOI={10.1109/TSE.2019.2948910}, journal={IEEE Transactions on Software Engineering}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2019}, pages={1–1} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20534
@inproceedings{Piskachev_Nguyen Quang Do_Bodden_2019, title={Codebase-Adaptive Detection of Security-Relevant Methods}, booktitle={ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA)}, author={Piskachev, Goran and Nguyen Quang Do, Lisa and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20535
@inproceedings{Luo_Dolby_Bodden_2019, title={MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Luo, Linghui and Dolby, Julian and Bodden, Eric}, year={2019} }
LibreCat
| Download (ext.)
2019 | Report | LibreCat-ID: 20537
@book{Piskachev_Nguyen_Bodden_2019, title={Codebase-Adaptive Detection of Security-Relevant Methods}, author={Piskachev, Goran and Nguyen, Lisa and Bodden, Eric}, year={2019} }
LibreCat
2019 | Conference Paper | LibreCat-ID: 20538
@inproceedings{Albert Gorski Iii_Andow_Nadkarni_Manandhar_Enck_Bodden_Bartel_2019, title={ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware}, booktitle={ACM Conference on Data and Application Security and Privacy (CODASPY 2019)}, author={Albert Gorski Iii, Sigmund and Andow, Benjamin and Nadkarni, Adwait and Manandhar, Sunil and Enck, William and Bodden, Eric and Bartel, Alexandre}, year={2019} }
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20539
@article{Späth_Ali_Bodden_2019, title={Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems}, volume={3}, DOI={10.1145/3290361}, number={POPL}, journal={Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages}, publisher={ACM}, author={Späth, Johannes and Ali, Karim and Bodden, Eric}, year={2019}, pages={48:1-48:29} }
LibreCat
| DOI
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 14896
@article{Dann_Hermann_Bodden_2019, title={ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules}, DOI={10.1109/tse.2019.2931331}, journal={IEEE Transactions on Software Engineering}, author={Dann, Andreas and Hermann, Ben and Bodden, Eric}, year={2019}, pages={1–1} }
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 14897
@inproceedings{Dann_Hermann_Bodden_2019, title={SootDiff: bytecode comparison across different Java compilers}, DOI={10.1145/3315568.3329966}, booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019}, author={Dann, Andreas and Hermann, Ben and Bodden, Eric}, year={2019} }
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 7626 |
@inproceedings{Schubert_Hermann_Bodden_2019, title={PhASAR: An Inter-Procedural Static Analysis Framework for C/C++}, volume={II}, DOI={10.1007/978-3-030-17465-1_22}, booktitle={Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric}, year={2019}, pages={393–410} }
LibreCat
| Files available
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 14898
@inproceedings{Schubert_Leer_Hermann_Bodden_2019, title={Know your analysis: how instrumentation aids understanding static analysis}, DOI={10.1145/3315568.3329965}, booktitle={Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019}, author={Schubert, Philipp and Leer, Richard and Hermann, Ben and Bodden, Eric}, year={2019} }
LibreCat
| DOI
2018 | Preprint | LibreCat-ID: 2711
@article{Pauck_Bodden_Wehrheim_2018, title={Do Android Taint Analysis Tools Keep their Promises?}, journal={arXiv:1804.02903}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, year={2018} }
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20530
@inproceedings{Bodden_Nguyen Quang Do_2018, series={{LNI}}, title={Explainable Static Analysis}, booktitle={Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany.}, author={Bodden, Eric and Nguyen Quang Do, Lisa}, year={2018}, pages={205–208}, collection={{LNI}} }
LibreCat
| Download (ext.)
2018 | Journal Article | LibreCat-ID: 20543
@article{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={Debugging Static Analysis}, DOI={10.1109/TSE.2018.2868349}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018}, pages={1–1} }
LibreCat
| DOI
| Download (ext.)
2018 | Conference (Editor) | LibreCat-ID: 20544
@book{Tichy_Bodden_Kuhrmann_Wagner_Steghöfer_2018, series={{LNI}}, title={Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany}, volume={{P-279}}, publisher={Gesellschaft für Informatik}, year={2018}, collection={{LNI}} }
LibreCat
2018 | Conference Paper | LibreCat-ID: 20546
@inproceedings{Gerking_Schubert_Bodden_2018, place={Cham}, title={Model Checking the Information Flow Security of Real-Time Systems}, booktitle={Engineering Secure Software and Systems}, publisher={Springer International Publishing}, author={Gerking, Christopher and Schubert, David and Bodden, Eric}, editor={Payer, Mathias and Rashid, Awais and Such, Jose M.}, year={2018}, pages={27–43} }
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20547
@inproceedings{Nguyen Quang Do_Bodden_2018, place={New York, NY, USA}, series={ESEC/FSE 2018}, title={Gamifying Static Analysis}, DOI={10.1145/3236024.3264830}, booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, publisher={ACM}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2018}, pages={714–718}, collection={ESEC/FSE 2018} }
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20548
@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ISSTA ’18}, title={The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)}, DOI={10.1145/3236454.3236500}, booktitle={ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018)}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={85–93}, collection={ISSTA ’18} }
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20549
@inproceedings{Geismann_Gerking_Bodden_2018, title={Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes}, booktitle={International Conference on Software and System Processes (ICSSP)}, author={Geismann, Johannes and Gerking, Christopher and Bodden, Eric}, year={2018} }
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20550
@inproceedings{Bodden_2018, place={New York, NY, USA}, series={ICSE-NIER ’18}, title={Self-adaptive Static Analysis}, DOI={10.1145/3183399.3183401}, booktitle={Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results}, publisher={ACM}, author={Bodden, Eric}, year={2018}, pages={45–48}, collection={ICSE-NIER ’18} }
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 20551
@inproceedings{Nguyen Quang Do_Krüger_Hill_Ali_Bodden_2018, title={VISUFLOW, a Debugging Environment for Static Analyses}, booktitle={International Conference for Software Engineering (ICSE), Tool Demonstrations Track}, author={Nguyen Quang Do, Lisa and Krüger, Stefan and Hill, Patrick and Ali, Karim and Bodden, Eric}, year={2018} }
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 4999
@inproceedings{Pauck_Bodden_Wehrheim_2018, title={Do Android taint analysis tools keep their promises?}, DOI={10.1145/3236024.3236029}, booktitle={Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018}, publisher={ACM Press}, author={Pauck, Felix and Bodden, Eric and Wehrheim, Heike}, year={2018} }
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 5203
@inproceedings{Krüger_Späth_Ali_Bodden_Mezini_2018, title={CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2018}, pages={10:1-10:27} }
LibreCat
| Files available
| Download (ext.)
2017 | Misc | LibreCat-ID: 28231
@book{Bodden_Dressler_Meyer auf der Heide_Scheytt_Trächtler_2017, series={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, title={Intelligente technische Systeme}, volume={369}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, author={Bodden, Eric and Dressler, Falko and Meyer auf der Heide, Friedhelm and Scheytt, Christoph and Trächtler, Ansgar}, year={2017}, collection={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn} }
LibreCat
2017 | Book | LibreCat-ID: 24221
@book{Gausemeier_Bodden_Dressler_Dumitrescu_Meyer auf der Heide_Scheytt_Trächtler_2017, series={369}, title={Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)}, volume={369}, DOI={10.17619/UNIPB/1-93}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, author={Gausemeier, Jürgen and Bodden, Eric and Dressler, Falko and Dumitrescu, Roman and Meyer auf der Heide, Friedhelm and Scheytt, Christoph and Trächtler, Ansgar}, year={2017}, collection={369} }
LibreCat
| Files available
| DOI
2017 | Book (Editor) | LibreCat-ID: 27415
@book{Gausemeier_Bodden_Dressler_Dumitrescu_Meyer auf der Heide_Scheytt_Trächtler_2017, place={Paderborn}, title={Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369}, volume={369}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts}, year={2017} }
LibreCat
2017 | Book Chapter | LibreCat-ID: 20552
@inbook{Gerking_Bodden_Schäfer_2017, place={Berlin, Heidelberg}, title={Industrial Security by Design}, DOI={10.1007/978-3-662-52903-4_8-1}, booktitle={Handbuch Gestaltung digitaler und vernetzter Arbeitswelten}, publisher={Springer Berlin Heidelberg}, author={Gerking, Christopher and Bodden, Eric and Schäfer, Wilhelm}, editor={Maier, Günter W. and Engels, Gregor and Steffen, Eckhard}, year={2017}, pages={1–24} }
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 20553
@article{Ben Othmane_Chehrazi_Bodden_Tsalovski_Brucker_2017, title={Time for Addressing Software Security Issues: Prediction Models and Impacting Factors}, volume={2}, DOI={https://doi.org/10.1007/s41019-016-0019-8}, number={2}, journal={Data Science and Engineering}, author={Ben Othmane, Lotfi and Chehrazi, Golriz and Bodden, Eric and Tsalovski, Petar and Brucker, Achim D.}, year={2017}, pages={107–124} }
LibreCat
| Files available
| DOI
2017 | Report | LibreCat-ID: 20554
@book{Bodden_2017, title={Self-adaptive static analysis}, author={Bodden, Eric}, year={2017} }
LibreCat
| Download (ext.)
2017 | Report | LibreCat-ID: 20555
@book{Krüger_Späth_Ali_Bodden_Mezini_2017, title={CrySL: Validating Correct Usage of Cryptographic APIs}, author={Krüger, Stefan and Späth, Johannes and Ali, Karim and Bodden, Eric and Mezini, Mira}, year={2017} }
LibreCat
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 20557
@article{Lillack_Kästner_Bodden_2017, title={Tracking Load-time Configuration Options}, volume={PP}, DOI={10.1109/TSE.2017.2756048}, number={99}, journal={IEEE Transactions on Software Engineering}, author={Lillack, Max and Kästner, Christian and Bodden, Eric}, year={2017}, pages={1–1} }
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20558
@inproceedings{Krüger_Nadi_Reif_Ali_Mezini_Bodden_Göpfert_Günther_Weinert_Demmler_et al._2017, title={CogniCrypt: Supporting Developers in using Cryptography}, booktitle={International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track}, author={Krüger, Stefan and Nadi, Sarah and Reif, Michael and Ali, Karim and Mezini, Mira and Bodden, Eric and Göpfert, Florian and Günther, Felix and Weinert, Christian and Demmler, Daniel and et al.}, year={2017} }
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20559
@inproceedings{Do_Ali_Livshits_Bodden_Smith_Murphy-Hill_2017, place={New York, NY, USA}, series={ISSTA 2017}, title={Just-in-time Static Analysis}, DOI={10.1145/3092703.3092705}, booktitle={Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis}, publisher={ACM}, author={Do, Lisa Nguyen Quang and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}, year={2017}, pages={307–317}, collection={ISSTA 2017} }
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20715
@inproceedings{Nguyen Quang Do_Ali_Livshits_Bodden_Smith_Murphy-Hill_2017, title={Cheetah: Just-in-Time Taint Analysis for Android Apps}, booktitle={International Conference for Software Engineering (ICSE), Tool Demonstrations Track}, author={Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}, year={2017} }
LibreCat
| Download (ext.)
2017 | Book | LibreCat-ID: 23010
@book{Gausemeier_Bodden_Dressler_Dumitrescu_Meyer auf der Heide_Scheytt_Trächtler_2017, title={Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)}, volume={369}, publisher={Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn}, author={Gausemeier, Jürgen and Bodden, Eric and Dressler, Falko and Dumitrescu, Roman and Meyer auf der Heide, Friedhelm and Scheytt, Christoph and Trächtler, Ansgar}, year={2017} }
LibreCat
2017 | Conference Paper | LibreCat-ID: 5725
@inproceedings{Holzinger_Hermann_Lerch_Bodden_Mezini_2017, title={Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation}, DOI={10.1109/sp.2017.16}, booktitle={2017 IEEE Symposium on Security and Privacy (SP)}, publisher={IEEE}, author={Holzinger, Philipp and Hermann, Ben and Lerch, Johannes and Bodden, Eric and Mezini, Mira}, year={2017} }
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 5204
@inproceedings{Späth_Ali_Bodden_2017, title={IDEal: Efficient and Precise Alias-aware Dataflow Analysis}, booktitle={2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH)}, publisher={ACM Press}, author={Späth, Johannes and Ali, Karim and Bodden, Eric}, year={2017} }
LibreCat
| Files available
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 5209
@article{Fischer_Fuhry_Kerschbaum_Bodden_2017, title={Computation on Encrypted Data using Data Flow Authentication}, volume={abs/1710.00390}, journal={CoRR}, author={Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}, year={2017} }
LibreCat
| Files available
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20556
@inproceedings{Bodden_I Pun_Steffen_Stolz_Wickert_2016, title={Information Flow Analysis for Go}, DOI={10.1007/978-3-319-47166-2_30}, booktitle={Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}}, author={Bodden, Eric and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}, year={2016}, pages={431–445} }
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20716
@inproceedings{Bodden_Eichberg_I Pun_Steffen_Stolz_Wickert_2016, title={Don’t let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go}, booktitle={Nordic Workshop on Programming Theory (NWPT’16)}, author={Bodden, Eric and Eichberg, Michael and I Pun, Ka and Steffen, Martin and Stolz, Volker and Wickert, Anna-Katharina}, year={2016} }
LibreCat
| Download (ext.)
2016 | Report | LibreCat-ID: 20717
@book{Nguyen Quang Do_Ali_Livshits_Bodden_Smith_Murphy-Hill_2016, title={Just-in-Time Static Analysis}, DOI={http://dx.doi.org/10.7939/DVN/10859}, author={Nguyen Quang Do, Lisa and Ali, Karim and Livshits, Benjamin and Bodden, Eric and Smith, Justin and Murphy-Hill, Emerson}, year={2016} }
LibreCat
| DOI
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20718
@article{Rasthofer_Arzt_Bodden_Miltenberger_2016, title={Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen}, DOI={https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536}, journal={Datenschutz und Datensicherheit}, author={Rasthofer, Siegfried and Arzt, Steven and Bodden, Eric and Miltenberger, Marc}, year={2016}, pages={718–722} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20719
@inproceedings{Holzinger_Triller_Bartel_Bodden_2016, series={CCS ’16}, title={An In-Depth Study of More Than Ten Years of Java Exploitation}, DOI={http://doi.acm.org/10.1145/2976749.2978361}, booktitle={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, author={Holzinger, Philipp and Triller, Stefan and Bartel, Alexandre and Bodden, Eric}, year={2016}, pages={779–790}, collection={CCS ’16} }
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20720
@inproceedings{Follner_Bartel_Peng_Chang_Ispoglou_Payer_Bodden_2016, title={PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution}, booktitle={International Workshop on Security and Trust Management (STM)}, author={Follner, Andreas and Bartel, Alexandre and Peng, Hui and Chang, Yu-Chen and Ispoglou, Kyriakos and Payer, Mathias and Bodden, Eric}, year={2016}, pages={212–228} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20721
@inproceedings{Nguyen Quang Do_Eichberg_Bodden_2016, series={SOAP 2016}, title={Toward an Automated Benchmark Management System}, booktitle={Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}, author={Nguyen Quang Do, Lisa and Eichberg, Michael and Bodden, Eric}, year={2016}, pages={13–17}, collection={SOAP 2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20722
@inproceedings{Arzt_Kussmaul_Bodden_2016, series={SOAP 2016}, title={Towards Cross-Platform Cross-Language Analysis with Soot}, booktitle={Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis}, author={Arzt, Steven and Kussmaul, Tobias and Bodden, Eric}, year={2016}, pages={1–6}, collection={SOAP 2016} }
LibreCat
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20724
@article{Follner_Bodden_2016, title={ROPocop — Dynamic mitigation of code-reuse attacks}, volume={29}, DOI={http://dx.doi.org/10.1016/j.jisa.2016.01.002}, journal={Journal of Information Security and Applications }, author={Follner, Andreas and Bodden, Eric}, year={2016}, pages={16–26} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20725
@inproceedings{Follner_Bartel_Bodden_2016, title={Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality}, booktitle={International Symposium on Engineering Secure Software and Systems (ESSoS)}, author={Follner, Andreas and Bartel, Alexandre and Bodden, Eric}, year={2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20726
@inproceedings{Falzon_Bodden_2016, place={Berlin, Heidelberg}, title={Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels}, DOI={10.1007/978-3-662-49635-0_7}, booktitle={Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings}, publisher={Springer Berlin Heidelberg}, author={Falzon, Kevin and Bodden, Eric}, editor={Piessens, Frank and Vigan’o, Luca}, year={2016}, pages={116–138} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20727
@inproceedings{Rasthofer_Arzt_Miltenberger_Bodden_2016, title={Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques}, booktitle={Network and Distributed System Security Symposium (NDSS)}, author={Rasthofer, Siegfried and Arzt, Steven and Miltenberger, Marc and Bodden, Eric}, year={2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20728
@inproceedings{Nadi_Krüger_Mezini_Bodden_2016, title={Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?}, booktitle={International Conference for Software Engineering (ICSE)}, author={Nadi, Sarah and Krüger, Stefan and Mezini, Mira and Bodden, Eric}, year={2016}, pages={935–946} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20729
@inproceedings{Arzt_Bodden_2016, title={StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework}, booktitle={International Conference for Software Engineering (ICSE)}, author={Arzt, Steven and Bodden, Eric}, year={2016} }
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20730
@inproceedings{Eling_Rasthofer_Kolhagen_Bodden_Buxmann_2016, title={Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment}, DOI={10.1109/HICSS.2016.458}, booktitle={2016 49th Hawaii International Conference on System Sciences (HICSS)}, author={Eling, N. and Rasthofer, S. and Kolhagen, M. and Bodden, Eric and Buxmann, P.}, year={2016}, pages={3666–3675} }
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 5205
@inproceedings{Späth_Nguyen Quang Do_Ali_Bodden_2016, title={Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Späth, Johannes and Nguyen Quang Do, Lisa and Ali, Karim and Bodden, Eric}, year={2016} }
LibreCat
| Files available
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 5207
@inproceedings{Li_Bartel_Bissyande_Klein_Le Traon_Arzt_Rasthofer_Bodden_Octeau_McDaniel_2015, title={IccTA: Detecting Inter-Component Privacy Leaks in Android Apps}, booktitle={2015 International Conference on Software Engineering (ICSE)}, author={Li, Li and Bartel, Alexandre and Bissyande, Tegawende F. and Klein, Jacques and Le Traon, Yves and Arzt, Steven and Rasthofer, Siegfried and Bodden, Eric and Octeau, Damien and McDaniel, Patrick}, year={2015}, pages={280–291} }
LibreCat
| Files available
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5734
@inproceedings{Lerch_Hermann_Bodden_Mezini_2014, title={FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases}, DOI={10.1145/2635868.2635878}, booktitle={Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014}, publisher={ACM Press}, author={Lerch, Johannes and Hermann, Ben and Bodden, Eric and Mezini, Mira}, year={2014} }
LibreCat
| DOI
2014 | Conference Paper | LibreCat-ID: 5189
@inproceedings{Arzt_Rasthofer_Fritz_Bodden_Bartel_Klein_Le Traon_Octeau_McDaniel_2014, title={FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps}, DOI={10.1145/2594291.2594299}, booktitle={Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14}, publisher={ACM Press}, author={Arzt, Steven and Rasthofer, Siegfried and Fritz, Christian and Bodden, Eric and Bartel, Alexandre and Klein, Jacques and Le Traon, Yves and Octeau, Damien and McDaniel, Patrick}, year={2014} }
LibreCat
| Files available
| DOI
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5190
@inproceedings{Arzt_Rasthofer_Lovat_Bodden_2014, title={DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android}, booktitle={International Conference on Availability, Reliability and Security (ARES 2014)}, publisher={IEEE}, author={Arzt, Steven and Rasthofer, Siegfried and Lovat, Enrico and Bodden, Eric}, year={2014}, pages={40–49} }
LibreCat
| Files available
| Download (ext.)
2012 | Journal Article | LibreCat-ID: 5183
@article{Bodden_Lam_Hendren_2012, title={Partially Evaluating Finite-State Runtime Monitors Ahead of Time}, volume={34}, DOI={10.1145/2220365.2220366}, number={2}, journal={ACM Transactions on Programming Languages and Systems}, publisher={Association for Computing Machinery (ACM)}, author={Bodden, Eric and Lam, Patrick and Hendren, Laurie}, year={2012}, pages={1–52} }
LibreCat
| Files available
| DOI
| Download (ext.)