Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
Magic sets and other strange ways to implement logic programs (extended abstract)
PODS '86 Proceedings of the fifth ACM SIGACT-SIGMOD symposium on Principles of database systems
A generalization of the differential approach to recursive query evaluation
Journal of Logic Programming
Bottom-up beats top-down for datalog
PODS '89 Proceedings of the eighth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Logic programming and databases
Logic programming and databases
Interprocedural modification side effect analysis with pointer aliasing
PLDI '93 Proceedings of the ACM SIGPLAN 1993 conference on Programming language design and implementation
Implementation of the CORAL deductive database system
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
Context-sensitive interprocedural points-to analysis in the presence of function pointers
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Efficient context-sensitive pointer analysis for C programs
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Tabled evaluation with delaying for general logic programs
Journal of the ACM (JACM)
Points-to analysis in almost linear time
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Compositional pointer and escape analysis for Java programs
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A static analyzer for finding dynamic programming errors
Software—Practice & Experience
Scalable context-sensitive flow analysis using instantiation constraints
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Ultra-fast aliasing analysis using CLA: a million lines of C code in a second
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
A system and language for building system-specific, static analyses
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Principles of Database and Knowledge-Base Systems: Volume II: The New Technologies
Principles of Database and Knowledge-Base Systems: Volume II: The New Technologies
Hacking Exposed
Learning cost-sensitive active classifiers
Artificial Intelligence
Bottom-Up Evaluation of Logic Programs Using Binary Decision Diagrams
ICDE '95 Proceedings of the Eleventh International Conference on Data Engineering
OLD Resolution with Tabulation
Proceedings of the Third International Conference on Logic Programming
Rule Ordering in Bottom-Up Fixpoint Evaluation of Logic Programs
VLDB '90 Proceedings of the 16th International Conference on Very Large Data Bases
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
PLILP '93 Proceedings of the 5th International Symposium on Programming Language Implementation and Logic Programming
Compactly Representing First-Order Structures for Static Analysis
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
An Efficient Inclusion-Based Points-To Analysis for Strictly-Typed Languages
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Automated Verification of Concurrent Linked Lists with Counters
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Solving Demand Versions of Interprocedural Analysis Problems
CC '94 Proceedings of the 5th International Conference on Compiler Construction
Proceedings of the 2002 IEEE/ACM international conference on Computer-aided design
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
From datalog rules to efficient programs with time and space guarantees
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Simple and Efficient Relational Querying of Software Structures
WCRE '03 Proceedings of the 10th Working Conference on Reverse Engineering
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Symbolic pointer analysis revisited
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
Jedd: a BDD-based relational extension of Java
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
IEEE Security and Privacy
IEEE Security and Privacy
Improving software security with a C pointer analysis
Proceedings of the 27th international conference on Software engineering
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Finding user/kernel pointer bugs with type inference
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Learning to order BDD variables in verification
Journal of Artificial Intelligence Research
Modular class analysis with DATALOG
SAS'03 Proceedings of the 10th international conference on Static analysis
Scaling Java points-to analysis using SPARK
CC'03 Proceedings of the 12th international conference on Compiler construction
The essence of command injection attacks in web applications
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Effective static race detection for Java
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
Semantics of static pointcuts in aspectJ
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
An overview of the saturn project
PASTE '07 Proceedings of the 7th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Techniques for specifying bug patterns
Proceedings of the 2007 ACM workshop on Parallel and distributed systems: testing and debugging
Interactive, scalable, declarative program analysis: from prototype to implementation
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Type qualifier inference for java
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Hang analysis: fighting responsiveness bugs
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Improving flow-insensitive solutions for non-separable dataflow problems
Proceedings of the 2008 ACM symposium on Applied computing
Static detection of cross-site scripting vulnerabilities
Proceedings of the 30th international conference on Software engineering
Conditional correlation analysis for safe region-based memory management
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Adding magic to an optimising datalog compiler
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Querying business processes with BP-QL
Information Systems
Generating Specialized Rules and Programs for Demand-Driven Analysis
AMAST 2008 Proceedings of the 12th international conference on Algebraic Methodology and Software Technology
Using OBDDs for Efficient Query Evaluation on Probabilistic Databases
SUM '08 Proceedings of the 2nd international conference on Scalable Uncertainty Management
Evita raced: metacompilation for declarative networks
Proceedings of the VLDB Endowment
Querying and monitoring distributed business processes
Proceedings of the VLDB Endowment
.QL: Object-Oriented Queries Made Easy
Generative and Transformational Techniques in Software Engineering II
On automated prepared statement generation to remove SQL injection vulnerabilities
Information and Software Technology
Automatic generation of XSS and SQL injection attacks with goal-directed model checking
SS'08 Proceedings of the 17th conference on Security symposium
PADL '09 Proceedings of the 11th International Symposium on Practical Aspects of Declarative Languages
SQLProb: a proxy-based architecture towards preventing SQL injection attacks
Proceedings of the 2009 ACM symposium on Applied Computing
Analyzing recursive programs using a fixed-point calculus
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
From datalog rules to efficient programs with time and space guarantees
ACM Transactions on Programming Languages and Systems (TOPLAS)
PPDP '09 Proceedings of the 11th ACM SIGPLAN conference on Principles and practice of declarative programming
Strictly declarative specification of sophisticated points-to analyses
Proceedings of the 24th ACM SIGPLAN conference on Object oriented programming systems languages and applications
BP-Ex: a uniform query engine for business process execution traces
Proceedings of the 13th International Conference on Extending Database Technology
Boom analytics: exploring data-centric, declarative programming for the cloud
Proceedings of the 5th European conference on Computer systems
A declarative framework for analysis and optimization
CC'07 Proceedings of the 16th international conference on Compiler construction
HiPC'07 Proceedings of the 14th international conference on High performance computing
Querying structural and behavioral properties of business processes
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Graph queries through datalog optimizations
Proceedings of the 12th international ACM SIGPLAN symposium on Principles and practice of declarative programming
GATEKEEPER: mostly static enforcement of security and reliability policies for javascript code
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Alias analysis for optimization of dynamic languages
Proceedings of the 6th symposium on Dynamic languages
S2E: a platform for in-vivo multi-path analysis of software systems
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
DES: A Deductive Database System
Electronic Notes in Theoretical Computer Science (ENTCS)
D2R2: disk-oriented deductive reasoning in a RISC-style RDF engine
RuleML'11 Proceedings of the 5th international conference on Rule-based modeling and computing on the semantic web
Using datalog with binary decision diagrams for program analysis
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
APLAS'05 Proceedings of the Third Asian conference on Programming Languages and Systems
A structural/temporal query language for Business Processes
Journal of Computer and System Sciences
The S2E Platform: Design, Implementation, and Applications
ACM Transactions on Computer Systems (TOCS) - Special Issue APLOS 2011
CodeQuest: scalable source code queries with datalog
ECOOP'06 Proceedings of the 20th European conference on Object-Oriented Programming
FATES'06/RV'06 Proceedings of the First combined international conference on Formal Approaches to Software Testing and Runtime Verification
A deductive database with datalog and SQL query languages
APLAS'11 Proceedings of the 9th Asian conference on Programming Languages and Systems
Using datalog for fast and easy program analysis
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Dedalus: datalog in time and space
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Optimizing inequality joins in datalog with approximated constraint propagation
PADL'12 Proceedings of the 14th international conference on Practical Aspects of Declarative Languages
Distributed deductive databases, declaratively: the L10 logic programming language
Proceedings of the 2011 ACM SIGPLAN X10 Workshop
Outer Joins in a Deductive Database System
Electronic Notes in Theoretical Computer Science (ENTCS)
Synthesizing software verifiers from proof rules
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
SQL injection attack mechanisms and prevention techniques
ADCONS'11 Proceedings of the 2011 international conference on Advanced Computing, Networking and Security
Logical approximation for program analysis
Higher-Order and Symbolic Computation
Proceedings of the 14th symposium on Principles and practice of declarative programming
Model-Based static code analysis for MATLAB models
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Static vulnerability detection in Java service-oriented components
Journal in Computer Virology
Efficient and effective handling of exceptions in java points-to analysis
CC'13 Proceedings of the 22nd international conference on Compiler Construction
Hybrid context-sensitivity for points-to analysis
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Set-based pre-processing for points-to analysis
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
| Hi-index | 0.00 |
Program analysis has been increasingly used in softwareengineering tasks such as auditing programs for securityvulnerabilities and finding errors in general. Such tools oftenrequire analyses much more sophisticated than those traditionallyused in compiler optimizations. In particular, context-sensitivepointer alias information is a prerequisite for any sound andprecise analysis that reasons about uses of heap objects in aprogram. Context-sensitive analysis is challenging because thereare over 1014 contexts in a typical large program, evenafter recursive cycles are collapsed. Moreover, pointers cannot beresolved in general without analyzing the entire program.This paper presents a new framework, based on the concept ofdeductive databases, for context-sensitive program analysis. Inthis framework, all program information is stored as relations;data access and analyses are written as Datalog queries. To handlethe large number of contexts in a program, the database representsrelations with binary decision diagrams (BDDs). The system we havedeveloped, called bddbddb, automatically translates databasequeries into highly optimized BDD programs.Our preliminary experiences suggest that a large class ofanalyses involving heap objects can be described succinctly inDatalog and implemented efficiently with BDDs. To make developingapplication-specific analyses easy for programmers, we have alsocreated a language called PQL that makes a subset of Datalogqueries more intuitive to define. We have used the language to findmany security holes in Web applications.