Objective ML: an effective object-oriented extension to ML
Theory and Practice of Object Systems - Third workshop on foundations of object-oriented languages (FOOL 3)
Automatic predicate abstraction of C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Introduction To Automata Theory, Languages, And Computation
Introduction To Automata Theory, Languages, And Computation
MOPS: an infrastructure for examining security properties of software
Proceedings of the 9th ACM conference on Computer and communications security
Relative Completeness of Abstraction Refinement for Software Model Checking
TACAS '02 Proceedings of the 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
Proceedings of the 11th USENIX Security Symposium
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
Type qualifiers: lightweight specifications to improve software quality
Type qualifiers: lightweight specifications to improve software quality
Testing static analysis tools using exploitable buffer overflows from open source code
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Security Assessment Framework Using Static Analysis and Fault Injection
ICIC '08 Proceedings of the 4th international conference on Intelligent Computing: Advanced Intelligent Computing Theories and Applications - with Aspects of Theoretical and Methodological Issues
Hi-index | 0.00 |
Static analysis technology is used to find programming errors before run time. Unlike dynamic analysis technique which looks at the application state while it is being executed, static analysis technique does not require the application to be executed. In this paper, we classify security vulnerability patterns in source code and design a model to express various security vulnerability patterns by making use of pushdown automata. On the basis of the model, it is possible to find a security vulnerability by making use of Abstract Syntax Tree (AST) based pattern matching technique in parsing level.