Publications
You will find most of my publications below. Google scholar is keeping track of my publications as well. Click here to see my profile page there.
Click here to search or browse through these publications.
Publications of .* [rss]
Ph.D. theses advised by me
| [13] | Adapting Taint Analyses for Detecting Security Vulnerabilities , PhD thesis, Universität Paderborn, 2022. Awarded: Summa cum laude [bib] [pdf] |
| [12] | Improving Real-World Applicability of Static Taint Analysis , PhD thesis, Universität Paderborn, 2021. Awarded: Summa cum laude, Ernst Denert Software Engineering Award, UPB Doctoral Dissertation Award [bib] [pdf] |
| [11] | Computing on Encrypted Data using Trusted Execution Environments , PhD thesis, Universität Paderborn, 2021. [bib] [pdf] |
| [10] | CogniCrypt — The Secure Integration of Cryptographic Software , PhD thesis, Universität Paderborn, 2020. Awarded: Summa cum laude [bib] [pdf] |
| [9] | Model-Driven Information Flow Security Engineering for Cyber-Physical Systems , PhD thesis, Universität Paderborn, 2020. [bib] [pdf] |
| [8] | Synchronized Pushdown Systems for Pointer and Data-Flow Analysis , PhD thesis, Universität Paderborn, 2019. Awarded: Summa cum laude, UPB Doctoral Dissertation Award, Ernst Denert Software-Engineering Award and Fraunhofer IuK Dissertation Award [bib] [pdf] |
| [7] | User-Centered Tool Design for Data-Flow Analysis , PhD thesis, Universität Paderborn, 2019. Awarded: Summa cum laude, UPB Doctoral Dissertation Award [bib] [pdf] |
| [6] | A Systematic Analysis and Hardening of the Java Security Architecture , PhD thesis, Universität Paderborn, 2019. Awarded: Summa cum laude [bib] [pdf] |
| [5] | Safety requirements engineering for early SIL tailoring , PhD thesis, Universität Paderborn, 2018. [bib] [pdf] |
| [4] | Improving Mobile-Malware Investigations with Static and Dynamic Code Analysis Techniques , PhD thesis, Technische Universität Darmstadt, 2016. Awarded: Summa cum laude, Fraunhofer IuK Dissertation Award & Dissertation Award of the Ernst Denert Foundation [bib] [pdf] |
| [3] | On Generating Gadget Chains for Return-Oriented Programming , PhD thesis, Technische Universität Darmstadt, 2016. [bib] [pdf] |
| [2] | On the Use of Migration to Stop Illicit Channels , PhD thesis, Technische Universität Darmstadt, 2016. [bib] [pdf] |
| [1] | Static Data Flow Analysis for Android Applications , PhD thesis, Technische Universität Darmstadt, 2016. Awarded: Summa cum laude, Fraunhofer IuK Dissertation Award & Dissertation Award of the Ernst Denert Foundation [bib] [pdf] |
Books
| [3] | Using Abstract Contracts for Verifying Evolving Features and Their Interactions , Chapter in (Wolfgang Ahrendt, Bernhard Beckert, Richard Bubel, Reiner Hähnle, Mattias Ulbrich, eds.), pages 122–148, Springer International Publishing, 2020. [bib] [pdf] [doi] |
| [2] | Industrial Security by Design , Chapter in (Günter W. Maier, Gregor Engels, Eckhard Steffen, eds.), pages 1–24, Springer Berlin Heidelberg, 2017. [bib] [pdf] [doi] |
| [1] | Entwicklung sicherer Software durch Security by Design , (Michael Waidner, Michael Backes, Jörn Müller-Quade, eds.), SIT TECHNICAL REPORTS, Fraunhofer Verlag, 2013. (ISBN: 978-3-8396-0567-7) [bib] [pdf] |
Theses
| [2] | Verifying finite-state properties of large-scale programs , PhD thesis, McGill University, 2009. (Available in print through ProQuest) [bib] [pdf] |
| [1] | J-LO – A tool for runtime-checking temporal assertions , Diploma thesis, RWTH Aachen University, 2005. [bib] [pdf] |
Patents
| [2] | Apparatuses, Mobile Devices, Methods and Computer Programs for Evaluating Runtime Information of an Extracted Set of Instructions based on at least a part of a Computer Program , European patent EP3029595A3 (granted), 2022. [bib] [pdf] |
| [1] | Method and system for performance profiling of software , US Patent No. 7765094 (granted), 2010. [bib] [pdf] |
Proceedings and Book Chapters
| [4] | Special Section on Runtime Verification and Analysis, (Eric Bodden, Shahar Maoz, eds.), Transactions on Aspect-Oriented Software Development (TAOSD), Springer, 2014. (To appear) [bib] |
| [3] | Proceedings of the 12th International Conference on Software Composition, (Walter Binder, Eric Bodden, Welf Löwe, eds.), Lecture Notes in Computer Science, Springer, 2013. [bib] |
| [2] | Proceedings of the 10th International Workshop on Dynamic Analysis (WODA 2012), (Eric Bodden, Madanlal Musuvathi, eds.), ACM, 2012. [bib] |
| [1] | Proceedings of the 1st ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2012), (Eric Bodden, Laurie Hendren, Patrick Lam, Elena Sherman, eds.), ACM, 2012. [bib] |
Refereed Journal Articles
| [34] | Evaluating security through isolation and defense in depth , In IEEE Security Privacy, 22(1), 2024. [bib] [pdf] [doi] |
| [33] | Runtime Verification of Crypto APIs: An Empirical Study , In IEEE Transactions on Software Engineering, pages 4510-4525, 49(10), 2023. [bib] [pdf] [doi] |
| [32] | Defense-in-Depth als neues Paradigma der sicherheitsgerechten Produktentwicklung: interdisziplinäre, bedrohungsbewusste und lösungsorientierte Security/Defense-in-Depth as a new paradigm of security-oriented product engineering: interdisciplinary, threat-aware and solution-oriented security , In Konstruktion, pages 60–65, 75(11–12), 2023. [bib] [pdf] [doi] |
| [31] | Verifying Software and Reconfigurable Hardware Services , Chapter in On-The-Fly Computing — Individualized IT-services in dynamic markets (Claus-Jochen Haake, Friedhelm Meyer auf der Heide, Marco Platzner, Henning Wachsmuth, Heike Wehrheim, eds.), pages 125-144, Volume 412 of Verlagsschriftenreihe des Heinz Nixdorf Instituts, Heinz Nixdorf Institut, Universität Paderborn, 2023. [bib] [pdf] [doi] |
| [30] | Can the configuration of static analyses make resolving security vulnerabilities more effective? – A user study , In Empirical Software Engineering, pages 118, 28(5), 2023. [bib] [pdf] [doi] |
| [29] | Static Data-Flow Analysis for Software Product Lines in C , In Automated Software Engineering, Springer International Publishing, 2022. [bib] [pdf] [doi] |
| [28] | An In-Depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities , In ACM Trans. Softw. Eng. Methodol., Association for Computing Machinery, 2022. [bib] [pdf] [doi] |
| [27] | Fluently specifying taint-flow queries with fluentTQL , In Empirical Software Engineering, pages 1–33, 27(5), 2022. [bib] [pdf] |
| [26] | “Free” as in Freedom to Protest? , In IEEE Security & Privacy, pages 16-21, 20(5), 2022. [bib] [doi] |
| [25] | TaintBench: Automatic real-world malware benchmarking of Android taint analyses , In Empirical Software Engineering, pages 1–41, 27(1), 2022. [bib] [pdf] [doi] |
| [24] | Computation on Encrypted Data Using Dataflow Authentication , In ACM Trans. Priv. Secur., 25(3), 2022. [bib] [pdf] [doi] |
| [23] | Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis , In European Conference on Object-Oriented Programming (ECOOP), 2021. Awarded: Distinguished Paper Award [bib] [pdf] |
| [22] | A Systematic Hardening of Java’s Information Hiding , In International Symposium on Advanced Security on Software and Systems (ASSS), 2021. [bib] [pdf] |
| [21] | Identifying Challenges for OSS Vulnerability Scanners – A Study & Test Suite , In IEEE Transactions on Software Engineering, pages 1-1, (), 2021. [bib] [pdf] [doi] |
| [20] | Dealing with Variability in API Misuse Specification , In European Conference on Object-Oriented Programming (ECOOP), 2021. [bib] [pdf] |
| [19] | Using Architectural Runtime Verification for Offline Data Analysis , In Journal of Automotive Software Engineering, 2021. [bib] [pdf] [doi] |
| [18] | Explaining Static Analysis with Rule Graphs , In IEEE Transactions on Software Engineering, 2020. (To appear.) [bib] [pdf] |
| [17] | A systematic literature review of model-driven security engineering for cyber–physical systems , In Journal of Systems and Software, pages 110697, Volume 169, 2020. [bib] [pdf] [doi] |
| [16] | ModGuard: Identifying Integrity Confidentiality Violations in Java Modules , In IEEE Transactions on Software Engineering, pages 1-1, (), 2019. [bib] [pdf] [doi] |
| [15] | CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs , In IEEE Transactions on Software Engineering, pages 1-1, (), 2019. [bib] [pdf] [doi] |
| [14] | Context-, Flow-, and Field-sensitive Data-flow Analysis Using Synchronized Pushdown Systems , In Proceedings of the ACM SIGPLAN Symposium on Principles of Programming Languages, pages 48:1–48:29, 3(POPL), 2019. Awarded: ACM Distinguished Paper Award, Artifact Evaluation Award [bib] [pdf] [doi] |
| [13] | Debugging Static Analysis , In IEEE Transactions on Software Engineering, pages 1-1, (), 2018. [bib] [pdf] [doi] |
| [12] | Tracking Load-time Configuration Options , In IEEE Transactions on Software Engineering, pages 1-1, PP(99), 2017. [bib] [pdf] [doi] |
| [11] | Time for Addressing Software Security Issues: Prediction Models and Impacting Factors , In Data Science and Engineering, pages 107–124, 2(2), 2017. [bib] [pdf] [doi] |
| [10] | ROPocop — Dynamic mitigation of code-reuse attacks , In Journal of Information Security and Applications, pages 16–26, Volume 29, 2016. [bib] [pdf] [doi] |
| [9] | Harvester – Vollautomatische Extraktion von Laufzeitwerten aus obfuskierten Android-Applikationen , In Datenschutz und Datensicherheit, pages 718–722, 2016. [bib] [pdf] [doi] |
| [8] | Incorporating Attacker Capabilities in Risk Estimation and Mitigation , In Elsevier Computers & Security, pages 41–61, Volume 51, 2015. [bib] [pdf] |
| [7] | Join Point Interfaces for Safe and Flexible Decoupling of Aspects , In ACM Trans. Softw. Eng. Methodol., pages 7:1–7:41, 23(1), 2014. [bib] [pdf] [doi] |
| [6] | Automated API Property Inference Techniques , In IEEE Trans. Softw. Eng., pages 613–637, 39(5), 2013. [bib] [pdf] [doi] |
| [5] | Schutzmaßnahmen gegen Datenschutz-unfreundliche Smartphone-Apps , In Datenschutz und Datensicherheit, 2013. [bib] [pdf] |
| [4] | Partially evaluating finite-state runtime monitors ahead of time , In ACM Transactions on Programming Languages and Systems (TOPLAS), pages 7:1–7:52, 34(2), 2012. [bib] [pdf] [doi] |
| [3] | The Clara framework for hybrid typestate analysis , In International Journal on Software Tools for Technology Transfer (STTT), pages 307-326, Volume 14, 2012. (10.1007/s10009-010-0183-5) [bib] [pdf] |
| [2] | Aspect-oriented Race Detection in Java , In IEEE Transactions on Software Engineering (TSE), pages 509–527, 36(4), 2010. [bib] [pdf] |
| [1] | Collaborative Runtime Verification with Tracematches , In Oxford Journal of Logics and Computation, 2008. [bib] [pdf] [doi] |
Refereed Conference Papers
| [110] | Scaling Interprocedural Static Data-Flow Analysis to Large C/C++ Applications , In ECOOP 2024. [bib] [pdf] |
| [109] | Supporting Error Chains in Static Analysis for Precise Evaluation Results and Enhanced Usability , In 2024 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), pages to appear, 2024. [bib] [pdf] |
| [108] | TypeEvalPy: A Micro-benchmarking Framework for Python Type Inference Tools , In Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings, pages 49–53, ICSE-Companion ’24, Association for Computing Machinery, 2024. [bib] [pdf] [doi] |
| [107] | The Emergence of Large Language Models in Static Analysis: A First Look through Micro-Benchmarks , In Proceedings of the 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering, pages 35–39, FORGE ’24, Association for Computing Machinery, 2024. [bib] [pdf] [doi] |
| [106] | Symbol-Specific Sparsification of Interprocedural Distributive Environment Problems , In 2024 IEEE/ACM 46th International Conference on Software Engineering (ICSE), pages 888-888, IEEE Computer Society, 2024. [bib] [pdf] [doi] |
| [105] | SootUp: A Redesign of the Soot Static Analysis Framework , In Tools and Algorithms for the Construction and Analysis of Systems (Bernd Finkbeiner, Laura Kovács, eds.), pages 229–247, Springer Nature Switzerland, 2024. [bib] [pdf] |
| [104] | Toward an Android Static Analysis Approach for Data Protection , In Proceedings of the 9th International Conference on Mobile Software Engineering and Systems, 2024. [bib] |
| [103] | Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis , In IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2023. (To appear.) Awarded: Distinguished Paper Award [bib] [pdf] |
| [102] | Model Generation For Java Frameworks , In IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023. (To appear.) [bib] [pdf] |
| [101] | Securing Your Crypto-API Usage Through Tool Support – A Usability Study , In 2023 IEEE Secure Development Conference (SecDev), pages 14-25, IEEE Computer Society, 2023. [bib] [pdf] [doi] |
| [100] | Two Sparsification Strategies for Accelerating Demand-Driven Pointer Analysis , In IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023. (To appear.) [bib] [pdf] |
| [99] | UpCy: Safely Updating Outdated Dependencies , In , International Conference on Software Engineering (ICSE), , 2023. (To appear.) [bib] [pdf] |
| [98] | FUM – A Framework for API Usage constraint and Misuse Classification , In 2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), 2022. [bib] [pdf] |
| [97] | How far are German companies in improving security through static program analysis tools? , In , IEEE Secure Development Conference (SecDev), , 2022. [bib] [pdf] |
| [96] | A Large-Scale Study of Usability Criteria Addressed by Static Analysis Tools , In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pages 532–543, ISSTA 2022, Association for Computing Machinery, 2022. [bib] [pdf] [doi] |
| [95] | To what extent can we analyze Kotlin programs using existing Java taint analysis tools? , In , IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), , 2022. Awarded: Best Paper Award (Engineering Track) [bib] [pdf] |
| [94] | Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++ , In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), pages 12–17, 2021. [bib] [pdf] |
| [93] | Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++ , In SCAM ’21: IEEE International Working Conference on Source Code Analysis and Manipulation (Engineering Track), 2021. [bib] [pdf] |
| [92] | SecuCheck: Engineering configurable taint analysis for software developers , In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), pages 24–29, 2021. [bib] [pdf] |
| [91] | IDE support for cloud-based static analyses , In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pages 1178–1189, 2021. [bib] [pdf] |
| [90] | Qualitative and Quantitative Analysis of Callgraph Algorithms for Python , In 2021 International Conference on Code Quality (ICCQ), pages 1-15, 2021. [bib] [pdf] [doi] |
| [89] | SootFX: A Static Code Feature Extraction Tool for Java and Android , In 2021 IEEE 21st International Working Conference on Source Code Analysis and Manipulation (SCAM), pages 181–186, 2021. [bib] [pdf] |
| [88] | CogniCrypt$_GEN$ – Generating Code for the Secure Usage of Crypto APIs , In International Symposium on Code Generation and Optimization (CGO), pages 185–198, 2020. [bib] [pdf] |
| [87] | Scenario-based specification of security protocols and transformation to security model checkers , In MoDELS ’20: ACM/IEEE 23rd International Conference on Model Driven Engineering Languages and Systems, Virtual Event, Canada, 18-23 October, 2020 (Eugene Syriani, Houari A. Sahraoui, Juan de Lara, Silvia Abrahão, eds.), pages 343–353, ACM, 2020. [bib] [pdf] [doi] |
| [86] | Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis , In International Conference for Software Engineering (ICSE), 2020. (To appear.) Awarded: Artifact Evaluation Award (Available, Reusable) [bib] [pdf] |
| [85] | PASAPTO: Policy-aware Security and Performance Trade-off Analysis – Computation on Encrypted Data with Restricted Leakage , In 2020 IEEE Computer Security Foundations Symposium (CSF), 2020. [bib] [pdf] |
| [84] | Computation on Encrypted Data using Dataflow Authentication , In Privacy Enhancing Technologies Symposium (PETS/PoPETS), 2020. [bib] [pdf] |
| [83] | Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems , In Advanced, Contemporary Control (Andrzej Bartoszewicz, Jacek Kabziński, Janusz Kacprzyk, eds.), pages 1458–1469, Springer International Publishing, 2020. [bib] [pdf] |
| [82] | PhASAR: An Inter-procedural Static Analysis Framework for C/C++ , In Tools and Algorithms for the Construction and Analysis of Systems (Tomás Vojnar, Lijun Zhang, eds.), pages 393–410, Springer International Publishing, 2019. [bib] [pdf] |
| [81] | Architectural Runtime Verification , In 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), pages 77-84, 2019. [bib] [pdf] [doi] |
| [80] | Codebase-Adaptive Detection of Security-Relevant Methods , In ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2019. Awarded: Artifact Evaluation Award [bib] [pdf] |
| [79] | The Impact of Developer Experience in Using Java Cryptography , In 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), pages 1-6, 2019. [bib] [pdf] [doi] |
| [78] | MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors , In European Conference on Object-Oriented Programming (ECOOP), 2019. [bib] [pdf] |
| [77] | ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware , In Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, pages 25–36, CODASPY ’19, Association for Computing Machinery, 2019. [bib] [pdf] [doi] |
| [76] | SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods , In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), Tool Demo Track, 2019. [bib] [pdf] |
| [75] | A Qualitative Analysis of Android Taint-Analysis Results , In IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), 2019. [bib] [pdf] |
| [74] | Do Android Taint Analysis Tools Keep Their Promises? , In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pages 331–341, ESEC/FSE 2018, Association for Computing Machinery, 2018. Awarded: ACM Distinguished Paper Award, Artifact Evaluation Award [bib] [pdf] [doi] |
| [73] | Gamifying Static Analysis , In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pages 714–718, ESEC/FSE 2018, ACM, 2018. [bib] [pdf] [doi] |
| [72] | Towards Ensuring Security by Design in Cyber-Physical Systems Engineering Processes , In International Conference on Software and System Processes (ICSSP), 2018. [bib] [pdf] |
| [71] | VISUFLOW, a Debugging Environment for Static Analyses , In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2018. [bib] [pdf] |
| [70] | Self-adaptive Static Analysis , In Proceedings of the 40th International Conference on Software Engineering: New Ideas and Emerging Results, pages 45–48, ICSE-NIER ’18, ACM, 2018. [bib] [pdf] [doi] |
| [69] | Model Checking the Information Flow Security of Real-Time Systems , In Engineering Secure Software and Systems (Mathias Payer, Awais Rashid, Jose M. Such, eds.), pages 27–43, Springer International Publishing, 2018. [bib] [pdf] |
| [68] | CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs , In European Conference on Object-Oriented Programming (ECOOP), pages 10:1–10:27, 2018. Awarded: Artifact Evaluation Award [bib] [pdf] |
| [67] | Explainable Static Analysis , In Software Engineering und Software Management 2018, Fachtagung des GI-Fachbereichs Softwaretechnik, SE 2018, 5.-9. März 2018, Ulm, Germany., pages 205–208, LNI, , 2018. [bib] [pdf] |
| [66] | Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation , In 2017 IEEE Symposium on Security and Privacy (Oakland S&P), IEEE Press, 2017. [bib] [pdf] |
| [65] | IDEal: Efficient and Precise Alias-aware Dataflow Analysis , In 2017 International Conference on Object-Oriented Programming, Languages and Applications (OOPSLA/SPLASH), ACM Press, 2017. Awarded: Artifact Evaluation Award [bib] [pdf] |
| [64] | The Soot-based Toolchain For Analyzing Android Apps , In IEEE/ACM International Conference on Mobile Software Engineering and Systems (MOBILESoft), ACM Press, 2017. (Invited Paper. To appear.) [bib] [pdf] |
| [63] | Just-in-time Static Analysis , In Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, pages 307–317, ISSTA 2017, ACM, 2017. Awarded: Distinguished Paper Award, Artifact Evaluation Award [bib] [pdf] [doi] |
| [62] | Cheetah: Just-in-Time Taint Analysis for Android Apps , In International Conference for Software Engineering (ICSE), Tool Demonstrations Track, 2017. [bib] [pdf] |
| [61] | CogniCrypt: Supporting Developers in using Cryptography , In International Conference on Automated Software Engineering (ASE 2017), Tool Demo Track, 2017. [bib] [pdf] |
| [60] | Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels , In Principles of Security and Trust: 5th International Conference, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, The Netherlands, April 2–8, 2016, Proceedings (Frank Piessens, Luca Viganò, eds.), pages 116–138, Springer Berlin Heidelberg, 2016. [bib] [pdf] [doi] |
| [59] | Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques , In Network and Distributed System Security Symposium (NDSS), 2016. [bib] [pdf] |
| [58] | Information Flow Analysis for Go , In Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques – 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part I, pages 431–445, 2016. [bib] [pdf] [doi] |
| [57] | StubDroid: Automatic Inference of Precise Data-flow Summaries for the Android Framework , In International Conference for Software Engineering (ICSE), 2016. [bib] [pdf] |
| [56] | Jumping Through Hoops: Why do Java Developers Struggle With Cryptography APIs? , In International Conference for Software Engineering (ICSE), pages 935–946, 2016. [bib] [pdf] |
| [55] | Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment , In 2016 49th Hawaii International Conference on System Sciences (HICSS), pages 3666–3675, 2016. [bib] [pdf] [doi] |
| [54] | Analyzing the Gadgets – Towards a Metric to Measure Gadget Quality , In International Symposium on Engineering Secure Software and Systems (ESSoS), 2016. (To appear.) Awarded: Artifact Evaluation Award [bib] [pdf] |
| [53] | Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java , In European Conference on Object-Oriented Programming (ECOOP), 2016. Awarded: Artifact Evaluation Award [bib] [pdf] |
| [52] | An In-Depth Study of More Than Ten Years of Java Exploitation , In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 779–790, CCS ’16, , 2016. [bib] [pdf] [doi] |
| [51] | How Current Android Malware Seeks to Evade Automated Code Analysis , In International Conference on Information Security Theory and Practice (WISTP’2015), 2015. [bib] [pdf] |
| [50] | Factors Impacting the Effort Required to Fix Security Vulnerabilities – An industrial Case Study , In Information Security Conference (ISC 2015), pages 102–119, Volume 9290 of Lecture Notes in Computer Science, Springer, 2015. [bib] [pdf] |
| [49] | DroidSearch: A Powerful Search Engine for Android Applications , In 2015 Science and Information Conference (SAI), 2015. [bib] [pdf] |
| [48] | jäk: Using Dynamic Analysis to Crawl and Test Modern Web Applications , In Research in Attacks, Intrusions, and Defenses (RAID), pages 295–316, Lecture Notes in Computer Science, Springer International Publishing, 2015. [bib] [pdf] |
| [47] | Dynamically Provisioning Isolation in Hierarchical Architectures , In Information Security (Javier Lopez, Chris J. Mitchell, eds.), pages 83–101, Volume 9290 of Lecture Notes in Computer Science, Springer International Publishing, 2015. Awarded: Best Student Paper Award [bib] [pdf] [doi] |
| [46] | Mining Apps for Abnormal Usage of Sensitive Data , In 2015 International Conference on Software Engineering (ICSE), pages 426–436, 2015. Awarded: Best paper award at the 2016 Spanish Cybersecurity Days (Jornadas Nacionales de Investigación en Ciberseguridad) [bib] [pdf] |
| [45] | IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , In 2015 International Conference on Software Engineering (ICSE), pages 280–291, 2015. [bib] [pdf] |
| [44] | (In)Security of Backend-as-a-Service , In blackhat europe 2015, 2015. [bib] [pdf] |
| [43] | Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysis With Unbounded Access Paths , In IEEE/ACM International Conference on Automated Software Engineering (ASE 2015), pages 619–629, 2015. [bib] [pdf] |
| [42] | Towards Secure Integration of Cryptographic Software , In 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), pages 1–13, Onward! 2015, ACM, 2015. [bib] [pdf] [doi] |
| [41] | Reviser: Efficiently Updating IDE-/IFDS-based Data-flow Analyses in Response to Incremental Program Changes , In Proceedings of the 36th International Conference on Software Engineering, pages 288–298, 2014. [bib] [pdf] |
| [40] | A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks , In 2014 Network and Distributed System Security Symposium (NDSS), 2014. [bib] [pdf] |
| [39] | Tracking Load-time Configuration Options , In IEEE/ACM International Conference on Automated Software Engineering (ASE 2014), pages 445–456, 2014. [bib] [pdf] [doi] |
| [38] | Zertifizierte Datensicherheit für mobile Anwendungen , In GI Sicherheit 2014, 2014. [bib] [pdf] |
| [37] | Variational Data Structures: Exploring Trade-Offs in Computing with Variability , In Onward! 2014, pages 213–226, 2014. [bib] [pdf] |
| [36] | FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps , In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 259–269, PLDI ’14, ACM, 2014. Awarded: Artifact Evaluation Award [bib] [pdf] [doi] |
| [35] | FlowTwist: Efficient Context-sensitive Inside-out Taint Analysis for Large Codebases , In Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pages 98–108, FSE 2014, ACM, 2014. [bib] [pdf] |
| [34] | DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android , In International Conference on Availability, Reliability and Security (ARES 2014), pages 40–49, IEEE, 2014. [bib] [pdf] |
| [33] | Effective Inter-Component Communication Mapping in Android with Epicc: An Essential Step Towards Holistic Security Analysis , In USENIX Security Symposium 2013, 2013. [bib] [pdf] |
| [32] | SPLLIFT: statically analyzing software product lines in minutes instead of years , In Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation (PLDI), pages 355–364, 2013. [bib] [pdf] |
| [31] | Distributed Finite-State Runtime Monitoring with Aggregated Events , In Runtime Verification (Axel Legay, Saddek Bensalem, eds.), pages 94–111, Volume 8174 of Lecture Notes in Computer Science, Springer Berlin Heidelberg, 2013. [bib] [pdf] [doi] |
| [30] | Reducing human factors in software security architectures , In Future Security Conference 2013, pages 275–285, 2013. [bib] [pdf] |
| [29] | How useful are existing monitoring languages for securing Android apps? , In ATPS, pages 107–122, Volume P-215 of GI Lecture Notes in Informatics, Gesellschaft für Informatik, 2013. [bib] [pdf] |
| [28] | Challenges for Refinement and Composition of Instrumentations (Position Paper) , In International Conference on Software Composition (SC 2012) (Thomas Gschwind, Flavio Paoli, Volker Gruhn, Matthias Book, eds.), pages 86-96, Lecture Notes in Computer Science, Springer Berlin Heidelberg, 2012. [bib] [pdf] [doi] |
| [27] | RefaFlex: Safer Refactorings for Reflective Java Programs , In International Symposium on Software Testing and Analysis (ISSTA 2012), pages 1–14, 2012. Awarded: SIGSOFT Distinguished Paper Award [bib] [pdf] |
| [26] | Delta-oriented Monitor Specification , In 5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2012), pages 162–177, Springer, 2012. [bib] [pdf] |
| [25] | Challenges in defining a programming language for provably correct dynamic analyses , In 5th International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2012), pages 4–18, Springer, 2012. [bib] [pdf] |
| [24] | Dynamic Anomaly Detection for More Trustworthy Outsourced Computation in Hybrid Clouds , In Information Security Conference (ISC 2012), pages 168–187, Volume 7483 of LNCS, Springer, 2012. [bib] [pdf] |
| [23] | MOPBox: A Library Approach to Runtime Verification , In Runtime Verification, pages 365–369, Volume 7186 of LNCS, Springer, 2012. [bib] [pdf] |
| [22] | Join Point Interfaces for Modular Reasoning in Aspect-Oriented Programs , In ESEC/FSE ’11: Joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, pages 508–511, 2011. [bib] [pdf] |
| [21] | Taming Reflection: Aiding Static Analysis in the Presence of Reflection and Custom Class Loaders , In ICSE ’11: International Conference on Software Engineering, pages 241–250, ACM, 2011. [bib] [pdf] |
| [20] | Stateful Breakpoints: A Practical Approach to Defining Parameterized Runtime Monitors , In ESEC/FSE ’11: Joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, pages 492–495, 2011. [bib] [pdf] |
| [19] | Closure Joinpoints: Block joinpoints without surprises , In AOSD ’11: Proceedings of the 10th International Conference on Aspect-oriented Software Development, pages 117–128, ACM, 2011. [bib] [pdf] |
| [18] | Reducing Configurations to Monitor in a Software Product Line , In 1st International Conference on Runtime Verification (RV), pages 285–299, Volume 6418 of LNCS, Springer, 2010. [bib] [pdf] |
| [17] | Clara: a Framework for Statically Evaluating Finite-state Runtime Monitors , In 1st International Conference on Runtime Verification (RV), pages 74–88, Volume 6418 of LNCS, Springer, 2010. [bib] [pdf] |
| [16] | Clara: Partially Evaluating Runtime Monitors at Compile Time , In 1st International Conference on Runtime Verification (RV), pages 183–197, Volume 6418 of LNCS, Springer, 2010. (Tutorial) [bib] [pdf] |
| [15] | Effective API Navigation and Reuse , In International Conference on Information Reuse and Integration (IEEE IRI), pages 7–12, IEEE, 2010. [bib] [pdf] [doi] |
| [14] | Efficient Hybrid Typestate Analysis by Determining Continuation-Equivalent States , In ICSE ’10: International Conference on Software Engineering, pages 5–14, ACM, 2010. [bib] [pdf] |
| [13] | Dependent advice: A general approach to optimizing history-based aspects , In AOSD ’09: Proceedings of the 8th international conference on Aspect-oriented software development, pages 3–14, ACM, 2009. [bib] [pdf] |
| [12] | Racer: Effective Race Detection Using AspectJ , In International Symposium on Software Testing and Analysis (ISSTA 2008), Seattle, WA, pages 155–165, ACM, 2008. Awarded: SIGSOFT Distinguished Paper Award [bib] [pdf] |
| [11] | Finding programming errors earlier by evaluating runtime monitors ahead-of-time , In 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (SIGSOFT’08/FSE-16), pages 36–47, ACM, 2008. [bib] [pdf] [doi] |
| [10] | Object representatives: a uniform abstraction for pointer information , In Visions of Computer Science – International Academic Conference of the British Computer Society (BCS 2008), London, United Kingdom, 2008. [bib] [pdf] |
| [9] | Relational aspects as tracematches , In AOSD ’08: Proceedings of the 7th international conference on Aspect-oriented software development, pages 84–95, ACM, 2008. [bib] [pdf] [doi] |
| [8] | The design and implementation of formal monitoring techniques , In OOPSLA ’07: Companion of the 22nd annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications, 2007. (Doctoral Symposium) [bib] [pdf] |
| [7] | Domain-Specific Modelling with AToM-3 , In Second International Conference on Software and Data Technologies (ICSOFT). Special Session on Metamodelling — Utilization in Software Engineering (MUSE), pages 305 — 314, INSTICC Press, 2007. [bib] [pdf] |
| [6] | The design and implementation of formal monitoring techniques , In Doctoral Symposium at the 21st European Conference on Object-Oriented Programming, Berlin, Germany, 2007. [bib] [pdf] |
| [5] | A Staged Static Program Analysis to Improve the Performance of Runtime Monitoring , In ECOOP (Erik Ernst, ed.), pages 525–549, Volume 4609 of Lecture Notes in Computer Science, Springer, 2007. [bib] [pdf] |
| [4] | Transforming Timeline specifications into automata for runtime monitoring , In 3rd International Symposium on Applications of Graph Transformations with Industrial Relevance (AGTIVE), pages 249–265, Volume 5088 of Lecture Notes of Computer Science, Springer, 2007. [bib] [pdf] |
| [3] | Avoiding Infinite Recursion with Stratified Aspects , In GI-Edition Lecture Notes in Informatics “NODe 2006 GSEM 2006” (Robert Hirschfeld, Andreas Polze, Ryszard Kowalczyk, eds.), pages 49 — 64, Bonner Köllen Verlag, 2006. [bib] [pdf] |
| [2] | Aspects and Data Refinement , In Mathematics of Program Construction (MPC) (Tarmo Uustalu, ed.), Lecture Notes in Computer Science, Springer, 2006. [bib] [pdf] |
| [1] | Aspects for Trace Monitoring , In Formal Approaches to Testing Systems and Runtime Verification (FATES/RV) (Klaus Havelund, Manuel Nunez, Grigore Rosu, Burkhart Wolff, eds.), pages 20–39, Volume 4262 of Lecture Notes in Computer Science, Springer, 2006. [bib] [pdf] |
Refereed Workshop Papers
| [30] | Detecting Security-Relevant Methods using Multi-label Machine Learning , In Proceedings of the 46th International Conference on Software Engineering, IDE Workshop, 2024. (accepted) [bib] |
| [29] | Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth , In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 379-385, 2023. [bib] [doi] |
| [28] | Automated Cell Header Generator for Jupyter Notebooks , In International Workshop on AI and Software Testing/Analysis (AISTA), 2021. (To appear.) [bib] [pdf] |
| [27] | AuthCheck: Program-state Analysis for Access-control Vulnerabilities , In 10th Workshop on Tools for Automatic Program Analysis (TAPAS), 2019. [bib] [pdf] |
| [26] | Explaining Static Analysis — A Perspective , In 1st International Workshop on Explainable Software (EXPLAIN) at ASE, 2019. [bib] [pdf] |
| [25] | SootDiff: Bytecode Comparison across Different Java Compilers , In Proceedings of the 8th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, pages 14–19, SOAP 2019, Association for Computing Machinery, 2019. [bib] [pdf] [doi] |
| [24] | The Secret Sauce in Efficient and Precise Static Analysis: The Beauty of Distributive, Summary-based Static Analyses (and How to Master Them) , In ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2018), pages 85–93, ISSTA ’18, ACM, 2018. [bib] [pdf] [doi] |
| [23] | PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution , In International Workshop on Security and Trust Management (STM), pages 212–228, 2016. [bib] [pdf] |
| [22] | Towards Cross-Platform Cross-Language Analysis with Soot , In Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, pages 1–6, SOAP 2016, , 2016. [bib] [pdf] |
| [21] | Toward an Automated Benchmark Management System , In Proceedings of the 5th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, pages 13–17, SOAP 2016, , 2016. [bib] [pdf] |
| [20] | Don’t let data Go astray—A Context-Sensitive Taint Analysis for Concurrent Programs in Go , In Nordic Workshop on Programming Theory (NWPT’16), 2016. [bib] [pdf] |
| [19] | Using Targeted Symbolic Execution for Reducing False-positives in Dataflow Analysis , In Proceedings of the 4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, pages 1–6, SOAP 2015, , 2015. [bib] [pdf] [doi] |
| [18] | TS4J: A Fluent Interface for Defining and Computing Typestate Analyses , In 3rd ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2014), 2014. [bib] [pdf] |
| [17] | Denial-of-App Attack: Inhibiting the Installation of Android Apps on Stock Phones , In Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones &\38; Mobile Devices, pages 21–26, SPSM ’14, ACM, 2014. [bib] [pdf] [doi] |
| [16] | InvokeDynamic support in Soot , In 1st ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2012), pages 51–55, 2012. [bib] [pdf] [doi] |
| [15] | Inter-procedural Data-flow Analysis with IFDS/IDE and Soot , In 1st ACM SIGPLAN International Workshop on the State Of the Art in Java Program Analysis (SOAP 2012), pages 3–8, 2012. [bib] [pdf] [doi] |
| [14] | Position Paper: Static Flow-Sensitive & Context-Sensitive Information-flow Analysis for Software Product Lines , In ACM SIGPLAN Seventh Workshop on Programming Languages and Analysis for Security (PLAS 2012), pages 6:1–6:6, 2012. [bib] [pdf] [doi] |
| [13] | Towards Typesafe Weaving for Modular Reasoning in Aspect-Oriented Programs , In FOAL ’12: International Workshop on the Foundations of Aspect-Oriented Languages, 2012. (Keynote abstract.) [bib] [pdf] |
| [12] | The Soot framework for Java program analysis: a retrospective , In Cetus Users and Compiler Infrastructure Workshop (CETUS 2011), 2011. [bib] [pdf] |
| [11] | Continuation equivalence: a Correctness Criterion for Static Optimizations of Dynamic Analyses , In WODA ’11: International Workshop on Dynamic Analysis, pages 24–28, ACM, 2011. [bib] [pdf] |
| [10] | IDE 2.0: Collective Intelligence in Software Development , In FSE/SDP Workshop on the Future of Software Engineering, pages 53–58, ACM, 2010. [bib] [pdf] |
| [9] | Specifying and Exploiting Advice-Execution Ordering using Dependency State Machines , In International Workshop on the Foundations of Aspect-Oriented Languages (FOAL), 2010. [bib] [pdf] |
| [8] | Collaborative runtime verification with tracematches , In 7th workshop on Runtime Verification at the 6th International Conference on Aspect-Oriented Software Development, Vancouver, Canada, pages 22–37, Volume 4839 of LNCS, Springer, 2007. [bib] [pdf] |
| [7] | Tracechecks: Defining Semantic Interfaces with Temporal Logic , In Software Composition (Welf Löwe, Mario Südholt, eds.), pages 147–162, Volume 4089 of Lecture Notes in Computer Science, Springer, 2006. [bib] [pdf] |
| [6] | Efficient temporal pointcuts through dynamic advice deployment , In Workshop on Open Aspect Languages, Bonn, Germany, 2006. [bib] [pdf] |
| [5] | Concern specific languages and their implementation with abc , In 3rd Workshop on Software-engineering Properties of Languages and Aspect Technologies (SPLAT) at the 4th International Conference on Aspect-oriented Software Development, March 15th 2005, Chicago, USA, 2005. [bib] [pdf] |
| [4] | Temporal Assertions using AspectJ , In 5th Workshop on Runtime Verification, pages 109–124, 144(4) of Electronic Notes in Theoretical Computer Science, Elsevier, 2005. [bib] [pdf] |
| [3] | Efficient and Expressive Runtime Verification for Java , In Grand Finals of the ACM Student Research Competition 2005, 2005. Awarded: Winner paper of the Grand Finals [bib] [pdf] |
| [2] | A lightweight LTL runtime verification tool for Java , In Companion to the 19th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2004, October 24-28, 2004, Vancouver, BC, Canada, pages 306–307, ACM, 2004. (ACM Student Research Competition) [bib] [pdf] |
| [1] | A high-level view of Java applications , In OOPSLA ’03: Companion of the 18th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications, pages 384–385, ACM Press, 2003. (ACM Student Research Competition) [bib] [pdf] [doi] |
Other Publications
| [41] | Codebase-Adaptive Detection of Security-Relevant Methods , Technical report tr-ri-19-356, Heinz Nixdorf Institut, 2019. [bib] |
| [40] | Self-adaptive static analysis , Technical report arXiv:1710.07430, arXiv.org, 2017. [bib] [pdf] |
| [39] | CrySL: Validating Correct Usage of Cryptographic APIs , Technical report arXiv:1710.00564, arXiv.org, 2017. [bib] [pdf] |
| [38] | Just-in-Time Static Analysis , Technical report, University of Alberta Dataverse, 2016. [bib] [pdf] [doi] |
| [37] | Sicherheitsanalyse TrueCrypt , Technical report, Bundesamt für Sicherheit in der Informationstechnik, 2015. [bib] [pdf] |
| [36] | Security Analysis of TrueCrypt , Technical report, Federal Office for Information Security, 2015. [bib] [pdf] |
| [35] | Time for Addressing Software Security Issues: Prediction Models and Impacting Factors , Technical report TUD-CS-2015-1268, EC SPRIDE, 2015. [bib] |
| [34] | Toward a Just-in-Time Static Analysis , Technical report TUD-CS-2015-1167, EC SPRIDE, 2015. [bib] [pdf] |
| [33] | An Investigation of the Android/BadAccents Malware which Exploits a new Android Tapjacking Attack , Technical report TUD-CS-2015-0065, EC SPRIDE, 2015. [bib] [pdf] |
| [32] | Harvesting Runtime Data in Android Applications for Identifying Malware and Enhancing Code Analysis , Technical report TUD-CS-2015-0031, EC SPRIDE, 2015. [bib] [pdf] |
| [31] | A Brief Tour of Join Point Interfaces , pages 19–22, International Conference on Aspect-oriented Programming (AOSD), demo track, 2013. [bib] [pdf] |
| [30] | SuSi: A Tool for the Fully Automated Classification and Categorization of Android Sources and Sinks , Technical report TUD-CS-2013-0114, EC SPRIDE, 2013. [bib] [pdf] |
| [29] | Efficiently updating IDE-based data-flow analyses in response to incremental program changes , Technical report TUD-CS-2013-0253, EC SPRIDE, 2013. [bib] [pdf] |
| [28] | Highly Precise Taint Analysis for Android Applications , Technical report TUD-CS-2013-0113, EC SPRIDE, 2013. [bib] [pdf] |
| [27] | Transparent and Efficient Reuse of IFDS-based Static Program Analyses for Software Product Lines , Technical report TUD-CS-2012-0239, EC SPRIDE, Technische Universität Darmstadt, 2012. [bib] [pdf] |
| [26] | Safe and Practical Decoupling of Aspects with Join Point Interfaces , Technical report TUD-CS-2012-0106, CASED, 2012. [bib] [pdf] |
| [25] | Identifying meaningless parameterized linear-temporal-logic formulas , Technical report TUD-CS-2012-0014, CASED, 2012. [bib] [pdf] |
| [24] | On the Expressiveness of Parameterized Finite-state Runtime Monitors , Technical report TUD-CS-2012-0013, CASED, 2012. [bib] [pdf] |
| [23] | Modular Reasoning with Join Point Interfaces , Technical report TUD-CS-2011-0272, CASED, 2011. [bib] [pdf] |
| [22] | Defining Access Control Policies as Tracematches , Technical report TUD-CS-2011-0149, CASED, 2011. [bib] [pdf] |
| [21] | Taming Reflection: Static Analysis in the Presence of Reflection and Custom Class Loaders , Technical report TUD-CS-2010-0066, CASED, 2010. [bib] [pdf] |
| [20] | Sicher fahren: Absicherung moderner Fahrzeugsoftware , Forschen, Technische Universität Darmstadt, 2010. [bib] [pdf] |
| [19] | Clara: a framework for implementing hybrid typestate analyses , Technical report Clara-2, https://www.bodden.de/clara/, 2009. [bib] [pdf] |
| [18] | Efficient and Precise Typestate Analysis by Determining Continuation-Equivalent States , Technical report Clara-1, https://www.bodden.de/clara/, 2009. [bib] [pdf] |
| [17] | Transforming Timeline specifications into automata for runtime monitoring , Technical report SABLE-TR-2008-1, Sable Research Group, School of Computer Science, McGill University, 2008. [bib] [pdf] |
| [16] | Dependent advice: A general approach to optimizing history-based aspects (extended version) , Technical report abc-2008-2, https://www.aspectbench.org/, 2008. [bib] [pdf] |
| [15] | Relational Aspects as Tracematches , Technical report abc-2007-4, https://www.aspectbench.org/, 2007. [bib] [pdf] |
| [14] | Instance keys: A technique for sharpening whole-program pointer analyses with intraprocedural information , Technical report SABLE-TR-2007-8, Sable Research Group, School of Computer Science, McGill University, 2007. [bib] [pdf] |
| [13] | Flow-sensitive static optimizations for runtime monitoring , Technical report abc-2007-3, https://www.aspectbench.org/, 2007. [bib] [pdf] |
| [12] | Arithmetic Coding revealed – A guided tour from theory to praxis , Technical report 2007-5, Sable Research Group, McGill University, 2007. [bib] [pdf] |
| [11] | A staged static program analysis to improve the performance of runtime monitoring (extended version) , Technical report abc-2007-2, https://www.aspectbench.org/, 2007. [bib] [pdf] |
| [10] | Efficient runtime monitoring through static analysis , Poster, 21st European Conference on Object-Oriented Programming, July 30th 2007, Berlin, Germany, 2007. [bib] |
| [9] | Efficient runtime monitoring through static analysis , Poster, 6th International Conference on Aspect-Oriented Software Development, March 12th-16th 2007, Vancouver, BC, Canada, 2007. [bib] |
| [8] | abc: How to implement your own tools for AOP research , Tutorial, 5th International Conference on Aspect-oriented Software Development, March 20th-24th 2006, Bonn, Germany, 2006. [bib] |
| [7] | Efficient Trace Monitoring , Technical report abc-2006-1, https://www.aspectbench.org/, 2006. [bib] [pdf] |
| [6] | A staged static program analysis to improve the performance of runtime monitoring , Technical report abc-2006-4, https://www.aspectbench.org/, 2006. [bib] [pdf] |
| [5] | More Efficient Runtime Monitors Through Static Analysis , Poster, ACM SIGPLAN 2006 Conference on Programming Language Design and Implementation, Ottawa, ON, Canada, 2006. [bib] |
| [4] | Efficient trace monitoring , Poster with abstract, pages 685–686, ACM Press, 2006. [bib] [pdf] [doi] |
| [3] | Temporal Assertions using AspectJ , Poster, 4th International Conference on Aspect-oriented Software Development, March 14th-18th 2005, Chicago, IL, USA, 2006. [bib] |
| [2] | Zweigstelle, Hauptstelle, Dienstleister: Aspektorientierte Programmierung mit .NET , ObjektSPEKTRUM, SIGS-DATACOM, 2006. [bib] [pdf] |
| [1] | Implementing concern-specific languages with abc , Seminar on Aspect-oriented Programming, Prof. Friedrich Steimann, Hannover University, 2005. [bib] [pdf] |
Powered by bibtexbrowser
