Efficient static checker for tainted variable attacks
TL;DR: This paper gives an O(V^2) solution to the problem of detecting tainted flow attacks as an instance of type-checking, and uses Bodik et al.'s extended Static Single Assignment (e-SSA) program representation.
read more
About: This article is published in Science of Computer Programming. The article was published on 01 Feb 2014. and is currently open access. The article focuses on the topics: Dataflow & Static single assignment form.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Sparse representation of implicit flows with applications to side-channel detection
Bruno Augusto Rodrigues,Fernando Magno Quintão Pereira,Diego F. Aranha +2 more
- 17 Mar 2016
TL;DR: FlowTracker, a tool that uncovers side-channel vulnerabilities in cryptographic algorithms, is built, which handles programs with over one-million assembly instructions in less than 200 seconds, and creates 24% less implicit flow edges than Ferrante et al.'s technique.
97
Validation of memory accesses through symbolic analyses
Henrique Nazaré,Izabela Karennina Travizani Maffra,Willer Santos,Leonardo Barbosa,Laure Gonnord,Fernando Magno Quintão Pereira +5 more
- 15 Oct 2014
TL;DR: Two static analyses are designed and tested - symbolic region and range analysis - which are combined to remove the majority of guards that prevent out-of-bounds memory accesses and generate code that is 17% faster and 9% more energy efficient than the code produced originally by this tool.
Tainted flow analysis on e-SSA-form programs
Andrei Rimsa,Marcelo d'Amorim,Fernando Magno Quintão Pereira +2 more
- 26 Mar 2011
TL;DR: This paper gives an O(V2) solution to the problem of detecting tainted flow attacks by using Bodik et al.'s extended Static Single Assignment (e-SSA) program representation and shows that this approach tends to outperform the data-flow algorithm for bigger inputs.
•Dissertation
Leveraging Machine Learning to Improve Software Reliability
Song Wang
- 09 Jan 2019
TL;DR: This thesis presents a suite of machine learning based novel techniques to improve existing software reliability practices for helping developers find software bugs more effective and efficient, and introduces an n-gram language based static bug detection technique, i.e., Bugram, to detect new types of bugs with less false positives.
4
An Extensible Framework for Web Application Vulnerabilities Visualization and Analysis
Tran Tri Dang,Tran Khanh Dang +1 more
- 19 Nov 2014
TL;DR: It is shown that not only improving the visualization technique from a technical viewpoint is needed, but also improving it from a human cognitive viewpoint should be placed at a higher priority.
3
References
•Book
Compilers: Principles, Techniques, and Tools
Alfred V. Aho,Ravi Sethi,Jeffrey D. Ullman +2 more
- 01 Jan 1986
TL;DR: This book discusses the design of a Code Generator, the role of the Lexical Analyzer, and other topics related to code generation and optimization.
9.7K
The program dependence graph and its use in optimization
TL;DR: An intermediate program representation, called the program dependence graph (PDG), that makes explicit both the data and control dependences for each operation in a program, allowing transformations to be triggered by one another and applied only to affected dependences.
Program slicing
Keith Gallagher,David Binkley +1 more
- 01 Sep 2008
TL;DR: Applications of program slicing are surveyed, ranging from its first use as a debugging technique to current applications in property verification using finite state models, and a summary of research challenges for the slicing community is discussed.
2.8K
•Book
Types and Programming Languages
Benjamin C. Pierce
- 01 Jan 2002
TL;DR: This text provides a comprehensive introduction both to type systems in computer science and to the basic theory of programming languages, with a variety of approaches to modeling the features of object-oriented languages.
2.7K
Efficiently computing static single assignment form and the control dependence graph
TL;DR: In this article, the authors present new algorithms that efficiently compute static single assignment forms and control dependence graphs for arbitrary control flow graphs using the concept of {\em dominance frontiers} and give analytical and experimental evidence that these data structures are usually linear in the size of the original program.