Krüger, Stefan ; Reif, Michael ; Wickert, Anna-Katharina ; Nadi, Sarah ; Ali, Karim ; Bodden, Eric ; Mezini, Mira ; Acar, Yasemin ; Fahl, Sascha (2023)
Securing Your Crypto-API Usage Through Tool Support - A Usability Study.
2023 IEEE Secure Development Conference. Atlanta, USA (18.10.2023 - 20.10.2023)
doi: 10.1109/SecDev56634.2023.00015
Konferenzveröffentlichung, Bibliographie

Nachtigall, Marcus ; Schlichtig, Michael ; Bodden, Eric (2023)
Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale.
Software Engineering 2023 - Fachtagung des GI-Fachbereichs Softwaretechnik. Paderborn, Germany (20.02.2023 – 24.02.2023)
Konferenzveröffentlichung, Bibliographie

Schlichtig, Michael ; Sassalla, Steffen ; Narasimhan, Krishna ; Bodden, Eric (2023)
Introducing FUM: A Framework for API Usage Constraint and Misuse Classification.
Software Engineering 2023 - Fachtagung des GI-Fachbereichs Softwaretechnik. Paderborn, Germany (20.02.2023 – 24.02.2023)
Konferenzveröffentlichung, Bibliographie

Wickert, Anna-Katharina ; Baumgärtner, Lars ; Schlichtig, Michael ; Narasimhan, Krishna ; Mezini, Mira (2022)
To Fix or Not to Fix: A Critical Study of Crypto-misuses in the Wild.
21st International Conference on Trust, Security and Privacy in Computing and Communications. Wuhan, Peoples Republik of China (09.12.2022-11.12.2022)
doi: 10.1109/TrustCom56396.2022.00051
Konferenzveröffentlichung, Bibliographie

Schlichtig, Michael ; Sassalla, Steffen ; Narasimhan, Krishna ; Bodden, Eric (2022)
FUM - A Framework for API Usage constraint and Misuse Classification.
29th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). virtual Conference (15.03.2022 - 18.03.2022)
doi: 10.1109/SANER53432.2022.00085
Konferenzveröffentlichung, Bibliographie

Nachtigall, Marcus ; Schlichtig, Michael ; Bodden, Eric (2022)
A large-scale study of usability criteria addressed by static analysis tools.
31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'22). virtual Conference (18.07.2022 - 22.07.2022)
doi: 10.1145/3533767.3534374
Konferenzveröffentlichung, Bibliographie

Falzon, Kevin (2017)
On the Use of Migration to Stop Illicit Channels.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung

Follner, Andreas (2017)
On Generating Gadget Chains for Return-Oriented Programming.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung

Rasthofer, Siegfried (2017)
Improving Mobile-Malware Investigations with Static and Dynamic Code Analysis Techniques.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung

Arzt, Steven (2017)
Static Data Flow Analysis for Android Applications.
Technische Universität Darmstadt
Dissertation, Erstveröffentlichung

Nadi, Sarah ; Krüger, Stefan (2016)
Variability Modeling of Cryptographic Components (Clafer Experience Report).
Tenth International Workshop on Variability Modelling of Software-intensive Systems. Salvador, Brazil (27.01.2016-29.01.2016)
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Pun, Ka I. ; Steffen, Martin ; Stolz, Volker ; Wickert, Anna-Katharina
Hrsg.: Margaria, Tiziana ; Steffen, Bernhard (2016)
Information Flow Analysis for Go.
In: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques
doi: 10.1007/978-3-319-47166-2_30
Buchkapitel, Bibliographie

Falzon, Kevin ; Bodden, Eric
Hrsg.: Lopez, Javier ; Mitchell, Chris J. (2015)
Dynamically Provisioning Isolation in Hierarchical Architectures.
Information Security Conference. Trondheim
Konferenzveröffentlichung, Bibliographie

Baluda, Mauro (2015)
EvoSE: Evolutionary Symbolic Execution.
In: 6th International Workshop on Automating Test Case Design, Selection and Evaluation (A-TEST 2015): Proceedings
Buchkapitel, Bibliographie

Arzt, Steven ; Nadi, Sarah ; Ali, Karim ; Bodden, Eric ; Erdweg, Sebastian ; Mezini, Mira (2015)
Towards Secure Integration of Cryptographic Software.
OOPSLA Onward!. Piitsburgh (25.10.2015-25.10.2015)
Konferenzveröffentlichung, Bibliographie

Arzt, Steven ; Rasthofer, Siegfried ; Hahn, Robert ; Bodden, Eric (2015)
Using Targeted Symbolic Execution for Reducing False-Positives in Dataflow Analysis.
4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis. Portland, USA (14.06.2015-14.06.2015)
Konferenzveröffentlichung, Bibliographie

Lerch, Johannes ; Hermann, Ben ; Bodden, Eric ; Mezini, Mira (2014)
FlowTwist: Efficient Context-sensitive Inside-out Taint Analysis for Large Codebases.
Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering.
Konferenzveröffentlichung, Bibliographie

Ali, Karim ; Rapoport, Marianna ; Lhoták, Ondřej ; Dolby, Julian ; Tip, Frank (2014)
Constructing Call Graphs of Scala Programs.
Proceedings of the 28th European Conference on Object-Oriented Programming.
Konferenzveröffentlichung, Bibliographie

Arzt, Steven ; Rasthofer, Siegfried ; Fritz, Christian ; Bodden, Eric ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Octeau, Damien ; McDaniel, Patrick (2014)
Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps.
Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation. Edinburgh
Konferenzveröffentlichung, Bibliographie

Rasthofer, Siegfried ; Arzt, Steven ; Bodden, Eric (2014)
A machine-learning approach for classifying and categorizing android sources and sinks.
In: 2014 Network and Distributed System Security Symposium (NDSS)
Artikel, Bibliographie

Li, Li ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric ; Octeau, Damien ; McDaniel, Patrick (2014)
I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis.
Report, Bibliographie

Arzt, Steven ; Huber, Stephan ; Rasthofer, Siegfried ; Bodden, Eric (2014)
Denial-of-App Attack: Inhibiting the Installation of Android Apps on Stock Phones.
4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. Scottsdale
Konferenzveröffentlichung, Bibliographie

Arzt, Steven ; Bodden, Eric (2014)
Reviser: efficiently updating IDE-/IFDS-based data-flow analyses in response to incremental program changes.
ICSE. Hyderabad
Konferenzveröffentlichung, Bibliographie

Rasthofer, Siegfried ; Arzt, Steven ; Lovat, Enrico ; Bodden, Eric (2014)
DROIDFORCE: Enforcing Complex, Data-Centric, System-Wide Policies in Android.
In: Proceedings of the International Conference on Availability, Reliability and Security (ARES)
Artikel, Bibliographie

Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric (2013)
Instrumenting Android and Java Applications as Easy as abc.
In: Runtime Verification 2013 (RV'13)
Artikel, Bibliographie

Falzon, Kevin ; Bodden, Eric ; Purandare, Rahul (2013)
Distributed Finite-State Runtime Monitoring with Aggregated Events.
4th International Conference on Runtime Verification (RV'13). Rennes, France (24.09.2013-27.09.2013)
doi: 10.1007/978-3-642-40787-1_6
Konferenzveröffentlichung, Bibliographie

Arzt, Steven ; Bodden, Eric (2013)
Efficiently updating IDE-based data-flow analyses in response to incremental program changes.
Report, Bibliographie

Bodden, Eric ; Hermann, Ben ; Lerch, Johannes ; Mezini, Mira (2013)
Reducing human factors in software security architectures.
Future Security Conference 2013.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Mezini, Mira ; Brabrand, Claus ; Tolêdo, Társis ; Ribeiro, Márcio ; Borba, Paulo (2013)
SPLlift - Statically Analyzing Software Product Lines in Minutes Instead of Years.
ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2013).
Konferenzveröffentlichung, Bibliographie

Fritz, Christian ; Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric ; Bartel, Alexandre ; Klein, Jacques ; Le Traon, Yves ; Octeau, Damien ; McDaniel, Patrick (2013)
Highly Precise Taint Analysis for Android Applications.
Report, Bibliographie

Arzt, Steven ; Rasthofer, Siegfried ; Bodden, Eric (2013)
SuSi: A Tool for the Fully Automated Classification and Categorization of Android Sources and Sinks.
Report, Bibliographie

Arzt, Steven ; Falzon, Kevin ; Follner, Andreas ; Rasthofer, Siegfried ; Bodden, Eric ; Stolz, Volker (2013)
How useful are existing monitoring languages for securing Android apps?
6. Arbeitstagung Programmiersprachen (ATPS 2013).
Konferenzveröffentlichung, Bibliographie

Ali, Karim ; Lhoták, Ondřej (2013)
Averroes: Whole-Program Analysis without the Whole Program.
Proceedings of the 27th European Conference on Object-Oriented Programming.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Tolêdo, Társis ; Ribeiro, Márcio ; Brabrand, Claus ; Borba, Paulo ; Mezini, Mira (2012)
Transparent and Efficient Reuse of IFDS-based Static Program Analyses for Software Product Lines.
Report, Bibliographie

Bodden, Eric ; Falzon, Kevin ; Pun, Ka I. ; Stolz, Volker (2012)
Delta-oriented Monitor Specification.
5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2012).
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Follner, Andreas ; Rasthofer, Siegfried (2012)
Challenges in defining a programming language for provably correct dynamic analyses.
5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2012).
Konferenzveröffentlichung, Bibliographie

Falzon, Kevin ; Pace, Gordon J.
Hrsg.: Machado, Ricardo J. ; Maciel, Rita Suzana ; Rubin, Julia ; Botterweck, Goetz (2012)
Combining Testing and Runtime Verification.
8th International Workshop on Model-based Methodologies for Pervasive and Embedded Software. Essen, Germany (04.09.2012-04.09.2012)
Konferenzveröffentlichung, Bibliographie

Alsouri, Sami ; Sinschek, Jan ; Sewe, Andreas ; Bodden, Eric ; Mezini, Mira ; Katzenbeisser, Stefan (2012)
Dynamic Anomaly Detection for More Trustworthy Outsourced Computation.
15th International Conference on Information Security. Passau, Germany (19.09.2012-21.09.2012)
doi: 10.1007/978-3-642-33383-5_11
Konferenzveröffentlichung, Bibliographie

Kononenko, Kirill (2012)
A Unified Approach to Identifying and Healing Vulnerabilities in x86 Machine Code.
Konferenzveröffentlichung, Bibliographie

Thies, Andreas ; Bodden, Eric (2012)
RefaFlex: Safer Refactorings for Reflective Java Programs [forthcoming].
International Symposium on Software Testing and Analysis (ISSTA 2012).
Konferenzveröffentlichung, Bibliographie

Ansaloni, Danilo ; Binder, Walter ; Bockisch, Christoph ; Bodden, Eric ; Hatun, Kardelen ; Marek, Lukas ; Qi, Zhengwei ; Sarimbekov, Aibek ; Sewe, Andreas ; Tuma, Petr ; Zheng, Yudi (2012)
Challenges for Refinement and Composition of Instrumentations (Position Paper).
International Conference on Software Composition (SC 2012).
Konferenzveröffentlichung, Bibliographie

Bodden, Eric (2012)
Towards Typesafe Weaving for Modular Reasoning in Aspect-Oriented Programs.
FOAL 2012: International Workshop on the Foundations of Aspect-Oriented Languages.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric (2012)
Identifying meaningless parameterized linear-temporal-logic formulas.
Report, Bibliographie

Bodden, Eric (2012)
On the Expressiveness of Parameterized Finite-state Runtime Monitors.
Report, Bibliographie

Bodden, Eric ; Lam, Patrick ; Hendren, Laurie (2012)
Partially evaluating finite-state runtime monitors ahead of time.
In: ACM Transactions on Programming Languages and Systems (TOPLAS)
Artikel, Bibliographie

Robillard, Martin P. ; Bodden, Eric ; Kawrykow, David ; Mezini, Mira ; Ratchford, Tristan (2012)
Automated API Property Inference Techniques.
In: IEEE Transactions on Software Engineering (TSE)
Artikel, Bibliographie

Bodden, Eric (2012)
MOPBox: A Library Approach to Runtime Verification.
RV ; 2 (San Francisco, CA) : 2011.09.27-30 International Conference on Runtime Verification ; 2 (San Francisco, CA) : 2011.09.27-30.
Konferenzveröffentlichung, Bibliographie

Ali, Karim ; Lhoták, Ondřej (2012)
Application-Only Call Graph Construction.
Proceedings of the 26th European Conference on Object-Oriented Programming.
Konferenzveröffentlichung, Bibliographie

Inostroza, Milton ; Tanter, Éric ; Bodden, Eric (2011)
Modular Reasoning with Join Point Interfaces.
Report, Bibliographie

Lam, Patrick ; Bodden, Eric ; Lhotak, Ondrej ; Hendren, Laurie (2011)
The Soot framework for Java program analysis: a retrospective.
Cetus Users and Compiler Infastructure Workshop (CETUS 2011).
Konferenzveröffentlichung, Bibliographie

Bodden, Eric (2011)
Stateful Breakpoints: A Practical Approach to Defining Parameterized Runtime Monitors.
ESEC/FSE '11: Joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric (2011)
Continuation equivalence: a Correctness Criterion for Static Optimizations of Dynamic Analyses.
WODA '11: International Workshop on Dynamic Analysis.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric (2011)
Closure Joinpoints: Block joinpoints without surprises.
AOSD '11: Proceedings of the 10th International Conference on Aspect-oriented Software Development.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Sewe, Andreas ; Sinschek, Jan ; Oueslati, Hela ; Mezini, Mira (2011)
Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders.
International Conference on Software Engineering. Waikiki, Honolulu, HI, USA (21.05.2011-28.05.2011)
doi: 10.1145/1985793.1985827
Konferenzveröffentlichung, Bibliographie

Inostroza, Milton ; Tanter, Éric ; Bodden, Eric (2011)
Join Point Interfaces for Modular Reasoning in Aspect-Oriented Programs.
ESEC/FSE '11: Joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering.
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Lam, Patrick ; Hendren, Laurie (2010)
Clara: a Framework for Statically Evaluating Finite-state Runtime Monitors.
1st International Conference on Runtime Verification (RV).
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Lam, Patrick (2010)
Clara: Partially Evaluating Runtime Monitors at Compile Time.
1st International Conference on Runtime Verification (RV).
Konferenzveröffentlichung, Bibliographie

Kim, Chang Hwan Peter ; Bodden, Eric ; Batory, Don ; Khurshid, Sarfraz (2010)
Reducing Configurations to Monitor in a Software Product Line.
1st International Conference on Runtime Verification (RV).
Konferenzveröffentlichung, Bibliographie

Bruch, Marcel ; Bodden, Eric ; Monperrus, Martin ; Mezini, Mira (2010)
IDE 2.0: Collective Intelligence in Software Development.
FSE/SDP Workshop on the Future of Software Engineering.
doi: 10.1145/1882362.1882374?
Konferenzveröffentlichung, Bibliographie

Bodden, Eric ; Havelund, Klaus (2010)
Aspect-oriented Race Detection in Java.
In: IEEE Transactions on Software Engineering (TSE), 36 (4)
Artikel, Bibliographie

Ali, Karim ; Aib, Issam ; Boutaba, Raouf (2009)
P2P-AIS: A P2P Artificial Immune Systems architecture for detecting DDoS flooding attacks.
Global Information Infrastructure Symposium.
Konferenzveröffentlichung, Bibliographie

Ali, Karim ; Boutaba, Raouf (2009)
Applying Kernel Methods to Anomaly-based Intrusion Detection Systems.
Global Information Infrastructure Symposium.
Konferenzveröffentlichung, Bibliographie

Aly, Sherif G. ; Nadi, Sarah ; Hamdan, Karim (2008)
A Java-Based Programming Language Support of Location Management in Pervasive Systems.
In: International Journal of Computer Science and Network Security, 8 (6)
Artikel, Bibliographie