In May 2009, Google conducted a company wide FindBugs “fixit”. Hundreds of engineers reviewed thousands of FindBugs warnings, and fixed or filed reports against many of the...
Tagging schemes have been used in security protocols to ensure that the analysis of such protocols can work with messages of bounded length. When the set of nonces is bounded, this...
We present a novel technique that identifies the source compiler of program binaries, an important element of program provenance. Program provenance answers fundamental questions...
Nathan E. Rosenblum, Barton P. Miller, Xiaojin Zhu
Various static analysis tools will analyze a software artifact in order to identify potential defects, such as misused APIs, race conditions and deadlocks, and security vulnerabil...
Given the bytecode of a software system, is it possible to automatically generate attack signatures that reveal its vulnerabilities? A natural solution would be symbolically execu...