Projects

Below are some open source projects I started during my PhD:

• TaintBench (2018 - 2022): TaintBench is a publicly available project that enables automatic evaluation of Android taint analysis tools with real-world benchmarks. With TaintBench we are continuously benchmarking Android taint analysis tools and reproducing benchmarking results. It provides:
  • a real-world malware benchmark suite with a ground-truth documentation that is machine-readable and comprehensive.
  • a set of tools that are designed to support benchmark suite construction, automatic evaluation of Android taint analysis tools and manual inspection of analysis results.

• MagpieBridge (2019 - 2023): MagpieBridge is an open-source framework for integrating static analyses into IDEs and editors with the Language Server Protocol (LSP). MagpieBridge is not limited to LSP, it also allows displaying web pages inside an IDE, which enables a new level of supporting visualization and customizable UI for users to interact with. MagpieBridge is a bridge between program analyses and developer tools. I am the creator and maintainer of this open-source project.

• COVA (2018 - 2022): COVA is a static analysis tool that analyzes path conditions in the program based on user-defined APIs. It combines data-flow analysis with symbolic execution to compute path constraints, which can be used to refine static-analysis results. It supports both Android and Java applications. I am the creator and maintainer of this open-source project.

• SootUp (01/2018 - 2021): Future-proofing the Soot Framework for Program Analysis and Transformation. The goal of this DFG project is to develop a brand-new version of Soot. This new version will enable people to use Soot in a much more flexible manner. I am a main contributor to this project. My work on this project inlcudes management, design and development of the new Soot framework.

• IntelliScan (10/2017 - 09/2021): This is a subproject of the NRW Graduate School “Human-Centered Systems Security - North Rhine Westphalian Experts in Research on Digitalization (NERD)”. The goal of this project is to build intelligent developer support for static analysis tools. I am funded by this project and do desearch in improving the usability of static analysis tools.

• SanDMAN (04/2016 - 03/2017): This is a master student group project in the context of the European project SONATA. I designed and implementated a web editor for facilitating the service development task for developers.