All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)
EJ Schwartz, T Avgerinos… - 2010 IEEE symposium on …, 2010 - ieeexplore.ieee.org
Dynamic taint analysis and forward symbolic execution are quickly becoming staple
techniques in security analyses. Example applications of dynamic taint analysis and forward …
techniques in security analyses. Example applications of dynamic taint analysis and forward …
TAJ: effective taint analysis of web applications
Taint analysis, a form of information-flow analysis, establishes whether values from
untrusted methods and parameters may flow into security-sensitive operations. Taint …
untrusted methods and parameters may flow into security-sensitive operations. Taint …
Flow-sensitive pointer analysis for millions of lines of code
B Hardekopf, C Lin - International Symposium on Code …, 2011 - ieeexplore.ieee.org
Many program analyses benefit, both in precision and performance, from precise pointer
analysis. An important dimension of pointer analysis precision is flow-sensitivity, which has …
analysis. An important dimension of pointer analysis precision is flow-sensitivity, which has …
Challenges and opportunities for practical and effective dynamic information flow tracking
Information flow tracking was proposed more than 40 years ago to address the limitations of
access control mechanisms to guarantee the confidentiality and integrity of information …
access control mechanisms to guarantee the confidentiality and integrity of information …
Native x86 decompilation using {Semantics-Preserving} structural analysis and iterative {Control-Flow} structuring
There are many security tools and techniques for analyzing software, but many of them
require access to source code. We propose leveraging decompilation, the study of …
require access to source code. We propose leveraging decompilation, the study of …
Andromeda: Accurate and Scalable Security Analysis of Web Applications
Security auditing of industry-scale software systems mandates automation. Static taint
analysis enables deep and exhaustive tracking of suspicious data flows for detection of …
analysis enables deep and exhaustive tracking of suspicious data flows for detection of …
Improving application security with data flow assertions
Resin is a new language runtime that helps prevent security vulnerabilities, by allowing
programmers to specify application-level data flow assertions. Resin provides policy objects …
programmers to specify application-level data flow assertions. Resin provides policy objects …
Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks
Despite the many efforts made in recent years to mitigate runtime attacks such as stack and
heap based buffer overflows, these attacks are still a common security concern in today's …
heap based buffer overflows, these attacks are still a common security concern in today's …
Saving the world wide web from vulnerable JavaScript
JavaScript is the most popular client-side scripting language for Web applications.
Exploitable JavaScript code exposes end users to integrity and confidentiality violations …
Exploitable JavaScript code exposes end users to integrity and confidentiality violations …
Semi-sparse flow-sensitive pointer analysis
B Hardekopf, C Lin - ACM SIGPLAN Notices, 2009 - dl.acm.org
Pointer analysis is a prerequisite for many program analyses, and the effectiveness of these
analyses depends on the precision of the pointer information they receive. Two major axes …
analyses depends on the precision of the pointer information they receive. Two major axes …