• Oksana Kulyk, Paul Gerber, Michael El Hanafi, Benjamin Reinheimer, Karen Renaud, Melanie Volkamer (2016). Encouraging Privacy-Aware Smartphone App Installation: Finding out what the Technically-Adept Do. In: Usable Security Workshop (USEC), February 2016.

    • Achim D. Brucker and Michael Herzberg. On the Static Analysis of Hybrid Mobile Apps: A Report on the State of Apache Cordova Nation. In International Symposium on Engineering Secure Software and Systems (ESSoS). Lecture Notes in Computer Science, Springer-Verlag, 2016.

    • Dr. Sönke Maseberg, „ZertApps – Prüf- und Zertifizierungsschema für mobile Anwendungen (Apps)“. ZertiFA, 01.12.2015, Berlin.

    • Li Li, Alexandre Bartel, Tegawendé Bissyande, Jacques, Yves Klein, Steven Arzt, Siegfried Rasthofer, Eric Bodden, Damien Octeau and Patrick McDaniel. IccTA: Detecting Inter-Component Privacy Leaks in Android Apps. In: Proceedings of the 37th International Conference on Software Engineering (ICSE)

    • Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, Andreas Zeller, Steven Arzt, Siegfried Rasthofer, Eric Bodden. Mining Apps for Abnormal Usage of Sensitive Data. In: Proceedings of the 37th International Conference on Software Engineering (ICSE)

    • Steven Arzt, Siegfried Rasthofer, Robert Hahn and Eric Bodden. Using Targeted Symbolic Execution for Reducing False-Positives in Dataflow Analysis. In: 4th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis (SOAP 2015)

    • Siegfried Rasthofer, Irfan Asrar, Stephan Huber and Eric Bodden. How Current Android Malware Seeks to Evade Automated Code Analysis. In: 9th International Conference on Information Security Theory and Practice (WISTP’2015)

    • Nicole Eling, Siegfried Rasthofer, Max Kolhagen, Eric Bodden and Peter Buxmann. Investigating Users’ Reaction to Fine-Grained Data Requests: A Market Experiment In: Hawaii International Conference on System Sciences (HICSS), January 2016

    • Achim D. Brucker, Oto Havle, Yakoub Nemouchi, and Burkhart Wolff. Testing the IPC Protocol for a Real-Time Operating System. In Working Conference on Verified Software: Theories, Tools, and Experiments. Lecture Notes in Computer Science, Springer-Verlag, 2015.

    • Michael Felderer, Matthias Büchlein, Martin Johns, Achim D. Brucker, Ruth Breu, and Alexander Pretschner. Security Testing: A Survey. In Advances in Computers, 101, 2015.

    • Melanie Volkamer, Karen Renaud, Oksana Kulyk and Sinem Emeröz: A Socio-Technical Investigation into Smartphone Security. 11th International Workshop on Security and Trust Management, September 2015.

    • Melanie Volkamer, Karen Renaud, Oksana Kulyk and Sinem Emeröz: An Investigation into the "Other" Barriers to Adoption of Smartphone Security Precautions (Poor Usability being a Given). Technische Universität Darmstadt, August 2015

    • Gerber, Melanie Volkamer, Karen Renaud: Usability versus Privacy instead of Usable Privacy. In ACM Computers & Society – Security, Privacy and Human Behavior Newsletter, 2015.

    • Paul Gerber und Melanie Volkamer: Usability und Privacy im Android Ökosystem. In DuD journal 02/2015.

    • Siegfried Rasthofer, Steven Arzt, Enrico Lovat, Eric Bodden: DroidForce: Enforcing Complex, Data-Centric, System-Wide Policies in Android . In: Proceedings of the 9th International Conference on Availability, Reliability and Security (ARES), September 2014

    • Bernhard J. Berger, Karsten Sohr und Udo H. Kalinna. Architekturelle Sicherheitsanalyse für Android Apps. In D-A-CH Security 2014. Bestandsaufnahme - Konzepte - Anwendungen - Perspektiven. pages 287 - 297. syssec. ISBN 978-3-00-046463-8. 2014.

    • T. Mustafa, K. Sohr: Understanding the Implemented Access Control Policy of Android System Services with Slicing and Extended Static Checking, International Journal of Information Security (IJIS), Springer-Verlag, Berlin, 2014.

    • A.D. Brucker and U. Sodan: Deploying Static Application Security Testing on a Large Scale. In GI Sicherheit 2014. Lecture Notes in Informatics, 228, pages 91-101, GI, 2014.

    • R. Bachmann and A. D. Brucker: Developing Secure Software – A Holistic Approach to Security Testing. In Datenschutz und Datensicherheit (DuD), 38 (4), pages 257-261, 2014.

    • D. Theiß (supervised by Paul Gerber and Prof. Dr. Melanie Volkamer): Integration datenschutzrelevanter Informationen in die App-Details. Bachelor Thesis, June .2014

    • S. Arzt, S. Rasthofer, Ch. Fritz,  E. Bodden, A. Bartel,  J. Klein, Y. Le Traon,  D. Octeau,  P. McDaniel: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2014.

    • S. Bartsch, B. Berger, E. Bodden, A. D. Brucker, J. Heider, M. Kus, S. Maseberg, K. Sohr, M. Volkamer: Zertifizierte Datensicherheit für Android-Anwendungen auf Basis statischer Programmanalysen, GI SICHERHEIT 2014 Sicherheit – Schutz und Zuverlässigkeit, Fachtagung, 19.-21. März 2014, Wien

    • Siegfried Rasthofer, Steven Arzt, Eric Bodden: A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks. In: 21th Annual Network & Distributed System Security Symposium (NDSS), February 2014

Duration: 01.01.2014 – 31.12.2015
Partner: OTARIS Interactive Services GmbH, datenschutz cert GmbH, SAP AG, Fraunhofer-Institut für Sichere Informationstechnologie SIT, TU Darmstadt
Sponsor: BMBF