Code revision of a leading telecom product was performed, combining manual audit and static analysis tools. On average, one exploitable vulnerability was found for every 4000 line...
In this paper, we address the problem of static slicing on binary executables for the purposes of the malicious code detection in COTS components. By operating directly on binary ...
J. Bergeron, Mourad Debbabi, M. M. Erhioui, B&eacu...
This paper studies the problem of securing information release in dynamic languages. We propose (i) an intuitive framework for information-release policies expressing both what ca...
Static security analysis of software has made great progress over the last years. In particular, this applies to the detection of lowlevel security bugs such as buffer overflows,...
There exists a large variety of techniques to detect and correct software security vulnerabilities at the source code level, including human code reviews, testing, and static anal...