Please note that LibreCat no longer supports Internet Explorer versions 8 or 9 (or earlier).

We recommend upgrading to the latest Internet Explorer, Google Chrome, or Firefox.

205 Publications


2022 | Journal Article | LibreCat-ID: 30511 | OA
Schubert P, Gazzillo P, Patterson Z, et al. Static data-flow analysis for software product lines in C. Automated Software Engineering. 2022;29(1). doi:10.1007/s10515-022-00333-1
LibreCat | DOI | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 33835
Sayar I, Bartel A, Bodden E, Le Traon Y. An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities. ACM Transactions on Software Engineering and Methodology. Published online 2022. doi:10.1145/3554732
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 33836
Piskachev G, Späth J, Budde I, Bodden E. Fluently specifying taint-flow queries with fluentTQL. Empirical Software Engineering. 2022;27(5):1–33.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33838
Krishnamurthy R, Piskachev G, Bodden E. To what extent can we analyze Kotlin programs using existing Java taint analysis tools? Published online 2022.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33837
Piskachev G, Dziwok S, Koch T, Merschjohann S, Bodden E. How far are German companies in improving security through static program analysis tools? Published online 2022.
LibreCat
 

2022 | Misc | LibreCat-ID: 33959
Wickert A-K, Baumgärtner L, Schlichtig M, Mezini M. To Fix or Not to Fix: A Critical Study of Crypto-Misuses in the Wild.; 2022. doi:10.48550/ARXIV.2209.11103
LibreCat | Files available | DOI
 

2021 | Journal Article | LibreCat-ID: 27045 | OA
Luo L, Pauck F, Piskachev G, et al. TaintBench: Automatic real-world malware benchmarking of Android taint analyses. Empirical Software Engineering. Published online 2021. doi:10.1007/s10664-021-10013-5
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 27158
Luo L. Improving Real-World Applicability of Static Taint Analysis. Universität Paderborn; 2021.
LibreCat | Files available
 

2021 | Journal Article | LibreCat-ID: 21595
Stockmann L, Laux S, Bodden E. Using Architectural Runtime Verification for Offline Data Analysis. Journal of Automotive Software Engineering. Published online 2021. doi:10.2991/jase.d.210205.001
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 21596
Fischer A. Computing on Encrypted Data Using Trusted Execution Environments. Universität Paderborn; 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21597
Holzinger P, Bodden E. A Systematic Hardening of Java’s Information Hiding. International Symposium on Advanced Security on Software and Systems (ASSS). Published online 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21599
Bonifacio R, Krüger S, Narasimhan K, Bodden E, Mezini M. Dealing with Variability in API Misuse Specification. European Conference on Object-Oriented Programming (ECOOP). Published online 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22462
Shivarpatna Venkatesh AP, Bodden E. Automated Cell Header Generator for Jupyter Notebooks. In: International Workshop on AI and Software Testing/Analysis (AISTA). ; 2021. doi:10.1145/3464968.3468410
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 23374
Kummita S, Piskachev G, Spath J, Bodden E. Qualitative and Quantitative Analysis of Callgraph Algorithms for Python. In: 2021 International Conference on Code Quality (ICCQ). ; 2021. doi:10.1109/iccq51190.2021.9392986
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 30084
Karakaya K, Bodden E. SootFX: A Static Code Feature Extraction Tool for Java and Android. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). IEEE; 2021. doi:10.1109/scam52516.2021.00030
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 21598 | OA
Schubert P, Hermann B, Bodden E. Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis. In: European Conference on Object-Oriented Programming (ECOOP). ; 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 31132
Dann AP, Plate H, Hermann B, Ponta SE, Bodden E. Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite. IEEE Transactions on Software Engineering. Published online 2021:1-1. doi:10.1109/tse.2021.3101739
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 26407
Piskachev G, Krishnamurthy R, Bodden E. SecuCheck: Engineering configurable taint analysis for software developers. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22463
Luo L, Schäf M, Sanchez D, Bodden E. IDE Support for Cloud-Based Static Analyses. In: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. ; 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 33840
Karakaya K, Bodden E. SootFX: A Static Code Feature Extraction Tool for Java and Android. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021:181–186.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26406
Schubert P, Hermann B, Bodden E, Leer R. Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++. In: SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track). ; 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26405
Schubert P, Sattler F, Schiebel F, Hermann B, Bodden E. Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++. In: 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM). ; 2021.
LibreCat
 

2020 | Journal Article | LibreCat-ID: 20507
Geismann J, Bodden E. A systematic literature review of model-driven security engineering for cyber–physical systems. Journal of Systems and Software. 2020;169:110697. doi:https://doi.org/10.1016/j.jss.2020.110697
LibreCat | DOI
 

2020 | Journal Article | LibreCat-ID: 20508
Nguyen Quang Do L, Bodden E. Explaining Static Analysis with Rule Graphs. IEEE Transactions on Software Engineering. Published online 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20509
Fischer A, Janneck J, Kussmaul J, Krätzschmar N, Kerschbaum F, Bodden E. PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage. In: 2020 IEEE Computer Security Foundations Symposium (CSF). ; 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20510
Benz M, Krogh Kristensen E, Luo L, P. Borges Jr. N, Bodden E, Zeller A. Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis. In: International Conference for Software Engineering (ICSE). ; 2020.
LibreCat
 

2020 | Conference Paper | LibreCat-ID: 20511
Fischer A, Fuhry B, Kerschbaum F, Bodden E. Computation on Encrypted Data using Dataflow Authentication. In: Privacy Enhancing Technologies Symposium (PETS/PoPETS). ; 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20512
Krüger S, Ali K, Bodden E. CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs. In: International Symposium on Code Generation and Optimization (CGO). ; 2020:185-198.
LibreCat | Files available
 

2020 | Dissertation | LibreCat-ID: 20513
Krüger S. CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn; 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20518
Koch T, Dziwok S, Holtmann J, Bodden E. Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers. In: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems (MODELS ’20). ACM; 2020. doi:10.1145/3365438.3410946
LibreCat | DOI
 

2020 | Dissertation | LibreCat-ID: 20521
Gerking C. Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University; 2020. doi:10.17619/UNIPB/1-1033
LibreCat | DOI
 

2020 | Report | LibreCat-ID: 20712
Schubert P, Bodden E, Hermann B. Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries.; 2020.
LibreCat | Files available
 

2020 | Book Chapter | LibreCat-ID: 20891
Knüppel A, Krüger S, Thüm T, et al. Using Abstract Contracts for Verifying Evolving Features and Their Interactions. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-64354-6_5
LibreCat | DOI
 

2020 | Conference Paper | LibreCat-ID: 23376
Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). ; 2020. doi:10.1109/ase.2019.00110
LibreCat | DOI
 

2020 | Book Chapter | LibreCat-ID: 23377
Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-State Analysis for Access-Control Vulnerabilities. In: Lecture Notes in Computer Science. ; 2020. doi:10.1007/978-3-030-54997-8_34
LibreCat | DOI
 

2019 | Dissertation | LibreCat-ID: 20522
Holzinger P. A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn; 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20524
Nguyen Quang Do L. User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn; 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20525
Stockmann L, Laux S, Bodden E. Architectural Runtime Verification. In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C). ; 2019:77-84. doi:10.1109/ICSA-C.2019.00021
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20527
Hazhirpasand M, Ghafari M, Krüger S, Bodden E, Nierstrasz O. The Impact of Developer Experience in Using Java Cryptography. In: 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). ; 2019:1-6. doi:10.1109/ESEM.2019.8870184
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20528
Piskachev G, Petrasch T, Späth J, Bodden E. AuthCheck: Program-state Analysis for Access-control Vulnerabilities. In: 10th Workshop on Tools for Automatic Program Analysis (TAPAS). ; 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20529
Nachtigall M, Nguyen Quang Do L, Bodden E. Explaining Static Analysis -- A Perspective. In: 1st International Workshop on Explainable Software (EXPLAIN) at ASE. ; 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20531
Luo L, Bodden E, Späth J. A Qualitative Analysis of Android Taint-Analysis Results. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019). ; 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20532
Piskachev G, Nguyen Quang Do L, Johnson O, Bodden E. SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods. In: IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track. ; 2019.
LibreCat | Download (ext.)
 

2019 | Journal Article | LibreCat-ID: 20533
Krüger S, Späth J, Ali K, Bodden E, Mezini M. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering. Published online 2019:1-1. doi:10.1109/TSE.2019.2948910
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20534
Piskachev G, Nguyen Quang Do L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods. In: ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA). ; 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20535
Luo L, Dolby J, Bodden E. MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors. In: European Conference on Object-Oriented Programming (ECOOP). ; 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20536
Späth J. Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn; 2019.
LibreCat | Download (ext.)
 

2019 | Report | LibreCat-ID: 20537
Piskachev G, Nguyen L, Bodden E. Codebase-Adaptive Detection of Security-Relevant Methods.; 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20538
Albert Gorski Iii S, Andow B, Nadkarni A, et al. ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware. In: ACM Conference on Data and Application Security and Privacy (CODASPY 2019). ; 2019.
LibreCat | Download (ext.)
 

2019 | Journal Article | LibreCat-ID: 20539
Späth J, Ali K, Bodden E. Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems. Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages. 2019;3(POPL):48:1-48:29. doi:10.1145/3290361
LibreCat | DOI | Download (ext.)
 

Filters and Search Terms

department=76

Search

Filter Publications

Display / Sort

Citation Style: AMA

Export / Embed