The complexity of modern web applications makes it difficult for developers to fully understand the security implications of their code. Attackers exploit the resulting security v...
—This paper introduces YARRA, a conservative extension to C to protect applications from non-control data attacks. YARRA programmers specify their data integrity requirements by ...
We present Phantm, a static analyzer that uses a flowsensitive analysis to detect type errors in PHP applications. Phantm can infer types for nested arrays, and can leverage runti...
Abstract. The capability calculus is a framework for statically reasoning about program resources such as deallocatable memory regions. Fractional capabilities, originally proposed...
Most current techniques fail to achieve the dynamic update of recursive functions. A focus on execution states appears to be essential in order to implement dynamic update in this...