Biography
“The usage of security analysis tools should become an industrial convention in secure software development. However, we need to create usable analysis tools at first.”
Linghui Luo (Chinese: 罗灵慧) is a PhD student advised by Prof. Eric Bodden. She works as a research associate in the Secure Software Engineering Group at Paderborn University since July 2017. Her research interests include program analysis (mainly Taint Analysis for Java and Android applications) and empirical software engineering. She is mostly interested in designing and tuning program analysis tools based on the needs of software developers and empirical data from the real world. She believes Open Source is the future and contributes to the open source community. She is the creator of MagpieBridge and one of the main contributers of the FutureSoot project.
📢 I am graduating this fall.
Contribution to Open Source
Research Interests
- Program Analysis
- Empirical Software Engineering
- Usability of Program Analysis Tools
- Concolic & Symbolic Execution
- Automatic Test Generation
Publications
- 2021 ongoing
- A General Approach to Modeling Java Framework Behaviors,23/08/2021 – 28/08/2021, Student Research Competition At The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2021, Athens, Greece.
Linghui Luo
(Paper, DOI (to appear)) - TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses, Empirical Software Engineering (EMSE) 2021 (to appear)
Linghui Luo, Felix Pauck, Goran Piskachev, Manuel Benz, Ivan Pashchenko, Martin Mory, Eric Bodden, Ben Hermann, Fabio Massacci
(Artifact) - IDE Support for Cloud-Based Static Analyses, 23/08/2021 – 28/08/2021, The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2021, Athens, Greece.
Linghui Luo, Martin Schäf, Daniel Sanchez, Eric Bodden
(Paper, DOI (to appear))
- A General Approach to Modeling Java Framework Behaviors,23/08/2021 – 28/08/2021, Student Research Competition At The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2021, Athens, Greece.
- 2020
- Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis, 23/05/2020 – 29/05/2020, The 42nd International Conference on Software Engineering (ICSE) 2020, Seoul, South Korea, Awarded: Artifact Evaluation Award (Available, Reusable).
Manuel Benz, Erik Krogh Kristensen, Linghui Luo, Nataniel P. Borges Jr., Eric Bodden, Andreas Zeller
(Paper, Artifact, DOI)
- Heaps’n Leaks: How Heap Snapshots Improve Android Taint Analysis, 23/05/2020 – 29/05/2020, The 42nd International Conference on Software Engineering (ICSE) 2020, Seoul, South Korea, Awarded: Artifact Evaluation Award (Available, Reusable).
- 2019
- A Qualitative Analysis of Android Taint-Analysis Results, 11/11/2019 – 15/11/2019, The 34th IEEE/ACM International Conference on Automated Software Engineering (ASE) 2019, San Diego, California, United States.
Linghui Luo, Eric Bodden, Johannes Späth
(Paper, Slides, DOI, Open Source Project, Video) - MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors, 15/07/2019 – 19/07/2019, European Conference on Object-Oriented Programming (ECOOP) 2019, London, United Kingdom.
Linghui Luo, Julian Dolby, Eric Bodden
(Paper, Slides, DOI, Open Source Project, Video) - MultiSkipGraph: A Self-stabilizing Overlay Network that Maintains Monotonic Searchability, 20/05/2019 – 24/05/2019, IEEE International Parallel & Distributed Processing Symposium (IPDPS) 2019, Rio de Janeiro, Brazil.
Linghui Luo, Christian Scheideler, Thim Strothmann
(Paper, Slides, DOI, Open Source Project)
- A Qualitative Analysis of Android Taint-Analysis Results, 11/11/2019 – 15/11/2019, The 34th IEEE/ACM International Conference on Automated Software Engineering (ASE) 2019, San Diego, California, United States.
Academic Services
- Reviewer, Artifact Evaluation, POPL 2022
- Reviewer, ACM Transactions on Software Engineering and Methodology (TOSEM), 2021
- Reviewer, Artifact Evaluation, OOPSLA 2020
- Student Volunteer, ASE 2019
- Sub-reviewer, Research Track, ASE 2018
Posters, Videos and Blog Posts
- DRY and Use MagpieBridge for IDE Integration, 15/06/2020, 9th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis (SOAP) 2020. (Video, Slides).
- A Qualitative Analysis of Android Taint-Analysis Results (Video)
- COVA: A Static Analysis Tool for Computing Partial Path Conditions (Blog Post)
- MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors (Video)
- How to Use MagpieBridge: A General Approach to Integrating Static Analyses into IDEs and Editors, 15/07/2019 – 19/07/2019, European Conference on Object-Oriented Programming (ECOOP) 2019, London, United Kingdom. (Poster)
- A Qualitative Analysis of Taint-Analysis Results, 03/12/2018 – 05/12/2018, Google’s 6th Compiler and Programming Language Summit, Munich, Germany. (Poster)
- Integrating Soot-Based Static Analysis Tools into IDEs with Language Server Protocol, 03/12/2018 – 05/12/2018, Google’s 6th Compiler and Programming Language Summit, Munich, Germany.
- Categorizing Static Analysis Results, 04/2018, ISSTA18 PC Meeting Poster Session, Paderborn, Germany. (Poster)
Things for a Resume/CV
Education
- M. Sc. In Computer Science, 2017, Paderborn University, Paderborn, Germany.
- Exchange Semester In Computer Science, 2015, Beihang University, Beijing, China.
- B. Sc. In Computer Science, 2014, Paderborn University, Paderborn, Germany.
Work Experience
- Research Associate, 07/2017 – Present, Research group Software Engineering, Paderborn University, Paderborn, Germany.
- I am doing research in improving real-world applicability of static taint analysis for Java/Android applications, which is also the focus of my PhD thesis. In addition to research, I have assisted in teaching and organizing several courses held by our research group.
- Advised by Prof. Eric Bodden
- Applied Scientist Intern, 09/2020 - 01/2021, Research Internship in team CodeGuru at Amazon Web Services, Berlin, Germany.
- The internship was planned to happen in the US. Due to COVID-19, I worked remotely with the team AWS CodeGuru in the US from Germany. During the internship, I worked on exploring the possibility of supporting IDE integration for cloud-based static analyses. I built a research prototype and conducted user studies with software developers at Amazon. A paper from this work was accepted by the ESEC/FSE conference 2021.
- Advised by Dr. Martin Schäf
- Research Intern, 01/2019 – 02/2019, Research in collaboration with Dr. Julian Dolby at IBM Thomas J. Watson Research Center, New York, USA.
- The internship was planned as a research collaboration, invited by Dr. Dolby from IBM research. During the internship, I worked on design and development of the MagpieBridge framework for integrating static analyses into IDEs and Editors. A paper from this work was published at the ECOOP conference 2019.
- Advised by Dr. Julian Dolby
- Student Assistant, 02/2015 – 03/2017, Research group Theory of Distributed System, Paderborn University, Paderborn, Germany.
- I designed and developed a simulator in Java for evaluating and visualizing various distributed algorithms in area of self-stabilization, which is a concept of fault-tolerance in distributed systems. I also completed my master thesis in this area and published the work at the IPDPS conference 2019.
- Advised by Dr. Thim Strothmann
- Student Assistant, 11/2013 – 01/2015, Wincor Nixdorf, Paderborn, Germany.
- I wrote unit and integration tests for a security software used in ATMs.
Projects
- FutureSoot: Future-proofing the Soot Framework for Program Analysis and Transformation, 01/2018 – Present, Project of the German Research Foundation (DFG), Call for Research Software Sustainability
- I am a main contributor to this project. My work on this project inlcudes management, design and development of a new Soot framework.
- IntelliScan: Intelligent Developer Support for Static Vulnerability Analyses, 10/2017 – Present, Part-project of the NRW Graduate School “Human-Centered Systems Security - North Rhine Westphalian Experts in Research on Digitalization (NERD)”
- I am funded by this project and do desearch in improving usability of static analysis tools.
- SanDMAN,
04/2016 - 03/2017, Student project group in the context of the European project SONATA.
- I designed and implementated a web editor for facilitating the service development task for developers.
- Project Repository
Teaching Experience
Teaching Assistant
- Secure Software Engineering, 04/2021 – 07/2021, 04/2020 – 07/2020, 04/2019 – 07/2019, 10/2017 – 02/2018, Paderborn University. (Bachelor course)
- Software Engineering Training, 10/2019 – 02/2020, Paderborn University. (Bachlor course)
- Designing Code Analyses for Large-scale Software Systems, 04/2018 – 08/2018, Paderborn University. (Master course)
- Seminar Secure Systems Engineering, 10/2017 – 02/2018, Paderborn University. (Master course)
Student Tutor
- Introduction to Computability, Complexity and Formal Languages, 10/2016 – 02/2017, Paderborn University. (Bachelor course)
- Data Structure and Algorithms, 2012 – 2016, Paderborn University. (Bachelor course)
- Analysis, 10/2012 – 02/2013, Paderborn University. (Bachelor course)
- Modeling, 10/2011 – 02/2012, Paderborn University. (Bachelor course)
Other Stuffs
Linghui’s Notes
Life Outside of Work
Together with her husband Linghui keeps three beloved pets: a dog (Java), a cat (Alan) and a black cat (Hacker). She loves to spend her time with her pets and do sports (before COVID-19) such as bouldering, water skiing, snowboarding and swimming. She also enjoys music and plays the cello.
Contact
You can send me an email in English, German or Chinese.
✉ linghui[at]outlook.de