Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces
SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model checking security properties of control flow graphs
Journal of Computer Security
Introduction To Automata Theory, Languages, And Computation
Introduction To Automata Theory, Languages, And Computation
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Proceedings of the 11th USENIX Security Symposium
Using CQUAL for Static Analysis of Authorization Hook Placement
Proceedings of the 11th USENIX Security Symposium
Efficient Algorithms for Model Checking Pushdown Systems
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Using Programmer-Written Compiler Extensions to Catch Security Holes
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
MOPS: an Infrastructure for Examining Security Properties of Software
MOPS: an Infrastructure for Examining Security Properties of Software
Checking system rules using system-specific, programmer-written compiler extensions
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Runtime verification of authorization hook placement for the linux security modules framework
Proceedings of the 9th ACM conference on Computer and communications security
Web application security assessment by fault injection and behavior monitoring
WWW '03 Proceedings of the 12th international conference on World Wide Web
Software Security for Open-Source Systems
IEEE Security and Privacy
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
MECA: an extensible, expressive system and language for statically checking security properties
Proceedings of the 10th ACM conference on Computer and communications security
Methods for the prevention, detection and removal of software security vulnerabilities
ACM-SE 42 Proceedings of the 42nd annual Southeast regional conference
SELF: a transparent security extension for ELF binaries
Proceedings of the 2003 workshop on New security paradigms
Securing web application code by static analysis and runtime protection
Proceedings of the 13th international conference on World Wide Web
Consistency analysis of authorization hook placement in the Linux security modules framework
ACM Transactions on Information and System Security (TISSEC)
Generating Tests from Counterexamples
Proceedings of the 26th International Conference on Software Engineering
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
SABER: smart analysis based error reduction
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Invited talk: the blast query language for software verification
PPDP '04 Proceedings of the 6th ACM SIGPLAN international conference on Principles and practice of declarative programming
Invited talk: the blast query language for software verification
Proceedings of the 2004 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Validating structural properties of nested objects
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Correlation exploitation in error ranking
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Using build-integrated static checking to preserve correctness invariants
Proceedings of the 11th ACM conference on Computer and communications security
A holistic approach to service survivability
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
IEEE Security and Privacy
Automatic discovery of API-level exploits
Proceedings of the 27th international conference on Software engineering
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Trace effects and object orientation
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
The KaffeOS Java runtime system
ACM Transactions on Programming Languages and Systems (TOPLAS)
Analysis of recursive state machines
ACM Transactions on Programming Languages and Systems (TOPLAS)
A software flaw taxonomy: aiming tools at security
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Matching attack patterns to security vulnerabilities in software-intensive system designs
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Automatic diagnosis and response to memory corruption vulnerabilities
Proceedings of the 12th ACM conference on Computer and communications security
A fixpoint calculus for local and global program flows
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Intermediate-representation recovery from low-level code
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Continuous code-quality assurance with SAFE
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Weighted pushdown systems and their application to interprocedural dataflow analysis
Science of Computer Programming - Special issue: Static analysis symposium (SAS 2003)
Discovering faults in idiom-based exception handling
Proceedings of the 28th international conference on Software engineering
Perracotta: mining temporal API rules from imperfect traces
Proceedings of the 28th international conference on Software engineering
Condate: a proto-language at the confluence between checking and compiling
Proceedings of the 8th ACM SIGPLAN international conference on Principles and practice of declarative programming
SPEE: a secure program execution environment tool using code integrity checking
Journal of High Speed Networks - Special issue on trusted internet workshop (TIW) 2004
The case for analysis preserving language transformation
Proceedings of the 2006 international symposium on Software testing and analysis
Automatic generation and inference of interface properties from program source code
Companion to the 21st ACM SIGPLAN symposium on Object-oriented programming systems, languages, and applications
On the design of more secure software-intensive systems by use of attack patterns
Information and Software Technology
A framework for the static verification of api calls
Journal of Systems and Software
Building a reactive immune system for software services
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Regularly annotated set constraints
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
TOCTTOU vulnerabilities in UNIX-style file systems: an anatomical study
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Finding user/kernel pointer bugs with type inference
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Refining buffer overflow detection via demand-driven path-sensitive analysis
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
ABASH: finding bugs in bash scripts
Proceedings of the 2007 workshop on Programming languages and analysis for security
Finding Errors in Interoperating Components
IWICSS '07 Proceedings of the Second International Workshop on Incorporating COTS Software into Software Systems: Tools and Techniques
Mining API patterns as partial orders from source code: from usage scenarios to specifications
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
From uncertainty to belief: inferring the specification within
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Predicting vulnerable software components
Proceedings of the 14th ACM conference on Computer and communications security
Memsherlock: an automated debugger for unknown memory corruption vulnerabilities
Proceedings of the 14th ACM conference on Computer and communications security
Finding errors in components that exchange xml data
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Unparsed patterns: easy user-extensibility of program manipulation tools
PEPM '08 Proceedings of the 2008 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Types and trace effects of higher order programs
Journal of Functional Programming
Rule-based static analysis of network protocol implementations
Information and Computation
Assessing work for static software bug detection
Proceedings of the 1st ACM international workshop on Empirical assessment of software engineering languages and technologies: held in conjunction with the 22nd IEEE/ACM International Conference on Automated Software Engineering (ASE) 2007
An approach to synthesise safe systems
International Journal of Security and Networks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Portably solving file TOCTTOU races with hardness amplification
FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
ISA: a source code static vulnerability detection system based on data fusion
Proceedings of the 2nd international conference on Scalable information systems
Symbolic mining of temporal specifications
Proceedings of the 30th international conference on Software engineering
CMV: automatic verification of complete mediation for java virtual machines
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Portably solving file races with hardness amplification
ACM Transactions on Storage (TOS)
WYSINWYX: What You See Is Not What You eXecute
Verified Software: Theories, Tools, Experiments
Model Checking: From Tools to Theory
25 Years of Model Checking
Security Assessment Framework Using Static Analysis and Fault Injection
ICIC '08 Proceedings of the 4th international conference on Intelligent Computing: Advanced Intelligent Computing Theories and Applications - with Aspects of Theoretical and Methodological Issues
Marple: a demand-driven path-sensitive buffer overflow detector
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Types and trace effects for object orientation
Higher-Order and Symbolic Computation
An empirical security study of the native code in the JDK
SS'08 Proceedings of the 17th conference on Security symposium
AutoISES: automatically inferring security specifications and detecting violations
SS'08 Proceedings of the 17th conference on Security symposium
Adding nesting structure to words
Journal of the ACM (JACM)
Electronic Notes in Theoretical Computer Science (ENTCS)
Mining API Error-Handling Specifications from Source Code
FASE '09 Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Interprocedural and Flow-Sensitive Type Analysis for Memory and Type Safety of C Code
Journal of Automated Reasoning
ACM Computing Surveys (CSUR)
Reducing False Positives by Combining Abstract Interpretation and Bounded Model Checking
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
Finding bugs in exceptional situations of JNI programs
Proceedings of the 16th ACM conference on Computer and communications security
Combining Static Model Checking with Dynamic Enforcement Using the Statecall Policy Language
ICFEM '09 Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
Electronic Notes in Theoretical Computer Science (ENTCS)
A Type and Effect System for Flexible Abstract Interpretation of Java
Electronic Notes in Theoretical Computer Science (ENTCS)
WYSINWYX: What you see is not what you eXecute
ACM Transactions on Programming Languages and Systems (TOPLAS)
Weighted pushdown systems and their application to interprocedural dataflow analysis
SAS'03 Proceedings of the 10th international conference on Static analysis
Integrated static analysis for Linux device driver verification
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Understanding precision in host based intrusion detection: formal analysis and practical models
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Improved memory-access analysis for x86 executables
CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
SUDS: an infrastructure for creating dynamic software defect detection tools
Automated Software Engineering
An automata-theoretic approach to infinite-state systems
Time for verification
Analyzing and improving Linux kernel memory protection: a model checking approach
Proceedings of the 26th Annual Computer Security Applications Conference
Life, death, and the critical transition: finding liveness bugs in systems code
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Addressing software application security issues
ICCOMP'06 Proceedings of the 10th WSEAS international conference on Computers
Email FI identification and resolution with model checking
Journal of Network and Computer Applications
A security policy oracle: detecting security holes using multiple API implementations
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Generating analyses for detecting faults in path segments
Proceedings of the 2011 International Symposium on Software Testing and Analysis
A new security proof of practical cryptographic devices based on hardware, software and protocols
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
A framework for analyzing programs written in proprietary languages
Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion
Lightweight monitoring of the progress of remotely executing computations
LCPC'05 Proceedings of the 18th international conference on Languages and Compilers for Parallel Computing
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
Recency-Abstraction for heap-allocated storage
SAS'06 Proceedings of the 13th international conference on Static Analysis
Using static program analysis to aid intrusion detection
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
A next-generation platform for analyzing executables
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
Protecting applications against TOCTTOU races by user-space caching of file metadata
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Extended weighted pushdown systems
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Incremental algorithms for inter-procedural analysis of safety properties
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Rewriting models of boolean programs
RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
Automated discovery of mimicry attacks
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
A model for security vulnerability pattern
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Idea: towards architecture-centric security analysis of software
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Modeling complex systems with VeriJ
VECoS'11 Proceedings of the Fifth international conference on Verification and Evaluation of Computer and Communication Systems
A method of software defects mining based on static analysis
IEA/AIE'12 Proceedings of the 25th international conference on Industrial Engineering and Other Applications of Applied Intelligent Systems: advanced research in applied artificial intelligence
CHEX: statically vetting Android apps for component hijacking vulnerabilities
Proceedings of the 2012 ACM conference on Computer and communications security
Alternating automata and a temporal fixpoint calculus for visibly pushdown languages
CONCUR'07 Proceedings of the 18th international conference on Concurrency Theory
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
Detecting and preventing activex API-Misuse vulnerabilities in internet explorer
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
A CASE Tool for Java Mobile Computing Applications
International Journal of Mobile Computing and Multimedia Communications
Marple: Detecting faults in path segments using automatically generated analyses
ACM Transactions on Software Engineering and Methodology (TOSEM) - In memoriam, fault detection and localization, formal methods, modeling and design
An empirical study of cryptographic misuse in android applications
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Vibes: A visual language for specifying behavioral requirements of algorithms
Journal of Visual Languages and Computing
A source-to-source transformation tool for error fixing
CASCON '13 Proceedings of the 2013 Conference of the Center for Advanced Studies on Collaborative Research
Counterexample-guided abstraction refinement for linear programs with arrays
Automated Software Engineering
Hi-index | 0.00 |
We describe a formal approach for finding bugs in security-relevant software and verifying their absence. The idea is as follows: we identify rules of safe programming practice, encode them as safety properties, and verify whether these properties are obeyed. Because manual verification is too expensive, we have built a program analysis tool to automate this process. Our program analysis models the program to be verified as a pushdown automaton, represents the security property as a finite state automaton, and uses model checking techniques to identify whether any state violating the desired security goal is reachable in the program. The major advantages of this approach are that it is sound in verifying the absence of certain classes of vulnerabilities, that it is fully interprocedural, and that it is efficient and scalable. Experience suggests that this approach will be useful in finding a wide range of security vulnerabilities in large programs efficiently.