Please note that LibreCat no longer supports Internet Explorer versions 8 or 9 (or earlier).

We recommend upgrading to the latest Internet Explorer, Google Chrome, or Firefox.

205 Publications


2024 | Conference Paper | LibreCat-ID: 52235
@inproceedings{Khedkar_Bodden_2024, title={Toward an Android Static Analysis Approach for Data Protection}, booktitle={Proceedings of the 9th International Conference on Mobile Software Engineering and Systems}, author={Khedkar, Mugdha and Bodden, Eric}, year={2024} }
LibreCat | Files available | arXiv
 

2024 | Journal Article | LibreCat-ID: 52587
@article{Bodden_Pottebaum_Fockel_Gräßler_2024, title={Evaluating Security Through Isolation and Defense in Depth}, volume={22}, DOI={10.1109/msec.2023.3336028}, number={1}, journal={IEEE Security & Privacy}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Bodden, Eric and Pottebaum, Jens and Fockel, Markus and Gräßler, Iris}, year={2024}, pages={69–72} }
LibreCat | DOI
 

2024 | Misc | LibreCat-ID: 52663
@book{Wickert_Schlichtig_Vogel_Winter_Mezini_Bodden_2024, title={Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability}, author={Wickert, Anna-Katharina and Schlichtig, Michael and Vogel, Marvin and Winter, Lukas and Mezini, Mira and Bodden, Eric}, year={2024} }
LibreCat | Download (ext.)
 

2023 | Conference Paper | LibreCat-ID: 35083
@article{Dann_Hermann_Bodden_2023, series={International Conference on Software Engineering (ICSE)}, title={UpCy: Safely Updating Outdated Dependencies}, author={Dann, Andreas Peter and Hermann, Ben and Bodden, Eric}, year={2023}, collection={International Conference on Software Engineering (ICSE)} }
LibreCat
 

2023 | Conference Paper | LibreCat-ID: 41812
@inproceedings{Luo_Piskachev_Krishnamurthy_Dolby_Schäf_Bodden_2023, title={Model Generation For Java Frameworks}, booktitle={IEEE International Conference on Software Testing, Verification and Validation (ICST)}, author={Luo, Linghui and Piskachev, Goran and Krishnamurthy, Ranjith and Dolby, Julian and Schäf, Martin and Bodden, Eric}, year={2023} }
LibreCat
 

2023 | Conference Paper | LibreCat-ID: 41813
@inproceedings{Shivarpatna Venkatesh_Wang_Li_Bodden_2023, title={Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis}, booktitle={IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Wang, Jiawei and Li, Li and Bodden, Eric}, year={2023} }
LibreCat
 

2023 | Conference Paper | LibreCat-ID: 45312
@inproceedings{Karakaya_Bodden_2023, title={Two Sparsification Strategies for Accelerating Demand-Driven Pointer Analysis}, DOI={10.1109/icst57152.2023.00036}, booktitle={2023 IEEE Conference on Software Testing, Verification and Validation (ICST)}, publisher={IEEE}, author={Karakaya, Kadiray and Bodden, Eric}, year={2023} }
LibreCat | DOI
 

2023 | Journal Article | LibreCat-ID: 46816
@article{Torres_Costa_Amaral_Pastro_Bonifácio_d’Amorim_Legunsen_Bodden_Dias Canedo_2023, title={Runtime Verification of Crypto APIs: An Empirical Study}, volume={49}, DOI={10.1109/tse.2023.3301660}, number={10}, journal={IEEE Transactions on Software Engineering}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Torres, Adriano and Costa, Pedro and Amaral, Luis and Pastro, Jonata and Bonifácio, Rodrigo and d’Amorim, Marcelo and Legunsen, Owolabi and Bodden, Eric and Dias Canedo, Edna}, year={2023}, pages={4510–4525} }
LibreCat | DOI
 

2023 | Journal Article | LibreCat-ID: 49439
@article{Piskachev_Becker_Bodden_2023, title={Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study}, volume={28}, DOI={10.1007/s10664-023-10354-3}, number={5118}, journal={Empirical Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Piskachev, Goran and Becker, Matthias and Bodden, Eric}, year={2023} }
LibreCat | DOI
 

2023 | Conference Paper | LibreCat-ID: 49438
@inproceedings{Krüger_Reif_Wickert_Nadi_Ali_Bodden_Acar_Mezini_Fahl_2023, title={Securing Your Crypto-API Usage Through Tool Support - A Usability Study}, DOI={10.1109/secdev56634.2023.00015}, booktitle={2023 IEEE Secure Development Conference (SecDev)}, publisher={IEEE}, author={Krüger, Stefan and Reif, Michael and Wickert, Anna-Katharina and Nadi, Sarah and Ali, Karim and Bodden, Eric and Acar, Yasemin and Mezini, Mira and Fahl, Sascha}, year={2023} }
LibreCat | DOI
 

2023 | Journal Article | LibreCat-ID: 48946
@article{Gräßler_Bodden_Wiechel_Pottebaum_2023, title={Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security}, volume={75}, DOI={10.37544/0720-5953-2023-11-12-60}, number={11–12}, journal={Konstruktion}, publisher={VDI Fachmedien GmbH and Co. KG}, author={Gräßler, Iris and Bodden, Eric and Wiechel, Dominik and Pottebaum, Jens}, year={2023}, pages={60–65} }
LibreCat | DOI
 

2023 | Conference Paper | LibreCat-ID: 46500
@inproceedings{Pottebaum_Rossel_Somorovsky_Acar_Fahr_Arias Cabarcos_Bodden_Gräßler_2023, title={Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth}, DOI={10.1109/eurospw59978.2023.00048}, booktitle={2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)}, publisher={IEEE}, author={Pottebaum, Jens and Rossel, Jost and Somorovsky, Juraj and Acar, Yasemin and Fahr, René and Arias Cabarcos, Patricia and Bodden, Eric and Gräßler, Iris}, year={2023}, pages={379–385} }
LibreCat | DOI | Download (ext.)
 

2023 | Conference Paper | LibreCat-ID: 44146
@inproceedings{Khedkar, title={Static Analysis for Android GDPR Compliance Assurance}, DOI={10.1109/ICSE-Companion58688.2023.00054}, booktitle={Proceedings of the 45th International Conference on Software Engineering: Companion Proceedings (ICSE ‘23)}, author={Khedkar, Mugdha} }
LibreCat | Files available | DOI | arXiv
 

2023 | Book Chapter | LibreCat-ID: 52662
@inbook{Nachtigall_Schlichtig_Bodden_2023, place={Bonn}, title={Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2023}, pages={95–96} }
LibreCat | Download (ext.)
 

2023 | Book Chapter | LibreCat-ID: 52660
@inbook{Schlichtig_Sassalla_Narasimhan_Bodden_2023, place={Bonn}, title={Introducing FUM: A Framework for API Usage Constraint and Misuse Classification}, booktitle={Software Engineering 2023}, publisher={Gesellschaft für Informatik e.V.}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2023}, pages={105–106} }
LibreCat | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 31844
@article{Fischer_Fuhry_Kußmaul_Janneck_Kerschbaum_Bodden_2022, title={Computation on Encrypted Data Using Dataflow Authentication}, volume={25}, DOI={10.1145/3513005}, number={3}, journal={ACM Transactions on Privacy and Security}, publisher={Association for Computing Machinery (ACM)}, author={Fischer, Andreas and Fuhry, Benny and Kußmaul, Jörn and Janneck, Jonas and Kerschbaum, Florian and Bodden, Eric}, year={2022}, pages={1–36} }
LibreCat | DOI
 

2022 | Misc | LibreCat-ID: 32409
@book{Schlichtig_Wickert_Krüger_Bodden_Mezini_2022, title={CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite}, DOI={10.48550/ARXIV.2204.06447}, author={Schlichtig, Michael and Wickert, Anna-Katharina and Krüger, Stefan and Bodden, Eric and Mezini, Mira}, year={2022} }
LibreCat | Files available | DOI
 

2022 | Conference Paper | LibreCat-ID: 32410
@inproceedings{Nachtigall_Schlichtig_Bodden_2022, title={A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools}, DOI={10.1145/3533767}, booktitle={Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis}, publisher={ACM}, author={Nachtigall, Marcus and Schlichtig, Michael and Bodden, Eric}, year={2022}, pages={532–543} }
LibreCat | Files available | DOI
 

2022 | Conference Paper | LibreCat-ID: 31133
@inproceedings{Schlichtig_Sassalla_Narasimhan_Bodden_2022, title={FUM - A Framework for API Usage constraint and Misuse Classification}, DOI={https://doi.org/10.1109/SANER53432.2022.00085}, booktitle={2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)}, author={Schlichtig, Michael and Sassalla, Steffen and Narasimhan, Krishna and Bodden, Eric}, year={2022}, pages={673–684} }
LibreCat | Files available | DOI
 

2022 | Conference Paper | LibreCat-ID: 34057
@inproceedings{Pasic_Becker_2022, title={Domain-specific Language for Condition Monitoring Software Development}, DOI={10.1109/etfa52439.2022.9921730}, booktitle={2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA)}, publisher={IEEE}, author={Pasic, Faruk and Becker, Matthias}, year={2022} }
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 30511 | OA
@article{Schubert_Gazzillo_Patterson_Braha_Schiebel_Hermann_Wei_Bodden_2022, title={Static data-flow analysis for software product lines in C}, volume={29}, DOI={10.1007/s10515-022-00333-1}, number={135}, journal={Automated Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Schubert, Philipp and Gazzillo, Paul and Patterson, Zach and Braha, Julian and Schiebel, Fabian and Hermann, Ben and Wei, Shiyi and Bodden, Eric}, year={2022} }
LibreCat | DOI | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 33835
@article{Sayar_Bartel_Bodden_Le Traon_2022, title={An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities}, DOI={10.1145/3554732}, journal={ACM Transactions on Software Engineering and Methodology}, publisher={Association for Computing Machinery (ACM)}, author={Sayar, Imen and Bartel, Alexandre and Bodden, Eric and Le Traon, Yves}, year={2022} }
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 33836
@article{Piskachev_Späth_Budde_Bodden_2022, title={Fluently specifying taint-flow queries with fluentTQL}, volume={27}, number={5}, journal={Empirical Software Engineering}, publisher={Springer}, author={Piskachev, Goran and Späth, Johannes and Budde, Ingo and Bodden, Eric}, year={2022}, pages={1–33} }
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33838
@article{Krishnamurthy_Piskachev_Bodden_2022, series={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)}, title={To what extent can we analyze Kotlin programs using existing Java taint analysis tools?}, author={Krishnamurthy, Ranjith and Piskachev, Goran and Bodden, Eric}, year={2022}, collection={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)} }
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33837
@article{Piskachev_Dziwok_Koch_Merschjohann_Bodden_2022, series={IEEE Secure Development Conference (SecDev)}, title={How far are German companies in improving security through static program analysis tools?}, author={Piskachev, Goran and Dziwok, Stefan and Koch, Thorsten and Merschjohann, Sven and Bodden, Eric}, year={2022}, collection={IEEE Secure Development Conference (SecDev)} }
LibreCat
 

2022 | Misc | LibreCat-ID: 33959
@book{Wickert_Baumgärtner_Schlichtig_Mezini_2022, title={To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild}, DOI={10.48550/ARXIV.2209.11103}, author={Wickert, Anna-Katharina and Baumgärtner, Lars and Schlichtig, Michael and Mezini, Mira}, year={2022} }
LibreCat | Files available | DOI
 

2021 | Journal Article | LibreCat-ID: 27045 | OA
@article{Luo_Pauck_Piskachev_Benz_Pashchenko_Mory_Bodden_Hermann_Massacci_2021, title={TaintBench: Automatic real-world malware benchmarking of Android taint analyses}, DOI={10.1007/s10664-021-10013-5}, journal={Empirical Software Engineering}, author={Luo, Linghui and Pauck, Felix and Piskachev, Goran and Benz, Manuel and Pashchenko, Ivan and Mory, Martin and Bodden, Eric and Hermann, Ben and Massacci, Fabio}, year={2021} }
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 27158
@book{Luo_2021, title={Improving Real-World Applicability of Static Taint Analysis}, publisher={Universität Paderborn}, author={Luo, Linghui}, year={2021} }
LibreCat | Files available
 

2021 | Journal Article | LibreCat-ID: 21595
@article{Stockmann_Laux_Bodden_2021, title={Using Architectural Runtime Verification for Offline Data Analysis}, DOI={10.2991/jase.d.210205.001}, journal={Journal of Automotive Software Engineering}, author={Stockmann, Lars and Laux, Sven and Bodden, Eric}, year={2021} }
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 21596
@book{Fischer_2021, title={Computing on Encrypted Data using Trusted Execution Environments}, publisher={Universität Paderborn}, author={Fischer, Andreas}, year={2021} }
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21597
@article{Holzinger_Bodden_2021, title={A Systematic Hardening of Java’s Information Hiding}, journal={International Symposium on Advanced Security on Software and Systems (ASSS)}, author={Holzinger, Philipp and Bodden, Eric}, year={2021} }
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21599
@article{Bonifacio_Krüger_Narasimhan_Bodden_Mezini_2021, title={Dealing with Variability in API Misuse Specification}, journal={European Conference on Object-Oriented Programming (ECOOP)}, author={Bonifacio, Rodrigo and Krüger, Stefan and Narasimhan, Krishna and Bodden, Eric and Mezini, Mira}, year={2021} }
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22462
@inproceedings{Shivarpatna Venkatesh_Bodden_2021, title={Automated Cell Header Generator for Jupyter Notebooks}, DOI={10.1145/3464968.3468410}, booktitle={International Workshop on AI and Software Testing/Analysis (AISTA)}, author={Shivarpatna Venkatesh, Ashwin Prasad and Bodden, Eric}, year={2021} }
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 23374
@inproceedings{Kummita_Piskachev_Spath_Bodden_2021, title={Qualitative and Quantitative Analysis of Callgraph Algorithms for Python}, DOI={10.1109/iccq51190.2021.9392986}, booktitle={2021 International Conference on Code Quality (ICCQ)}, author={Kummita, Sriteja and Piskachev, Goran and Spath, Johannes and Bodden, Eric}, year={2021} }
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 30084
@inproceedings{Karakaya_Bodden_2021, title={SootFX: A Static Code Feature Extraction Tool for Java and Android}, DOI={10.1109/scam52516.2021.00030}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, publisher={IEEE}, author={Karakaya, Kadiray and Bodden, Eric}, year={2021} }
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 21598 | OA
@inproceedings{Schubert_Hermann_Bodden_2021, title={Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis}, booktitle={European Conference on Object-Oriented Programming (ECOOP)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric}, year={2021} }
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 31132
@article{Dann_Plate_Hermann_Ponta_Bodden_2021, title={Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite}, DOI={10.1109/tse.2021.3101739}, journal={IEEE Transactions on Software Engineering}, publisher={Institute of Electrical and Electronics Engineers (IEEE)}, author={Dann, Andreas Peter and Plate, Henrik and Hermann, Ben and Ponta, Serena Elisa and Bodden, Eric}, year={2021}, pages={1–1} }
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 26407
@inproceedings{Piskachev_Krishnamurthy_Bodden_2021, title={SecuCheck: Engineering configurable taint analysis for software developers}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Piskachev, Goran and Krishnamurthy, Ranjith and Bodden, Eric}, year={2021} }
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22463
@inproceedings{Luo_Schäf_Sanchez_Bodden_2021, title={IDE Support for Cloud-Based Static Analyses}, booktitle={Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering}, author={Luo, Linghui and Schäf, Martin and Sanchez, Daniel and Bodden, Eric}, year={2021} }
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 33840
@inproceedings{Karakaya_Bodden_2021, title={SootFX: A Static Code Feature Extraction Tool for Java and Android}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Karakaya, Kadiray and Bodden, Eric}, year={2021}, pages={181–186} }
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26406
@inproceedings{Schubert_Hermann_Bodden_Leer_2021, title={Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++}, booktitle={SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track)}, author={Schubert, Philipp and Hermann, Ben and Bodden, Eric and Leer, Richard}, year={2021} }
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26405
@inproceedings{Schubert_Sattler_Schiebel_Hermann_Bodden_2021, title={Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++}, booktitle={2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM)}, author={Schubert, Philipp and Sattler, Florian and Schiebel, Fabian and Hermann, Ben and Bodden, Eric}, year={2021} }
LibreCat
 

2020 | Journal Article | LibreCat-ID: 20507
@article{Geismann_Bodden_2020, title={A systematic literature review of model-driven security engineering for cyber–physical systems}, volume={169}, DOI={https://doi.org/10.1016/j.jss.2020.110697}, journal={Journal of Systems and Software}, author={Geismann, Johannes and Bodden, Eric}, year={2020}, pages={110697} }
LibreCat | DOI
 

2020 | Journal Article | LibreCat-ID: 20508
@article{Nguyen Quang Do_Bodden_2020, title={Explaining Static Analysis with Rule Graphs}, journal={IEEE Transactions on Software Engineering}, author={Nguyen Quang Do, Lisa and Bodden, Eric}, year={2020} }
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20509
@inproceedings{Fischer_Janneck_Kussmaul_Krätzschmar_Kerschbaum_Bodden_2020, title={PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage}, booktitle={2020 IEEE Computer Security Foundations Symposium (CSF)}, author={Fischer, Andreas and Janneck, Jonas and Kussmaul, Jörn and Krätzschmar, Nikolas and Kerschbaum, Florian and Bodden, Eric}, year={2020} }
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20510
@inproceedings{Benz_Krogh Kristensen_Luo_P. Borges Jr._Bodden_Zeller_2020, title={Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis}, booktitle={International Conference for Software Engineering (ICSE)}, author={Benz, Manuel and Krogh Kristensen, Erik and Luo, Linghui and P. Borges Jr., Nataniel and Bodden, Eric and Zeller, Andreas}, year={2020} }
LibreCat
 

2020 | Conference Paper | LibreCat-ID: 20511
@inproceedings{Fischer_Fuhry_Kerschbaum_Bodden_2020, title={Computation on Encrypted Data using Dataflow Authentication}, booktitle={Privacy Enhancing Technologies Symposium (PETS/PoPETS)}, author={Fischer, Andreas and Fuhry, Benny and Kerschbaum, Florian and Bodden, Eric}, year={2020} }
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20512
@inproceedings{Krüger_Ali_Bodden_2020, title={CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs}, booktitle={International Symposium on Code Generation and Optimization (CGO)}, author={Krüger, Stefan and Ali, Karim and Bodden, Eric}, year={2020}, pages={185–198} }
LibreCat | Files available
 

2020 | Dissertation | LibreCat-ID: 20513
@book{Krüger_2020, title={CogniCrypt -- The Secure Integration of Cryptographic Software}, publisher={Universitaetsbibliothek Paderborn}, author={Krüger, Stefan}, year={2020} }
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20518
@inproceedings{Koch_Dziwok_Holtmann_Bodden_2020, title={Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers}, DOI={10.1145/3365438.3410946}, booktitle={ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20)}, publisher={ACM}, author={Koch, Thorsten and Dziwok, Stefan and Holtmann, Jörg and Bodden, Eric}, year={2020} }
LibreCat | DOI
 

Filters and Search Terms

department=76

Search

Filter Publications

Display / Sort

Citation Style: BibTeX

Export / Embed