The complexity of modern web applications makes it difficult for developers to fully understand the security implications of their code. Attackers exploit the resulting security v...
Security remains a major roadblock to universal acceptance of the Web for many kinds of transactions, especially since the recent sharp increase in remotely exploitable vulnerabil...
Yao-Wen Huang, Fang Yu, Christian Hang, Chung-Hung...
Abstract. Many automatic testing, analysis, and verification techniques for programs can effectively be reduced to a constraint-generation phase followed by a constraint-solving ...
Vijay Ganesh, Adam Kiezun, Shay Artzi, Philip J. G...
In the last few years, several approaches have been proposed to perform vulnerability analysis of applications written in high-level languages. However, little has been done to au...
Marco Cova, Viktoria Felmetsger, Greg Banks, Giova...
This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light-weight analysis based on modeling C stri...
Vinod Ganapathy, Somesh Jha, David Chandler, David...