Please note that LibreCat no longer supports Internet Explorer versions 8 or 9 (or earlier).

We recommend upgrading to the latest Internet Explorer, Google Chrome, or Firefox.

205 Publications


2022 | Journal Article | LibreCat-ID: 30511 | OA
Static data-flow analysis for software product lines in C
P. Schubert, P. Gazzillo, Z. Patterson, J. Braha, F. Schiebel, B. Hermann, S. Wei, E. Bodden, Automated Software Engineering 29 (2022).
LibreCat | DOI | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 33835
An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities
I. Sayar, A. Bartel, E. Bodden, Y. Le Traon, ACM Transactions on Software Engineering and Methodology (2022).
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 33836
Fluently specifying taint-flow queries with fluentTQL
G. Piskachev, J. Späth, I. Budde, E. Bodden, Empirical Software Engineering 27 (2022) 1–33.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33838
To what extent can we analyze Kotlin programs using existing Java taint analysis tools?
R. Krishnamurthy, G. Piskachev, E. Bodden, (2022).
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33837
How far are German companies in improving security through static program analysis tools?
G. Piskachev, S. Dziwok, T. Koch, S. Merschjohann, E. Bodden, (2022).
LibreCat
 

2022 | Misc | LibreCat-ID: 33959
To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild
A.-K. Wickert, L. Baumgärtner, M. Schlichtig, M. Mezini, To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild, 2022.
LibreCat | Files available | DOI
 

2021 | Journal Article | LibreCat-ID: 27045 | OA
TaintBench: Automatic real-world malware benchmarking of Android taint analyses
L. Luo, F. Pauck, G. Piskachev, M. Benz, I. Pashchenko, M. Mory, E. Bodden, B. Hermann, F. Massacci, Empirical Software Engineering (2021).
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 27158
Improving Real-World Applicability of Static Taint Analysis
L. Luo, Improving Real-World Applicability of Static Taint Analysis, Universität Paderborn, 2021.
LibreCat | Files available
 

2021 | Journal Article | LibreCat-ID: 21595
Using Architectural Runtime Verification for Offline Data Analysis
L. Stockmann, S. Laux, E. Bodden, Journal of Automotive Software Engineering (2021).
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 21596
Computing on Encrypted Data using Trusted Execution Environments
A. Fischer, Computing on Encrypted Data Using Trusted Execution Environments, Universität Paderborn, 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21597
A Systematic Hardening of Java's Information Hiding
P. Holzinger, E. Bodden, International Symposium on Advanced Security on Software and Systems (ASSS) (2021).
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21599
Dealing with Variability in API Misuse Specification
R. Bonifacio, S. Krüger, K. Narasimhan, E. Bodden, M. Mezini, European Conference on Object-Oriented Programming (ECOOP) (2021).
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22462
Automated Cell Header Generator for Jupyter Notebooks
A.P. Shivarpatna Venkatesh, E. Bodden, in: International Workshop on AI and Software Testing/Analysis (AISTA), 2021.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 23374
Qualitative and Quantitative Analysis of Callgraph Algorithms for Python
S. Kummita, G. Piskachev, J. Spath, E. Bodden, in: 2021 International Conference on Code Quality (ICCQ), 2021.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 30084
SootFX: A Static Code Feature Extraction Tool for Java and Android
K. Karakaya, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), IEEE, 2021.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 21598 | OA
Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis
P. Schubert, B. Hermann, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 31132
Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite
A.P. Dann, H. Plate, B. Hermann, S.E. Ponta, E. Bodden, IEEE Transactions on Software Engineering (2021) 1–1.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 26407
SecuCheck: Engineering configurable taint analysis for software developers
G. Piskachev, R. Krishnamurthy, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22463
IDE Support for Cloud-Based Static Analyses
L. Luo, M. Schäf, D. Sanchez, E. Bodden, in: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 33840
SootFX: A Static Code Feature Extraction Tool for Java and Android
K. Karakaya, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021, pp. 181–186.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26406
Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++
P. Schubert, B. Hermann, E. Bodden, R. Leer, in: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26405
Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++
P. Schubert, F. Sattler, F. Schiebel, B. Hermann, E. Bodden, in: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021.
LibreCat
 

2020 | Journal Article | LibreCat-ID: 20507
A systematic literature review of model-driven security engineering for cyber–physical systems
J. Geismann, E. Bodden, Journal of Systems and Software 169 (2020) 110697.
LibreCat | DOI
 

2020 | Journal Article | LibreCat-ID: 20508
Explaining Static Analysis with Rule Graphs
L. Nguyen Quang Do, E. Bodden, IEEE Transactions on Software Engineering (2020).
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20509
PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage
A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, E. Bodden, in: 2020 IEEE Computer Security Foundations Symposium (CSF), 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20510
Heaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis
M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, A. Zeller, in: International Conference for Software Engineering (ICSE), 2020.
LibreCat
 

2020 | Conference Paper | LibreCat-ID: 20511
Computation on Encrypted Data using Dataflow Authentication
A. Fischer, B. Fuhry, F. Kerschbaum, E. Bodden, in: Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20512
CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs
S. Krüger, K. Ali, E. Bodden, in: International Symposium on Code Generation and Optimization (CGO), 2020, pp. 185–198.
LibreCat | Files available
 

2020 | Dissertation | LibreCat-ID: 20513
CogniCrypt -- The Secure Integration of Cryptographic Software
S. Krüger, CogniCrypt -- The Secure Integration of Cryptographic Software, Universitaetsbibliothek Paderborn, 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20518
Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers
T. Koch, S. Dziwok, J. Holtmann, E. Bodden, in: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20), ACM, 2020.
LibreCat | DOI
 

2020 | Dissertation | LibreCat-ID: 20521
Model-Driven Information Flow Security Engineering for Cyber-Physical Systems
C. Gerking, Model-Driven Information Flow Security Engineering for Cyber-Physical Systems, Paderborn University, 2020.
LibreCat | DOI
 

2020 | Report | LibreCat-ID: 20712
Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries
P. Schubert, E. Bodden, B. Hermann, Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries, 2020.
LibreCat | Files available
 

2020 | Book Chapter | LibreCat-ID: 20891
Using Abstract Contracts for Verifying Evolving Features and Their Interactions
A. Knüppel, S. Krüger, T. Thüm, R. Bubel, S. Krieter, E. Bodden, I. Schaefer, in: Lecture Notes in Computer Science, Cham, 2020.
LibreCat | DOI
 

2020 | Conference Paper | LibreCat-ID: 23376
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2020.
LibreCat | DOI
 

2020 | Book Chapter | LibreCat-ID: 23377
AuthCheck: Program-State Analysis for Access-Control Vulnerabilities
G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: Lecture Notes in Computer Science, Cham, 2020.
LibreCat | DOI
 

2019 | Dissertation | LibreCat-ID: 20522
A Systematic Analysis and Hardening of the Java Security Architecture
P. Holzinger, A Systematic Analysis and Hardening of the Java Security Architecture, Universität Paderborn, 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20524
User-Centered Tool Design for Data-Flow Analysis
L. Nguyen Quang Do, User-Centered Tool Design for Data-Flow Analysis, Universität Paderborn, 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20525
Architectural Runtime Verification
L. Stockmann, S. Laux, E. Bodden, in: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84.
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20527
The Impact of Developer Experience in Using Java Cryptography
M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, O. Nierstrasz, in: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6.
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20528
AuthCheck: Program-state Analysis for Access-control Vulnerabilities
G. Piskachev, T. Petrasch, J. Späth, E. Bodden, in: 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20529
Explaining Static Analysis -- A Perspective
M. Nachtigall, L. Nguyen Quang Do, E. Bodden, in: 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20531
A Qualitative Analysis of Android Taint-Analysis Results
L. Luo, E. Bodden, J. Späth, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20532
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, O. Johnson, E. Bodden, in: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019.
LibreCat | Download (ext.)
 

2019 | Journal Article | LibreCat-ID: 20533
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
S. Krüger, J. Späth, K. Ali, E. Bodden, M. Mezini, IEEE Transactions on Software Engineering (2019) 1–1.
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20534
Codebase-Adaptive Detection of Security-Relevant Methods
G. Piskachev, L. Nguyen Quang Do, E. Bodden, in: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20535
MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors
L. Luo, J. Dolby, E. Bodden, in: European Conference on Object-Oriented Programming (ECOOP), 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20536
Synchronized Pushdown Systems for Pointer and Data-Flow Analysis
J. Späth, Synchronized Pushdown Systems for Pointer and Data-Flow Analysis, Universität Paderborn, 2019.
LibreCat | Download (ext.)
 

2019 | Report | LibreCat-ID: 20537
Codebase-Adaptive Detection of Security-Relevant Methods
G. Piskachev, L. Nguyen, E. Bodden, Codebase-Adaptive Detection of Security-Relevant Methods, 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20538
ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware
S. Albert Gorski Iii, B. Andow, A. Nadkarni, S. Manandhar, W. Enck, E. Bodden, A. Bartel, in: ACM Conference on Data and Application Security and Privacy (CODASPY 2019), 2019.
LibreCat | Download (ext.)
 

2019 | Journal Article | LibreCat-ID: 20539
Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems
J. Späth, K. Ali, E. Bodden, Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages 3 (2019) 48:1-48:29.
LibreCat | DOI | Download (ext.)
 

Filters and Search Terms

department=76

Search

Filter Publications

Display / Sort

Export / Embed