Please note that LibreCat no longer supports Internet Explorer versions 8 or 9 (or earlier).

We recommend upgrading to the latest Internet Explorer, Google Chrome, or Firefox.

205 Publications


2023 | Journal Article | LibreCat-ID: 48946
Gräßler I, Bodden E, Wiechel D, Pottebaum J. Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security. Konstruktion. 2023;75(11-12):60-65. doi:10.37544/0720-5953-2023-11-12-60
LibreCat | DOI
 

2023 | Conference Paper | LibreCat-ID: 44146
Khedkar M. Static Analysis for Android GDPR Compliance Assurance. In: Proceedings of the 45th International Conference on Software Engineering: Companion Proceedings (ICSE ‘23). doi:10.1109/ICSE-Companion58688.2023.00054
LibreCat | Files available | DOI | arXiv
 

2023 | Book Chapter | LibreCat-ID: 52662
Nachtigall M, Schlichtig M, Bodden E. Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:95–96.
LibreCat | Download (ext.)
 

2023 | Book Chapter | LibreCat-ID: 52660
Schlichtig M, Sassalla S, Narasimhan K, Bodden E. Introducing FUM: A Framework for API Usage Constraint and Misuse Classification. In: Software Engineering 2023. Gesellschaft für Informatik e.V.; 2023:105–106.
LibreCat | Download (ext.)
 

2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2023:379-385. doi:10.1109/eurospw59978.2023.00048
LibreCat | DOI | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 31844
Fischer A, Fuhry B, Kußmaul J, Janneck J, Kerschbaum F, Bodden E. Computation on Encrypted Data Using Dataflow Authentication. ACM Transactions on Privacy and Security. 2022;25(3):1-36. doi:10.1145/3513005
LibreCat | DOI
 

2022 | Misc | LibreCat-ID: 32409
Schlichtig M, Wickert A-K, Krüger S, Bodden E, Mezini M. CamBench -- Cryptographic API Misuse Detection Tool Benchmark Suite.; 2022. doi:10.48550/ARXIV.2204.06447
LibreCat | Files available | DOI
 

2022 | Conference Paper | LibreCat-ID: 32410
Nachtigall M, Schlichtig M, Bodden E. A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools. In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM; 2022:532-543. doi:10.1145/3533767
LibreCat | Files available | DOI
 

2022 | Conference Paper | LibreCat-ID: 31133
Schlichtig M, Sassalla S, Narasimhan K, Bodden E. FUM - A Framework for API Usage constraint and Misuse Classification. In: 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). ; 2022:673-684. doi:https://doi.org/10.1109/SANER53432.2022.00085
LibreCat | Files available | DOI
 

2022 | Conference Paper | LibreCat-ID: 34057
Pasic F, Becker M. Domain-specific Language for Condition Monitoring Software Development. In: 2022 IEEE 27th International Conference on Emerging Technologies and Factory Automation (ETFA). IEEE; 2022. doi:10.1109/etfa52439.2022.9921730
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 30511 | OA
Schubert P, Gazzillo P, Patterson Z, et al. Static data-flow analysis for software product lines in C. Automated Software Engineering. 2022;29(1). doi:10.1007/s10515-022-00333-1
LibreCat | DOI | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 33835
Sayar I, Bartel A, Bodden E, Le Traon Y. An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities. ACM Transactions on Software Engineering and Methodology. Published online 2022. doi:10.1145/3554732
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 33836
Piskachev G, Späth J, Budde I, Bodden E. Fluently specifying taint-flow queries with fluentTQL. Empirical Software Engineering. 2022;27(5):1–33.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33838
Krishnamurthy R, Piskachev G, Bodden E. To what extent can we analyze Kotlin programs using existing Java taint analysis tools? Published online 2022.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33837
Piskachev G, Dziwok S, Koch T, Merschjohann S, Bodden E. How far are German companies in improving security through static program analysis tools? Published online 2022.
LibreCat
 

2022 | Misc | LibreCat-ID: 33959
Wickert A-K, Baumgärtner L, Schlichtig M, Mezini M. To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild.; 2022. doi:10.48550/ARXIV.2209.11103
LibreCat | Files available | DOI
 

2021 | Journal Article | LibreCat-ID: 27045 | OA
Luo L, Pauck F, Piskachev G, et al. TaintBench: Automatic real-world malware benchmarking of Android taint analyses. Empirical Software Engineering. Published online 2021. doi:10.1007/s10664-021-10013-5
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 27158
Luo L. Improving Real-World Applicability of Static Taint Analysis. Universität Paderborn; 2021.
LibreCat | Files available
 

2021 | Journal Article | LibreCat-ID: 21595
Stockmann L, Laux S, Bodden E. Using Architectural Runtime Verification for Offline Data Analysis. Journal of Automotive Software Engineering. Published online 2021. doi:10.2991/jase.d.210205.001
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 21596
Fischer A. Computing on Encrypted Data Using Trusted Execution Environments. Universität Paderborn; 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21597
Holzinger P, Bodden E. A Systematic Hardening of Java’s Information Hiding. International Symposium on Advanced Security on Software and Systems (ASSS). Published online 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21599
Bonifacio R, Krüger S, Narasimhan K, Bodden E, Mezini M. Dealing with Variability in API Misuse Specification. European Conference on Object-Oriented Programming (ECOOP). Published online 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22462
Shivarpatna Venkatesh AP, Bodden E. Automated Cell Header Generator for Jupyter Notebooks. In: International Workshop on AI and Software Testing/Analysis (AISTA). ; 2021. doi:10.1145/3464968.3468410
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 23374
Kummita S, Piskachev G, Spath J, Bodden E. Qualitative and Quantitative Analysis of Callgraph Algorithms for Python. In: 2021 International Conference on Code Quality (ICCQ). ; 2021. doi:10.1109/iccq51190.2021.9392986
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 30084
Karakaya K, Bodden E. SootFX: A Static Code Feature Extraction Tool for Java and Android. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). IEEE; 2021. doi:10.1109/scam52516.2021.00030
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 21598 | OA
Schubert P, Hermann B, Bodden E. Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis. In: European Conference on Object-Oriented Programming (ECOOP). ; 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 31132
Dann AP, Plate H, Hermann B, Ponta SE, Bodden E. Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite. IEEE Transactions on Software Engineering. Published online 2021:1-1. doi:10.1109/tse.2021.3101739
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 26407
Piskachev G, Krishnamurthy R, Bodden E. SecuCheck: Engineering configurable taint analysis for software developers. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22463
Luo L, Schäf M, Sanchez D, Bodden E. IDE Support for Cloud-Based Static Analyses. In: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ; 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 33840
Karakaya K, Bodden E. SootFX: A Static Code Feature Extraction Tool for Java and Android. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021:181–186.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26406
Schubert P, Hermann B, Bodden E, Leer R. Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++. In: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track). ; 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26405
Schubert P, Sattler F, Schiebel F, Hermann B, Bodden E. Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
 

2020 | Journal Article | LibreCat-ID: 20507
Geismann J, Bodden E. A systematic literature review of model-driven security engineering for cyber–physical systems. Journal of Systems and Software. 2020;169:110697. doi:https://doi.org/10.1016/j.jss.2020.110697
LibreCat | DOI
 

2020 | Journal Article | LibreCat-ID: 20508
Nguyen Quang Do L, Bodden E. Explaining Static Analysis with Rule Graphs. IEEE Transactions on Software Engineering. Published online 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20509
Fischer A, Janneck J, Kussmaul J, Krätzschmar N, Kerschbaum F, Bodden E. PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage. In: 2020 IEEE Computer Security Foundations Symposium (CSF). ; 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20510
Benz M, Krogh Kristensen E, Luo L, P. Borges Jr. N, Bodden E, Zeller A. Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis. In: International Conference for Software Engineering (ICSE). ; 2020.
LibreCat
 

2020 | Conference Paper | LibreCat-ID: 20511
Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Dataflow Authentication. In: Privacy Enhancing Technologies Symposium (PETS/PoPETS). ; 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20512
Krüger S, Ali K, Bodden E. CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs. In: International Symposium on Code Generation and Optimization (CGO). ; 2020:185-198.
LibreCat | Files available
 

2020 | Dissertation | LibreCat-ID: 20513
Krüger S. CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn; 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20518
Koch T, Dziwok S, Holtmann J, Bodden E. Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers. In: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM; 2020. doi:10.1145/3365438.3410946
LibreCat | DOI
 

2020 | Dissertation | LibreCat-ID: 20521
Gerking C. Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University; 2020. doi:10.17619/UNIPB/1-1033
LibreCat | DOI
 

2020 | Report | LibreCat-ID: 20712
Schubert P, Bodden E, Hermann B. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries.; 2020.
LibreCat | Files available
 

2020 | Book Chapter | LibreCat-ID: 20891
Knüppel A, Krüger S, Thüm T, et al. Using Abstract Contracts for Verifying Evolving Features and Their Interactions. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-64354-6_5
LibreCat | DOI
 

2020 | Conference Paper | LibreCat-ID: 23376
Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). ; 2020. doi:10.1109/ase.2019.00110
LibreCat | DOI
 

2020 | Book Chapter | LibreCat-ID: 23377
Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-State Analysis for Access-Control Vulnerabilities. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-54997-8_34
LibreCat | DOI
 

2019 | Dissertation | LibreCat-ID: 20522
Holzinger P. A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn; 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20524
Nguyen Quang Do L. User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn; 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20525
Stockmann L, Laux S, Bodden E. Architectural Runtime Verification. In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C). ; 2019:77-84. doi:10.1109/ICSA-C.2019.00021
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20527
Hazhirpasand M, Ghafari M, Krüger S, Bodden E, Nierstrasz O. The Impact of Developer Experience in Using Java Cryptography. In: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). ; 2019:1-6. doi:10.1109/ESEM.2019.8870184
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20528
Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-state Analysis for Access-control Vulnerabilities. In: 10th Workshop on Tools for Automatic Program Analysis (TAPAS). ; 2019.
LibreCat | Download (ext.)
 

Filters and Search Terms

department=76

Search

Filter Publications

Display / Sort

Citation Style: AMA

Export / Embed