Please note that LibreCat no longer supports Internet Explorer versions 8 or 9 (or earlier).

We recommend upgrading to the latest Internet Explorer, Google Chrome, or Firefox.

205 Publications


2022 | Journal Article | LibreCat-ID: 30511 | OA
P. Schubert et al., “Static data-flow analysis for software product lines in C,” Automated Software Engineering, vol. 29, no. 1, Art. no. 35, 2022, doi: 10.1007/s10515-022-00333-1.
LibreCat | DOI | Download (ext.)
 

2022 | Journal Article | LibreCat-ID: 33835
I. Sayar, A. Bartel, E. Bodden, and Y. Le Traon, “An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities,” ACM Transactions on Software Engineering and Methodology, 2022, doi: 10.1145/3554732.
LibreCat | DOI
 

2022 | Journal Article | LibreCat-ID: 33836
G. Piskachev, J. Späth, I. Budde, and E. Bodden, “Fluently specifying taint-flow queries with fluentTQL,” Empirical Software Engineering, vol. 27, no. 5, pp. 1–33, 2022.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33838
R. Krishnamurthy, G. Piskachev, and E. Bodden, “To what extent can we analyze Kotlin programs using existing Java taint analysis tools?” 2022.
LibreCat
 

2022 | Conference Paper | LibreCat-ID: 33837
G. Piskachev, S. Dziwok, T. Koch, S. Merschjohann, and E. Bodden, “How far are German companies in improving security through static program analysis tools?” 2022.
LibreCat
 

2022 | Misc | LibreCat-ID: 33959
A.-K. Wickert, L. Baumgärtner, M. Schlichtig, and M. Mezini, To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild. 2022.
LibreCat | Files available | DOI
 

2021 | Journal Article | LibreCat-ID: 27045 | OA
L. Luo et al., “TaintBench: Automatic real-world malware benchmarking of Android taint analyses,” Empirical Software Engineering, 2021, doi: 10.1007/s10664-021-10013-5.
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 27158
L. Luo, Improving Real-World Applicability of Static Taint Analysis. Universität Paderborn, 2021.
LibreCat | Files available
 

2021 | Journal Article | LibreCat-ID: 21595
L. Stockmann, S. Laux, and E. Bodden, “Using Architectural Runtime Verification for Offline Data Analysis,” Journal of Automotive Software Engineering, 2021, doi: 10.2991/jase.d.210205.001.
LibreCat | DOI | Download (ext.)
 

2021 | Dissertation | LibreCat-ID: 21596
A. Fischer, Computing on Encrypted Data using Trusted Execution Environments. Universität Paderborn, 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21597
P. Holzinger and E. Bodden, “A Systematic Hardening of Java’s Information Hiding,” International Symposium on Advanced Security on Software and Systems (ASSS), 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 21599
R. Bonifacio, S. Krüger, K. Narasimhan, E. Bodden, and M. Mezini, “Dealing with Variability in API Misuse Specification,” European Conference on Object-Oriented Programming (ECOOP), 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22462
A. P. Shivarpatna Venkatesh and E. Bodden, “Automated Cell Header Generator for Jupyter Notebooks,” 2021, doi: 10.1145/3464968.3468410.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 23374
S. Kummita, G. Piskachev, J. Spath, and E. Bodden, “Qualitative and Quantitative Analysis of Callgraph Algorithms for Python,” 2021, doi: 10.1109/iccq51190.2021.9392986.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 30084
K. Karakaya and E. Bodden, “SootFX: A Static Code Feature Extraction Tool for Java and Android,” 2021, doi: 10.1109/scam52516.2021.00030.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 21598 | OA
P. Schubert, B. Hermann, and E. Bodden, “Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis,” 2021.
LibreCat | Download (ext.)
 

2021 | Journal Article | LibreCat-ID: 31132
A. P. Dann, H. Plate, B. Hermann, S. E. Ponta, and E. Bodden, “Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite,” IEEE Transactions on Software Engineering, pp. 1–1, 2021, doi: 10.1109/tse.2021.3101739.
LibreCat | DOI
 

2021 | Conference Paper | LibreCat-ID: 26407
G. Piskachev, R. Krishnamurthy, and E. Bodden, “SecuCheck: Engineering configurable taint analysis for software developers,” 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 22463
L. Luo, M. Schäf, D. Sanchez, and E. Bodden, “IDE Support for Cloud-Based Static Analyses,” 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 33840
K. Karakaya and E. Bodden, “SootFX: A Static Code Feature Extraction Tool for Java and Android,” in 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), 2021, pp. 181–186.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26406
P. Schubert, B. Hermann, E. Bodden, and R. Leer, “Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++,” 2021.
LibreCat
 

2021 | Conference Paper | LibreCat-ID: 26405
P. Schubert, F. Sattler, F. Schiebel, B. Hermann, and E. Bodden, “Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++,” 2021.
LibreCat
 

2020 | Journal Article | LibreCat-ID: 20507
J. Geismann and E. Bodden, “A systematic literature review of model-driven security engineering for cyber–physical systems,” Journal of Systems and Software, vol. 169, p. 110697, 2020, doi: https://doi.org/10.1016/j.jss.2020.110697.
LibreCat | DOI
 

2020 | Journal Article | LibreCat-ID: 20508
L. Nguyen Quang Do and E. Bodden, “Explaining Static Analysis with Rule Graphs,” IEEE Transactions on Software Engineering, 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20509
A. Fischer, J. Janneck, J. Kussmaul, N. Krätzschmar, F. Kerschbaum, and E. Bodden, “PASAPTO: Policy-aware Security and Performance Trade-off Analysis - Computation on Encrypted Data with Restricted Leakage,” 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20510
M. Benz, E. Krogh Kristensen, L. Luo, N. P. Borges Jr., E. Bodden, and A. Zeller, “Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis,” 2020.
LibreCat
 

2020 | Conference Paper | LibreCat-ID: 20511
A. Fischer, B. Fuhry, F. Kerschbaum, and E. Bodden, “Computation on Encrypted Data using Dataflow Authentication,” 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20512
S. Krüger, K. Ali, and E. Bodden, “CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs,” in International Symposium on Code Generation and Optimization (CGO), 2020, pp. 185–198.
LibreCat | Files available
 

2020 | Dissertation | LibreCat-ID: 20513
S. Krüger, CogniCrypt -- The Secure Integration of Cryptographic Software. Universitaetsbibliothek Paderborn, 2020.
LibreCat | Download (ext.)
 

2020 | Conference Paper | LibreCat-ID: 20518
T. Koch, S. Dziwok, J. Holtmann, and E. Bodden, “Scenario-based Specification of Security Protocols and Transformation to Security Model Checkers,” 2020, doi: 10.1145/3365438.3410946.
LibreCat | DOI
 

2020 | Dissertation | LibreCat-ID: 20521
C. Gerking, Model-Driven Information Flow Security Engineering for Cyber-Physical Systems. Paderborn University, 2020.
LibreCat | DOI
 

2020 | Report | LibreCat-ID: 20712
P. Schubert, E. Bodden, and B. Hermann, Accelerating Static Call-Graph, Points-to and Data-Flow Analysis Through Persisted Summaries. 2020.
LibreCat | Files available
 

2020 | Book Chapter | LibreCat-ID: 20891
A. Knüppel et al., “Using Abstract Contracts for Verifying Evolving Features and Their Interactions,” in Lecture Notes in Computer Science, Cham, 2020.
LibreCat | DOI
 

2020 | Conference Paper | LibreCat-ID: 23376
G. Piskachev, L. Nguyen Quang Do, O. Johnson, and E. Bodden, “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods,” 2020, doi: 10.1109/ase.2019.00110.
LibreCat | DOI
 

2020 | Book Chapter | LibreCat-ID: 23377
G. Piskachev, T. Petrasch, J. Späth, and E. Bodden, “AuthCheck: Program-State Analysis for Access-Control Vulnerabilities,” in Lecture Notes in Computer Science, Cham, 2020.
LibreCat | DOI
 

2019 | Dissertation | LibreCat-ID: 20522
P. Holzinger, A Systematic Analysis and Hardening of the Java Security Architecture. Universität Paderborn, 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20524
L. Nguyen Quang Do, User-Centered Tool Design for Data-Flow Analysis. Universität Paderborn, 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20525
L. Stockmann, S. Laux, and E. Bodden, “Architectural Runtime Verification,” in 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), 2019, pp. 77–84, doi: 10.1109/ICSA-C.2019.00021.
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20527
M. Hazhirpasand, M. Ghafari, S. Krüger, E. Bodden, and O. Nierstrasz, “The Impact of Developer Experience in Using Java Cryptography,” in 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2019, pp. 1–6, doi: 10.1109/ESEM.2019.8870184.
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20528
G. Piskachev, T. Petrasch, J. Späth, and E. Bodden, “AuthCheck: Program-state Analysis for Access-control Vulnerabilities,” 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20529
M. Nachtigall, L. Nguyen Quang Do, and E. Bodden, “Explaining Static Analysis -- A Perspective,” 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20531
L. Luo, E. Bodden, and J. Späth, “A Qualitative Analysis of Android Taint-Analysis Results,” 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20532
G. Piskachev, L. Nguyen Quang Do, O. Johnson, and E. Bodden, “SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods,” 2019.
LibreCat | Download (ext.)
 

2019 | Journal Article | LibreCat-ID: 20533
S. Krüger, J. Späth, K. Ali, E. Bodden, and M. Mezini, “CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs,” IEEE Transactions on Software Engineering, pp. 1–1, 2019, doi: 10.1109/TSE.2019.2948910.
LibreCat | DOI | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20534
G. Piskachev, L. Nguyen Quang Do, and E. Bodden, “Codebase-Adaptive Detection of Security-Relevant Methods,” 2019.
LibreCat | Download (ext.)
 

2019 | Conference Paper | LibreCat-ID: 20535
L. Luo, J. Dolby, and E. Bodden, “MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors,” 2019.
LibreCat | Download (ext.)
 

2019 | Dissertation | LibreCat-ID: 20536
J. Späth, Synchronized Pushdown Systems for Pointer and Data-Flow Analysis. Universität Paderborn, 2019.
LibreCat | Download (ext.)
 

2019 | Report | LibreCat-ID: 20537
G. Piskachev, L. Nguyen, and E. Bodden, Codebase-Adaptive Detection of Security-Relevant Methods. 2019.
LibreCat
 

2019 | Conference Paper | LibreCat-ID: 20538
S. Albert Gorski Iii et al., “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware,” 2019.
LibreCat | Download (ext.)
 

2019 | Journal Article | LibreCat-ID: 20539
J. Späth, K. Ali, and E. Bodden, “Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems,” Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages, vol. 3, no. POPL, p. 48:1-48:29, 2019, doi: 10.1145/3290361.
LibreCat | DOI | Download (ext.)
 

Filters and Search Terms

department=76

Search

Filter Publications

Display / Sort

Citation Style: IEEE

Export / Embed