Automatically inspecting thousands of static bug warnings with large language model: How far are we?
Static analysis tools for capturing bugs and vulnerabilities in software programs are widely
employed in practice, as they have the unique advantages of high coverage and …
employed in practice, as they have the unique advantages of high coverage and …
CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs
Various studies have empirically shown that the majority of Java and Android applications
misuse cryptographic libraries, causing devastating breaches of data security. It is crucial to …
misuse cryptographic libraries, causing devastating breaches of data security. It is crucial to …
A survey of parametric static analysis
Understanding program behaviors is important to verify program properties or to optimize
programs. Static analysis is a widely used technique to approximate program behaviors via …
programs. Static analysis is a widely used technique to approximate program behaviors via …
Phasar: An inter-procedural static analysis framework for c/c++
Static program analysis is used to automatically determine program properties, or to detect
bugs or security vulnerabilities in programs. It can be used as a stand-alone tool or to aid …
bugs or security vulnerabilities in programs. It can be used as a stand-alone tool or to aid …
Context-, flow-, and field-sensitive data-flow analysis using synchronized pushdown systems
Precise static analyses are context-, field-and flow-sensitive. Context-and field-sensitivity are
both expressible as context-free language (CFL) reachability problems. Solving both CFL …
both expressible as context-free language (CFL) reachability problems. Solving both CFL …
A cocktail approach to practical call graph construction
After decades of research, constructing call graphs for modern C-based software remains
either imprecise or inefficient when scaling up to the ever-growing complexity. The main …
either imprecise or inefficient when scaling up to the ever-growing complexity. The main …
[PDF][PDF] Unleashing the power of type-based call graph construction by using regional pointer information
When dealing with millions of lines of C code, we still cannot have the cake and eat it: type
analysis for call graph construction is scalable yet highly imprecise. We address this …
analysis for call graph construction is scalable yet highly imprecise. We address this …
Spatio-temporal context reduction: A pointer-analysis-based static approach for detecting use-after-free vulnerabilities
Zero-day Use-After-Free (UAF) vulnerabilities are increasingly popular and highly
dangerous, but few mitigations exist. We introduce a new pointer-analysis-based static …
dangerous, but few mitigations exist. We introduce a new pointer-analysis-based static …
Precision-guided context sensitivity for pointer analysis
Context sensitivity is an essential technique for ensuring high precision in Java pointer
analyses. It has been observed that applying context sensitivity partially, only on a select …
analyses. It has been observed that applying context sensitivity partially, only on a select …
The role of program analysis in security vulnerability detection: Then and now
Program analysis techniques play an important role in detecting security vulnerabilities. In
this paper we describe our experiences in developing a variety of tools that detect security …
this paper we describe our experiences in developing a variety of tools that detect security …