Static program analysis techniques cannot know certain values, such as the value of user input or network state, at analysis time. While such unknown values need to be treated as ...
There exists a large variety of techniques to detect and correct software security vulnerabilities at the source code level, including human code reviews, testing, and static anal...
We show that problems arising in static analysis of XML specifications and transformations can be dealt with using techniques similar to those developed for static analysis of pr...
We present a formal framework for the analysis of intrusion detection systems (IDS) that employ declarative rules for attack recognition, e.g. specification-based intrusion detect...
Tao Song, Calvin Ko, Jim Alves-Foss, Cui Zhang, Ka...
We propose a new approach for reasoning about concurrency in object-oriented programs. Central to our approach is static ownership inference analysis — we conjecture that this a...