Christian Hammer

Proceedings of the 48th IEEE Annual Computers, Software, and Applications Conference, 2024

2023

Unifying Pointer Analyses for Polyglot Inter-operations through Summary Specialization.

[BibT_eX]

[DOI]

CoRR, 2023

Understanding the Impact of Fingerprinting in Android Hybrid Apps.

[BibT_eX]

[DOI]

Proceedings of the 10th IEEE/ACM International Conference on Mobile Software Engineering and Systems, 2023

Demand-driven Information Flow Analysis of WebView in Android Hybrid Apps.

[BibT_eX]

[DOI]

Proceedings of the 34th IEEE International Symposium on Software Reliability Engineering, 2023

Evaluating the Hardware Performance Counters of an Xtensa Virtual Prototype.

[BibT_eX]

[DOI]

Ernesto Cristopher Villegas Castillo

Sirine IIahi

Christian Sauer

Proceedings of the 26th International Symposium on Design and Diagnostics of Electronic Circuits and Systems, 2023

Detecting and Preventing ROP Attacks using Machine Learning on ARM.

[BibT_eX]

[DOI]

Chenpo Hu

Proceedings of the 47th IEEE Annual Computers, Software, and Applications Conference, 2023

IDS-MA: Intrusion Detection System for IoT MQTT Attacks Using Centralized and Federated Learning.

[BibT_eX]

[DOI]

Yaman Qendah

Proceedings of the 47th IEEE Annual Computers, Software, and Applications Conference, 2023

2022

Our fingerprints don't fade from the Apps we touch: Fingerprinting the Android WebView.

[BibT_eX]

[DOI]

CoRR, 2022

Detecting return-oriented programming on firmware-only embedded devices using hardware performance counters.

[BibT_eX]

[DOI]

Proceedings of the SAC '22: The 37th ACM/SIGAPP Symposium on Applied Computing, Virtual Event, April 25, 2022

2021

Permissive runtime information flow control in the presence of exceptions.

[BibT_eX]

[DOI]

J. Comput. Secur., 2021

Effects of Program Representation on Pointer Analyses - An Empirical Study.

[BibT_eX]

[DOI]

Proceedings of the Fundamental Approaches to Software Engineering, 2021

2020

A Large Scale Analysis of Android - Web Hybridization.

[BibT_eX]

[DOI]

J. Syst. Softw., 2020

Revealing injection vulnerabilities by leveraging existing tests.

[BibT_eX]

[DOI]

Katherine Hough

Jonathan Bell

Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

2019

PointEval: On the Impact of Pointer Analysis Frameworks.

[BibT_eX]

[DOI]

CoRR, 2019

IIFA: Modular Inter-app Intent Information Flow Analysis of Android Applications.

[BibT_eX]

[DOI]

Sascha Groß

Proceedings of the Security and Privacy in Communication Networks, 2019

LUDroid: A Large Scale Analysis of Android - Web Hybridization.

[BibT_eX]

[DOI]

Proceedings of the 19th International Working Conference on Source Code Analysis and Manipulation, 2019

Static security evaluation of an industrial web application.

[BibT_eX]

[DOI]

Max Schlüter

Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, 2019

Secure multi-execution in Android.

[BibT_eX]

[DOI]

Dhiman Chakraborty

Sven Bugiel

Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, 2019

2018

A Formal Logic Framework for the Automation of the Right to Be Forgotten.

[BibT_eX]

[DOI]

Fabian Bendun

Proceedings of the Security and Privacy in Communication Networks, 2018

PIAnalyzer: A Precise Approach for PendingIntent Vulnerability Analysis.

[BibT_eX]

[DOI]

Sascha Groß

Proceedings of the Computer Security, 2018

2017

ThiefTrap - An Anti-theft Framework for Android.

[BibT_eX]

[DOI]

Sascha Groß

Gebrehiwet Biyane Welearegai

Proceedings of the Security and Privacy in Communication Networks, 2017

Idea: Optimized Automatic Sanitizer Placement.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 9th International Symposium, 2017

WebPol: Fine-Grained Information Flow Policies for Web Browsers.

[BibT_eX]

[DOI]

Proceedings of the Computer Security - ESORICS 2017, 2017

2016

Implementation-level analysis of the JavaScript helios voting client.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual ACM Symposium on Applied Computing, 2016

R-Droid: Leveraging Android App Analysis with Static Slice Optimization.

[BibT_eX]

[DOI]

Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016

2015

Boxify: Full-fledged App Sandboxing for Stock Android.

[BibT_eX]

[DOI]

Proceedings of the 24th USENIX Security Symposium, 2015

Learning How to Prevent Return-Oriented Programming Efficiently.

[BibT_eX]

[DOI]

David Pfaff

Sebastian Hack

Proceedings of the Engineering Secure Software and Systems - 7th International Symposium, 2015

Information Flow Control for Event Handling and the DOM in Web Browsers.

[BibT_eX]

[DOI]

Proceedings of the IEEE 28th Computer Security Foundations Symposium, 2015

2014

Checking probabilistic noninterference using JOANA.

[BibT_eX]

[DOI]

it Inf. Technol., 2014

Flexible Access Control for JavaScript.

[BibT_eX]

[DOI]

Proceedings of the Software Engineering 2014, Fachtagung des GI-Fachbereichs Softwaretechnik, 25. Februar, 2014

Detecting Deadlock in Programs with Data-Centric Synchronization.

[BibT_eX]

[DOI]

Proceedings of the Software Engineering 2014, Fachtagung des GI-Fachbereichs Softwaretechnik, 25. Februar, 2014

Information Flow Control in WebKit's JavaScript Bytecode.

[BibT_eX]

[DOI]

Proceedings of the Principles of Security and Trust - Third International Conference, 2014

Generalizing Permissive-Upgrade in Dynamic Information Flow Analysis.

[BibT_eX]

[DOI]

Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security, 2014

2013

AppGuard - Enforcing User Requirements on Android Apps.

[BibT_eX]

[DOI]

Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2013

Flexible access control for javascript.

[BibT_eX]

[DOI]

Gregor Richards

Francesco Zappa Nardelli

Suresh Jagannathan

Jan Vitek

Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications, 2013

Detecting deadlock in programs with data-centric synchronization.

[BibT_eX]

[DOI]

Proceedings of the 35th International Conference on Software Engineering, 2013

Idea: Callee-Site Rewriting of Sealed System Libraries.

[BibT_eX]

[DOI]

Sebastian Gerling

Michael Backes

Proceedings of the Engineering Secure Software and Systems - 5th International Symposium, 2013

AppGuard - Fine-Grained Policy Enforcement for Untrusted Android Applications.

[BibT_eX]

[DOI]

Proceedings of the Data Privacy Management and Autonomous Spontaneous Security, 2013

2012

A data-centric approach to synchronization.

[BibT_eX]

[DOI]

ACM Trans. Program. Lang. Syst., 2012

2011

Marathon: Detecting Atomic-Set Serializability Violations with Conflict Graphs.

[BibT_eX]

[DOI]

William N. Sumner

Julian Dolby

Proceedings of the Runtime Verification - Second International Conference, 2011

The Eval That Men Do - A Large-Scale Study of the Use of Eval in JavaScript Applications.

[BibT_eX]

[DOI]

Proceedings of the ECOOP 2011 - Object-Oriented Programming, 2011

2010

Experiences with PDG-Based IFC.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems, Second International Symposium, 2010

A Type System for Data-Centric Synchronization.

[BibT_eX]

[DOI]

Proceedings of the ECOOP 2010, 2010

2009

Information flow control for Java: a comprehensive approach based on path conditions in dependence graphs.

[BibT_eX]

[DOI]

PhD thesis, 2009

Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs.

[BibT_eX]

[DOI]

Int. J. Inf. Sec., 2009

Precise slicing of concurrent programs.

[BibT_eX]

[DOI]

Dennis Giffhorn

Autom. Softw. Eng., 2009

2008

Precise Analysis of Java Programs Using JOANA.

[BibT_eX]

[DOI]

Dennis Giffhorn

Proceedings of the Eighth IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2008), 2008

Static path conditions for Java.

[BibT_eX]

[DOI]

Rüdiger Schaade

Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security, 2008

Dynamic detection of atomic-set-serializability violations.

[BibT_eX]

[DOI]

Proceedings of the 30th International Conference on Software Engineering (ICSE 2008), 2008

2007

An Evaluation of Slicing Algorithms for Concurrent Programs.

[BibT_eX]

[DOI]

Dennis Giffhorn

Proceedings of the Seventh IEEE International Workshop on Source Code Analysis and Manipulation (SCAM 2007), September 30, 2007

2006

Dynamic path conditions in dependence graphs.

[BibT_eX]

[DOI]

Martin Grimme

Jens Krinke

Proceedings of the 2006 ACM SIGPLAN Workshop on Partial Evaluation and Semantics-based Program Manipulation, 2006

Information Flow Control for Java Based on Path Conditions in Dependence Graphs.

[BibT_eX]

Jens Krinke

Proceedings of the 2006 IEEE International Symposium on Secure Software Engineering, 2006

Intransitive Noninterference in Dependence Graphs.

[BibT_eX]

[DOI]

Jens Krinke

Frank Nodes

Proceedings of the Leveraging Applications of Formal Methods, 2006

2004

An improved slicer for Java.

[BibT_eX]

[DOI]