Specifying and managing access control policies is a challenging problem. We propose to develop formal verification techniques for access control policies to improve the current s...
Somesh Jha, Ninghui Li, Mahesh V. Tripunitara, Qih...
Given the bytecode of a software system, is it possible to automatically generate attack signatures that reveal its vulnerabilities? A natural solution would be symbolically execu...
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effect...
Dynamic binary translation systems enable a wide range of applications such as program instrumentation, optimization, and security. DBTs use a software code cache to store previou...
Cross-site scripting (XSS) and SQL injection errors are two prominent examples of taint-based vulnerabilities that have been responsible for a large number of security breaches in...