Felipe Bañados Schwerter, Ronald Garcia, Reid Holmes, and Karim Ali. Dynamic Program Slices Change How Developers Diagnose Gradual Run‑time Type Errors. The Art, Science, and Engineering of Programming (Programming).

Stefan Krüger, Michael Reif, Anna-Katharina Wickert, Sarah Nadi, Karim Ali, Eric Bodden, Mira Mezini, Yasemin Acar, and Sascha Fahl. Securing Your Crypto-API Usage Through Tool Support - A Usability Study. IEEE Secure Development Conference (SecDev).

Jiaqi He, Revan MacQueen, Natalie Bombardieri, Karim Ali, James Wright, and Cristina Cifuentes. Finding an Optimal Set of Static Analyzers To Detect Software Vulnerabilities. International Conference on Software Maintenance and Evolution (ICSME).

Abdul Ali Bangash, Qasim Jamal, Kalvin Eng, Karim Ali, and Abram Hindle. Energy Consumption Estimation of API-usage in Mobile Apps via Static Analysis. International Conference on Mining Software Repositories (MSR).

Jeff Cho and Karim Ali. Exploring Quality Assurance Practices and Tools for Indie Games. International ICSE Workshop on Games and Software Engineering (GAS).

Mansur Gulami, Ajay Kumar Jha, Sarah Nadi, Karim Ali, Yee-Kang Chang, and Emily Jiang. A Human-in-the-loop Approach to Generate Annotation Usage Rules: A Case Study with MicroProfile. CASCON.

Abdul Ali Bangash, Karim Ali, and Abram Hindle. A Black Box Technique to Reduce Energy Consumption of Android Apps. ICSE NIER.

Lisa Nguyen Quang Do, Daniil Tiganov, and Karim Ali. Designing UIs for Static Analysis Tools: Evaluating Tool Design Guidelines with SWAN. ACM Queue.

Kristen Newbury, Karim Ali, and Andrew Craik. Hotfixing Misuses of Crypto APIs in Java Programs. International Conference on Computer Science and Software Engineering (CASCON).

Erick Ochoa, Cijie Xia, Karim Ali, Andrew Craik, and José Nelson Amaral. U Can't Inline This!. International Conference on Computer Science and Software Engineering (CASCON).

Abdul Ali Bangash, Daniil Tiganov, Karim Ali, and Abram Hindle. Energy Efficient Guidelines for iOS Core Location Framework. International Conference on Software Maintenance and Evolution (ICSME).

Daniil Tiganov, Jeff Cho, Karim Ali, and Julian Dolby. SWAN: A Static Analysis Framework for Swift. ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE).

Abdul Ali Bangash, Hareem Sahar, Abram Hindle, and Karim Ali. On the Time-Based Conclusion Stability of Software Defect Prediction Models. International Journal on Empirical Software Engineering (EMSE).

Lisa Nguyen Quang Do, James R. Wright, and Karim Ali. Why Do Software Developers Use Static Analysis Tools? A User-Centered Study of Developer Needs and Motivations. IEEE Transactions on Software Engineering (TSE).

Stefan Krüger, Karim Ali, and Eric Bodden. CogniCrypt_GEN - Generating Code for the Secure Usage of Crypto APIs. International Symposium on Code Generation and Optimization (CGO).

Karim Ali, Xiaoni Lai, Zhaoyi Luo, Ondřej Lhoták, Julian Dolby, and Frank Tip. A Study of Call Graph Construction for JVM-Hosted Languages. IEEE Transactions on Software Engineering (TSE).

Stefan Krüger, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering (TSE).

Hareem Sahar, Abdul Ali Bangash, Alexander William Wong, Shaiful Chowdhury, Abram Hindle, and Karim Ali. What Do Developers Know About Machine Learning: A Study of ML Discussions on StackOverflow. International Conference on Mining Software Repositories (MSR) Mining Challenge.

Artem Chikin, José Nelson Amaral, Karim Ali, and Ettore Tiotto. Toward an Analytical Performance Model to Select between GPU and CPU Execution. International Workshop on High-Level Parallel Programming Models and Supportive Environments (HIPS).

Johannes Späth, Karim Ali, and Eric Bodden. Context-, Flow-, and Field-Sensitive Data-Flow Analysis using Synchronized Pushdown Systems. ACM SIGPLAN Symposium on Principles of Programming Languages (POPL).

Lisa Nguyen Quang Do, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. Debugging Static Analysis. IEEE Transactions on Software Engineering (TSE).

Stefan Krüger, Johannes Späth, Karim Ali, Eric Bodden, and Mira Mezini. CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. European Conference on Object Oriented Programming (ECOOP).

Lisa Nguyen Quang Do, Stefan Krüger, Patrick Hill, Karim Ali, and Eric Bodden. VISUFLOW: a debugging environment for static analyses. International Conference on Software Engineering (ICSE) Companion Proceedings.

Stefan Krüger, Sarah Nadi, Michael Reif, Karim Ali, Mira Mezini, Eric Bodden, Florian Göpfert, Felix Günther, Christian Weinert, Daniel Demmler, and Ram Kamath. CogniCrypt: Supporting Developers in Using Cryptography. IEEE/ACM International Conference on Automated Software Engineering (ASE).

Johannes Späth, Karim Ali, and Eric Bodden. IDE^al: Efficient and Precise Alias-Aware Dataflow Analysis. ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA).

Mona Nashaat, Karim Ali, and James Miller. Detecting Security Vulnerabilities in Object-Oriented PHP Programs. IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM).

Taylor Lloyd, Artem Chikin, Erick Ochoa, Karim Ali, and José Nelson Amaral. A Case for Better Integration of Host and Target Compilation When Using OpenCL for FPGAs. International Workshop on FPGAs for Software Programmers (FSP).

Lisa Nguyen Quang Do, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson R. Murphy-Hill. Just-in-Time Static Analysis. ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA).

Lisa Nguyen Quang Do, Karim Ali, Benjamin Livshits, Eric Bodden, Justin Smith, and Emerson R. Murphy-Hill. Cheetah: Just-in-Time Taint Analysis for Android Apps. International Conference on Software Engineering (ICSE) Companion Proceeedings.

Johannes Späth, Lisa Nguyen Quang Do, Karim Ali, and Eric Bodden. Boomerang: Demand-Driven Flow- and Context-Sensitive Pointer Analysis for Java. European Conference on Object Oriented Programming (ECOOP).

Karim Ali, Marianna Rapoport, Ondřej Lhoták, Julian Dolby, and Frank Tip. Type-Based Call Graph Construction Algorithms for Scala. ACM Transactions on Software Engineering and Methodology (TOSEM).

Steven Arzt, Sarah Nadi, Karim Ali, Eric Bodden, Sebastian Erdweg, and Mira Mezini. Towards Secure Integration of Cryptographic Software. ACM International Symposium on New Ideas, New paradigms, and Reflections on Programming and Software (Onward!).

Karim Ali. The Separate Compilation Assumption. PhD Thesis, David R. Cheriton School of Computer Science, University of Waterloo.

Karim Ali, Marianna Rapoport, Ondřej Lhoták, Julian Dolby, and Frank Tip. Constructing Call Graphs of Scala Programs. European Conference on Object Oriented Programming (ECOOP).

Karim Ali and Ondřej Lhoták. Averroes: Whole-Program Analysis Without The Whole Program. European Conference on Object Oriented Programming (ECOOP).

Karim Ali and Ondřej Lhoták. Application-Only Call Graph Construction. European Conference on Object Oriented Programming (ECOOP).

Karim Ali. Algorizmi: A Configurable Virtual Testbed to Generate Datasets for Offline Evaluation of Intrusion Detection Systems. M.Math Thesis, David R. Cheriton School of Computer Science, University of Waterloo.

Karim Ali and Raouf Boutaba. Applying Kernel Methods to Anomaly-Based Intrusion Detection Systems. IEEE Global Information Infrastructure Symposium (GIIS).

Karim Ali, Issam Aib, and Raouf Boutaba. P2P-AIS: A P2P Artificial Immune Systems Architecture for Detecting DDoS Flooding Attacks. IEEE Global Information Infrastructure Symposium (GIIS).

Sherif G. Aly, Sarah Nadi, and Karim Hamdan. A Java-Based Programming Language Support of Location Management in Pervasive Systems. International Journal of Computer Science and Network Security (IJCSNS).