List of Publications

Publications by Year

2017

• Alexandre Bartel: ASLR Bypass for Java Vulnerability CVE-2010-0842 , in Multi-System & Internet Security Cookbook (MISC), 2017 - to appear -

• Li Li, Tagawendé Bissyandé, Alexandre Bartel, Jacques Klein, Yves Le Traon: The Multi-Generation Repackaging Hypothesis , in International Conference on Software Engineering (ICSE), Buenos Aires, Argentina, 2017 [bib] [pdf]

• Li Li, Tagawendé Bissyandé, Mike Papadakis, Siegfried Rasthofer, Alexandre Bartel, Damien Octeau, Jacques Klein, Yves Le Traon: Static Analysis of Android Apps: A Systematic Literature Review , in Information and Software Technology (IST), 2017 [bib] [pdf]

2016

• Philipp Holzinger, Stefan Triller, Alexandre Bartel, Eric Bodden: An In-Depth Study of More Than Ten Years of Java Exploitation , in ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, 2016 [bib] [pdf] [www]

• Andreas Follner, Alexandre Bartel, Hui Peng, Yu-Chen Chang, Kyriakos Ispoglou, Mathias Payer, Eric Bodden: PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution , in Security and Trust Management Workshop (STM@ESORICS), Heraklion, Greece, 2016 [bib] [pdf] [www]

• Li Li, Daoyuan Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon: Towards a Generic Framework for Automating Extensive Analysis of Android Applications , in ACM SIGAPP Symposium on Applied Computing (SAC), Pisa, Italy, 2016 [bib] [pdf]

• Andreas Follner, Alexandre Bartel, Eric Bodden: Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality , in Proceedings of the International Symposium on Engineering Secure Software and Systems (ESSoS), London, UK, 2016 [bib] [pdf]

• Damien Octeau, Somesh Jha, Matthew Dering, Patrick McDaniel, Alexandre Bartel, Li Li, Jacques Klein, Yves Le Traon: Combining static analysis with probabilistic models to enable market-scale Android inter-component analysis , in ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), New-York, USA, 2016 [bib] [pdf]

2015

• Li Li, Kévin Allix, Daoyuan Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein: Potential Component Leaks in Android Apps: An Investigation into a new Feature Set for Malware Detection , in IEEE International Conference on Software Quality, Reliability and Security (QRS), Vancouver, Canada, 2015 [bib] [pdf]

• Li Li, Kévin Allix, Daoyuan Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein: A Study of Potential Component Leaks in Android Apps , technical report, ISBN 978-2-87971-141-6, 2015 [bib] [pdf]

• Li Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon: ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis , in IFIP International Conference on ICT Systems Security and Privacy Protection (ICT SEC), Hamburg, Germany, 2015 [bib] [pdf]

• Steven Arzt, Alexandre Bartel, Richard Gay, Steffen Lortz, Enrico Lovat, Heiko Mantel, Martin Mohr, Benedikt Nordhoff, Matthias Perner, Siegfried Rasthofer, David Schneider, Gregor Snelting, Artem Starostin, Alexandra Weber: Software Security for Mobile Devices , in IEEE Symposium on Security and Privacy (S&P), San Jose, California, USA, 2015 [bib] [pdf]

• Li Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, Patrick McDaniel: IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , in International Conference on Software Engineering (ICSE), Florence, Italy, 2015 [bib] [pdf] [www]

2014

• Li Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, Patrick McDaniel: I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis , technical report, ISBN 978-2-87971-129-4, 2014 [bib] [pdf] [www]

• Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon: Using A Path Matching Algorithm to Detect Inter-Component Leaks in Android Apps , in Grande Region Security and Reliability Day (GRSRD), Saarbrücken, Germany, 2014 [bib] [pdf]

• Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon: Automatically Exploiting Potential Component Leaks in Android Applications , in IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Beijing, China, 2014 [bib] [pdf]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And Solutions for Analyzing Android , in IEEE Transactions of Software Engineering (TSE), 2014 [bib] [pdf] [slides]

• Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon: FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps , in ACM Programming Language Design and Implementation (PLDI), Edinburgh, UK, 2014 [bib] [pdf] [www]

2013

• Christian Fritz, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon: Highly Precise Taint Analysis for Android Applications , technical report, Nr. TUD-CS-2013-0113, 2013 [bib] [pdf]

• Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, Yves Le Traon: Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis , in USENIX Security Symposium (USENIX Security), Washington DC, USA, 2013 [bib] [pdf] [www]

2012

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android , in IEEE/ACM International Conference on Automated Software Engineering (ASE), Essen, Germany, 2012 [bib] [pdf]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Kévin Allix, Yves Le Traon: Improving Privacy on Android Smartphones Through In-Vivo Bytecode Instrumentation , technical report, ISBN 978-2-87971-111-9, 2012 [bib] [pdf]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Dexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot , in ACM International Workshop on the State Of The Art in Java Program Analysis (SOAP@PLDI), Beijing, China, 2012 [bib] [pdf] [www]

2011

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android , technical report, ISBN 978-2-87971-107-2, 2011 [bib] [pdf]

• Alexandre Bartel, Benoît Baudry, Freddy Munoz, Jacques Klein, Tejeddine Mouelhi, Yves Le Traon: Model Driven Mutation Applied to Adaptative Systems Testing , in Mutation Analysis (Mutation@ICST), Berlin, Germany, 2011 [bib] [pdf]

Publications by Type

Conference Papers

• Philipp Holzinger, Stefan Triller, Alexandre Bartel, Eric Bodden: An In-Depth Study of More Than Ten Years of Java Exploitation , in ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, 2016 [bib] [pdf] [www]

• Li Li, Daoyuan Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon: Towards a Generic Framework for Automating Extensive Analysis of Android Applications , in ACM SIGAPP Symposium on Applied Computing (SAC), Pisa, Italy, 2016 [bib] [pdf]

• Andreas Follner, Alexandre Bartel, Eric Bodden: Analyzing the Gadgets - Towards a Metric to Measure Gadget Quality , in Proceedings of the International Symposium on Engineering Secure Software and Systems (ESSoS), London, UK, 2016 [bib] [pdf]

• Damien Octeau, Somesh Jha, Matthew Dering, Patrick McDaniel, Alexandre Bartel, Li Li, Jacques Klein, Yves Le Traon: Combining static analysis with probabilistic models to enable market-scale Android inter-component analysis , in ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), New-York, USA, 2016 [bib] [pdf]

• Li Li, Kévin Allix, Daoyuan Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein: Potential Component Leaks in Android Apps: An Investigation into a new Feature Set for Malware Detection , in IEEE International Conference on Software Quality, Reliability and Security (QRS), Vancouver, Canada, 2015 [bib] [pdf]

• Li Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon: ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis , in IFIP International Conference on ICT Systems Security and Privacy Protection (ICT SEC), Hamburg, Germany, 2015 [bib] [pdf]

• Li Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, Patrick McDaniel: IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , in International Conference on Software Engineering (ICSE), Florence, Italy, 2015 [bib] [pdf] [www]

• Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon: Automatically Exploiting Potential Component Leaks in Android Applications , in IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Beijing, China, 2014 [bib] [pdf]

• Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon: FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps , in ACM Programming Language Design and Implementation (PLDI), Edinburgh, UK, 2014 [bib] [pdf] [www]

• Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, Yves Le Traon: Effective inter-component communication mapping in android with epicc: An essential step towards holistic security analysis , in USENIX Security Symposium (USENIX Security), Washington DC, USA, 2013 [bib] [pdf] [www]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android , in IEEE/ACM International Conference on Automated Software Engineering (ASE), Essen, Germany, 2012 [bib] [pdf]

Journal Papers

• Li Li, Tagawendé Bissyandé, Mike Papadakis, Siegfried Rasthofer, Alexandre Bartel, Damien Octeau, Jacques Klein, Yves Le Traon: Static Analysis of Android Apps: A Systematic Literature Review , in Information and Software Technology (IST), 2017 [bib] [pdf]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Static Analysis for Extracting Permission Checks of a Large Scale Framework: The Challenges And Solutions for Analyzing Android , in IEEE Transactions of Software Engineering (TSE), 2014 [bib] [pdf] [slides]

Workshop Papers

• Andreas Follner, Alexandre Bartel, Hui Peng, Yu-Chen Chang, Kyriakos Ispoglou, Mathias Payer, Eric Bodden: PSHAPE: Automatically Combining Gadgets for Arbitrary Method Execution , in Security and Trust Management Workshop (STM@ESORICS), Heraklion, Greece, 2016 [bib] [pdf] [www]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Dexpler: Converting Android Dalvik Bytecode to Jimple for Static Analysis with Soot , in ACM International Workshop on the State Of The Art in Java Program Analysis (SOAP@PLDI), Beijing, China, 2012 [bib] [pdf] [www]

• Alexandre Bartel, Benoît Baudry, Freddy Munoz, Jacques Klein, Tejeddine Mouelhi, Yves Le Traon: Model Driven Mutation Applied to Adaptative Systems Testing , in Mutation Analysis (Mutation@ICST), Berlin, Germany, 2011 [bib] [pdf]

Posters

• Li Li, Tagawendé Bissyandé, Alexandre Bartel, Jacques Klein, Yves Le Traon: The Multi-Generation Repackaging Hypothesis , in International Conference on Software Engineering (ICSE), Buenos Aires, Argentina, 2017 [bib] [pdf]

• Steven Arzt, Alexandre Bartel, Richard Gay, Steffen Lortz, Enrico Lovat, Heiko Mantel, Martin Mohr, Benedikt Nordhoff, Matthias Perner, Siegfried Rasthofer, David Schneider, Gregor Snelting, Artem Starostin, Alexandra Weber: Software Security for Mobile Devices , in IEEE Symposium on Security and Privacy (S&P), San Jose, California, USA, 2015 [bib] [pdf]

Technical Reports

• Li Li, Kévin Allix, Daoyuan Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein: A Study of Potential Component Leaks in Android Apps , technical report, ISBN 978-2-87971-141-6, 2015 [bib] [pdf]

• Li Li, Alexandre Bartel, Tagawendé Bissyandé, Jacques Klein, Yves Le Traon, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau, Patrick McDaniel: I know what leaked in your pocket: uncovering privacy leaks on Android Apps with Static Taint Analysis , technical report, ISBN 978-2-87971-129-4, 2014 [bib] [pdf] [www]

• Christian Fritz, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon: Highly Precise Taint Analysis for Android Applications , technical report, Nr. TUD-CS-2013-0113, 2013 [bib] [pdf]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Kévin Allix, Yves Le Traon: Improving Privacy on Android Smartphones Through In-Vivo Bytecode Instrumentation , technical report, ISBN 978-2-87971-111-9, 2012 [bib] [pdf]

• Alexandre Bartel, Jacques Klein, Martin Monperrus, Yves Le Traon: Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android , technical report, ISBN 978-2-87971-107-2, 2011 [bib] [pdf]

Magazines

• Alexandre Bartel: ASLR Bypass for Java Vulnerability CVE-2010-0842 , in Multi-System & Internet Security Cookbook (MISC), 2017 - to appear -

Other

• Li Li, Alexandre Bartel, Jacques Klein, Yves Le Traon: Using A Path Matching Algorithm to Detect Inter-Component Leaks in Android Apps , in Grande Region Security and Reliability Day (GRSRD), Saarbrücken, Germany, 2014 [bib] [pdf]