Einträge mit Organisationseinheit "20 Fachbereich Informatik > EC SPRIDE > Secure Software Engineering"
- TU Darmstadt (106899)
- 20 Fachbereich Informatik (16079)
- EC SPRIDE (168)
- Secure Software Engineering (63)
- EC SPRIDE (168)
- 20 Fachbereich Informatik (16079)
2023
Krüger, Stefan ; Reif, Michael ; Wickert, Anna-Katharina ; Nadi, Sarah ; Ali, Karim ; Bodden, Eric ; Mezini, Mira ; Acar, Yasemin ; Fahl, Sascha (2023)
Securing Your Crypto-API Usage Through Tool Support - A Usability Study.
2023 IEEE Secure Development Conference. Atlanta, USA (18.10.2023 - 20.10.2023)
doi: 10.1109/SecDev56634.2023.00015
Konferenzveröffentlichung, Bibliographie
Nachtigall, Marcus ; Schlichtig, Michael ; Bodden, Eric (2023)
Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale.
Software Engineering 2023 - Fachtagung des GI-Fachbereichs Softwaretechnik. Paderborn, Germany (20.02.2023 – 24.02.2023)
Konferenzveröffentlichung, Bibliographie
Schlichtig, Michael ; Sassalla, Steffen ; Narasimhan, Krishna ; Bodden, Eric (2023)
Introducing FUM: A Framework for API Usage Constraint and Misuse Classification.
Software Engineering 2023 - Fachtagung des GI-Fachbereichs Softwaretechnik. Paderborn, Germany (20.02.2023 – 24.02.2023)
Konferenzveröffentlichung, Bibliographie
2022
Wickert, Anna-Katharina ; Baumgärtner, Lars ; Schlichtig, Michael ; Narasimhan, Krishna ; Mezini, Mira (2022)
To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild.
21st International Conference on Trust, Security and Privacy in Computing and Communications. Wuhan, Peoples Republik of China (09.12.2022-11.12.2022)
doi: 10.1109/TrustCom56396.2022.00051
Konferenzveröffentlichung, Bibliographie
Schlichtig, Michael ; Sassalla, Steffen ; Narasimhan, Krishna ; Bodden, Eric (2022)
FUM - A Framework for API Usage constraint and Misuse Classification.
29th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). virtual Conference (15.03.2022 - 18.03.2022)
doi: 10.1109/SANER53432.2022.00085
Konferenzveröffentlichung, Bibliographie
Nachtigall, Marcus ; Schlichtig, Michael ; Bodden, Eric (2022)
A large-scale study of usability criteria addressed by static analysis tools.
31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'22). virtual Conference (18.07.2022 - 22.07.2022)
doi: 10.1145/3533767.3534374
Konferenzveröffentlichung, Bibliographie
2017
Falzon, Kevin (2017)
On the Use of Migration to Stop Illicit Channels.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung
Follner, Andreas (2017)
On Generating Gadget Chains for Return-Oriented Programming.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung
Rasthofer, Siegfried (2017)
Improving Mobile-Malware Investigations with Static and Dynamic Code Analysis Techniques.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung
Arzt, Steven (2017)
Static Data Flow Analysis for Android Applications.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung
2016
Nadi, Sarah ; Krüger, Stefan (2016)
Variability Modeling of Cryptographic Components (Clafer Experience Report).
Tenth International Workshop on Variability Modelling of Software-intensive Systems. Salvador, Brazil (27.01.2016-29.01.2016)
Konferenzveröffentlichung, Bibliographie
Bodden, Eric ; Pun, Ka I. ; Steffen, Martin ; Stolz, Volker ; Wickert, Anna-Katharina
Hrsg.: Margaria, Tiziana ; Steffen, Bernhard (2016)
Information Flow Analysis for Go.
In: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques
doi: 10.1007/978-3-319-47166-2_30
Buchkapitel, Bibliographie
2015
Falzon, Kevin ; Bodden, Eric
Hrsg.: Lopez, Javier ; Mitchell, Chris J. (2015)
Dynamically Provisioning Isolation in Hierarchical Architectures.
Information Security Conference. Trondheim
Konferenzveröffentlichung, Bibliographie
Baluda, Mauro (2015)
EvoSE: Evolutionary Symbolic Execution.
In: 6th International Workshop on Automating Test Case Design, Selection and Evaluation (A-TEST 2015): Proceedings
Buchkapitel, Bibliographie
Arzt, Steven ; Nadi, Sarah ; Ali, Karim ; Bodden, Eric ; Erdweg, Sebastian ; Mezini, Mira (2015)
Towards Secure Integration of Cryptographic Software.
OOPSLA Onward!. Piitsburgh (25.10.2015-25.10.2015)
Konferenzveröffentlichung, Bibliographie
Arzt, Steven ; Rasthofer, Siegfried ; Hahn, Robert ; Bodden, Eric (2015)
Using Targeted Symbolic Execution for Reducing False-Positives in Dataflow Analysis.
4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. Portland, USA (14.06.2015-14.06.2015)
Konferenzveröffentlichung, Bibliographie
2014
Lerch, Johannes ; Hermann, Ben ; Bodden, Eric ; Mezini, Mira (2014)
FlowTwist: Efficient Context-sensitive Inside-out Taint Analysis for Large Codebases.
Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering.
Konferenzveröffentlichung, Bibliographie
Ali, Karim ; Rapoport, Marianna ; Lhoták, Ondřej ; Dolby, Julian ; Tip, Frank (2014)
Constructing Call Graphs of Scala Programs.
Proceedings of the 28th European Conference on Object-Oriented Programming.
Konferenzveröffentlichung, Bibliographie
Arzt, Steven ; Rasthofer, Siegfried ; Fritz, Christian ; Bodden, Eric ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Octeau, Damien ; McDaniel, Patrick (2014)
Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps.
Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation. Edinburgh
Konferenzveröffentlichung, Bibliographie
Rasthofer, Siegfried ; Arzt, Steven ; Bodden, Eric (2014)
A machine-learning approach for classifying and categorizing android sources and sinks.
In: 2014 Network and Distributed System Security Symposium (NDSS)
Artikel, Bibliographie
Li, Li ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric ; Octeau, Damien ; McDaniel, Patrick (2014)
I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis.
Report, Bibliographie
Arzt, Steven ; Huber, Stephan ; Rasthofer, Siegfried ; Bodden, Eric (2014)
Denial-of-App Attack: Inhibiting the Installation of Android Apps on Stock Phones.
4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. Scottsdale
Konferenzveröffentlichung, Bibliographie
Arzt, Steven ; Bodden, Eric (2014)
Reviser: efficiently updating IDE-/IFDS-based data-flow analyses in response to incremental program changes.
ICSE. Hyderabad
Konferenzveröffentlichung, Bibliographie
Rasthofer, Siegfried ; Arzt, Steven ; Lovat, Enrico ; Bodden, Eric (2014)
DROIDFORCE: Enforcing Complex, Data-Centric, System-Wide Policies in Android.
In: Proceedings of the International Conference on Availability, Reliability and Security (ARES)
Artikel, Bibliographie
2013
Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric (2013)
Instrumenting Android and Java Applications as Easy as abc.
In: Runtime Verification 2013 (RV'13)
Artikel, Bibliographie
Falzon, Kevin ; Bodden, Eric ; Purandare, Rahul (2013)
Distributed Finite-State Runtime Monitoring with Aggregated Events.
4th International Conference on Runtime Verification (RV'13). Rennes, France (24.09.2013-27.09.2013)
doi: 10.1007/978-3-642-40787-1_6
Konferenzveröffentlichung, Bibliographie
Arzt, Steven ; Bodden, Eric (2013)
Efficiently updating IDE-based data-flow analyses in response to incremental program changes.
Report, Bibliographie
Bodden, Eric ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira (2013)
Reducing human factors in software security architectures.
Future Security Conference 2013.
Konferenzveröffentlichung, Bibliographie
Bodden, Eric ; Mezini, Mira ; Brabrand, Claus ; Tolêdo, Társis ; Ribeiro, Márcio ; Borba, Paulo (2013)
SPLlift - Statically Analyzing Software Product Lines in Minutes Instead of Years.
ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2013).
Konferenzveröffentlichung, Bibliographie
Fritz, Christian ; Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Octeau, Damien ; McDaniel, Patrick (2013)
Highly Precise Taint Analysis for Android Applications.
Report, Bibliographie
Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric (2013)
SuSi: A Tool for the Fully Automated Classification and Categorization of Android Sources and Sinks.
Report, Bibliographie
Arzt, Steven ; Falzon, Kevin ; Follner, Andreas ; Rasthofer, Siegfried ; Bodden, Eric ; Stolz, Volker (2013)
How useful are existing monitoring languages for securing Android apps?
6. Arbeitstagung Programmiersprachen (ATPS 2013).
Konferenzveröffentlichung, Bibliographie
Ali, Karim ; Lhoták, Ondřej (2013)
Averroes: Whole-Program Analysis without the Whole Program.
Proceedings of the 27th European Conference on Object-Oriented Programming.
Konferenzveröffentlichung, Bibliographie
2012
Bodden, Eric ; Tolêdo, Társis ; Ribeiro, Márcio ; Brabrand, Claus ; Borba, Paulo ; Mezini, Mira (2012)
Transparent and Efficient Reuse of IFDS-based Static Program Analyses for Software Product Lines.
Report, Bibliographie
Bodden, Eric ; Falzon, Kevin ; Pun, Ka I. ; Stolz, Volker (2012)
Delta-oriented Monitor Specification.
5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2012).
Konferenzveröffentlichung, Bibliographie
Bodden, Eric ; Follner, Andreas ; Rasthofer, Siegfried (2012)
Challenges in defining a programming language for provably correct dynamic analyses.
5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2012).
Konferenzveröffentlichung, Bibliographie
Falzon, Kevin ; Pace, Gordon J.
Hrsg.: Machado, Ricardo J. ; Maciel, Rita Suzana ; Rubin, Julia ; Botterweck, Goetz (2012)
Combining Testing and Runtime Verification.
8th International Workshop on Model-based Methodologies for Pervasive and Embedded Software. Essen, Germany (04.09.2012-04.09.2012)
Konferenzveröffentlichung, Bibliographie
Alsouri, Sami ; Sinschek, Jan ; Sewe, Andreas ; Bodden, Eric ; Mezini, Mira ; Katzenbeisser, Stefan (2012)
Dynamic Anomaly Detection for More Trustworthy Outsourced Computation.
15th International Conference on Information Security. Passau, Germany (19.09.2012-21.09.2012)
doi: 10.1007/978-3-642-33383-5_11
Konferenzveröffentlichung, Bibliographie
Kononenko, Kirill (2012)
A Unified Approach to Identifying and Healing Vulnerabilities in x86 Machine Code.
Konferenzveröffentlichung, Bibliographie
Thies, Andreas ; Bodden, Eric (2012)
RefaFlex: Safer Refactorings for Reflective Java Programs [forthcoming].
International Symposium on Software Testing and Analysis (ISSTA 2012).
Konferenzveröffentlichung, Bibliographie
Ansaloni, Danilo ; Binder, Walter ; Bockisch, Christoph ; Bodden, Eric ; Hatun, Kardelen ; Marek, Lukas ; Qi, Zhengwei ; Sarimbekov, Aibek ; Sewe, Andreas ; Tuma, Petr ; Zheng, Yudi (2012)
Challenges for Refinement and Composition of Instrumentations (Position Paper).
International Conference on Software Composition (SC 2012).
Konferenzveröffentlichung, Bibliographie
Bodden, Eric (2012)
Towards Typesafe Weaving for Modular Reasoning in Aspect-Oriented Programs.
FOAL 2012: International Workshop on the Foundations of Aspect-Oriented Languages.
Konferenzveröffentlichung, Bibliographie
Bodden, Eric (2012)
Identifying meaningless parameterized linear-temporal-logic formulas.
Report, Bibliographie
Bodden, Eric (2012)
On the Expressiveness of Parameterized Finite-state Runtime Monitors.
Report, Bibliographie
Bodden, Eric ; Lam, Patrick ; Hendren, Laurie (2012)
Partially evaluating finite-state runtime monitors ahead of time.
In: ACM Transactions on Programming Languages and Systems (TOPLAS)
Artikel, Bibliographie
Robillard, Martin P. ; Bodden, Eric ; Kawrykow, David ; Mezini, Mira ; Ratchford, Tristan (2012)
Automated API Property Inference Techniques.
In: IEEE Transactions on Software Engineering (TSE)
Artikel, Bibliographie
Bodden, Eric (2012)
MOPBox: A Library Approach to Runtime Verification.
RV ; 2 (San Francisco, CA) : 2011.09.27-30 International Conference on Runtime Verification ; 2 (San Francisco, CA) : 2011.09.27-30.
Konferenzveröffentlichung, Bibliographie
Ali, Karim ; Lhoták, Ondřej (2012)
Application-Only Call Graph Construction.
Proceedings of the 26th European Conference on Object-Oriented Programming.
Konferenzveröffentlichung, Bibliographie
2011
Inostroza, Milton ; Tanter, Éric ; Bodden, Eric (2011)
Modular Reasoning with Join Point Interfaces.
Report, Bibliographie
Lam, Patrick ; Bodden, Eric ; Lhotak, Ondrej ; Hendren, Laurie (2011)
The Soot framework for Java program analysis: a retrospective.
Cetus Users and Compiler Infastructure Workshop (CETUS 2011).
Konferenzveröffentlichung, Bibliographie
Bodden, Eric (2011)
Stateful Breakpoints: A Practical Approach to Defining Parameterized Runtime Monitors.
ESEC/FSE '11: Joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering.
Konferenzveröffentlichung, Bibliographie
Bodden, Eric (2011)
Continuation equivalence: a Correctness Criterion for Static Optimizations of Dynamic Analyses.
WODA '11: International Workshop on Dynamic Analysis.
Konferenzveröffentlichung, Bibliographie
Bodden, Eric (2011)
Closure Joinpoints: Block joinpoints without surprises.
AOSD '11: Proceedings of the 10th International Conference on Aspect-oriented Software Development.
Konferenzveröffentlichung, Bibliographie
Bodden, Eric ; Sewe, Andreas ; Sinschek, Jan ; Oueslati, Hela ; Mezini, Mira (2011)
Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders.
International Conference on Software Engineering. Waikiki, Honolulu, HI, USA (21.05.2011-28.05.2011)
doi: 10.1145/1985793.1985827
Konferenzveröffentlichung, Bibliographie
Inostroza, Milton ; Tanter, Éric ; Bodden, Eric (2011)
Join Point Interfaces for Modular Reasoning in Aspect-Oriented Programs.
ESEC/FSE '11: Joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering.
Konferenzveröffentlichung, Bibliographie
2010
Bodden, Eric ; Lam, Patrick ; Hendren, Laurie (2010)
Clara: a Framework for Statically Evaluating Finite-state Runtime Monitors.
1st International Conference on Runtime Verification (RV).
Konferenzveröffentlichung, Bibliographie
Bodden, Eric ; Lam, Patrick (2010)
Clara: Partially Evaluating Runtime Monitors at Compile Time.
1st International Conference on Runtime Verification (RV).
Konferenzveröffentlichung, Bibliographie
Kim, Chang Hwan Peter ; Bodden, Eric ; Batory, Don ; Khurshid, Sarfraz (2010)
Reducing Configurations to Monitor in a Software Product Line.
1st International Conference on Runtime Verification (RV).
Konferenzveröffentlichung, Bibliographie
Bruch, Marcel ; Bodden, Eric ; Monperrus, Martin ; Mezini, Mira (2010)
IDE 2.0: Collective Intelligence in Software Development.
FSE/SDP Workshop on the Future of Software Engineering.
doi: 10.1145/1882362.1882374?
Konferenzveröffentlichung, Bibliographie
Bodden, Eric ; Havelund, Klaus (2010)
Aspect-oriented Race Detection in Java.
In: IEEE Transactions on Software Engineering (TSE), 36 (4)
Artikel, Bibliographie
2009
Ali, Karim ; Aib, Issam ; Boutaba, Raouf (2009)
P2P-AIS: A P2P Artificial Immune Systems architecture for detecting DDoS flooding attacks.
Global Information Infrastructure Symposium.
Konferenzveröffentlichung, Bibliographie
Ali, Karim ; Boutaba, Raouf (2009)
Applying Kernel Methods to Anomaly-based Intrusion Detection Systems.
Global Information Infrastructure Symposium.
Konferenzveröffentlichung, Bibliographie
2008
Aly, Sherif G. ; Nadi, Sarah ; Hamdan, Karim (2008)
A Java-Based Programming Language Support of Location Management in Pervasive Systems.
In: International Journal of Computer Science and Network Security, 8 (6)
Artikel, Bibliographie