We present Phantm, a static analyzer that uses a flowsensitive analysis to detect type errors in PHP applications. Phantm can infer types for nested arrays, and can leverage runti...
We describe a combination of runtime information and static analysis for checking properties of complex and configurable systems. The basic idea of our approach is to 1) let the p...
—We study the vulnerability reports in the Common Vulnerability and Exposures (CVE) database by using topic models on their description texts to find prevalent vulnerability typ...
The number and the importance of Web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applica...
Abstract. The Internet, and in particular the world-wide web, have become part of the everyday life of millions of people. With the growth of the web, the demand for on-line servic...
Manuel Egele, Martin Szydlowski, Engin Kirda, Chri...