112 Publications
2024 | Conference Paper | LibreCat-ID: 52235
Khedkar, Mugdha, and Eric Bodden. “Toward an Android Static Analysis Approach for Data Protection.” In Proceedings of the 9th International Conference on Mobile Software Engineering and Systems, 2024.
LibreCat
| Files available
| arXiv
2024 | Journal Article | LibreCat-ID: 52587
Bodden, Eric, Jens Pottebaum, Markus Fockel, and Iris Gräßler. “Evaluating Security Through Isolation and Defense in Depth.” IEEE Security & Privacy 22, no. 1 (2024): 69–72. https://doi.org/10.1109/msec.2023.3336028.
LibreCat
| DOI
2024 | Misc | LibreCat-ID: 52663
Wickert, Anna-Katharina, Michael Schlichtig, Marvin Vogel, Lukas Winter, Mira Mezini, and Eric Bodden. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability, 2024.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 35083
Dann, Andreas Peter, Ben Hermann, and Eric Bodden. “UpCy: Safely Updating Outdated Dependencies.” International Conference on Software Engineering (ICSE), 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 36522 | 
Shivarpatna Venkatesh, Ashwin Prasad, Jiawei Wang, Li Li, and Eric Bodden. “Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis.” IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering), 2023. https://doi.org/10.48550/ARXIV.2301.04419.
LibreCat
| Files available
| DOI
2023 | Conference Paper | LibreCat-ID: 41812
Luo, Linghui, Goran Piskachev, Ranjith Krishnamurthy, Julian Dolby, Martin Schäf, and Eric Bodden. “Model Generation For Java Frameworks.” In IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 41813
Shivarpatna Venkatesh, Ashwin Prasad, Jiawei Wang, Li Li, and Eric Bodden. “Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis.” In IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2023.
LibreCat
2023 | Book Chapter | LibreCat-ID: 45888 |
Wehrheim, Heike, Marco Platzner, Eric Bodden, Philipp Schubert, Felix Pauck, and Marie-Christine Jakobs. “Verifying Software and Reconfigurable Hardware Services.” In On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets, edited by Claus-Jochen Haake, Friedhelm Meyer auf der Heide, Marco Platzner, Henning Wachsmuth, and Heike Wehrheim, 412:125–44. Verlagsschriftenreihe Des Heinz Nixdorf Instituts. Paderborn: Heinz Nixdorf Institut, Universität Paderborn, 2023. https://doi.org/10.5281/zenodo.8068583.
LibreCat
| Files available
| DOI
2023 | Journal Article | LibreCat-ID: 46816
Torres, Adriano, Pedro Costa, Luis Amaral, Jonata Pastro, Rodrigo Bonifácio, Marcelo d’Amorim, Owolabi Legunsen, Eric Bodden, and Edna Dias Canedo. “Runtime Verification of Crypto APIs: An Empirical Study.” IEEE Transactions on Software Engineering 49, no. 10 (2023): 4510–25. https://doi.org/10.1109/tse.2023.3301660.
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 49439
Piskachev, Goran, Matthias Becker, and Eric Bodden. “Can the Configuration of Static Analyses Make Resolving Security Vulnerabilities More Effective? - A User Study.” Empirical Software Engineering 28, no. 5 (2023). https://doi.org/10.1007/s10664-023-10354-3.
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
Krüger, Stefan, Michael Reif, Anna-Katharina Wickert, Sarah Nadi, Karim Ali, Eric Bodden, Yasemin Acar, Mira Mezini, and Sascha Fahl. “Securing Your Crypto-API Usage Through Tool Support - A Usability Study.” In 2023 IEEE Secure Development Conference (SecDev). IEEE, 2023. https://doi.org/10.1109/secdev56634.2023.00015.
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 48946
Gräßler, Iris, Eric Bodden, Dominik Wiechel, and Jens Pottebaum. “Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security.” Konstruktion 75, no. 11–12 (2023): 60–65. https://doi.org/10.37544/0720-5953-2023-11-12-60.
LibreCat
| DOI
2023 | Book Chapter | LibreCat-ID: 52662
Nachtigall, Marcus, Michael Schlichtig, and Eric Bodden. “Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale.” In Software Engineering 2023, 95–96. Bonn: Gesellschaft für Informatik e.V., 2023.
LibreCat
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 52660
Schlichtig, Michael, Steffen Sassalla, Krishna Narasimhan, and Eric Bodden. “Introducing FUM: A Framework for API Usage Constraint and Misuse Classification.” In Software Engineering 2023, 105–106. Bonn: Gesellschaft für Informatik e.V., 2023.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum, Jens, Jost Rossel, Juraj Somorovsky, Yasemin Acar, René Fahr, Patricia Arias Cabarcos, Eric Bodden, and Iris Gräßler. “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth.” In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 379–85. IEEE, 2023. https://doi.org/10.1109/eurospw59978.2023.00048.
LibreCat
| DOI
| Download (ext.)
2022 | Conference Paper | LibreCat-ID: 29844
Koch, Thorsten, Sascha Trippel, Stefan Dziwok, and Eric Bodden. “Integrating Security Protocols in Scenario-Based Requirements Specifications.” In Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications, 2022. https://doi.org/10.5220/0010783300003119.
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 31844
Fischer, Andreas, Benny Fuhry, Jörn Kußmaul, Jonas Janneck, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Dataflow Authentication.” ACM Transactions on Privacy and Security 25, no. 3 (2022): 1–36. https://doi.org/10.1145/3513005.
LibreCat
| DOI
2022 | Misc | LibreCat-ID: 32409
Schlichtig, Michael, Anna-Katharina Wickert, Stefan Krüger, Eric Bodden, and Mira Mezini. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite, 2022. https://doi.org/10.48550/ARXIV.2204.06447.
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 32410
Nachtigall, Marcus, Michael Schlichtig, and Eric Bodden. “A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools.” In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 532–43. ACM, 2022. https://doi.org/10.1145/3533767.
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 31133
Schlichtig, Michael, Steffen Sassalla, Krishna Narasimhan, and Eric Bodden. “FUM - A Framework for API Usage Constraint and Misuse Classification.” In 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 673–84, 2022. https://doi.org/10.1109/SANER53432.2022.00085.
LibreCat
| Files available
| DOI
2022 | Journal Article | LibreCat-ID: 30511 |
Schubert, Philipp, Paul Gazzillo, Zach Patterson, Julian Braha, Fabian Schiebel, Ben Hermann, Shiyi Wei, and Eric Bodden. “Static Data-Flow Analysis for Software Product Lines in C.” Automated Software Engineering 29, no. 1 (2022). https://doi.org/10.1007/s10515-022-00333-1.
LibreCat
| DOI
| Download (ext.)
2022 | Journal Article | LibreCat-ID: 33835
Sayar, Imen, Alexandre Bartel, Eric Bodden, and Yves Le Traon. “An In-Depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities.” ACM Transactions on Software Engineering and Methodology, 2022. https://doi.org/10.1145/3554732.
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 33836
Piskachev, Goran, Johannes Späth, Ingo Budde, and Eric Bodden. “Fluently Specifying Taint-Flow Queries with FluentTQL.” Empirical Software Engineering 27, no. 5 (2022): 1–33.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33838
Krishnamurthy, Ranjith, Goran Piskachev, and Eric Bodden. “To What Extent Can We Analyze Kotlin Programs Using Existing Java Taint Analysis Tools?” IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), 2022.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33837
Piskachev, Goran, Stefan Dziwok, Thorsten Koch, Sven Merschjohann, and Eric Bodden. “How Far Are German Companies in Improving Security through Static Program Analysis Tools?” IEEE Secure Development Conference (SecDev), 2022.
LibreCat
2021 | Journal Article | LibreCat-ID: 27045 |
Luo, Linghui, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko, Martin Mory, Eric Bodden, Ben Hermann, and Fabio Massacci. “TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses.” Empirical Software Engineering, 2021. https://doi.org/10.1007/s10664-021-10013-5.
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21595
Stockmann, Lars, Sven Laux, and Eric Bodden. “Using Architectural Runtime Verification for Offline Data Analysis.” Journal of Automotive Software Engineering, 2021. https://doi.org/10.2991/jase.d.210205.001.
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21597
Holzinger, Philipp, and Eric Bodden. “A Systematic Hardening of Java’s Information Hiding.” International Symposium on Advanced Security on Software and Systems (ASSS), 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21599
Bonifacio, Rodrigo, Stefan Krüger, Krishna Narasimhan, Eric Bodden, and Mira Mezini. “Dealing with Variability in API Misuse Specification.” European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22462
Shivarpatna Venkatesh, Ashwin Prasad, and Eric Bodden. “Automated Cell Header Generator for Jupyter Notebooks.” In International Workshop on AI and Software Testing/Analysis (AISTA), 2021. https://doi.org/10.1145/3464968.3468410.
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 23388
Kummita, Sriteja, Goran Piskachev, Johannes Spaeth, and Eric Bodden. “Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON.” In Proceedings of the 2021 International Conference on Code Quality (ICCQ), 2021. https://doi.org/10.1109/ICCQ51190.2021.9392986.
LibreCat
| DOI
| Download (ext.)
2021 | Conference Paper | LibreCat-ID: 21598 |
Schubert, Philipp, Ben Hermann, and Eric Bodden. “Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis.” In European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 31132
Dann, Andreas Peter, Henrik Plate, Ben Hermann, Serena Elisa Ponta, and Eric Bodden. “Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite.” IEEE Transactions on Software Engineering, 2021, 1–1. https://doi.org/10.1109/tse.2021.3101739.
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 26407
Piskachev, Goran, Ranjith Krishnamurthy, and Eric Bodden. “SecuCheck: Engineering Configurable Taint Analysis for Software Developers.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22463
Luo, Linghui, Martin Schäf, Daniel Sanchez, and Eric Bodden. “IDE Support for Cloud-Based Static Analyses.” In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 33840
Karakaya, Kadiray, and Eric Bodden. “SootFX: A Static Code Feature Extraction Tool for Java and Android.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 181–186, 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26406
Schubert, Philipp, Ben Hermann, Eric Bodden, and Richard Leer. “Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++.” In SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26405
Schubert, Philipp, Florian Sattler, Fabian Schiebel, Ben Hermann, and Eric Bodden. “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
2020 | Journal Article | LibreCat-ID: 20507
Geismann, Johannes, and Eric Bodden. “A Systematic Literature Review of Model-Driven Security Engineering for Cyber–Physical Systems.” Journal of Systems and Software 169 (2020): 110697. https://doi.org/10.1016/j.jss.2020.110697.
LibreCat
| DOI
2020 | Journal Article | LibreCat-ID: 20508
Nguyen Quang Do, Lisa, and Eric Bodden. “Explaining Static Analysis with Rule Graphs.” IEEE Transactions on Software Engineering, 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20509
Fischer, Andreas, Jonas Janneck, Jörn Kussmaul, Nikolas Krätzschmar, Florian Kerschbaum, and Eric Bodden. “PASAPTO: Policy-Aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage.” In 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20510
Benz, Manuel, Erik Krogh Kristensen, Linghui Luo, Nataniel P. Borges Jr., Eric Bodden, and Andreas Zeller. “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis.” In International Conference for Software Engineering (ICSE), 2020.
LibreCat
2020 | Conference Paper | LibreCat-ID: 20511
Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Dataflow Authentication.” In Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20518
Koch, Thorsten, Stefan Dziwok, Jörg Holtmann, and Eric Bodden. “Scenario-Based Specification of Security Protocols and Transformation to Security Model Checkers.” In ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM, 2020. https://doi.org/10.1145/3365438.3410946.
LibreCat
| DOI
2020 | Report | LibreCat-ID: 20712
Schubert, Philipp, Eric Bodden, and Ben Hermann. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020.
LibreCat
| Files available
2020 | Book Chapter | LibreCat-ID: 20891
Knüppel, Alexander, Stefan Krüger, Thomas Thüm, Richard Bubel, Sebastian Krieter, Eric Bodden, and Ina Schaefer. “Using Abstract Contracts for Verifying Evolving Features and Their Interactions.” In Lecture Notes in Computer Science. Cham, 2020. https://doi.org/10.1007/978-3-030-64354-6_5.
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 16214
Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Reproducing Taint-Analysis Results with ReproDroid.” In Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, edited by Michael Felderer, Wilhelm Hasselbring, Rick Rabiser, and Reiner Jung, 123–24. {LNI}. Gesellschaft f{\"{u}}r Informatik e.V., 2020. https://doi.org/10.18420/SE2020_36.
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 23521
Gräßler, Iris, Eric Bodden, Jens Pottebaum, Johannes Geismann, and Daniel Roesmann. “Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems.” In Advanced, Contemporary Control, Advances in Intelligent Systems and Computing, 1196:1458–69. Springer International Publishing, 2020.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20525
Stockmann, Lars, Sven Laux, and Eric Bodden. “Architectural Runtime Verification.” In 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 77–84, 2019. https://doi.org/10.1109/ICSA-C.2019.00021.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20527
Hazhirpasand, Mohammadreza, Mohammad Ghafari, Stefan Krüger, Eric Bodden, and Oskar Nierstrasz. “The Impact of Developer Experience in Using Java Cryptography.” In 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 1–6, 2019. https://doi.org/10.1109/ESEM.2019.8870184.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20528
Piskachev, Goran, Tobias Petrasch, Johannes Späth, and Eric Bodden. “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities.” In 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20529
Nachtigall, Marcus, Lisa Nguyen Quang Do, and Eric Bodden. “Explaining Static Analysis -- A Perspective.” In 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20531
Luo, Linghui, Eric Bodden, and Johannes Späth. “A Qualitative Analysis of Android Taint-Analysis Results.” In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20532
Piskachev, Goran, Lisa Nguyen Quang Do, Oshando Johnson, and Eric Bodden. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.” In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20533
Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/TSE.2019.2948910.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20534
Piskachev, Goran, Lisa Nguyen Quang Do, and Eric Bodden. “Codebase-Adaptive Detection of Security-Relevant Methods.” In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20535
Luo, Linghui, Julian Dolby, and Eric Bodden. “MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors.” In European Conference on Object-Oriented Programming (ECOOP), 2019.
LibreCat
| Download (ext.)
2019 | Report | LibreCat-ID: 20537
Piskachev, Goran, Lisa Nguyen, and Eric Bodden. Codebase-Adaptive Detection of Security-Relevant Methods, 2019.
LibreCat
2019 | Conference Paper | LibreCat-ID: 20538
Albert Gorski Iii, Sigmund, Benjamin Andow, Adwait Nadkarni, Sunil Manandhar, William Enck, Eric Bodden, and Alexandre Bartel. “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware.” In ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20539
Späth, Johannes, Karim Ali, and Eric Bodden. “Context-, Flow-, and Field-Sensitive Data-Flow Analysis Using Synchronized Pushdown Systems.” Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3, no. POPL (2019): 48:1-48:29. https://doi.org/10.1145/3290361.
LibreCat
| DOI
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 14896
Dann, Andreas, Ben Hermann, and Eric Bodden. “ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/tse.2019.2931331.
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 14897
Dann, Andreas, Ben Hermann, and Eric Bodden. “SootDiff: Bytecode Comparison across Different Java Compilers.” In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329966.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 7626 |
Schubert, Philipp, Ben Hermann, and Eric Bodden. “PhASAR: An Inter-Procedural Static Analysis Framework for C/C++.” In Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), II:393–410, 2019. https://doi.org/10.1007/978-3-030-17465-1_22.
LibreCat
| Files available
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 14898
Schubert, Philipp, Richard Leer, Ben Hermann, and Eric Bodden. “Know Your Analysis: How Instrumentation Aids Understanding Static Analysis.” In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329965.
LibreCat
| DOI
2018 | Preprint | LibreCat-ID: 2711
Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis Tools Keep Their Promises?” ArXiv:1804.02903, 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20530
Bodden, Eric, and Lisa Nguyen Quang Do. “Explainable Static Analysis.” In Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 205–8. {LNI}, 2018.
LibreCat
| Download (ext.)
2018 | Journal Article | LibreCat-ID: 20543
Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. “Debugging Static Analysis.” IEEE Transactions on Software Engineering, 2018, 1–1. https://doi.org/10.1109/TSE.2018.2868349.
LibreCat
| DOI
| Download (ext.)
2018 | Conference (Editor) | LibreCat-ID: 20544
Tichy, Matthias, Eric Bodden, Marco Kuhrmann, Stefan Wagner, and Jan-Philipp Steghöfer, eds. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Vol. {P-279}. {LNI}. Gesellschaft für Informatik, 2018.
LibreCat
2018 | Conference Paper | LibreCat-ID: 20546
Gerking, Christopher, David Schubert, and Eric Bodden. “Model Checking the Information Flow Security of Real-Time Systems.” In Engineering Secure Software and Systems, edited by Mathias Payer, Awais Rashid, and Jose M. Such, 27–43. Cham: Springer International Publishing, 2018.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20547
Nguyen Quang Do, Lisa, and Eric Bodden. “Gamifying Static Analysis.” In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 714–18. ESEC/FSE 2018. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236024.3264830.
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20548
Bodden, Eric. “The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-Based Static Analyses (and How to Master Them).” In ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), 85–93. ISSTA ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236454.3236500.
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20549
Geismann, Johannes, Christopher Gerking, and Eric Bodden. “Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes.” In International Conference on Software and System Processes (ICSSP), 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20550
Bodden, Eric. “Self-Adaptive Static Analysis.” In Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, 45–48. ICSE-NIER ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3183399.3183401.
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 20551
Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. “VISUFLOW, a Debugging Environment for Static Analyses.” In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 4999
Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis Tools Keep Their Promises?” In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018. ACM Press, 2018. https://doi.org/10.1145/3236024.3236029.
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 5203
Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.” In European Conference on Object-Oriented Programming (ECOOP), 10:1-10:27, 2018.
LibreCat
| Files available
| Download (ext.)
2017 | Misc | LibreCat-ID: 28231
Bodden, Eric, Falko Dressler, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler. Intelligente technische Systeme. Vol. 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
2017 | Book | LibreCat-ID: 24221
Gausemeier, Jürgen, Eric Bodden, Falko Dressler, Roman Dumitrescu, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol. 369. 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017. https://doi.org/10.17619/UNIPB/1-93.
LibreCat
| Files available
| DOI
2017 | Book (Editor) | LibreCat-ID: 27415
Gausemeier, Jürgen, Eric Bodden, Falko Dressler, Roman Dumitrescu, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler, eds. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369. Vol. 369. Paderborn: Verlagsschriftenreihe des Heinz Nixdorf Instituts, 2017.
LibreCat
2017 | Book Chapter | LibreCat-ID: 20552
Gerking, Christopher, Eric Bodden, and Wilhelm Schäfer. “Industrial Security by Design.” In Handbuch Gestaltung Digitaler Und Vernetzter Arbeitswelten, edited by Günter W. Maier, Gregor Engels, and Eckhard Steffen, 1–24. Berlin, Heidelberg: Springer Berlin Heidelberg, 2017. https://doi.org/10.1007/978-3-662-52903-4_8-1.
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 20553
Ben Othmane, Lotfi, Golriz Chehrazi, Eric Bodden, Petar Tsalovski, and Achim D. Brucker. “Time for Addressing Software Security Issues: Prediction Models and Impacting Factors.” Data Science and Engineering 2, no. 2 (2017): 107–24. https://doi.org/10.1007/s41019-016-0019-8.
LibreCat
| Files available
| DOI
2017 | Report | LibreCat-ID: 20554
Bodden, Eric. Self-Adaptive Static Analysis, 2017.
LibreCat
| Download (ext.)
2017 | Report | LibreCat-ID: 20555
Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. CrySL: Validating Correct Usage of Cryptographic APIs, 2017.
LibreCat
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 20557
Lillack, Max, Christian Kästner, and Eric Bodden. “Tracking Load-Time Configuration Options.” IEEE Transactions on Software Engineering PP, no. 99 (2017): 1–1. https://doi.org/10.1109/TSE.2017.2756048.
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20558
Krüger, Stefan, Sarah Nadi, Michael Reif, Karim Ali, Mira Mezini, Eric Bodden, Florian Göpfert, et al. “CogniCrypt: Supporting Developers in Using Cryptography.” In International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track, 2017.
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20559
Do, Lisa Nguyen Quang, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. “Just-in-Time Static Analysis.” In Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, 307–17. ISSTA 2017. New York, NY, USA: ACM, 2017. https://doi.org/10.1145/3092703.3092705.
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20715
Nguyen Quang Do, Lisa, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. “Cheetah: Just-in-Time Taint Analysis for Android Apps.” In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2017.
LibreCat
| Download (ext.)
2017 | Book | LibreCat-ID: 23010
Gausemeier, Jürgen, Eric Bodden, Falko Dressler, Roman Dumitrescu, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol. 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
2017 | Conference Paper | LibreCat-ID: 5725
Holzinger, Philipp, Ben Hermann, Johannes Lerch, Eric Bodden, and Mira Mezini. “Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation.” In 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017. https://doi.org/10.1109/sp.2017.16.
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 5204
Späth, Johannes, Karim Ali, and Eric Bodden. “IDEal: Efficient and Precise Alias-Aware Dataflow Analysis.” In 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH). ACM Press, 2017.
LibreCat
| Files available
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 5209
Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Data Flow Authentication.” CoRR abs/1710.00390 (2017).
LibreCat
| Files available
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20556
Bodden, Eric, Ka I Pun, Martin Steffen, Volker Stolz, and Anna-Katharina Wickert. “Information Flow Analysis for Go.” In Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}, 431–45, 2016. https://doi.org/10.1007/978-3-319-47166-2_30.
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20716
Bodden, Eric, Michael Eichberg, Ka I Pun, Martin Steffen, Volker Stolz, and Anna-Katharina Wickert. “Don’t Let Data Go Astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go.” In Nordic Workshop on Programming Theory (NWPT’16), 2016.
LibreCat
| Download (ext.)
2016 | Report | LibreCat-ID: 20717
Nguyen Quang Do, Lisa, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. Just-in-Time Static Analysis, 2016. http://dx.doi.org/10.7939/DVN/10859.
LibreCat
| DOI
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20718
Rasthofer, Siegfried, Steven Arzt, Eric Bodden, and Marc Miltenberger. “Harvester - Vollautomatische Extraktion von Laufzeitwerten Aus Obfuskierten Android-Applikationen.” Datenschutz Und Datensicherheit, 2016, 718–22. https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20719
Holzinger, Philipp, Stefan Triller, Alexandre Bartel, and Eric Bodden. “An In-Depth Study of More Than Ten Years of Java Exploitation.” In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 779–90. CCS ’16, 2016. http://doi.acm.org/10.1145/2976749.2978361.
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20720
Follner, Andreas, Alexandre Bartel, Hui Peng, Yu-Chen Chang, Kyriakos Ispoglou, Mathias Payer, and Eric Bodden. “PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution.” In International Workshop on Security and Trust Management (STM), 212–28, 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20721
Nguyen Quang Do, Lisa, Michael Eichberg, and Eric Bodden. “Toward an Automated Benchmark Management System.” In Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 13–17. SOAP 2016, 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20722
Arzt, Steven, Tobias Kussmaul, and Eric Bodden. “Towards Cross-Platform Cross-Language Analysis with Soot.” In Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 1–6. SOAP 2016, 2016.
LibreCat
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20724
Follner, Andreas, and Eric Bodden. “ROPocop — Dynamic Mitigation of Code-Reuse Attacks.” Journal of Information Security and Applications 29 (2016): 16–26. http://dx.doi.org/10.1016/j.jisa.2016.01.002.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20725
Follner, Andreas, Alexandre Bartel, and Eric Bodden. “Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality.” In International Symposium on Engineering Secure Software and Systems (ESSoS), 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20726
Falzon, Kevin, and Eric Bodden. “Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels.” In Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings, edited by Frank Piessens and Luca Vigan’o, 116–38. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016. https://doi.org/10.1007/978-3-662-49635-0_7.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20727
Rasthofer, Siegfried, Steven Arzt, Marc Miltenberger, and Eric Bodden. “Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques.” In Network and Distributed System Security Symposium (NDSS), 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20728
Nadi, Sarah, Stefan Krüger, Mira Mezini, and Eric Bodden. “Jumping Through Hoops: Why Do Java Developers Struggle With Cryptography APIs?” In International Conference for Software Engineering (ICSE), 935–46, 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20729
Arzt, Steven, and Eric Bodden. “StubDroid: Automatic Inference of Precise Data-Flow Summaries for the Android Framework.” In International Conference for Software Engineering (ICSE), 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20730
Eling, N., S. Rasthofer, M. Kolhagen, Eric Bodden, and P. Buxmann. “Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment.” In 2016 49th Hawaii International Conference on System Sciences (HICSS), 3666–75, 2016. https://doi.org/10.1109/HICSS.2016.458.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 5205
Späth, Johannes, Lisa Nguyen Quang Do, Karim Ali, and Eric Bodden. “Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java.” In European Conference on Object-Oriented Programming (ECOOP), 2016.
LibreCat
| Files available
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 5207
Li, Li, Alexandre Bartel, Tegawende F. Bissyande, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel. “IccTA: Detecting Inter-Component Privacy Leaks in Android Apps.” In 2015 International Conference on Software Engineering (ICSE), 280–91, 2015.
LibreCat
| Files available
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5734
Lerch, Johannes, Ben Hermann, Eric Bodden, and Mira Mezini. “FlowTwist: Efficient Context-Sensitive inside-out Taint Analysis for Large Codebases.” In Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014. ACM Press, 2014. https://doi.org/10.1145/2635868.2635878.
LibreCat
| DOI
2014 | Conference Paper | LibreCat-ID: 5189
Arzt, Steven, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. “FlowDroid: Precise Context, Flow, Field, Object-Sensitive and Lifecycle-Aware Taint Analysis for Android Apps.” In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14. ACM Press, 2014. https://doi.org/10.1145/2594291.2594299.
LibreCat
| Files available
| DOI
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5190
Arzt, Steven, Siegfried Rasthofer, Enrico Lovat, and Eric Bodden. “DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android.” In International Conference on Availability, Reliability and Security (ARES 2014), 40–49. IEEE, 2014.
LibreCat
| Files available
| Download (ext.)
2012 | Journal Article | LibreCat-ID: 5183
Bodden, Eric, Patrick Lam, and Laurie Hendren. “Partially Evaluating Finite-State Runtime Monitors Ahead of Time.” ACM Transactions on Programming Languages and Systems 34, no. 2 (2012): 1–52. https://doi.org/10.1145/2220365.2220366.
LibreCat
| Files available
| DOI
| Download (ext.)
Search
Filter Publications
Display / Sort
Export / Embed
112 Publications
2024 | Conference Paper | LibreCat-ID: 52235
Khedkar, Mugdha, and Eric Bodden. “Toward an Android Static Analysis Approach for Data Protection.” In Proceedings of the 9th International Conference on Mobile Software Engineering and Systems, 2024.
LibreCat
| Files available
| arXiv
2024 | Journal Article | LibreCat-ID: 52587
Bodden, Eric, Jens Pottebaum, Markus Fockel, and Iris Gräßler. “Evaluating Security Through Isolation and Defense in Depth.” IEEE Security & Privacy 22, no. 1 (2024): 69–72. https://doi.org/10.1109/msec.2023.3336028.
LibreCat
| DOI
2024 | Misc | LibreCat-ID: 52663
Wickert, Anna-Katharina, Michael Schlichtig, Marvin Vogel, Lukas Winter, Mira Mezini, and Eric Bodden. Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability, 2024.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 35083
Dann, Andreas Peter, Ben Hermann, and Eric Bodden. “UpCy: Safely Updating Outdated Dependencies.” International Conference on Software Engineering (ICSE), 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 36522 |
Shivarpatna Venkatesh, Ashwin Prasad, Jiawei Wang, Li Li, and Eric Bodden. “Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis.” IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering), 2023. https://doi.org/10.48550/ARXIV.2301.04419.
LibreCat
| Files available
| DOI
2023 | Conference Paper | LibreCat-ID: 41812
Luo, Linghui, Goran Piskachev, Ranjith Krishnamurthy, Julian Dolby, Martin Schäf, and Eric Bodden. “Model Generation For Java Frameworks.” In IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 41813
Shivarpatna Venkatesh, Ashwin Prasad, Jiawei Wang, Li Li, and Eric Bodden. “Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis.” In IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2023.
LibreCat
2023 | Book Chapter | LibreCat-ID: 45888 |
Wehrheim, Heike, Marco Platzner, Eric Bodden, Philipp Schubert, Felix Pauck, and Marie-Christine Jakobs. “Verifying Software and Reconfigurable Hardware Services.” In On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets, edited by Claus-Jochen Haake, Friedhelm Meyer auf der Heide, Marco Platzner, Henning Wachsmuth, and Heike Wehrheim, 412:125–44. Verlagsschriftenreihe Des Heinz Nixdorf Instituts. Paderborn: Heinz Nixdorf Institut, Universität Paderborn, 2023. https://doi.org/10.5281/zenodo.8068583.
LibreCat
| Files available
| DOI
2023 | Journal Article | LibreCat-ID: 46816
Torres, Adriano, Pedro Costa, Luis Amaral, Jonata Pastro, Rodrigo Bonifácio, Marcelo d’Amorim, Owolabi Legunsen, Eric Bodden, and Edna Dias Canedo. “Runtime Verification of Crypto APIs: An Empirical Study.” IEEE Transactions on Software Engineering 49, no. 10 (2023): 4510–25. https://doi.org/10.1109/tse.2023.3301660.
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 49439
Piskachev, Goran, Matthias Becker, and Eric Bodden. “Can the Configuration of Static Analyses Make Resolving Security Vulnerabilities More Effective? - A User Study.” Empirical Software Engineering 28, no. 5 (2023). https://doi.org/10.1007/s10664-023-10354-3.
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
Krüger, Stefan, Michael Reif, Anna-Katharina Wickert, Sarah Nadi, Karim Ali, Eric Bodden, Yasemin Acar, Mira Mezini, and Sascha Fahl. “Securing Your Crypto-API Usage Through Tool Support - A Usability Study.” In 2023 IEEE Secure Development Conference (SecDev). IEEE, 2023. https://doi.org/10.1109/secdev56634.2023.00015.
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 48946
Gräßler, Iris, Eric Bodden, Dominik Wiechel, and Jens Pottebaum. “Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security.” Konstruktion 75, no. 11–12 (2023): 60–65. https://doi.org/10.37544/0720-5953-2023-11-12-60.
LibreCat
| DOI
2023 | Book Chapter | LibreCat-ID: 52662
Nachtigall, Marcus, Michael Schlichtig, and Eric Bodden. “Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale.” In Software Engineering 2023, 95–96. Bonn: Gesellschaft für Informatik e.V., 2023.
LibreCat
| Download (ext.)
2023 | Book Chapter | LibreCat-ID: 52660
Schlichtig, Michael, Steffen Sassalla, Krishna Narasimhan, and Eric Bodden. “Introducing FUM: A Framework for API Usage Constraint and Misuse Classification.” In Software Engineering 2023, 105–106. Bonn: Gesellschaft für Informatik e.V., 2023.
LibreCat
| Download (ext.)
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum, Jens, Jost Rossel, Juraj Somorovsky, Yasemin Acar, René Fahr, Patricia Arias Cabarcos, Eric Bodden, and Iris Gräßler. “Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth.” In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 379–85. IEEE, 2023. https://doi.org/10.1109/eurospw59978.2023.00048.
LibreCat
| DOI
| Download (ext.)
2022 | Conference Paper | LibreCat-ID: 29844
Koch, Thorsten, Sascha Trippel, Stefan Dziwok, and Eric Bodden. “Integrating Security Protocols in Scenario-Based Requirements Specifications.” In Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications, 2022. https://doi.org/10.5220/0010783300003119.
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 31844
Fischer, Andreas, Benny Fuhry, Jörn Kußmaul, Jonas Janneck, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Dataflow Authentication.” ACM Transactions on Privacy and Security 25, no. 3 (2022): 1–36. https://doi.org/10.1145/3513005.
LibreCat
| DOI
2022 | Misc | LibreCat-ID: 32409
Schlichtig, Michael, Anna-Katharina Wickert, Stefan Krüger, Eric Bodden, and Mira Mezini. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite, 2022. https://doi.org/10.48550/ARXIV.2204.06447.
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 32410
Nachtigall, Marcus, Michael Schlichtig, and Eric Bodden. “A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools.” In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, 532–43. ACM, 2022. https://doi.org/10.1145/3533767.
LibreCat
| Files available
| DOI
2022 | Conference Paper | LibreCat-ID: 31133
Schlichtig, Michael, Steffen Sassalla, Krishna Narasimhan, and Eric Bodden. “FUM - A Framework for API Usage Constraint and Misuse Classification.” In 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 673–84, 2022. https://doi.org/10.1109/SANER53432.2022.00085.
LibreCat
| Files available
| DOI
2022 | Journal Article | LibreCat-ID: 30511 |
Schubert, Philipp, Paul Gazzillo, Zach Patterson, Julian Braha, Fabian Schiebel, Ben Hermann, Shiyi Wei, and Eric Bodden. “Static Data-Flow Analysis for Software Product Lines in C.” Automated Software Engineering 29, no. 1 (2022). https://doi.org/10.1007/s10515-022-00333-1.
LibreCat
| DOI
| Download (ext.)
2022 | Journal Article | LibreCat-ID: 33835
Sayar, Imen, Alexandre Bartel, Eric Bodden, and Yves Le Traon. “An In-Depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities.” ACM Transactions on Software Engineering and Methodology, 2022. https://doi.org/10.1145/3554732.
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 33836
Piskachev, Goran, Johannes Späth, Ingo Budde, and Eric Bodden. “Fluently Specifying Taint-Flow Queries with FluentTQL.” Empirical Software Engineering 27, no. 5 (2022): 1–33.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33838
Krishnamurthy, Ranjith, Goran Piskachev, and Eric Bodden. “To What Extent Can We Analyze Kotlin Programs Using Existing Java Taint Analysis Tools?” IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), 2022.
LibreCat
2022 | Conference Paper | LibreCat-ID: 33837
Piskachev, Goran, Stefan Dziwok, Thorsten Koch, Sven Merschjohann, and Eric Bodden. “How Far Are German Companies in Improving Security through Static Program Analysis Tools?” IEEE Secure Development Conference (SecDev), 2022.
LibreCat
2021 | Journal Article | LibreCat-ID: 27045 |
Luo, Linghui, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko, Martin Mory, Eric Bodden, Ben Hermann, and Fabio Massacci. “TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses.” Empirical Software Engineering, 2021. https://doi.org/10.1007/s10664-021-10013-5.
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21595
Stockmann, Lars, Sven Laux, and Eric Bodden. “Using Architectural Runtime Verification for Offline Data Analysis.” Journal of Automotive Software Engineering, 2021. https://doi.org/10.2991/jase.d.210205.001.
LibreCat
| DOI
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21597
Holzinger, Philipp, and Eric Bodden. “A Systematic Hardening of Java’s Information Hiding.” International Symposium on Advanced Security on Software and Systems (ASSS), 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 21599
Bonifacio, Rodrigo, Stefan Krüger, Krishna Narasimhan, Eric Bodden, and Mira Mezini. “Dealing with Variability in API Misuse Specification.” European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22462
Shivarpatna Venkatesh, Ashwin Prasad, and Eric Bodden. “Automated Cell Header Generator for Jupyter Notebooks.” In International Workshop on AI and Software Testing/Analysis (AISTA), 2021. https://doi.org/10.1145/3464968.3468410.
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 23388
Kummita, Sriteja, Goran Piskachev, Johannes Spaeth, and Eric Bodden. “Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON.” In Proceedings of the 2021 International Conference on Code Quality (ICCQ), 2021. https://doi.org/10.1109/ICCQ51190.2021.9392986.
LibreCat
| DOI
| Download (ext.)
2021 | Conference Paper | LibreCat-ID: 21598 |
Schubert, Philipp, Ben Hermann, and Eric Bodden. “Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis.” In European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat
| Download (ext.)
2021 | Journal Article | LibreCat-ID: 31132
Dann, Andreas Peter, Henrik Plate, Ben Hermann, Serena Elisa Ponta, and Eric Bodden. “Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite.” IEEE Transactions on Software Engineering, 2021, 1–1. https://doi.org/10.1109/tse.2021.3101739.
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 26407
Piskachev, Goran, Ranjith Krishnamurthy, and Eric Bodden. “SecuCheck: Engineering Configurable Taint Analysis for Software Developers.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 22463
Luo, Linghui, Martin Schäf, Daniel Sanchez, and Eric Bodden. “IDE Support for Cloud-Based Static Analyses.” In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 33840
Karakaya, Kadiray, and Eric Bodden. “SootFX: A Static Code Feature Extraction Tool for Java and Android.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 181–186, 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26406
Schubert, Philipp, Ben Hermann, Eric Bodden, and Richard Leer. “Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++.” In SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 26405
Schubert, Philipp, Florian Sattler, Fabian Schiebel, Ben Hermann, and Eric Bodden. “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++.” In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
2020 | Journal Article | LibreCat-ID: 20507
Geismann, Johannes, and Eric Bodden. “A Systematic Literature Review of Model-Driven Security Engineering for Cyber–Physical Systems.” Journal of Systems and Software 169 (2020): 110697. https://doi.org/10.1016/j.jss.2020.110697.
LibreCat
| DOI
2020 | Journal Article | LibreCat-ID: 20508
Nguyen Quang Do, Lisa, and Eric Bodden. “Explaining Static Analysis with Rule Graphs.” IEEE Transactions on Software Engineering, 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20509
Fischer, Andreas, Jonas Janneck, Jörn Kussmaul, Nikolas Krätzschmar, Florian Kerschbaum, and Eric Bodden. “PASAPTO: Policy-Aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage.” In 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20510
Benz, Manuel, Erik Krogh Kristensen, Linghui Luo, Nataniel P. Borges Jr., Eric Bodden, and Andreas Zeller. “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis.” In International Conference for Software Engineering (ICSE), 2020.
LibreCat
2020 | Conference Paper | LibreCat-ID: 20511
Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Dataflow Authentication.” In Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.
LibreCat
| Download (ext.)
2020 | Conference Paper | LibreCat-ID: 20518
Koch, Thorsten, Stefan Dziwok, Jörg Holtmann, and Eric Bodden. “Scenario-Based Specification of Security Protocols and Transformation to Security Model Checkers.” In ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM, 2020. https://doi.org/10.1145/3365438.3410946.
LibreCat
| DOI
2020 | Report | LibreCat-ID: 20712
Schubert, Philipp, Eric Bodden, and Ben Hermann. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020.
LibreCat
| Files available
2020 | Book Chapter | LibreCat-ID: 20891
Knüppel, Alexander, Stefan Krüger, Thomas Thüm, Richard Bubel, Sebastian Krieter, Eric Bodden, and Ina Schaefer. “Using Abstract Contracts for Verifying Evolving Features and Their Interactions.” In Lecture Notes in Computer Science. Cham, 2020. https://doi.org/10.1007/978-3-030-64354-6_5.
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 16214
Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Reproducing Taint-Analysis Results with ReproDroid.” In Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, edited by Michael Felderer, Wilhelm Hasselbring, Rick Rabiser, and Reiner Jung, 123–24. {LNI}. Gesellschaft f{\"{u}}r Informatik e.V., 2020. https://doi.org/10.18420/SE2020_36.
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 23521
Gräßler, Iris, Eric Bodden, Jens Pottebaum, Johannes Geismann, and Daniel Roesmann. “Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems.” In Advanced, Contemporary Control, Advances in Intelligent Systems and Computing, 1196:1458–69. Springer International Publishing, 2020.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20525
Stockmann, Lars, Sven Laux, and Eric Bodden. “Architectural Runtime Verification.” In 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 77–84, 2019. https://doi.org/10.1109/ICSA-C.2019.00021.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20527
Hazhirpasand, Mohammadreza, Mohammad Ghafari, Stefan Krüger, Eric Bodden, and Oskar Nierstrasz. “The Impact of Developer Experience in Using Java Cryptography.” In 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 1–6, 2019. https://doi.org/10.1109/ESEM.2019.8870184.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20528
Piskachev, Goran, Tobias Petrasch, Johannes Späth, and Eric Bodden. “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities.” In 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20529
Nachtigall, Marcus, Lisa Nguyen Quang Do, and Eric Bodden. “Explaining Static Analysis -- A Perspective.” In 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20531
Luo, Linghui, Eric Bodden, and Johannes Späth. “A Qualitative Analysis of Android Taint-Analysis Results.” In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20532
Piskachev, Goran, Lisa Nguyen Quang Do, Oshando Johnson, and Eric Bodden. “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods.” In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20533
Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/TSE.2019.2948910.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20534
Piskachev, Goran, Lisa Nguyen Quang Do, and Eric Bodden. “Codebase-Adaptive Detection of Security-Relevant Methods.” In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019.
LibreCat
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 20535
Luo, Linghui, Julian Dolby, and Eric Bodden. “MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors.” In European Conference on Object-Oriented Programming (ECOOP), 2019.
LibreCat
| Download (ext.)
2019 | Report | LibreCat-ID: 20537
Piskachev, Goran, Lisa Nguyen, and Eric Bodden. Codebase-Adaptive Detection of Security-Relevant Methods, 2019.
LibreCat
2019 | Conference Paper | LibreCat-ID: 20538
Albert Gorski Iii, Sigmund, Benjamin Andow, Adwait Nadkarni, Sunil Manandhar, William Enck, Eric Bodden, and Alexandre Bartel. “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware.” In ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.
LibreCat
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 20539
Späth, Johannes, Karim Ali, and Eric Bodden. “Context-, Flow-, and Field-Sensitive Data-Flow Analysis Using Synchronized Pushdown Systems.” Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3, no. POPL (2019): 48:1-48:29. https://doi.org/10.1145/3290361.
LibreCat
| DOI
| Download (ext.)
2019 | Journal Article | LibreCat-ID: 14896
Dann, Andreas, Ben Hermann, and Eric Bodden. “ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules.” IEEE Transactions on Software Engineering, 2019, 1–1. https://doi.org/10.1109/tse.2019.2931331.
LibreCat
| DOI
2019 | Conference Paper | LibreCat-ID: 14897
Dann, Andreas, Ben Hermann, and Eric Bodden. “SootDiff: Bytecode Comparison across Different Java Compilers.” In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329966.
LibreCat
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 7626 |
Schubert, Philipp, Ben Hermann, and Eric Bodden. “PhASAR: An Inter-Procedural Static Analysis Framework for C/C++.” In Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), II:393–410, 2019. https://doi.org/10.1007/978-3-030-17465-1_22.
LibreCat
| Files available
| DOI
| Download (ext.)
2019 | Conference Paper | LibreCat-ID: 14898
Schubert, Philipp, Richard Leer, Ben Hermann, and Eric Bodden. “Know Your Analysis: How Instrumentation Aids Understanding Static Analysis.” In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis - SOAP 2019, 2019. https://doi.org/10.1145/3315568.3329965.
LibreCat
| DOI
2018 | Preprint | LibreCat-ID: 2711
Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis Tools Keep Their Promises?” ArXiv:1804.02903, 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20530
Bodden, Eric, and Lisa Nguyen Quang Do. “Explainable Static Analysis.” In Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 205–8. {LNI}, 2018.
LibreCat
| Download (ext.)
2018 | Journal Article | LibreCat-ID: 20543
Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. “Debugging Static Analysis.” IEEE Transactions on Software Engineering, 2018, 1–1. https://doi.org/10.1109/TSE.2018.2868349.
LibreCat
| DOI
| Download (ext.)
2018 | Conference (Editor) | LibreCat-ID: 20544
Tichy, Matthias, Eric Bodden, Marco Kuhrmann, Stefan Wagner, and Jan-Philipp Steghöfer, eds. Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany. Vol. {P-279}. {LNI}. Gesellschaft für Informatik, 2018.
LibreCat
2018 | Conference Paper | LibreCat-ID: 20546
Gerking, Christopher, David Schubert, and Eric Bodden. “Model Checking the Information Flow Security of Real-Time Systems.” In Engineering Secure Software and Systems, edited by Mathias Payer, Awais Rashid, and Jose M. Such, 27–43. Cham: Springer International Publishing, 2018.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20547
Nguyen Quang Do, Lisa, and Eric Bodden. “Gamifying Static Analysis.” In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 714–18. ESEC/FSE 2018. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236024.3264830.
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20548
Bodden, Eric. “The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-Based Static Analyses (and How to Master Them).” In ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), 85–93. ISSTA ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3236454.3236500.
LibreCat
| DOI
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 20549
Geismann, Johannes, Christopher Gerking, and Eric Bodden. “Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes.” In International Conference on Software and System Processes (ICSSP), 2018.
LibreCat
| Files available
2018 | Conference Paper | LibreCat-ID: 20550
Bodden, Eric. “Self-Adaptive Static Analysis.” In Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, 45–48. ICSE-NIER ’18. New York, NY, USA: ACM, 2018. https://doi.org/10.1145/3183399.3183401.
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 20551
Nguyen Quang Do, Lisa, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. “VISUFLOW, a Debugging Environment for Static Analyses.” In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.
LibreCat
| Download (ext.)
2018 | Conference Paper | LibreCat-ID: 4999
Pauck, Felix, Eric Bodden, and Heike Wehrheim. “Do Android Taint Analysis Tools Keep Their Promises?” In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering - ESEC/FSE 2018. ACM Press, 2018. https://doi.org/10.1145/3236024.3236029.
LibreCat
| Files available
| DOI
2018 | Conference Paper | LibreCat-ID: 5203
Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs.” In European Conference on Object-Oriented Programming (ECOOP), 10:1-10:27, 2018.
LibreCat
| Files available
| Download (ext.)
2017 | Misc | LibreCat-ID: 28231
Bodden, Eric, Falko Dressler, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler. Intelligente technische Systeme. Vol. 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
2017 | Book | LibreCat-ID: 24221
Gausemeier, Jürgen, Eric Bodden, Falko Dressler, Roman Dumitrescu, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol. 369. 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017. https://doi.org/10.17619/UNIPB/1-93.
LibreCat
| Files available
| DOI
2017 | Book (Editor) | LibreCat-ID: 27415
Gausemeier, Jürgen, Eric Bodden, Falko Dressler, Roman Dumitrescu, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler, eds. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369. Vol. 369. Paderborn: Verlagsschriftenreihe des Heinz Nixdorf Instituts, 2017.
LibreCat
2017 | Book Chapter | LibreCat-ID: 20552
Gerking, Christopher, Eric Bodden, and Wilhelm Schäfer. “Industrial Security by Design.” In Handbuch Gestaltung Digitaler Und Vernetzter Arbeitswelten, edited by Günter W. Maier, Gregor Engels, and Eckhard Steffen, 1–24. Berlin, Heidelberg: Springer Berlin Heidelberg, 2017. https://doi.org/10.1007/978-3-662-52903-4_8-1.
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 20553
Ben Othmane, Lotfi, Golriz Chehrazi, Eric Bodden, Petar Tsalovski, and Achim D. Brucker. “Time for Addressing Software Security Issues: Prediction Models and Impacting Factors.” Data Science and Engineering 2, no. 2 (2017): 107–24. https://doi.org/10.1007/s41019-016-0019-8.
LibreCat
| Files available
| DOI
2017 | Report | LibreCat-ID: 20554
Bodden, Eric. Self-Adaptive Static Analysis, 2017.
LibreCat
| Download (ext.)
2017 | Report | LibreCat-ID: 20555
Krüger, Stefan, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. CrySL: Validating Correct Usage of Cryptographic APIs, 2017.
LibreCat
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 20557
Lillack, Max, Christian Kästner, and Eric Bodden. “Tracking Load-Time Configuration Options.” IEEE Transactions on Software Engineering PP, no. 99 (2017): 1–1. https://doi.org/10.1109/TSE.2017.2756048.
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20558
Krüger, Stefan, Sarah Nadi, Michael Reif, Karim Ali, Mira Mezini, Eric Bodden, Florian Göpfert, et al. “CogniCrypt: Supporting Developers in Using Cryptography.” In International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track, 2017.
LibreCat
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20559
Do, Lisa Nguyen Quang, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. “Just-in-Time Static Analysis.” In Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, 307–17. ISSTA 2017. New York, NY, USA: ACM, 2017. https://doi.org/10.1145/3092703.3092705.
LibreCat
| DOI
| Download (ext.)
2017 | Conference Paper | LibreCat-ID: 20715
Nguyen Quang Do, Lisa, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. “Cheetah: Just-in-Time Taint Analysis for Android Apps.” In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2017.
LibreCat
| Download (ext.)
2017 | Book | LibreCat-ID: 23010
Gausemeier, Jürgen, Eric Bodden, Falko Dressler, Roman Dumitrescu, Friedhelm Meyer auf der Heide, Christoph Scheytt, and Ansgar Trächtler. Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). Vol. 369. Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
2017 | Conference Paper | LibreCat-ID: 5725
Holzinger, Philipp, Ben Hermann, Johannes Lerch, Eric Bodden, and Mira Mezini. “Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation.” In 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017. https://doi.org/10.1109/sp.2017.16.
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 5204
Späth, Johannes, Karim Ali, and Eric Bodden. “IDEal: Efficient and Precise Alias-Aware Dataflow Analysis.” In 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH). ACM Press, 2017.
LibreCat
| Files available
| Download (ext.)
2017 | Journal Article | LibreCat-ID: 5209
Fischer, Andreas, Benny Fuhry, Florian Kerschbaum, and Eric Bodden. “Computation on Encrypted Data Using Data Flow Authentication.” CoRR abs/1710.00390 (2017).
LibreCat
| Files available
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20556
Bodden, Eric, Ka I Pun, Martin Steffen, Volker Stolz, and Anna-Katharina Wickert. “Information Flow Analysis for Go.” In Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}, 431–45, 2016. https://doi.org/10.1007/978-3-319-47166-2_30.
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20716
Bodden, Eric, Michael Eichberg, Ka I Pun, Martin Steffen, Volker Stolz, and Anna-Katharina Wickert. “Don’t Let Data Go Astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go.” In Nordic Workshop on Programming Theory (NWPT’16), 2016.
LibreCat
| Download (ext.)
2016 | Report | LibreCat-ID: 20717
Nguyen Quang Do, Lisa, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson Murphy-Hill. Just-in-Time Static Analysis, 2016. http://dx.doi.org/10.7939/DVN/10859.
LibreCat
| DOI
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20718
Rasthofer, Siegfried, Steven Arzt, Eric Bodden, and Marc Miltenberger. “Harvester - Vollautomatische Extraktion von Laufzeitwerten Aus Obfuskierten Android-Applikationen.” Datenschutz Und Datensicherheit, 2016, 718–22. https://www.springerprofessional.de/en/datenschutz-und-datensicherheit-dud-11-2016/10866536.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20719
Holzinger, Philipp, Stefan Triller, Alexandre Bartel, and Eric Bodden. “An In-Depth Study of More Than Ten Years of Java Exploitation.” In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 779–90. CCS ’16, 2016. http://doi.acm.org/10.1145/2976749.2978361.
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 20720
Follner, Andreas, Alexandre Bartel, Hui Peng, Yu-Chen Chang, Kyriakos Ispoglou, Mathias Payer, and Eric Bodden. “PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution.” In International Workshop on Security and Trust Management (STM), 212–28, 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20721
Nguyen Quang Do, Lisa, Michael Eichberg, and Eric Bodden. “Toward an Automated Benchmark Management System.” In Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 13–17. SOAP 2016, 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20722
Arzt, Steven, Tobias Kussmaul, and Eric Bodden. “Towards Cross-Platform Cross-Language Analysis with Soot.” In Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 1–6. SOAP 2016, 2016.
LibreCat
| Download (ext.)
2016 | Journal Article | LibreCat-ID: 20724
Follner, Andreas, and Eric Bodden. “ROPocop — Dynamic Mitigation of Code-Reuse Attacks.” Journal of Information Security and Applications 29 (2016): 16–26. http://dx.doi.org/10.1016/j.jisa.2016.01.002.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20725
Follner, Andreas, Alexandre Bartel, and Eric Bodden. “Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality.” In International Symposium on Engineering Secure Software and Systems (ESSoS), 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20726
Falzon, Kevin, and Eric Bodden. “Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels.” In Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings, edited by Frank Piessens and Luca Vigan’o, 116–38. Berlin, Heidelberg: Springer Berlin Heidelberg, 2016. https://doi.org/10.1007/978-3-662-49635-0_7.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20727
Rasthofer, Siegfried, Steven Arzt, Marc Miltenberger, and Eric Bodden. “Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques.” In Network and Distributed System Security Symposium (NDSS), 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20728
Nadi, Sarah, Stefan Krüger, Mira Mezini, and Eric Bodden. “Jumping Through Hoops: Why Do Java Developers Struggle With Cryptography APIs?” In International Conference for Software Engineering (ICSE), 935–46, 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20729
Arzt, Steven, and Eric Bodden. “StubDroid: Automatic Inference of Precise Data-Flow Summaries for the Android Framework.” In International Conference for Software Engineering (ICSE), 2016.
LibreCat
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 20730
Eling, N., S. Rasthofer, M. Kolhagen, Eric Bodden, and P. Buxmann. “Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment.” In 2016 49th Hawaii International Conference on System Sciences (HICSS), 3666–75, 2016. https://doi.org/10.1109/HICSS.2016.458.
LibreCat
| DOI
| Download (ext.)
2016 | Conference Paper | LibreCat-ID: 5205
Späth, Johannes, Lisa Nguyen Quang Do, Karim Ali, and Eric Bodden. “Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java.” In European Conference on Object-Oriented Programming (ECOOP), 2016.
LibreCat
| Files available
| Download (ext.)
2015 | Conference Paper | LibreCat-ID: 5207
Li, Li, Alexandre Bartel, Tegawende F. Bissyande, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, and Patrick McDaniel. “IccTA: Detecting Inter-Component Privacy Leaks in Android Apps.” In 2015 International Conference on Software Engineering (ICSE), 280–91, 2015.
LibreCat
| Files available
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5734
Lerch, Johannes, Ben Hermann, Eric Bodden, and Mira Mezini. “FlowTwist: Efficient Context-Sensitive inside-out Taint Analysis for Large Codebases.” In Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014. ACM Press, 2014. https://doi.org/10.1145/2635868.2635878.
LibreCat
| DOI
2014 | Conference Paper | LibreCat-ID: 5189
Arzt, Steven, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. “FlowDroid: Precise Context, Flow, Field, Object-Sensitive and Lifecycle-Aware Taint Analysis for Android Apps.” In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14. ACM Press, 2014. https://doi.org/10.1145/2594291.2594299.
LibreCat
| Files available
| DOI
| Download (ext.)
2014 | Conference Paper | LibreCat-ID: 5190
Arzt, Steven, Siegfried Rasthofer, Enrico Lovat, and Eric Bodden. “DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android.” In International Conference on Availability, Reliability and Security (ARES 2014), 40–49. IEEE, 2014.
LibreCat
| Files available
| Download (ext.)
2012 | Journal Article | LibreCat-ID: 5183
Bodden, Eric, Patrick Lam, and Laurie Hendren. “Partially Evaluating Finite-State Runtime Monitors Ahead of Time.” ACM Transactions on Programming Languages and Systems 34, no. 2 (2012): 1–52. https://doi.org/10.1145/2220365.2220366.
LibreCat
| Files available
| DOI
| Download (ext.)