Eric Bodden
#31,472
Most Influential Person Now
German university teacher
Eric Bodden's AcademicInfluence.com Rankings
Eric Boddencomputer-science Degrees
Computer Science
#1564
World Rank
#1619
Historical Rank
Software Engineering
#102
World Rank
#102
Historical Rank
Algorithms
#433
World Rank
#438
Historical Rank
Database
#6055
World Rank
#6278
Historical Rank
Download Badge
Computer Science
Why Is Eric Bodden Influential?
(Suggest an Edit or Addition)According to Wikipedia, Eric Bodden is a German computer scientist. He holds the Chair of Secure Software Engineering at the Heinz Nixdorf Institute of the Paderborn University and is Director of Software Engineering and IT Security at the Fraunhofer Institute for Mechatronic Design . He is also head of the engineering department in the Collaborative Research Centre 1119 CROSSING at the Technical University of Darmstadt.
Eric Bodden's Published Works
Number of citations in a given year to any of this author's works
Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author
Published Works
- FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps (2014) (1784)
- IccTA: Detecting Inter-Component Privacy Leaks in Android Apps (2015) (559)
- Effective inter-component communication mapping in Android with Epicc: an essential step towards holistic security analysis (2013) (354)
- The Soot framework for Java program analysis: a retrospective (2011) (351)
- A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks (2014) (319)
- Mining Apps for Abnormal Usage of Sensitive Data (2015) (251)
- Taming reflection: Aiding static analysis in the presence of reflection and custom class loaders (2011) (241)
- Automated API Property Inference Techniques (2013) (197)
- "Jumping Through Hoops": Why do Java Developers Struggle with Cryptography APIs? (2016) (194)
- Temporal Assertions using AspectJ (2006) (192)
- Harvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques (2016) (133)
- A Staged Static Program Analysis to Improve the Performance of Runtime Monitoring (2007) (132)
- Effective Inter-Component Communication Mapping in Android: An Essential Step Towards Holistic Security Analysis (2013) (130)
- Inter-procedural data-flow analysis with IFDS/IDE and Soot (2012) (116)
- SPLLIFT: statically analyzing software product lines in minutes instead of years (2013) (111)
- Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java (2016) (102)
- Highly precise taint analysis for Android applications (2013) (100)
- Racer: effective race detection using aspectj (2008) (98)
- Finding programming errors earlier by evaluating runtime monitors ahead-of-time (2008) (95)
- CogniCrypt: Supporting developers in using cryptography (2017) (87)
- Efficient hybrid typestate analysis by determining continuation-equivalent states (2010) (85)
- CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs (2018) (81)
- Collaborative Runtime Verification with Tracematches (2007) (81)
- I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis (2014) (79)
- DroidForce: Enforcing Complex, Data-centric, System-wide Policies in Android (2014) (76)
- StubDroid: Automatic Inference of Precise Data-Flow Summaries for the Android Framework (2016) (70)
- Do Android taint analysis tools keep their promises? (2018) (64)
- Arithmetic Coding revealed A guided tour from theory to praxis. (2004) (61)
- SuSi: A Tool for the Fully Automated Classification and Categorization of Android Sources and Sinks (2013) (60)
- Reviser: efficiently updating IDE-/IFDS-based data-flow analyses in response to incremental program changes (2014) (60)
- Clara: A Framework for Partially Evaluating Finite-State Runtime Monitors Ahead of Time (2010) (59)
- Tracking Load-Time Configuration Options (2014) (56)
- Context-, flow-, and field-sensitive data-flow analysis using synchronized Pushdown systems (2018) (54)
- Just-in-time static analysis (2016) (50)
- Reducing Configurations to Monitor in a Software Product Line (2010) (49)
- PhASAR: An Inter-procedural Static Analysis Framework for C/C++ (2019) (46)
- Variational Data Structures: Exploring Tradeoffs in Computing with Variability (2014) (46)
- Join point interfaces for safe and flexible decoupling of aspects (2014) (43)
- Dependent advice: a general approach to optimizing history-based aspects (2009) (41)
- Instrumenting Android and Java Applications as Easy as abc (2013) (40)
- Aspect-Oriented Race Detection in Java (2010) (34)
- Avoiding Infinite Recursion with Stratified Aspects (2006) (34)
- Closure joinpoints: block joinpoints without surprises (2011) (33)
- jÄk: Using Dynamic Analysis to Crawl and Test Modern Web Applications (2015) (33)
- Access-Path Abstraction: Scaling Field-Sensitive Data-Flow Analysis with Unbounded Access Paths (T) (2015) (32)
- Join point interfaces for modular reasoning in aspect-oriented programs (2011) (32)
- FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases (2014) (32)
- Towards secure integration of cryptographic software (2015) (31)
- Aspects for Trace Monitoring (2006) (30)
- IDE 2.0: collective intelligence in software development (2010) (30)
- Incorporating attacker capabilities in risk estimation and mitigation (2015) (29)
- An In-Depth Study of More Than Ten Years of Java Exploitation (2016) (29)
- The Clara framework for hybrid typestate analysis (2012) (28)
- Efficient trace monitoring (2006) (28)
- How Current Android Malware Seeks to Evade Automated Code Analysis (2015) (27)
- IDEal: efficient and precise alias-aware dataflow analysis (2017) (26)
- A lightweight LTL runtime verification tool for java (2004) (26)
- Tracechecks: Defining Semantic Interfaces with Temporal Logic (2006) (23)
- MOPBox: A Library Approach to Runtime Verification - (Tool Demonstration) (2011) (23)
- Towards ensuring security by design in cyber-physical systems engineering processes (2018) (22)
- Effective API navigation and reuse (2010) (22)
- Time for Addressing Software Security Issues: Prediction Models and Impacting Factors (2017) (22)
- Harvesting Runtime Data in Android Applications for Identifying Malware and Enhancing Code Analysis (2015) (20)
- Using targeted symbolic execution for reducing false-positives in dataflow analysis (2015) (20)
- Partially Evaluating Finite-State Runtime Monitors Ahead of Time (2012) (20)
- Verifying finite-state properties of large-scale programs (2009) (20)
- Object representatives: a uniform abstraction for pointer information (2008) (19)
- Domain-Specific Modelling With Atom3 (2007) (19)
- DroidSearch: A tool for scaling Android app triage to real-world app stores (2015) (18)
- Clara: a Framework for Statically Evaluating Finite-state Runtime Monitors (2010) (18)
- ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware (2019) (18)
- Likelihood of Threats to Connected Vehicles (2014) (18)
- Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality (2016) (16)
- The secret sauce in efficient and precise static analysis: the beauty of distributive, summary-based static analyses (and how to master them) (2018) (16)
- Relational aspects as tracematches (2008) (16)
- Clara: Partially Evaluating Runtime Monitors at Compile Time - Tutorial Supplement (2010) (15)
- Investigating Users' Reaction to Fine-Grained Data Requests: A Market Experiment (2016) (15)
- PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution (2016) (15)
- The Soot-Based Toolchain for Analyzing Android Apps (2017) (15)
- Factors Impacting the Effort Required to Fix Security Vulnerabilities - An Industrial Case Study (2015) (15)
- TS4J: a fluent interface for defining and computing typestate analyses (2014) (14)
- Model Checking the Information Flow Security of Real-Time Systems (2018) (13)
- The Impact of Developer Experience in Using Java Cryptography (2019) (13)
- Stateful breakpoints: a practical approach to defining parameterized runtime monitors (2011) (12)
- An Investigation of the Android/BadAccents Malware which Exploits a new Android Tapjacking Attack (2015) (12)
- Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation (2017) (11)
- A systematic literature review of model-driven security engineering for cyber-physical systems (2020) (11)
- MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors (Tool Insights Paper) (2019) (11)
- A Qualitative Analysis of Android Taint-Analysis Results (2019) (11)
- Cheetah: Just-in-Time Taint Analysis for Android Apps (2017) (10)
- How Useful Are Existing Monitoring Languages for Securing Android Apps? (2013) (10)
- RefaFlex: safer refactorings for reflective Java programs (2012) (10)
- Position Paper : Static Flow-Sensitive & Context-Sensitive Information-flow Analysis for Software Product Lines ∗ (2012) (10)
- Concern specific languages and their implementation with abc (2005) (10)
- Codebase-adaptive detection of security-relevant methods (2019) (10)
- Computation on Encrypted Data using Dataflow Authentication (2017) (10)
- ROPocop - Dynamic Mitigation of Code-Reuse Attacks (2015) (10)
- Static flow-sensitive & context-sensitive information-flow analysis for software product lines: position paper (2012) (9)
- InvokeDynamic support in Soot (2012) (9)
- Debugging Static Analysis (2018) (9)
- Efficient and Expressive Runtime Verification for Java (2005) (9)
- CogniCryptGEN: generating code for the secure usage of crypto APIs (2020) (9)
- CrySL: Validating Correct Usage of Cryptographic APIs (2017) (8)
- Toward an automated benchmark management system (2016) (8)
- Towards cross-platform cross-language analysis with soot (2016) (8)
- A large-scale study of usability criteria addressed by static analysis tools (2022) (8)
- Gamifying static analysis (2018) (8)
- Self-Adaptive Static Analysis (2017) (8)
- Denial-of-App Attack: Inhibiting the Installation of Android Apps on Stock Phones (2014) (8)
- Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering (2017) (7)
- Instance keys: A technique for sharpening whole-program pointer analyses with intraprocedural information (2007) (7)
- Transactions on Aspect-Oriented Software Development XI (2014) (7)
- VisuFlow: A Debugging Environment for Static Analyses (2018) (7)
- TaintBench: Automatic real-world malware benchmarking of Android taint analyses (2021) (6)
- Easily instrumenting android applications for security purposes (2013) (6)
- Challenges for Refinement and Composition of Instrumentations: Position Paper (2012) (6)
- A brief tour of join point interfaces (2013) (6)
- State of the Systems Security (2018) (5)
- Efficient temporal pointcuts through dynamic advice deployment (2006) (5)
- The design and implementation of formal monitoring techniques (2007) (5)
- Flow-sensitive static optimizations for runtime monitors (2007) (5)
- Information Flow Analysis for Go (2016) (5)
- Modular Reasoning with Join Point Interfaces (2011) (5)
- Heaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis (2020) (5)
- SootDiff: bytecode comparison across different Java compilers (2019) (5)
- A Safe and Practical Decoupling of Aspects with Join Point Interfaces (2012) (5)
- JAnalyzer, A Visual Static Analyzer for Java (2003) (5)
- Dynamically Provisioning Isolation in Hierarchical Architectures (2015) (5)
- Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (2021) (5)
- Explaining Static Analysis - A Perspective (2019) (5)
- Dynamic Anomaly Detection for More Trustworthy Outsourced Computation (2012) (4)
- A high-level view of Java applications (2003) (4)
- Explaining Static Analysis With Rule Graphs (2020) (4)
- Towards a Comprehensive Model of Isolation for Mitigating Illicit Channels (2016) (4)
- Reducing human factors in software security architectures (2013) (4)
- Continuation equivalence: a correctness criterion for static optimizations of dynamic analyses (2011) (3)
- Dealing with Variability in API Misuse Specification (2021) (3)
- ModGuard : Identifying Integrity & Confidentiality Violations in Java Modules (2021) (3)
- Just-inTime Static Analysis (2016) (3)
- Qualitative and Quantitative Analysis of Callgraph Algorithms for Python (2021) (3)
- Entwicklung sicherer Software durch Security by Design (2013) (3)
- Specifying and Exploiting Advice-Execution Ordering using Dependency State Machines (2010) (3)
- SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods (2019) (3)
- IDE support for cloud-based static analyses (2021) (2)
- Explainable Static Analysis (2018) (2)
- An In-depth Study of Java Deserialization Remote-Code Execution Exploits and Vulnerabilities (2022) (2)
- Boomerang: Demand-Driven Flow-Sensitive, Field-Sensitive, and Context-Sensitive Pointer Analysis (2016) (2)
- SecuCheck: Engineering configurable taint analysis for software developers (2021) (2)
- Efficient and Precise Typestate Analysis by Determining Continuation-Equivalent States (2009) (2)
- Fluently specifying taint-flow queries with fluentTQL (2022) (2)
- Security-Oriented Fault-Tolerance in Systems Engineering: A Conceptual Threat Modelling Approach for Cyber-Physical Production Systems (2020) (2)
- Lossless, Persisted Summarization of Static Callgraph, Points-To and Data-Flow Analysis (2021) (2)
- Challenges in Defining a Programming Language for Provably Correct Dynamic Analyses (2012) (2)
- Using Abstract Contracts for Verifying Evolving Features and Their Interactions (2020) (2)
- Engineering Secure Software and Systems: 10th International Symposium, ESSoS 2018, Paris, France, June 26-27, 2018, Proceedings (2018) (2)
- Scenario-based specification of security protocols and transformation to security model checkers (2020) (2)
- Transforming Timeline Specifications into Automata for Runtime Monitoring (2008) (2)
- Static Analysis Techniques for Evaluating Runtime Monitoring Properties Ahead-of-Time (2007) (2)
- What Has Artifact Evaluation Ever Done for Us? (2022) (1)
- Toward a Just-inTime Static Analysis (2015) (1)
- DOMAIN-SPECIFIC MODELLING WITH ATOM (2018) (1)
- Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java (Artifact) (2016) (1)
- AuthCheck: Program-State Analysis for Access-Control Vulnerabilities (2019) (1)
- Project Report: Efficient Java bytecode verification by the means of proof-carrying code (2006) (1)
- Aspects and Data Refinement (2006) (1)
- CamBench - Cryptographic API Misuse Detection Tool Benchmark Suite (2022) (1)
- Architectural Runtime Verification (2019) (1)
- PASAPTO: Policy-aware Security and Performance Trade-off Analysis--Computation on Encrypted Data with Restricted Leakage (2020) (1)
- Proceedings of the Ninth International Workshop on Dynamic Analysis (2012) (1)
- Delta-Oriented Monitor Specification (2012) (1)
- Industrial Security by Design (2020) (1)
- Efficiently updating IDE-based data-flow analyses in response to incremental program changes (2013) (1)
- Distributed Finite-State Runtime Monitoring with Aggregated Events (2013) (1)
- Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program analysis, SOAP 2012, Beijing, China, June 14, 2012 (2012) (1)
- Know your analysis: how instrumentation aids understanding static analysis (2019) (1)
- Automated cell header generator for Jupyter notebooks (2021) (1)
- A Systematic Hardening of Java's Information Hiding (2021) (1)
- Toward a Just-in-Time Static Analysis (2015) (1)
- Reverse Engineering Android Apps With CodeInspect (invited paper) (2016) (1)
- abc: How to implement your own tools for AOP research (2006) (1)
- Connecting and Serving the Software Engineering Community (2016) (1)
- Into the Woods: Experiences from Building a Dataflow Analysis Framework for C/C++ (2021) (1)
- Session details: Bugs (2014) (0)
- SPL LIFT — Transparent and Efficient Reuse of IFDS-based Static Program Analyses for Software Product Lines (2013) (0)
- Are Machine Learning Models for Malware Detection Ready for Prime Time? (2023) (0)
- Using Architectural Runtime Verification for Offline Data Analysis (2021) (0)
- Reproducing Taint-Analysis Results with ReproDroid (2020) (0)
- Towards Development of Efficient Compression Techniques for Different Types of Source Data (2014) (0)
- The abc Group Flow-sensitive static optimizations for runtime monitors abc Technical Report No . abc-2007-3 (2007) (0)
- Proceedings of the 2012 Workshop on Dynamic Analysis (2012) (0)
- Software Composition (2013) (0)
- How far are German companies in improving security through static program analysis tools? (2022) (0)
- Replication Package for A Systematic Literature Review of Model-driven Security Engineering for Cyber-physical Systems (2020) (0)
- Identifying meaningless parameterized linear-temporal-logic formulas (2012) (0)
- Static data-flow analysis for software product lines in C (2022) (0)
- Static data-flow analysis for software product lines in C (2022) (0)
- Evaluation of Usability Criteria Addressed by Static Analysis Tools on a Large Scale (2023) (0)
- Enforcing Safety Properties in Product Lines (2010) (0)
- Industrial Security by Design: Nachverfolgbare Informationssicherheit für Cyber-Physische Produktionssysteme (2018) (0)
- Integrating Security Protocols in Scenario-based Requirements Specifications (2022) (0)
- Ensuring threat-model assumptions by using static code analyses (2021) (0)
- Security Analysis of TrueCryptpdfauthor (2015) (0)
- Abnormal sensitive data usage in android apps (2016) (0)
- App Mining (2017) (0)
- A systematic literature review ofmodel-driven security engineering for cyber–physical systems (2020) (0)
- Session details: Bugs (2014) (0)
- Modeling the Effects of Global Variables in Data-Flow Analysis for C/C++ (2021) (0)
- Time for Addressing Software Security Issues: Prediction Models and Impacting Factors (2016) (0)
- Object representatives : a uniform (2008) (0)
- The Clara framework for hybrid typestate analysis (2010) (0)
- Defining Access Control Policies as Tracematches (2011) (0)
- Session details: The meaning of programs (2014) (0)
- Transparent and Efficient Reuse of IFDS-based Static Program Analyses for Software Product Lines (2012) (0)
- DroidSearch: A Powerful Search Engine for Android Applications (2015) (0)
- Aspects and Data Refinement (Extended Abstract) (2006) (0)
- Session details: Specifying concerns (2011) (0)
- Implementing concern-specific languages with abc Seminar on Aspect-oriented programming (2005) (0)
- SootFX: A Static Code Feature Extraction Tool for Java and Android (2021) (0)
- Replication Package for Artifact (2019) (0)
- To what extent can we analyze Kotlin programs using existing Java taint analysis tools? (2022) (0)
- Enhancing Comprehension and Navigation in Jupyter Notebooks with Static Analysis (2023) (0)
- How to build the perfect Swiss army knife, and keep it sharp?: Challenges for the soot program-analysis framework in the light of past, current and future demands (2014) (0)
- Implementing concern-specific languages with abc (2005) (0)
- Session details: Implementing languages (2012) (0)
- Special Section on Runtime Verification and Analysis (2014) (0)
- Helping manage the concern of object cloning in Java programs (2007) (0)
- Workshop Program Committee ASSD 2015 (2015) (0)
- On the Expressiveness of Parameterized Finite-state Runtime Monitors (2012) (0)
- CogniCrypt_GEN - Generating Code for the Secure Use of Crypto APIs (Artefact) (2020) (0)
- ModGuard: Identifying Integrity & Confidentiality Violations in Java Modules (2021) (0)
- 25 Years in Application Security: Looking Back, Looking Forward (2022) (0)
- Towards typesafe weaving for modular reasoning in aspect-oriented programs (2012) (0)
- source Java source Scala source Java messages Error Graphs HTML source Java output TamiFlex (2011) (0)
- FUM - A Framework for API Usage constraint and Misuse Classification (2022) (0)
- Proceedings of the 8th International Symposium on Engineering Secure Software and Systems - Volume 9639 (2016) (0)
- RefaFlex: Safer Refactorings for Reflective Java Programs [forthcoming] (2012) (0)
- Proceedings of the 13th Workshop on Foundations of Aspect-Oriented Languages, FOAL 2014, April 22, 2014, Lugano, Switzerland (2014) (0)
- Don't let data Go astray - A Context-Sensitive Taint Analysis for Concurrent Programs in Go (2016) (0)
This paper list is powered by the following services:
Other Resources About Eric Bodden
What Schools Are Affiliated With Eric Bodden?
Eric Bodden is affiliated with the following schools:
