Abstract. Many automatic testing, analysis, and verification techniques for programs can effectively be reduced to a constraint-generation phase followed by a constraint-solving ...
Vijay Ganesh, Adam Kiezun, Shay Artzi, Philip J. G...
Many automatic testing, analysis, and verification techniques for programs can be effectively reduced to a constraint-generation phase followed by a constraint-solving phase. Th...
Adam Kiezun, Vijay Ganesh, Philip J. Guo, Pieter H...
Given the bytecode of a software system, is it possible to automatically generate attack signatures that reveal its vulnerabilities? A natural solution would be symbolically execu...
This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light-weight analysis based on modeling C stri...
Vinod Ganapathy, Somesh Jha, David Chandler, David...
—As AJAX applications gain popularity, client-side JavaScript code is becoming increasingly complex. However, few automated vulnerability analysis tools for JavaScript exist. In ...
Prateek Saxena, Devdatta Akhawe, Steve Hanna, Feng...