English
Related papers

Related papers: Static Detection of Uninitialized Stack Variables …

200 papers

The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification…

Cryptography and Security · Computer Science 2022-12-05 Andreas Schaad , Dominik Binder

Detecting vulnerabilities in software is a critical challenge in the development and deployment of applications. One of the most known and dangerous vulnerabilities is stack-based buffer overflows, which may allow potential attackers to…

Cryptography and Security · Computer Science 2021-01-01 William Arild Dahl , Laszlo Erdodi , Fabio Massimo Zennaro

Static analysis is one of the most widely adopted techniques to find software bugs before code is put in production. Designing and implementing effective and efficient static analyses is difficult and requires high expertise, which results…

Software Engineering · Computer Science 2019-06-04 Andrew Habib , Michael Pradel

Knowledge-based systems reason over some knowledge base. Hence, an important issue for such systems is how to acquire the knowledge needed for their inference. This paper assesses active learning methods for acquiring knowledge for "static…

Software Engineering · Computer Science 2020-10-23 Xueqi Yang , Zhe Yu , Junjie Wang , Tim Menzies

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

Vulnerability prediction is valuable in identifying security issues efficiently, even though it requires the source code of the target software system, which is a restrictive hypothesis. This paper presents an experimental study to predict…

Cryptography and Security · Computer Science 2025-04-01 D. Cotroneo , F. C. Grasso , R. Natella , V. Orbinato

The paper describes how to detect malicious executable files based on static analysis of their binary content. The stages of pre-processing and cleaning data extracted from different areas of executable files are analyzed. Methods of…

Cryptography and Security · Computer Science 2020-07-16 Nikolay Prudkovskiy

Data-flow analysis is a critical component of security research. Theoretically, accurate data-flow analysis in binary executables is an undecidable problem, due to complexities of binary code. Practically, many binary analysis engines offer…

Cryptography and Security · Computer Science 2025-06-03 Nicolaas Weideman , Sima Arasteh , Mukund Raghothaman , Jelena Mirkovic , Christophe Hauser

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

A timely software update is vital to combat the increasing security vulnerabilities. However, some software vendors may secretly patch their vulnerabilities without creating CVE entries or even describing the security issue in their change…

Cryptography and Security · Computer Science 2023-12-14 Xu He , Shu Wang , Pengbin Feng , Xinda Wang , Shiyu Sun , Qi Li , Kun Sun

Memory corruption is a serious class of software vulnerabilities, which requires careful attention to be detected and removed from applications before getting exploited and harming the system users. Symbolic execution is a well-known method…

Cryptography and Security · Computer Science 2025-09-16 Sara Baradaran , Mahdi Heidari , Ali Kamali , Maryam Mouzarani

Recognizing vulnerabilities in stripped binary files presents a significant challenge in software security. Although some progress has been made in generating human-readable information from decompiled binary files with Large Language…

Cryptography and Security · Computer Science 2025-05-29 Nasir Hussain , Haohan Chen , Chanh Tran , Philip Huang , Zhuohao Li , Pravir Chugh , William Chen , Ashish Kundu , Yuan Tian

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

In this paper, we present a novel marriage of static and dynamic analysis. Given a large code base with many functions and a mature test suite, we propose using static analysis to find functions 1) with assertions or other evident…

Software Engineering · Computer Science 2016-09-22 Mohammad Amin Alipour , Alex Groce , Chaoqiang Zhang , Anahita Sanadaji , Gokul Caushik

Tackling binary program analysis problems has traditionally implied manually defining rules and heuristics, a tedious and time-consuming task for human analysts. In order to improve automation and scalability, we propose an alternative…

Cryptography and Security · Computer Science 2021-05-25 Shushan Arakelyan , Sima Arasteh , Christophe Hauser , Erik Kline , Aram Galstyan

Detecting memory corruption vulnerabilities in stripped binaries requires recovering object semantics, interprocedural propagation, and feasible triggers from low-level, lossy representations. Recent LLM-based approaches improve code…

Software Engineering · Computer Science 2026-05-15 Xinran Zheng , Alfredo Pesoli , Marco Valleri , Suman Jana , Lorenzo Cavallaro

Determining whether multiple instructions can access the same memory location is a critical task in binary analysis. It is challenging as statically computing precise alias information is undecidable in theory. The problem aggravates at the…

Cryptography and Security · Computer Science 2022-10-07 Kexin Pei , Dongdong She , Michael Wang , Scott Geng , Zhou Xuan , Yaniv David , Junfeng Yang , Suman Jana , Baishakhi Ray

A serious threat today is malicious executables. It is designed to damage computer system and some of them spread over network without the knowledge of the owner using the system. Two approaches have been derived for it i.e. Signature Based…

Cryptography and Security · Computer Science 2013-08-14 Usukhbayar Baldangombo , Nyamjav Jambaljav , Shi-Jinn Horng

With an increasing number of value-flow properties to check, existing static program analysis still tends to have scalability issues when high precision is required. We observe that the key design flaw behind the scalability problem is that…

Software Engineering · Computer Science 2019-12-17 Qingkai Shi , Rongxin Wu , Gang Fan , Charles Zhang

Static analysis plays a crucial role in software vulnerability detection, yet faces a persistent precision-scalability tradeoff. In large codebases like the Linux kernel, traditional static analysis tools often generate excessive false…

Software Engineering · Computer Science 2025-06-03 Haonan Li , Hang Zhang , Kexin Pei , Zhiyun Qian
‹ Prev 1 2 3 10 Next ›