English
Related papers

Related papers: Static Application Security Testing (SAST) Tools f…

200 papers

To identify security vulnerabilities in Android applications, numerous static application security testing (SAST) tools have been proposed. However, it poses significant challenges to assess their overall performance on diverse…

Software Engineering · Computer Science 2024-10-29 Jingyun Zhu , Kaixuan Li , Sen Chen , Lingling Fan , Junjie Wang , Xiaofei Xie

Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be…

Software Engineering · Computer Science 2024-03-15 Matteo Esposito , Valentina Falaschi , Davide Falessi

Software vulnerabilities pose significant security challenges and potential risks to society, necessitating extensive efforts in automated vulnerability detection. There are two popular lines of work to address automated vulnerability…

Software Engineering · Computer Science 2024-07-24 Xin Zhou , Duc-Manh Tran , Thanh Le-Cong , Ting Zhang , Ivana Clairine Irsan , Joshua Sumarlin , Bach Le , David Lo

Smart contracts are self-executing programs on blockchain platforms like Ethereum, which have revolutionized decentralized finance by enabling trustless transactions and the operation of decentralized applications. Despite their potential,…

Software Engineering · Computer Science 2026-03-25 Gerardo Iuliano , Dario Di Nucci

Open-source software (OSS) pipelines rely on automated static analysis tools to prevent the introduction of vulnerabilities in code. However, there is limited understanding of the efficacy of these tools across the OSS ecosystem over time.…

Cryptography and Security · Computer Science 2026-05-11 Jean-Charles Noirot Ferrand , Kyle Domico , Yohan Beugin , Patrick McDaniel

Early identification of security issues in software development is vital to minimize their unanticipated impacts. Code review is a widely used manual analysis method that aims to uncover security issues along with other coding issues in…

Software Engineering · Computer Science 2024-07-18 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

This paper introduces a method for detecting vulnerabilities in smart contracts using static analysis and a multi-objective optimization algorithm. We focus on four types of vulnerabilities: reentrancy, call stack overflow, integer…

Software Engineering · Computer Science 2024-10-02 Dongcheng Li , W. Eric Wong , Xiaodan Wang , Sean Pan , Liang-Seng Koh

The demand for automated security analysis techniques, such as static analysis based security testing (SAST) tools continues to increase. To develop SASTs that are effectively leveraged by developers for finding vulnerabilities, researchers…

Cryptography and Security · Computer Science 2024-06-21 Amit Seal Ami , Kevin Moran , Denys Poshyvanyk , Adwait Nadkarni

Blockchain smart contracts have emerged as a transformative force in the digital realm, spawning a diverse range of compelling applications. Since solidity smart contracts across various domains manage trillions of dollars in virtual coins,…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-12-12 Zhiyuan Wei , Xianhao Zhang , Jing Sun , Zijian Zhang , Liehuang Zhu

The rapid adoption of blockchain technology highlighted the importance of ensuring the security of smart contracts due to their critical role in automated business logic execution on blockchain platforms. This paper provides an empirical…

Software Engineering · Computer Science 2026-05-19 Francesco Salzano , Cosmo Kevin Antenucci , Simone Scalabrino , Giovanni Rosa , Rocco Oliveto , Remo Pareschi

Background. Developers use Automated Static Analysis Tools (ASATs) to control for potential quality issues in source code, including defects and technical debt. Tool vendors have devised quite a number of tools, which makes it harder for…

Software Engineering · Computer Science 2021-01-25 Valentina Lenarduzzi , Savanna Lujan , Nyyti Saarimaki , Fabio Palomba

With the increasing adoption of smart contracts, ensuring their security has become a critical concern. Numerous vulnerabilities and attacks have been identified and exploited, resulting in significant financial losses. In response,…

Cryptography and Security · Computer Science 2024-08-13 Zhiyuan Wei , Jing Sun , Zijian Zhang , Xianhao Zhang , Xiaoxuan Yang , Liehuang Zhu

Background: Static Application Security Testing (SAST) tools purport to assist developers in detecting security issues in source code. These tools typically use rule-based approaches to scan source code for security vulnerabilities.…

Software Engineering · Computer Science 2021-07-19 Roland Croft , Dominic Newlands , Ziyu Chen , M. Ali Babar

Static security analysis is a widely used technique for detecting software vulnerabilities across a wide range of weaknesses, application domains, and programming languages. While prior work surveyed static analyzes for specific weaknesses…

Cryptography and Security · Computer Science 2026-02-23 Kevin Hermann , Sven Peldszus , Thorsten Berger

Static Application Security Testing (SAST) is a popular quality assurance technique in software engineering. However, integrating SAST tools into industry-level product development and security assessment poses various technical and…

Software Engineering · Computer Science 2021-03-25 Anh Nguyen-Duc , Manh Viet Do , Quan Luong Hong , Kiem Nguyen Khac

Web applications are distributed applications, they are programs that run on more than one computer and communicate through a network or server. This very distributed nature of web applications, combined with the scale and sheer complexity…

Cryptography and Security · Computer Science 2022-10-17 Akash Nagaraj , Bishesh Sinha , Mukund Sood , Yash Mathur , Sanchika Gupta , Dinkar Sitaram

This paper serves as a progress report on our research, specifically focusing on utilizing interval analysis, an existing static analysis method, for detecting vulnerabilities in smart contracts. We present a selection of motivating…

Software Engineering · Computer Science 2023-09-26 Ştefan-Claudiu Susan , Andrei Arusoaie

Smart contracts underpin high-value ecosystems such as decentralized finance (DeFi), yet recurring vulnerabilities continue to cause losses worth billions of dollars. Although numerous security analyzers that detect such flaws exist,…

Cryptography and Security · Computer Science 2026-03-03 Tamer Abdelaziz , Salma Alsaghir , Karim Ali

Security attacks targeting smart contracts have been on the rise, which have led to financial loss and erosion of trust. Therefore, it is important to enable developers to discover security vulnerabilities in smart contracts before…

Software Engineering · Computer Science 2020-05-26 Asem Ghaleb , Karthik Pattabiraman

Turing completeness has made Ethereum smart contracts attractive to blockchain developers and attackers alike. To increase code security, many tools can now spot most known vulnerabilities$-$at the cost of production efficiency. Recent…

Cryptography and Security · Computer Science 2024-10-23 Tommaso Oss , Carlos E. Budde
‹ Prev 1 2 3 10 Next ›