119 Publications

Mark all

[119]
2024 | Misc | LibreCat-ID: 52663
Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability
A.-K. Wickert, M. Schlichtig, M. Vogel, L. Winter, M. Mezini, E. Bodden, Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability, 2024.
LibreCat | Download (ext.)
 
[118]
2024 | Journal Article | LibreCat-ID: 52587
Evaluating Security Through Isolation and Defense in Depth
E. Bodden, J. Pottebaum, M. Fockel, I. Gräßler, IEEE Security & Privacy 22 (2024) 69–72.
LibreCat | DOI
 
[117]
2024 | Conference Paper | LibreCat-ID: 53938
Symbol-Specific Sparsification of Interprocedural Distributive Environment Problems
K. Karakaya, E. Bodden, in: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering, ACM, 2024.
LibreCat | DOI
 
[116]
2024 | Book Chapter | LibreCat-ID: 53942
SootUp: A Redesign of the Soot Static Analysis Framework
K. Karakaya, S. Schott, J. Klauke, E. Bodden, M. Schmidt, L. Luo, D. He, in: Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature Switzerland, Cham, 2024.
LibreCat | DOI
 
[115]
2024 | Conference Paper | LibreCat-ID: 53958
Detecting Security-Relevant Methods using Multi-label Machine Learning
O. Johnson, G. Piskachev, R. Krishnamurthy, E. Bodden, in: Proceedings of the 46th International Conference on Software Engineering, IDE Workshop, 2024.
LibreCat | DOI
 
[114]
2024 | Conference Paper | LibreCat-ID: 53959
TypeEvalPy: A Micro-benchmarking Framework for Python Type Inference Tools
A.P. Shivarpatna Venkatesh, S. Sabu, J. Wang, A.M. Mir, L. Li, E. Bodden, in: Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings, Association for Computing Machinery, New York, NY, USA, 2024, pp. 49–53.
LibreCat | DOI | arXiv
 
[113]
2024 | Conference Paper | LibreCat-ID: 55516
The Emergence of Large Language Models in Static Analysis: A First Look through Micro-Benchmarks
A.P. Shivarpatna Venkatesh, S. Sabu, A.M. Mir, S. Reis, E. Bodden, in: Proceedings of the 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering, ACM, 2024.
LibreCat | DOI
 
[112]
2024 | Conference Paper | LibreCat-ID: 52235
Toward an Android Static Analysis Approach for Data Protection
M. Khedkar, E. Bodden, in: Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68., 2024.
LibreCat | Files available | DOI | arXiv
 
[111]
2024 | Conference Paper | LibreCat-ID: 56137
Do Android App Developers Accurately Report Collection of Privacy-Related Data?
M. Khedkar, A.K. Mondal, E. Bodden, in: In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24), 2024.
LibreCat | Files available | arXiv
 
[110]
2023 | Conference Paper | LibreCat-ID: 35083
UpCy: Safely Updating Outdated Dependencies
A.P. Dann, B. Hermann, E. Bodden, (2023).
LibreCat
 
[109]
2023 | Journal Article | LibreCat-ID: 46816
Runtime Verification of Crypto APIs: An Empirical Study
A. Torres, P. Costa, L. Amaral, J. Pastro, R. Bonifácio, M. d’Amorim, O. Legunsen, E. Bodden, E. Dias Canedo, IEEE Transactions on Software Engineering 49 (2023) 4510–4525.
LibreCat | DOI
 
[108]
2023 | Journal Article | LibreCat-ID: 49439
Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study
G. Piskachev, M. Becker, E. Bodden, Empirical Software Engineering 28 (2023).
LibreCat | DOI
 
[107]
2023 | Journal Article | LibreCat-ID: 48946 LibreCat | DOI
 
[106]
2023 | Book Chapter | LibreCat-ID: 52662
Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale
M. Nachtigall, M. Schlichtig, E. Bodden, in: Software Engineering 2023, Gesellschaft für Informatik e.V., Bonn, 2023, pp. 95–96.
LibreCat | Download (ext.)
 
[105]
2023 | Book Chapter | LibreCat-ID: 52660
Introducing FUM: A Framework for API Usage Constraint and Misuse Classification
M. Schlichtig, S. Sassalla, K. Narasimhan, E. Bodden, in: Software Engineering 2023, Gesellschaft für Informatik e.V., Bonn, 2023, pp. 105–106.
LibreCat | Download (ext.)
 
[104]
2023 | Book Chapter | LibreCat-ID: 45888 | OA
Verifying Software and Reconfigurable Hardware Services
H. Wehrheim, M. Platzner, E. Bodden, P. Schubert, F. Pauck, M.-C. Jakobs, in: C.-J. Haake, F. Meyer auf der Heide, M. Platzner, H. Wachsmuth, H. Wehrheim (Eds.), On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets, Heinz Nixdorf Institut, Universität Paderborn, Paderborn, 2023, pp. 125–144.
LibreCat | Files available | DOI
 
[103]
2023 | Conference Paper | LibreCat-ID: 49438
Securing Your Crypto-API Usage Through Tool Support - A Usability Study
S. Krüger, M. Reif, A.-K. Wickert, S. Nadi, K. Ali, E. Bodden, Y. Acar, M. Mezini, S. Fahl, in: 2023 IEEE Secure Development Conference (SecDev), IEEE, 2023.
LibreCat | DOI
 
[102]
2023 | Conference Paper | LibreCat-ID: 46500
Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth
J. Pottebaum, J. Rossel, J. Somorovsky, Y. Acar, R. Fahr, P. Arias Cabarcos, E. Bodden, I. Gräßler, in: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), IEEE, 2023, pp. 379–385.
LibreCat | Files available | DOI | Download (ext.)
 
[101]
2023 | Conference Paper | LibreCat-ID: 36522 | OA
Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis
A.P. Shivarpatna Venkatesh, J. Wang, L. Li, E. Bodden, in: IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering), 2023.
LibreCat | Files available | DOI
 
[100]
2023 | Conference Paper | LibreCat-ID: 41812
Model Generation For Java Frameworks
L. Luo, G. Piskachev, R. Krishnamurthy, J. Dolby, M. Schäf, E. Bodden, in: IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.
LibreCat
 
[99]
2023 | Conference Paper | LibreCat-ID: 41813
Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis
A.P. Shivarpatna Venkatesh, J. Wang, L. Li, E. Bodden, in: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2023.
LibreCat
 
[98]
2022 | Conference Paper | LibreCat-ID: 29844
Integrating Security Protocols in Scenario-based Requirements Specifications
T. Koch, S. Trippel, S. Dziwok, E. Bodden, in: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development, SCITEPRESS - Science and Technology Publications, 2022.
LibreCat | DOI
 
[97]
2022 | Journal Article | LibreCat-ID: 31844
Computation on Encrypted Data Using Dataflow Authentication
A. Fischer, B. Fuhry, J. Kußmaul, J. Janneck, F. Kerschbaum, E. Bodden, ACM Transactions on Privacy and Security 25 (2022) 1–36.
LibreCat | DOI
 
[96]
2022 | Misc | LibreCat-ID: 32409
CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite
M. Schlichtig, A.-K. Wickert, S. Krüger, E. Bodden, M. Mezini, CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite, 2022.
LibreCat | Files available | DOI
 
[95]
2022 | Conference Paper | LibreCat-ID: 32410
A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools
M. Nachtigall, M. Schlichtig, E. Bodden, in: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ACM, 2022, pp. 532–543.
LibreCat | Files available | DOI
 
[94]
2022 | Conference Paper | LibreCat-ID: 31133
FUM - A Framework for API Usage constraint and Misuse Classification
M. Schlichtig, S. Sassalla, K. Narasimhan, E. Bodden, in: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2022, pp. 673–684.
LibreCat | Files available | DOI
 
[93]
2022 | Journal Article | LibreCat-ID: 30511 | OA
Static data-flow analysis for software product lines in C
P. Schubert, P. Gazzillo, Z. Patterson, J. Braha, F. Schiebel, B. Hermann, S. Wei, E. Bodden, Automated Software Engineering 29 (2022).
LibreCat | DOI | Download (ext.)
 
[92]
2022 | Journal Article | LibreCat-ID: 33835
An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities
I. Sayar, A. Bartel, E. Bodden, Y. Le Traon, ACM Transactions on Software Engineering and Methodology (2022).
LibreCat | DOI
 
[91]
2022 | Journal Article | LibreCat-ID: 33836
Fluently specifying taint-flow queries with fluentTQL
G. Piskachev, J. Späth, I. Budde, E. Bodden, Empirical Software Engineering 27 (2022) 1–33.
LibreCat
 
[90]
2022 | Conference Paper | LibreCat-ID: 33838 LibreCat
 
[89]
2022 | Conference Paper | LibreCat-ID: 33837
How far are German companies in improving security through static program analysis tools?
G. Piskachev, S. Dziwok, T. Koch, S. Merschjohann, E. Bodden, (2022).
LibreCat
 
[88]
2022 | Journal Article | LibreCat-ID: 53952
“Free” as in Freedom to Protest?
F. Massacci, A. Sabetta, J. Mirkovic, T. Murray, H. Okhravi, M. Mannan, A. Rocha, E. Bodden, D.E. Geer, IEEE Security & Privacy 20 (2022) 16–21.
LibreCat | DOI
 
[87]
2021 | Journal Article | LibreCat-ID: 27045 | OA
TaintBench: Automatic real-world malware benchmarking of Android taint analyses
L. Luo, F. Pauck, G. Piskachev, M. Benz, I. Pashchenko, M. Mory, E. Bodden, B. Hermann, F. Massacci, Empirical Software Engineering (2021).
LibreCat | DOI | Download (ext.)
 
[86]
2021 | Journal Article | LibreCat-ID: 21595
Using Architectural Runtime Verification for Offline Data Analysis
L. Stockmann, S. Laux, E. Bodden, Journal of Automotive Software Engineering (2021).
LibreCat | DOI | Download (ext.)
 
[85]
2021 | Journal Article | LibreCat-ID: 21597
A Systematic Hardening of Java's Information Hiding
P. Holzinger, E. Bodden, International Symposium on Advanced Security on Software and Systems (ASSS) (2021).
LibreCat | Download (ext.)
 
[84]
2021 | Journal Article | LibreCat-ID: 21599
Dealing with Variability in API Misuse Specification
R. Bonifacio, S. Krüger, K. Narasimhan, E. Bodden, M. Mezini, European Conference on Object-Oriented Programming (ECOOP) (2021).
LibreCat
 
[83]
2021 | Conference Paper | LibreCat-ID: 22462
Automated Cell Header Generator for Jupyter Notebooks
A.P. Shivarpatna Venkatesh, E. Bodden, in: International Workshop on AI and Software Testing/Analysis (AISTA), 2021.
LibreCat | DOI
 
[82]
2021 | Conference Paper | LibreCat-ID: 23388
Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON
S. Kummita, G. Piskachev, J. Spaeth, E. Bodden, in: Proceedings of the 2021 International Conference on Code Quality (ICCQ), 2021.
LibreCat | DOI | Download (ext.)
 
[81]
2021 | Conference Paper | LibreCat-ID: 21598 | OA
Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis
P. Schubert, B. Hermann, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat | Download (ext.)
 
[80]
2021 | Journal Article | LibreCat-ID: 31132
Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite
A.P. Dann, H. Plate, B. Hermann, S.E. Ponta, E. Bodden, IEEE Transactions on Software Engineering (2021) 1–1.
LibreCat | DOI
 
[79]
2021 | Conference Paper | LibreCat-ID: 26407
SecuCheck: Engineering configurable taint analysis for software developers
G. Piskachev, R. Krishnamurthy, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
 
[78]
2021 | Conference Paper | LibreCat-ID: 22463
IDE Support for Cloud-Based Static Analyses
L. Luo, M. Schäf, D. Sanchez, E. Bodden, in: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021.
LibreCat
 
[77]
2021 | Conference Paper | LibreCat-ID: 33840
SootFX: A Static Code Feature Extraction Tool for Java and Android
K. Karakaya, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021, pp. 181–186.
LibreCat
 
[76]
2021 | Conference Paper | LibreCat-ID: 26406
Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++
P. Schubert, B. Hermann, E. Bodden, R. Leer, in: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.
LibreCat
 
[75]
2021 | Conference Paper | LibreCat-ID: 26405
Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++
P. Schubert, F. Sattler, F. Schiebel, B. Hermann, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
 
[74]
2020 | Journal Article | LibreCat-ID: 20507
A systematic literature review of model-driven security engineering for cyber–physical systems
J. Geismann, E. Bodden, Journal of Systems and Software 169 (2020) 110697.
LibreCat | DOI
 
[73]
2020 | Journal Article | LibreCat-ID: 20508
Explaining Static Analysis with Rule Graphs
L. Nguyen Quang Do, E. Bodden, IEEE Transactions on Software Engineering (2020).
LibreCat | Download (ext.)
 
[72]
2020 | Conference Paper | LibreCat-ID: 20509
PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage
A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, E. Bodden, in: 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.
LibreCat | Download (ext.)
 
[71]
2020 | Conference Paper | LibreCat-ID: 20510
Heaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis
M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, A. Zeller, in: International Conference for Software Engineering (ICSE), 2020.
LibreCat
 
[70]
2020 | Conference Paper | LibreCat-ID: 20511
Computation on Encrypted Data using Dataflow Authentication
A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, in: Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.
LibreCat | Download (ext.)
 
[69]
2020 | Conference Paper | LibreCat-ID: 20518
Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers
T. Koch, S. Dziwok, J. Holtmann, E. Bodden, in: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20), ACM, 2020.
LibreCat | DOI
 
[68]
2020 | Report | LibreCat-ID: 20712
Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries
P. Schubert, E. Bodden, B. Hermann, Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020.
LibreCat | Files available
 
[67]
2020 | Book Chapter | LibreCat-ID: 20891
Using Abstract Contracts for Verifying Evolving Features and Their Interactions
A. Knüppel, S. Krüger, T. Thüm, R. Bubel, S. Krieter, E. Bodden, I. Schaefer, in: Lecture Notes in Computer Science, Cham, 2020.
LibreCat | DOI
 
[66]
2020 | Conference Paper | LibreCat-ID: 23521
Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems
I. Gräßler, E. Bodden, J. Pottebaum, J. Geismann, D. Roesmann, in: Advanced, Contemporary Control, Advances in Intelligent Systems and Computing, Springer International Publishing, 2020, pp. 1458–1469.
LibreCat | Download (ext.)
 
[65]
2020 | Conference Paper | LibreCat-ID: 16214
Reproducing Taint-Analysis Results with ReproDroid
F. Pauck, E. Bodden, H. Wehrheim, in: M. Felderer, W. Hasselbring, R. Rabiser, R. Jung (Eds.), Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, Gesellschaft f{\"{u}}r Informatik e.V., 2020, pp. 123–124.
LibreCat | DOI
 
[64]
2019 | Conference Paper | LibreCat-ID: 20525
Architectural Runtime Verification
L. Stockmann, S. Laux, E. Bodden, in: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84.
LibreCat | DOI | Download (ext.)
 
[63]
2019 | Conference Paper | LibreCat-ID: 20527
The Impact of Developer Experience in Using Java Cryptography
M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, O. Nierstrasz, in: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6.
LibreCat | DOI | Download (ext.)
 
[62]
2019 | Conference Paper | LibreCat-ID: 20528
AuthCheck: Program-state Analysis for Access-control Vulnerabilities
G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.
LibreCat | Download (ext.)
 
[61]
2019 | Conference Paper | LibreCat-ID: 20529
Explaining Static Analysis -- A Perspective
M. Nachtigall, L. Nguyen Quang Do, E. Bodden, in: 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.
LibreCat | Download (ext.)
 
[60]
2019 | Conference Paper | LibreCat-ID: 20531
A Qualitative Analysis of Android Taint-Analysis Results
L. Luo, E. Bodden, J. Späth, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019.
LibreCat | Download (ext.)
 
[59]
2019 | Conference Paper | LibreCat-ID: 20532
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.
LibreCat | Download (ext.)
 
[58]
2019 | Journal Article | LibreCat-ID: 20533
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, IEEE Transactions on Software Engineering (2019) 1–1.
LibreCat | DOI | Download (ext.)
 
[57]
2019 | Conference Paper | LibreCat-ID: 20534
Codebase-Adaptive Detection of Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, E. Bodden, in: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019.
LibreCat | Download (ext.)
 
[56]
2019 | Conference Paper | LibreCat-ID: 20535
MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors
L. Luo, J. Dolby, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2019.
LibreCat | Download (ext.)
 
[55]
2019 | Report | LibreCat-ID: 20537
Codebase-Adaptive Detection of Security-Relevant Methods
G. Piskachev, L. Nguyen, E. Bodden, Codebase-Adaptive Detection of Security-Relevant Methods, 2019.
LibreCat
 
[54]
2019 | Conference Paper | LibreCat-ID: 20538
ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware
S. Albert Gorski Iii, B. Andow, A. Nadkarni, S. Manandhar, W. Enck, E. Bodden, A. Bartel, in: ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.
LibreCat | Download (ext.)
 
[53]
2019 | Journal Article | LibreCat-ID: 20539
Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems
J. Späth, K. Ali, E. Bodden, Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3 (2019) 48:1-48:29.
LibreCat | DOI | Download (ext.)
 
[52]
2019 | Journal Article | LibreCat-ID: 14896
ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules
A. Dann, B. Hermann, E. Bodden, IEEE Transactions on Software Engineering (2019) 1–1.
LibreCat | DOI
 
[51]
2019 | Conference Paper | LibreCat-ID: 14897
SootDiff: bytecode comparison across different Java compilers
A. Dann, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019.
LibreCat | DOI | Download (ext.)
 
[50]
2019 | Conference Paper | LibreCat-ID: 7626 | OA
PhASAR: An Inter-Procedural Static Analysis Framework for C/C++
P. Schubert, B. Hermann, E. Bodden, in: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), 2019, pp. 393–410.
LibreCat | Files available | DOI | Download (ext.)
 
[49]
2019 | Conference Paper | LibreCat-ID: 14898
Know your analysis: how instrumentation aids understanding static analysis
P. Schubert, R. Leer, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019.
LibreCat | DOI
 
[48]
2018 | Preprint | LibreCat-ID: 2711
Do Android Taint Analysis Tools Keep their Promises?
F. Pauck, E. Bodden, H. Wehrheim, ArXiv:1804.02903 (2018).
LibreCat | Files available
 
[47]
2018 | Conference Paper | LibreCat-ID: 20530
Explainable Static Analysis
E. Bodden, L. Nguyen Quang Do, in: Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–208.
LibreCat | Download (ext.)
 
[46]
2018 | Journal Article | LibreCat-ID: 20543
Debugging Static Analysis
L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, IEEE Transactions on Software Engineering (2018) 1–1.
LibreCat | DOI | Download (ext.)
 
[45]
2018 | Conference (Editor) | LibreCat-ID: 20544
Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany
M. Tichy, E. Bodden, M. Kuhrmann, S. Wagner, J.-P. Steghöfer, eds., Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany, Gesellschaft für Informatik, 2018.
LibreCat
 
[44]
2018 | Conference Paper | LibreCat-ID: 20546
Model Checking the Information Flow Security of Real-Time Systems
C. Gerking, D. Schubert, E. Bodden, in: M. Payer, A. Rashid, J.M. Such (Eds.), Engineering Secure Software and Systems, Springer International Publishing, Cham, 2018, pp. 27–43.
LibreCat | Download (ext.)
 
[43]
2018 | Conference Paper | LibreCat-ID: 20547
Gamifying Static Analysis
L. Nguyen Quang Do, E. Bodden, in: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ACM, New York, NY, USA, 2018, pp. 714–718.
LibreCat | DOI | Download (ext.)
 
[42]
2018 | Conference Paper | LibreCat-ID: 20548
The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)
E. Bodden, in: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), ACM, New York, NY, USA, 2018, pp. 85–93.
LibreCat | DOI | Download (ext.)
 
[41]
2018 | Conference Paper | LibreCat-ID: 20549
Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes
J. Geismann, C. Gerking, E. Bodden, in: International Conference on Software and System Processes (ICSSP), 2018.
LibreCat | Files available
 
[40]
2018 | Conference Paper | LibreCat-ID: 20550
Self-adaptive Static Analysis
E. Bodden, in: Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, ACM, New York, NY, USA, 2018, pp. 45–48.
LibreCat | Files available | DOI
 
[39]
2018 | Conference Paper | LibreCat-ID: 20551
VISUFLOW, a Debugging Environment for Static Analyses
L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, in: International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.
LibreCat | Download (ext.)
 
[38]
2018 | Conference Paper | LibreCat-ID: 4999
Do Android taint analysis tools keep their promises?
F. Pauck, E. Bodden, H. Wehrheim, in: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering  - ESEC/FSE 2018, ACM Press, 2018.
LibreCat | Files available | DOI
 
[37]
2018 | Conference Paper | LibreCat-ID: 5203
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, in: European Conference on Object-Oriented Programming (ECOOP), 2018, pp. 10:1-10:27.
LibreCat | Files available | Download (ext.)
 
[36]
2017 | Misc | LibreCat-ID: 28231
Intelligente technische Systeme
E. Bodden, F. Dressler, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, Intelligente technische Systeme, Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
 
[35]
2017 | Book | LibreCat-ID: 24221
Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)
J. Gausemeier, E. Bodden, F. Dressler, R. Dumitrescu, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, Wissenschaftsforum Intelligente Technische Systeme (WInTeSys), Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat | Files available | DOI
 
[34]
2017 | Book (Editor) | LibreCat-ID: 27415
Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369
J. Gausemeier, E. Bodden, F. Dressler, R. Dumitrescu, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, eds., Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369, Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
 
[33]
2017 | Book Chapter | LibreCat-ID: 20552
Industrial Security by Design
C. Gerking, E. Bodden, W. Schäfer, in: G.W. Maier, G. Engels, E. Steffen (Eds.), Handbuch Gestaltung Digitaler Und Vernetzter Arbeitswelten, Springer Berlin Heidelberg, Berlin, Heidelberg, 2017, pp. 1–24.
LibreCat | DOI
 
[32]
2017 | Journal Article | LibreCat-ID: 20553
Time for Addressing Software Security Issues: Prediction Models and Impacting Factors
L. Ben Othmane, G. Chehrazi, E. Bodden, P. Tsalovski, A.D. Brucker, Data Science and Engineering 2 (2017) 107–124.
LibreCat | Files available | DOI
 
[31]
2017 | Report | LibreCat-ID: 20554
Self-adaptive static analysis
E. Bodden, Self-Adaptive Static Analysis, 2017.
LibreCat | Download (ext.)
 
[30]
2017 | Report | LibreCat-ID: 20555
CrySL: Validating Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, CrySL: Validating Correct Usage of Cryptographic APIs, 2017.
LibreCat | Download (ext.)
 
[29]
2017 | Journal Article | LibreCat-ID: 20557
Tracking Load-time Configuration Options
M. Lillack, C. Kästner, E. Bodden, IEEE Transactions on Software Engineering PP (2017) 1–1.
LibreCat | DOI | Download (ext.)
 
[28]
2017 | Conference Paper | LibreCat-ID: 20558
CogniCrypt: Supporting Developers in using Cryptography
S. Krüger, S. Nadi, M. Reif, K. Ali, M. Mezini, E. Bodden, F. Göpfert, F. Günther, C. Weinert, D. Demmler, R. Kamath, in: International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track, 2017.
LibreCat | Download (ext.)
 
[27]
2017 | Conference Paper | LibreCat-ID: 20559
Just-in-time Static Analysis
L.N.Q. Do, K. Ali, B. Livshits, E. Bodden, J. Smith, E. Murphy-Hill, in: Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, ACM, New York, NY, USA, 2017, pp. 307–317.
LibreCat | DOI | Download (ext.)
 
[26]
2017 | Conference Paper | LibreCat-ID: 20715
Cheetah: Just-in-Time Taint Analysis for Android Apps
L. Nguyen Quang Do, K. Ali, B. Livshits, E. Bodden, J. Smith, E. Murphy-Hill, in: International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2017.
LibreCat | Download (ext.)
 
[25]
2017 | Book | LibreCat-ID: 23010
Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)
J. Gausemeier, E. Bodden, F. Dressler, R. Dumitrescu, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, Wissenschaftsforum Intelligente Technische Systeme (WInTeSys), Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
 
[24]
2017 | Conference Paper | LibreCat-ID: 5725
Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation
P. Holzinger, B. Hermann, J. Lerch, E. Bodden, M. Mezini, in: 2017 IEEE Symposium on Security and Privacy (SP), IEEE, 2017.
LibreCat | DOI
 
[23]
2017 | Conference Paper | LibreCat-ID: 5204
IDEal: Efficient and Precise Alias-aware Dataflow Analysis
J. Späth, K. Ali, E. Bodden, in: 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH), ACM Press, 2017.
LibreCat | Files available | Download (ext.)
 
[22]
2017 | Journal Article | LibreCat-ID: 5209
Computation on Encrypted Data using Data Flow Authentication
A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, CoRR abs/1710.00390 (2017).
LibreCat | Files available | Download (ext.)
 
[21]
2016 | Conference Paper | LibreCat-ID: 20556
Information Flow Analysis for Go
E. Bodden, K. I Pun, M. Steffen, V. Stolz, A.-K. Wickert, in: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}, 2016, pp. 431–445.
LibreCat | DOI
 
[20]
2016 | Conference Paper | LibreCat-ID: 20716
Don't let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go
E. Bodden, M. Eichberg, K. I Pun, M. Steffen, V. Stolz, A.-K. Wickert, in: Nordic Workshop on Programming Theory (NWPT’16), 2016.
LibreCat | Download (ext.)
 
[19]
2016 | Report | LibreCat-ID: 20717
Just-in-Time Static Analysis
L. Nguyen Quang Do, K. Ali, B. Livshits, E. Bodden, J. Smith, E. Murphy-Hill, Just-in-Time Static Analysis, 2016.
LibreCat | DOI | Download (ext.)
 
[18]
2016 | Journal Article | LibreCat-ID: 20718
Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen
S. Rasthofer, S. Arzt, E. Bodden, M. Miltenberger, Datenschutz Und Datensicherheit (2016) 718–722.
LibreCat | DOI | Download (ext.)
 
[17]
2016 | Conference Paper | LibreCat-ID: 20719
An In-Depth Study of More Than Ten Years of Java Exploitation
P. Holzinger, S. Triller, A. Bartel, E. Bodden, in: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 779–790.
LibreCat | DOI
 
[16]
2016 | Conference Paper | LibreCat-ID: 20720
PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution
A. Follner, A. Bartel, H. Peng, Y.-C. Chang, K. Ispoglou, M. Payer, E. Bodden, in: International Workshop on Security and Trust Management (STM), 2016, pp. 212–228.
LibreCat | Download (ext.)
 
[15]
2016 | Conference Paper | LibreCat-ID: 20721
Toward an Automated Benchmark Management System
L. Nguyen Quang Do, M. Eichberg, E. Bodden, in: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 2016, pp. 13–17.
LibreCat | Download (ext.)
 
[14]
2016 | Conference Paper | LibreCat-ID: 20722
Towards Cross-Platform Cross-Language Analysis with Soot
S. Arzt, T. Kussmaul, E. Bodden, in: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 2016, pp. 1–6.
LibreCat | Download (ext.)
 
[13]
2016 | Journal Article | LibreCat-ID: 20724
ROPocop — Dynamic mitigation of code-reuse attacks
A. Follner, E. Bodden, Journal of Information Security and Applications 29 (2016) 16–26.
LibreCat | DOI | Download (ext.)
 
[12]
2016 | Conference Paper | LibreCat-ID: 20725
Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality
A. Follner, A. Bartel, E. Bodden, in: International Symposium on Engineering Secure Software and Systems (ESSoS), 2016.
LibreCat | Download (ext.)
 
[11]
2016 | Conference Paper | LibreCat-ID: 20726
Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels
K. Falzon, E. Bodden, in: F. Piessens, L. Vigan’o (Eds.), Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings, Springer Berlin Heidelberg, Berlin, Heidelberg, 2016, pp. 116–138.
LibreCat | DOI | Download (ext.)
 
[10]
2016 | Conference Paper | LibreCat-ID: 20727
Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques
S. Rasthofer, S. Arzt, M. Miltenberger, E. Bodden, in: Network and Distributed System Security Symposium (NDSS), 2016.
LibreCat | Download (ext.)
 
[9]
2016 | Conference Paper | LibreCat-ID: 20728
Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?
S. Nadi, S. Krüger, M. Mezini, E. Bodden, in: International Conference for Software Engineering (ICSE), 2016, pp. 935–946.
LibreCat | Download (ext.)
 
[8]
2016 | Conference Paper | LibreCat-ID: 20729
StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework
S. Arzt, E. Bodden, in: International Conference for Software Engineering (ICSE), 2016.
LibreCat | Download (ext.)
 
[7]
2016 | Conference Paper | LibreCat-ID: 20730
Investigating Users' Reaction to Fine-Grained Data Requests: A Market Experiment
N. Eling, S. Rasthofer, M. Kolhagen, E. Bodden, P. Buxmann, in: 2016 49th Hawaii International Conference on System Sciences (HICSS), 2016, pp. 3666–3675.
LibreCat | DOI | Download (ext.)
 
[6]
2016 | Conference Paper | LibreCat-ID: 5205
Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java
J. Späth, L. Nguyen Quang Do, K. Ali, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2016.
LibreCat | Files available | Download (ext.)
 
[5]
2015 | Conference Paper | LibreCat-ID: 5207
IccTA: Detecting Inter-Component Privacy Leaks in Android Apps
L. Li, A. Bartel, T.F. Bissyande, J. Klein, Y. Le Traon, S. Arzt, S. Rasthofer, E. Bodden, D. Octeau, P. McDaniel, in: 2015 International Conference on Software Engineering (ICSE), 2015, pp. 280–291.
LibreCat | Files available | Download (ext.)
 
[4]
2014 | Conference Paper | LibreCat-ID: 5734
FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases
J. Lerch, B. Hermann, E. Bodden, M. Mezini, in: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014, ACM Press, 2014.
LibreCat | DOI
 
[3]
2014 | Conference Paper | LibreCat-ID: 5189
FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps
S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, P. McDaniel, in: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14, ACM Press, 2014.
LibreCat | Files available | DOI | Download (ext.)
 
[2]
2014 | Conference Paper | LibreCat-ID: 5190
DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android
S. Arzt, S. Rasthofer, E. Lovat, E. Bodden, in: International Conference on Availability, Reliability and Security (ARES 2014), IEEE, 2014, pp. 40–49.
LibreCat | Files available | Download (ext.)
 
[1]
2012 | Journal Article | LibreCat-ID: 5183
Partially Evaluating Finite-State Runtime Monitors Ahead of Time
E. Bodden, P. Lam, L. Hendren, ACM Transactions on Programming Languages and Systems 34 (2012) 1–52.
LibreCat | Files available | DOI | Download (ext.)
 

Search

Filter Publications

Display / Sort

Export / Embed

119 Publications

Mark all

[119]
2024 | Misc | LibreCat-ID: 52663
Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability
A.-K. Wickert, M. Schlichtig, M. Vogel, L. Winter, M. Mezini, E. Bodden, Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability, 2024.
LibreCat | Download (ext.)
 
[118]
2024 | Journal Article | LibreCat-ID: 52587
Evaluating Security Through Isolation and Defense in Depth
E. Bodden, J. Pottebaum, M. Fockel, I. Gräßler, IEEE Security & Privacy 22 (2024) 69–72.
LibreCat | DOI
 
[117]
2024 | Conference Paper | LibreCat-ID: 53938
Symbol-Specific Sparsification of Interprocedural Distributive Environment Problems
K. Karakaya, E. Bodden, in: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering, ACM, 2024.
LibreCat | DOI
 
[116]
2024 | Book Chapter | LibreCat-ID: 53942
SootUp: A Redesign of the Soot Static Analysis Framework
K. Karakaya, S. Schott, J. Klauke, E. Bodden, M. Schmidt, L. Luo, D. He, in: Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature Switzerland, Cham, 2024.
LibreCat | DOI
 
[115]
2024 | Conference Paper | LibreCat-ID: 53958
Detecting Security-Relevant Methods using Multi-label Machine Learning
O. Johnson, G. Piskachev, R. Krishnamurthy, E. Bodden, in: Proceedings of the 46th International Conference on Software Engineering, IDE Workshop, 2024.
LibreCat | DOI
 
[114]
2024 | Conference Paper | LibreCat-ID: 53959
TypeEvalPy: A Micro-benchmarking Framework for Python Type Inference Tools
A.P. Shivarpatna Venkatesh, S. Sabu, J. Wang, A.M. Mir, L. Li, E. Bodden, in: Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings, Association for Computing Machinery, New York, NY, USA, 2024, pp. 49–53.
LibreCat | DOI | arXiv
 
[113]
2024 | Conference Paper | LibreCat-ID: 55516
The Emergence of Large Language Models in Static Analysis: A First Look through Micro-Benchmarks
A.P. Shivarpatna Venkatesh, S. Sabu, A.M. Mir, S. Reis, E. Bodden, in: Proceedings of the 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering, ACM, 2024.
LibreCat | DOI
 
[112]
2024 | Conference Paper | LibreCat-ID: 52235
Toward an Android Static Analysis Approach for Data Protection
M. Khedkar, E. Bodden, in: Proceedings of the IEEE/ACM 11th International Conference on Mobile Software Engineering and Systems (MOBILESoft ’24). Association for Computing Machinery, New York, NY, USA, 65–68., 2024.
LibreCat | Files available | DOI | arXiv
 
[111]
2024 | Conference Paper | LibreCat-ID: 56137
Do Android App Developers Accurately Report Collection of Privacy-Related Data?
M. Khedkar, A.K. Mondal, E. Bodden, in: In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering Workshops (ASEW ’24), 2024.
LibreCat | Files available | arXiv
 
[110]
2023 | Conference Paper | LibreCat-ID: 35083
UpCy: Safely Updating Outdated Dependencies
A.P. Dann, B. Hermann, E. Bodden, (2023).
LibreCat
 
[109]
2023 | Journal Article | LibreCat-ID: 46816
Runtime Verification of Crypto APIs: An Empirical Study
A. Torres, P. Costa, L. Amaral, J. Pastro, R. Bonifácio, M. d’Amorim, O. Legunsen, E. Bodden, E. Dias Canedo, IEEE Transactions on Software Engineering 49 (2023) 4510–4525.
LibreCat | DOI
 
[108]
2023 | Journal Article | LibreCat-ID: 49439
Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study
G. Piskachev, M. Becker, E. Bodden, Empirical Software Engineering 28 (2023).
LibreCat | DOI
 
[107]
2023 | Journal Article | LibreCat-ID: 48946 LibreCat | DOI
 
[106]
2023 | Book Chapter | LibreCat-ID: 52662
Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale
M. Nachtigall, M. Schlichtig, E. Bodden, in: Software Engineering 2023, Gesellschaft für Informatik e.V., Bonn, 2023, pp. 95–96.
LibreCat | Download (ext.)
 
[105]
2023 | Book Chapter | LibreCat-ID: 52660
Introducing FUM: A Framework for API Usage Constraint and Misuse Classification
M. Schlichtig, S. Sassalla, K. Narasimhan, E. Bodden, in: Software Engineering 2023, Gesellschaft für Informatik e.V., Bonn, 2023, pp. 105–106.
LibreCat | Download (ext.)
 
[104]
2023 | Book Chapter | LibreCat-ID: 45888 | OA
Verifying Software and Reconfigurable Hardware Services
H. Wehrheim, M. Platzner, E. Bodden, P. Schubert, F. Pauck, M.-C. Jakobs, in: C.-J. Haake, F. Meyer auf der Heide, M. Platzner, H. Wachsmuth, H. Wehrheim (Eds.), On-The-Fly Computing -- Individualized IT-Services in Dynamic Markets, Heinz Nixdorf Institut, Universität Paderborn, Paderborn, 2023, pp. 125–144.
LibreCat | Files available | DOI
 
[103]
2023 | Conference Paper | LibreCat-ID: 49438
Securing Your Crypto-API Usage Through Tool Support - A Usability Study
S. Krüger, M. Reif, A.-K. Wickert, S. Nadi, K. Ali, E. Bodden, Y. Acar, M. Mezini, S. Fahl, in: 2023 IEEE Secure Development Conference (SecDev), IEEE, 2023.
LibreCat | DOI
 
[102]
2023 | Conference Paper | LibreCat-ID: 46500
Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth
J. Pottebaum, J. Rossel, J. Somorovsky, Y. Acar, R. Fahr, P. Arias Cabarcos, E. Bodden, I. Gräßler, in: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), IEEE, 2023, pp. 379–385.
LibreCat | Files available | DOI | Download (ext.)
 
[101]
2023 | Conference Paper | LibreCat-ID: 36522 | OA
Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis
A.P. Shivarpatna Venkatesh, J. Wang, L. Li, E. Bodden, in: IEEE SANER 2023 (International Conference on Software Analysis, Evolution and Reengineering), 2023.
LibreCat | Files available | DOI
 
[100]
2023 | Conference Paper | LibreCat-ID: 41812
Model Generation For Java Frameworks
L. Luo, G. Piskachev, R. Krishnamurthy, J. Dolby, M. Schäf, E. Bodden, in: IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.
LibreCat
 
[99]
2023 | Conference Paper | LibreCat-ID: 41813
Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis
A.P. Shivarpatna Venkatesh, J. Wang, L. Li, E. Bodden, in: IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2023.
LibreCat
 
[98]
2022 | Conference Paper | LibreCat-ID: 29844
Integrating Security Protocols in Scenario-based Requirements Specifications
T. Koch, S. Trippel, S. Dziwok, E. Bodden, in: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development, SCITEPRESS - Science and Technology Publications, 2022.
LibreCat | DOI
 
[97]
2022 | Journal Article | LibreCat-ID: 31844
Computation on Encrypted Data Using Dataflow Authentication
A. Fischer, B. Fuhry, J. Kußmaul, J. Janneck, F. Kerschbaum, E. Bodden, ACM Transactions on Privacy and Security 25 (2022) 1–36.
LibreCat | DOI
 
[96]
2022 | Misc | LibreCat-ID: 32409
CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite
M. Schlichtig, A.-K. Wickert, S. Krüger, E. Bodden, M. Mezini, CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite, 2022.
LibreCat | Files available | DOI
 
[95]
2022 | Conference Paper | LibreCat-ID: 32410
A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools
M. Nachtigall, M. Schlichtig, E. Bodden, in: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ACM, 2022, pp. 532–543.
LibreCat | Files available | DOI
 
[94]
2022 | Conference Paper | LibreCat-ID: 31133
FUM - A Framework for API Usage constraint and Misuse Classification
M. Schlichtig, S. Sassalla, K. Narasimhan, E. Bodden, in: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2022, pp. 673–684.
LibreCat | Files available | DOI
 
[93]
2022 | Journal Article | LibreCat-ID: 30511 | OA
Static data-flow analysis for software product lines in C
P. Schubert, P. Gazzillo, Z. Patterson, J. Braha, F. Schiebel, B. Hermann, S. Wei, E. Bodden, Automated Software Engineering 29 (2022).
LibreCat | DOI | Download (ext.)
 
[92]
2022 | Journal Article | LibreCat-ID: 33835
An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities
I. Sayar, A. Bartel, E. Bodden, Y. Le Traon, ACM Transactions on Software Engineering and Methodology (2022).
LibreCat | DOI
 
[91]
2022 | Journal Article | LibreCat-ID: 33836
Fluently specifying taint-flow queries with fluentTQL
G. Piskachev, J. Späth, I. Budde, E. Bodden, Empirical Software Engineering 27 (2022) 1–33.
LibreCat
 
[90]
2022 | Conference Paper | LibreCat-ID: 33838 LibreCat
 
[89]
2022 | Conference Paper | LibreCat-ID: 33837
How far are German companies in improving security through static program analysis tools?
G. Piskachev, S. Dziwok, T. Koch, S. Merschjohann, E. Bodden, (2022).
LibreCat
 
[88]
2022 | Journal Article | LibreCat-ID: 53952
“Free” as in Freedom to Protest?
F. Massacci, A. Sabetta, J. Mirkovic, T. Murray, H. Okhravi, M. Mannan, A. Rocha, E. Bodden, D.E. Geer, IEEE Security & Privacy 20 (2022) 16–21.
LibreCat | DOI
 
[87]
2021 | Journal Article | LibreCat-ID: 27045 | OA
TaintBench: Automatic real-world malware benchmarking of Android taint analyses
L. Luo, F. Pauck, G. Piskachev, M. Benz, I. Pashchenko, M. Mory, E. Bodden, B. Hermann, F. Massacci, Empirical Software Engineering (2021).
LibreCat | DOI | Download (ext.)
 
[86]
2021 | Journal Article | LibreCat-ID: 21595
Using Architectural Runtime Verification for Offline Data Analysis
L. Stockmann, S. Laux, E. Bodden, Journal of Automotive Software Engineering (2021).
LibreCat | DOI | Download (ext.)
 
[85]
2021 | Journal Article | LibreCat-ID: 21597
A Systematic Hardening of Java's Information Hiding
P. Holzinger, E. Bodden, International Symposium on Advanced Security on Software and Systems (ASSS) (2021).
LibreCat | Download (ext.)
 
[84]
2021 | Journal Article | LibreCat-ID: 21599
Dealing with Variability in API Misuse Specification
R. Bonifacio, S. Krüger, K. Narasimhan, E. Bodden, M. Mezini, European Conference on Object-Oriented Programming (ECOOP) (2021).
LibreCat
 
[83]
2021 | Conference Paper | LibreCat-ID: 22462
Automated Cell Header Generator for Jupyter Notebooks
A.P. Shivarpatna Venkatesh, E. Bodden, in: International Workshop on AI and Software Testing/Analysis (AISTA), 2021.
LibreCat | DOI
 
[82]
2021 | Conference Paper | LibreCat-ID: 23388
Qualitative and Quantitative Analysis of Callgraph Algorithms for PYTHON
S. Kummita, G. Piskachev, J. Spaeth, E. Bodden, in: Proceedings of the 2021 International Conference on Code Quality (ICCQ), 2021.
LibreCat | DOI | Download (ext.)
 
[81]
2021 | Conference Paper | LibreCat-ID: 21598 | OA
Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis
P. Schubert, B. Hermann, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat | Download (ext.)
 
[80]
2021 | Journal Article | LibreCat-ID: 31132
Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite
A.P. Dann, H. Plate, B. Hermann, S.E. Ponta, E. Bodden, IEEE Transactions on Software Engineering (2021) 1–1.
LibreCat | DOI
 
[79]
2021 | Conference Paper | LibreCat-ID: 26407
SecuCheck: Engineering configurable taint analysis for software developers
G. Piskachev, R. Krishnamurthy, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
 
[78]
2021 | Conference Paper | LibreCat-ID: 22463
IDE Support for Cloud-Based Static Analyses
L. Luo, M. Schäf, D. Sanchez, E. Bodden, in: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021.
LibreCat
 
[77]
2021 | Conference Paper | LibreCat-ID: 33840
SootFX: A Static Code Feature Extraction Tool for Java and Android
K. Karakaya, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021, pp. 181–186.
LibreCat
 
[76]
2021 | Conference Paper | LibreCat-ID: 26406
Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++
P. Schubert, B. Hermann, E. Bodden, R. Leer, in: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.
LibreCat
 
[75]
2021 | Conference Paper | LibreCat-ID: 26405
Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++
P. Schubert, F. Sattler, F. Schiebel, B. Hermann, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
 
[74]
2020 | Journal Article | LibreCat-ID: 20507
A systematic literature review of model-driven security engineering for cyber–physical systems
J. Geismann, E. Bodden, Journal of Systems and Software 169 (2020) 110697.
LibreCat | DOI
 
[73]
2020 | Journal Article | LibreCat-ID: 20508
Explaining Static Analysis with Rule Graphs
L. Nguyen Quang Do, E. Bodden, IEEE Transactions on Software Engineering (2020).
LibreCat | Download (ext.)
 
[72]
2020 | Conference Paper | LibreCat-ID: 20509
PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage
A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, E. Bodden, in: 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.
LibreCat | Download (ext.)
 
[71]
2020 | Conference Paper | LibreCat-ID: 20510
Heaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis
M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, A. Zeller, in: International Conference for Software Engineering (ICSE), 2020.
LibreCat
 
[70]
2020 | Conference Paper | LibreCat-ID: 20511
Computation on Encrypted Data using Dataflow Authentication
A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, in: Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.
LibreCat | Download (ext.)
 
[69]
2020 | Conference Paper | LibreCat-ID: 20518
Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers
T. Koch, S. Dziwok, J. Holtmann, E. Bodden, in: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20), ACM, 2020.
LibreCat | DOI
 
[68]
2020 | Report | LibreCat-ID: 20712
Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries
P. Schubert, E. Bodden, B. Hermann, Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020.
LibreCat | Files available
 
[67]
2020 | Book Chapter | LibreCat-ID: 20891
Using Abstract Contracts for Verifying Evolving Features and Their Interactions
A. Knüppel, S. Krüger, T. Thüm, R. Bubel, S. Krieter, E. Bodden, I. Schaefer, in: Lecture Notes in Computer Science, Cham, 2020.
LibreCat | DOI
 
[66]
2020 | Conference Paper | LibreCat-ID: 23521
Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems
I. Gräßler, E. Bodden, J. Pottebaum, J. Geismann, D. Roesmann, in: Advanced, Contemporary Control, Advances in Intelligent Systems and Computing, Springer International Publishing, 2020, pp. 1458–1469.
LibreCat | Download (ext.)
 
[65]
2020 | Conference Paper | LibreCat-ID: 16214
Reproducing Taint-Analysis Results with ReproDroid
F. Pauck, E. Bodden, H. Wehrheim, in: M. Felderer, W. Hasselbring, R. Rabiser, R. Jung (Eds.), Software Engineering 2020, Fachtagung Des GI-Fachbereichs Softwaretechnik, 24.-28. Februar 2020, Innsbruck, Austria, Gesellschaft f{\"{u}}r Informatik e.V., 2020, pp. 123–124.
LibreCat | DOI
 
[64]
2019 | Conference Paper | LibreCat-ID: 20525
Architectural Runtime Verification
L. Stockmann, S. Laux, E. Bodden, in: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84.
LibreCat | DOI | Download (ext.)
 
[63]
2019 | Conference Paper | LibreCat-ID: 20527
The Impact of Developer Experience in Using Java Cryptography
M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, O. Nierstrasz, in: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6.
LibreCat | DOI | Download (ext.)
 
[62]
2019 | Conference Paper | LibreCat-ID: 20528
AuthCheck: Program-state Analysis for Access-control Vulnerabilities
G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.
LibreCat | Download (ext.)
 
[61]
2019 | Conference Paper | LibreCat-ID: 20529
Explaining Static Analysis -- A Perspective
M. Nachtigall, L. Nguyen Quang Do, E. Bodden, in: 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.
LibreCat | Download (ext.)
 
[60]
2019 | Conference Paper | LibreCat-ID: 20531
A Qualitative Analysis of Android Taint-Analysis Results
L. Luo, E. Bodden, J. Späth, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019.
LibreCat | Download (ext.)
 
[59]
2019 | Conference Paper | LibreCat-ID: 20532
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.
LibreCat | Download (ext.)
 
[58]
2019 | Journal Article | LibreCat-ID: 20533
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, IEEE Transactions on Software Engineering (2019) 1–1.
LibreCat | DOI | Download (ext.)
 
[57]
2019 | Conference Paper | LibreCat-ID: 20534
Codebase-Adaptive Detection of Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, E. Bodden, in: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019.
LibreCat | Download (ext.)
 
[56]
2019 | Conference Paper | LibreCat-ID: 20535
MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors
L. Luo, J. Dolby, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2019.
LibreCat | Download (ext.)
 
[55]
2019 | Report | LibreCat-ID: 20537
Codebase-Adaptive Detection of Security-Relevant Methods
G. Piskachev, L. Nguyen, E. Bodden, Codebase-Adaptive Detection of Security-Relevant Methods, 2019.
LibreCat
 
[54]
2019 | Conference Paper | LibreCat-ID: 20538
ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware
S. Albert Gorski Iii, B. Andow, A. Nadkarni, S. Manandhar, W. Enck, E. Bodden, A. Bartel, in: ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.
LibreCat | Download (ext.)
 
[53]
2019 | Journal Article | LibreCat-ID: 20539
Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems
J. Späth, K. Ali, E. Bodden, Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3 (2019) 48:1-48:29.
LibreCat | DOI | Download (ext.)
 
[52]
2019 | Journal Article | LibreCat-ID: 14896
ModGuard: Identifying Integrity &Confidentiality Violations in Java Modules
A. Dann, B. Hermann, E. Bodden, IEEE Transactions on Software Engineering (2019) 1–1.
LibreCat | DOI
 
[51]
2019 | Conference Paper | LibreCat-ID: 14897
SootDiff: bytecode comparison across different Java compilers
A. Dann, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019.
LibreCat | DOI | Download (ext.)
 
[50]
2019 | Conference Paper | LibreCat-ID: 7626 | OA
PhASAR: An Inter-Procedural Static Analysis Framework for C/C++
P. Schubert, B. Hermann, E. Bodden, in: Proceedings of the 25th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2019), Held as Part of the European Joint Conferences on Theory and Practice of Software (ETAPS 2019), 2019, pp. 393–410.
LibreCat | Files available | DOI | Download (ext.)
 
[49]
2019 | Conference Paper | LibreCat-ID: 14898
Know your analysis: how instrumentation aids understanding static analysis
P. Schubert, R. Leer, B. Hermann, E. Bodden, in: Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis  - SOAP 2019, 2019.
LibreCat | DOI
 
[48]
2018 | Preprint | LibreCat-ID: 2711
Do Android Taint Analysis Tools Keep their Promises?
F. Pauck, E. Bodden, H. Wehrheim, ArXiv:1804.02903 (2018).
LibreCat | Files available
 
[47]
2018 | Conference Paper | LibreCat-ID: 20530
Explainable Static Analysis
E. Bodden, L. Nguyen Quang Do, in: Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, {SE} 2018, 5.-9. M{\"{a}}rz 2018, Ulm, Germany., 2018, pp. 205–208.
LibreCat | Download (ext.)
 
[46]
2018 | Journal Article | LibreCat-ID: 20543
Debugging Static Analysis
L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, IEEE Transactions on Software Engineering (2018) 1–1.
LibreCat | DOI | Download (ext.)
 
[45]
2018 | Conference (Editor) | LibreCat-ID: 20544
Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany
M. Tichy, E. Bodden, M. Kuhrmann, S. Wagner, J.-P. Steghöfer, eds., Software Engineering Und Software Management 2018, Fachtagung Des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany, Gesellschaft für Informatik, 2018.
LibreCat
 
[44]
2018 | Conference Paper | LibreCat-ID: 20546
Model Checking the Information Flow Security of Real-Time Systems
C. Gerking, D. Schubert, E. Bodden, in: M. Payer, A. Rashid, J.M. Such (Eds.), Engineering Secure Software and Systems, Springer International Publishing, Cham, 2018, pp. 27–43.
LibreCat | Download (ext.)
 
[43]
2018 | Conference Paper | LibreCat-ID: 20547
Gamifying Static Analysis
L. Nguyen Quang Do, E. Bodden, in: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ACM, New York, NY, USA, 2018, pp. 714–718.
LibreCat | DOI | Download (ext.)
 
[42]
2018 | Conference Paper | LibreCat-ID: 20548
The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them)
E. Bodden, in: ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), ACM, New York, NY, USA, 2018, pp. 85–93.
LibreCat | DOI | Download (ext.)
 
[41]
2018 | Conference Paper | LibreCat-ID: 20549
Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes
J. Geismann, C. Gerking, E. Bodden, in: International Conference on Software and System Processes (ICSSP), 2018.
LibreCat | Files available
 
[40]
2018 | Conference Paper | LibreCat-ID: 20550
Self-adaptive Static Analysis
E. Bodden, in: Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, ACM, New York, NY, USA, 2018, pp. 45–48.
LibreCat | Files available | DOI
 
[39]
2018 | Conference Paper | LibreCat-ID: 20551
VISUFLOW, a Debugging Environment for Static Analyses
L. Nguyen Quang Do, S. Krüger, P. Hill, K. Ali, E. Bodden, in: International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018.
LibreCat | Download (ext.)
 
[38]
2018 | Conference Paper | LibreCat-ID: 4999
Do Android taint analysis tools keep their promises?
F. Pauck, E. Bodden, H. Wehrheim, in: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering  - ESEC/FSE 2018, ACM Press, 2018.
LibreCat | Files available | DOI
 
[37]
2018 | Conference Paper | LibreCat-ID: 5203
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, in: European Conference on Object-Oriented Programming (ECOOP), 2018, pp. 10:1-10:27.
LibreCat | Files available | Download (ext.)
 
[36]
2017 | Misc | LibreCat-ID: 28231
Intelligente technische Systeme
E. Bodden, F. Dressler, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, Intelligente technische Systeme, Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
 
[35]
2017 | Book | LibreCat-ID: 24221
Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)
J. Gausemeier, E. Bodden, F. Dressler, R. Dumitrescu, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, Wissenschaftsforum Intelligente Technische Systeme (WInTeSys), Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat | Files available | DOI
 
[34]
2017 | Book (Editor) | LibreCat-ID: 27415
Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369
J. Gausemeier, E. Bodden, F. Dressler, R. Dumitrescu, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, eds., Wissenschaftsforum Intelligente Technische Systeme (WInTeSys). , Band 369, Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
 
[33]
2017 | Book Chapter | LibreCat-ID: 20552
Industrial Security by Design
C. Gerking, E. Bodden, W. Schäfer, in: G.W. Maier, G. Engels, E. Steffen (Eds.), Handbuch Gestaltung Digitaler Und Vernetzter Arbeitswelten, Springer Berlin Heidelberg, Berlin, Heidelberg, 2017, pp. 1–24.
LibreCat | DOI
 
[32]
2017 | Journal Article | LibreCat-ID: 20553
Time for Addressing Software Security Issues: Prediction Models and Impacting Factors
L. Ben Othmane, G. Chehrazi, E. Bodden, P. Tsalovski, A.D. Brucker, Data Science and Engineering 2 (2017) 107–124.
LibreCat | Files available | DOI
 
[31]
2017 | Report | LibreCat-ID: 20554
Self-adaptive static analysis
E. Bodden, Self-Adaptive Static Analysis, 2017.
LibreCat | Download (ext.)
 
[30]
2017 | Report | LibreCat-ID: 20555
CrySL: Validating Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, CrySL: Validating Correct Usage of Cryptographic APIs, 2017.
LibreCat | Download (ext.)
 
[29]
2017 | Journal Article | LibreCat-ID: 20557
Tracking Load-time Configuration Options
M. Lillack, C. Kästner, E. Bodden, IEEE Transactions on Software Engineering PP (2017) 1–1.
LibreCat | DOI | Download (ext.)
 
[28]
2017 | Conference Paper | LibreCat-ID: 20558
CogniCrypt: Supporting Developers in using Cryptography
S. Krüger, S. Nadi, M. Reif, K. Ali, M. Mezini, E. Bodden, F. Göpfert, F. Günther, C. Weinert, D. Demmler, R. Kamath, in: International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track, 2017.
LibreCat | Download (ext.)
 
[27]
2017 | Conference Paper | LibreCat-ID: 20559
Just-in-time Static Analysis
L.N.Q. Do, K. Ali, B. Livshits, E. Bodden, J. Smith, E. Murphy-Hill, in: Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, ACM, New York, NY, USA, 2017, pp. 307–317.
LibreCat | DOI | Download (ext.)
 
[26]
2017 | Conference Paper | LibreCat-ID: 20715
Cheetah: Just-in-Time Taint Analysis for Android Apps
L. Nguyen Quang Do, K. Ali, B. Livshits, E. Bodden, J. Smith, E. Murphy-Hill, in: International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2017.
LibreCat | Download (ext.)
 
[25]
2017 | Book | LibreCat-ID: 23010
Wissenschaftsforum Intelligente Technische Systeme (WInTeSys)
J. Gausemeier, E. Bodden, F. Dressler, R. Dumitrescu, F. Meyer auf der Heide, C. Scheytt, A. Trächtler, Wissenschaftsforum Intelligente Technische Systeme (WInTeSys), Verlagsschriftenreihe des Heinz Nixdorf Instituts, Paderborn, 2017.
LibreCat
 
[24]
2017 | Conference Paper | LibreCat-ID: 5725
Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation
P. Holzinger, B. Hermann, J. Lerch, E. Bodden, M. Mezini, in: 2017 IEEE Symposium on Security and Privacy (SP), IEEE, 2017.
LibreCat | DOI
 
[23]
2017 | Conference Paper | LibreCat-ID: 5204
IDEal: Efficient and Precise Alias-aware Dataflow Analysis
J. Späth, K. Ali, E. Bodden, in: 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH), ACM Press, 2017.
LibreCat | Files available | Download (ext.)
 
[22]
2017 | Journal Article | LibreCat-ID: 5209
Computation on Encrypted Data using Data Flow Authentication
A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, CoRR abs/1710.00390 (2017).
LibreCat | Files available | Download (ext.)
 
[21]
2016 | Conference Paper | LibreCat-ID: 20556
Information Flow Analysis for Go
E. Bodden, K. I Pun, M. Steffen, V. Stolz, A.-K. Wickert, in: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part {I}, 2016, pp. 431–445.
LibreCat | DOI
 
[20]
2016 | Conference Paper | LibreCat-ID: 20716
Don't let data Go astray---A Context-Sensitive Taint Analysis for Concurrent Programs in Go
E. Bodden, M. Eichberg, K. I Pun, M. Steffen, V. Stolz, A.-K. Wickert, in: Nordic Workshop on Programming Theory (NWPT’16), 2016.
LibreCat | Download (ext.)
 
[19]
2016 | Report | LibreCat-ID: 20717
Just-in-Time Static Analysis
L. Nguyen Quang Do, K. Ali, B. Livshits, E. Bodden, J. Smith, E. Murphy-Hill, Just-in-Time Static Analysis, 2016.
LibreCat | DOI | Download (ext.)
 
[18]
2016 | Journal Article | LibreCat-ID: 20718
Harvester - Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen
S. Rasthofer, S. Arzt, E. Bodden, M. Miltenberger, Datenschutz Und Datensicherheit (2016) 718–722.
LibreCat | DOI | Download (ext.)
 
[17]
2016 | Conference Paper | LibreCat-ID: 20719
An In-Depth Study of More Than Ten Years of Java Exploitation
P. Holzinger, S. Triller, A. Bartel, E. Bodden, in: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 779–790.
LibreCat | DOI
 
[16]
2016 | Conference Paper | LibreCat-ID: 20720
PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution
A. Follner, A. Bartel, H. Peng, Y.-C. Chang, K. Ispoglou, M. Payer, E. Bodden, in: International Workshop on Security and Trust Management (STM), 2016, pp. 212–228.
LibreCat | Download (ext.)
 
[15]
2016 | Conference Paper | LibreCat-ID: 20721
Toward an Automated Benchmark Management System
L. Nguyen Quang Do, M. Eichberg, E. Bodden, in: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 2016, pp. 13–17.
LibreCat | Download (ext.)
 
[14]
2016 | Conference Paper | LibreCat-ID: 20722
Towards Cross-Platform Cross-Language Analysis with Soot
S. Arzt, T. Kussmaul, E. Bodden, in: Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, 2016, pp. 1–6.
LibreCat | Download (ext.)
 
[13]
2016 | Journal Article | LibreCat-ID: 20724
ROPocop — Dynamic mitigation of code-reuse attacks
A. Follner, E. Bodden, Journal of Information Security and Applications 29 (2016) 16–26.
LibreCat | DOI | Download (ext.)
 
[12]
2016 | Conference Paper | LibreCat-ID: 20725
Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality
A. Follner, A. Bartel, E. Bodden, in: International Symposium on Engineering Secure Software and Systems (ESSoS), 2016.
LibreCat | Download (ext.)
 
[11]
2016 | Conference Paper | LibreCat-ID: 20726
Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels
K. Falzon, E. Bodden, in: F. Piessens, L. Vigan’o (Eds.), Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2--8, 2016, Proceedings, Springer Berlin Heidelberg, Berlin, Heidelberg, 2016, pp. 116–138.
LibreCat | DOI | Download (ext.)
 
[10]
2016 | Conference Paper | LibreCat-ID: 20727
Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques
S. Rasthofer, S. Arzt, M. Miltenberger, E. Bodden, in: Network and Distributed System Security Symposium (NDSS), 2016.
LibreCat | Download (ext.)
 
[9]
2016 | Conference Paper | LibreCat-ID: 20728
Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs?
S. Nadi, S. Krüger, M. Mezini, E. Bodden, in: International Conference for Software Engineering (ICSE), 2016, pp. 935–946.
LibreCat | Download (ext.)
 
[8]
2016 | Conference Paper | LibreCat-ID: 20729
StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework
S. Arzt, E. Bodden, in: International Conference for Software Engineering (ICSE), 2016.
LibreCat | Download (ext.)
 
[7]
2016 | Conference Paper | LibreCat-ID: 20730
Investigating Users' Reaction to Fine-Grained Data Requests: A Market Experiment
N. Eling, S. Rasthofer, M. Kolhagen, E. Bodden, P. Buxmann, in: 2016 49th Hawaii International Conference on System Sciences (HICSS), 2016, pp. 3666–3675.
LibreCat | DOI | Download (ext.)
 
[6]
2016 | Conference Paper | LibreCat-ID: 5205
Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java
J. Späth, L. Nguyen Quang Do, K. Ali, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2016.
LibreCat | Files available | Download (ext.)
 
[5]
2015 | Conference Paper | LibreCat-ID: 5207
IccTA: Detecting Inter-Component Privacy Leaks in Android Apps
L. Li, A. Bartel, T.F. Bissyande, J. Klein, Y. Le Traon, S. Arzt, S. Rasthofer, E. Bodden, D. Octeau, P. McDaniel, in: 2015 International Conference on Software Engineering (ICSE), 2015, pp. 280–291.
LibreCat | Files available | Download (ext.)
 
[4]
2014 | Conference Paper | LibreCat-ID: 5734
FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases
J. Lerch, B. Hermann, E. Bodden, M. Mezini, in: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014, ACM Press, 2014.
LibreCat | DOI
 
[3]
2014 | Conference Paper | LibreCat-ID: 5189
FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps
S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, P. McDaniel, in: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation - PLDI ’14, ACM Press, 2014.
LibreCat | Files available | DOI | Download (ext.)
 
[2]
2014 | Conference Paper | LibreCat-ID: 5190
DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android
S. Arzt, S. Rasthofer, E. Lovat, E. Bodden, in: International Conference on Availability, Reliability and Security (ARES 2014), IEEE, 2014, pp. 40–49.
LibreCat | Files available | Download (ext.)
 
[1]
2012 | Journal Article | LibreCat-ID: 5183
Partially Evaluating Finite-State Runtime Monitors Ahead of Time
E. Bodden, P. Lam, L. Hendren, ACM Transactions on Programming Languages and Systems 34 (2012) 1–52.
LibreCat | Files available | DOI | Download (ext.)
 

Search

Filter Publications

Display / Sort

Export / Embed