A synergy between static and dynamic analysis for the detection of software security vulnerabilities
The main contribution of this paper is a framework for security testing. The key components
of this framework are twofold: First, a static analyzer that automatically identifies suspicious …
of this framework are twofold: First, a static analyzer that automatically identifies suspicious …
An advanced approach for modeling and detecting software vulnerabilities
CONTEXT: Passive testing is a technique in which traces collected from the execution of a
system under test are examined for evidence of flaws in the system. OBJECTIVE: In this …
system under test are examined for evidence of flaws in the system. OBJECTIVE: In this …
Automatic vulnerability detection for weakness visualization and advisory creation
The detection of vulnerabilities in computer systems and computer networks as well as the
representation of the results are crucial problems. The presented method tackles the …
representation of the results are crucial problems. The presented method tackles the …
A distributed framework for demand-driven software vulnerability detection
D Zhang, D Liu, C Csallner, D Kung, Y Lei - Journal of Systems and …, 2014 - Elsevier
Security testing aims at detecting program security flaws through a set of test cases and has
become an active area of research. The challenge is how to efficiently produce test cases …
become an active area of research. The challenge is how to efficiently produce test cases …
Automated security test generation with formal threat models
Security attacks typically result from unintended behaviors or invalid inputs. Security testing
is labor intensive because a real-world program usually has too many invalid inputs. It is …
is labor intensive because a real-world program usually has too many invalid inputs. It is …
Towards vulnerability discovery using staged program analysis
Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is
a promising approach for discovering vulnerabilities since it can provide developers early …
a promising approach for discovering vulnerabilities since it can provide developers early …
The life and death of statically detected vulnerabilities: An empirical study
Vulnerable statements constitute a major problem for developers and maintainers of
networking systems. Their presence can ease the success of security attacks, aimed at …
networking systems. Their presence can ease the success of security attacks, aimed at …
Ssvchecker: unifying static security vulnerability detection tools in an eclipse plug-in
J Dehlinger, Q Feng, L Hu - Proceedings of the 2006 OOPSLA workshop …, 2006 - dl.acm.org
The increasing complexity of secure software applications has given rise to static analysis
security tools to alert developers to potential security flaws within source code. However …
security tools to alert developers to potential security flaws within source code. However …
[PDF][PDF] Towards analyzing security-critical software during development
A Ghosh, G McGraw, FH Charron, M Schatz - Technical Report RSTR‐96 …, 1996 - Citeseer
We describe an approach and tool for analyzing the vulnerability of software applications to
anomalous events and malicious threats during software development. Traditionally …
anomalous events and malicious threats during software development. Traditionally …
Detecting security vulnerabilities with vulnerability nets
P Wang, S Liu, A Liu, W Jiang - Journal of Systems and Software, 2024 - Elsevier
Detecting security vulnerabilities is a crucial part in secure software development. Many
static analysis tools have proved to be effective in finding vulnerabilities, but generally there …
static analysis tools have proved to be effective in finding vulnerabilities, but generally there …