SCOPUS 정보 검색 플랫폼

Proceedings of the IASTED International Conference on Software Engineering, SE 2007

Volumn , Issue , 2007, Pages 334-340

Flow-insensitive static analysis for detecting integer anomalies in programs

(4) Sarkar, Dipanwita a Jagannathan, Muthu a Thiagarajan, Jay a Venkatapathy, Ramanathan a

a MICROSOFT (United States)

Author keywords

Buffer overrun; Integer overflow; Integer underflow; Security; Static analysis

Indexed keywords

DIGITAL SIGNAL PROCESSING; SOFTWARE ENGINEERING; SPONTANEOUS EMISSION; STATIC ANALYSIS;

ANALYSIS ALGORITHMS; ANAMOLIES; ARITHMETIC OPERATIONS; BUFFER OVERRUN; BUFFER OVERRUNS; BUFFER SIZES; INTEGER OVERFLOW; INTEGER UNDERFLOW; INTEGER VALUES; INTEGER VARIABLES; MEMORY ALLOCATIONS; MICROSOFT; NOISE RATES; SECURITY; UNDER FLOWS;

INTEGER PROGRAMMING;

EID: 56249126470 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: None Document Type: Conference Paper

Times cited : (20)

References (23)

1
- 0010729284
- Second Edition
- Michael Howard and David LeBlanc. Writing Secure Code, Second Edition, 2002.
- (2002) Writing Secure Code
- Howard, M.¹ LeBlanc, D.²

2
- 10944266927
- First Edition
- John Viega. Secure Programming Cookbook for C and C++, First Edition, 2003.
- (2003) Secure Programming Cookbook for C and C
- Viega, J.¹

3
- 0003925663
- First Edition
- John Viega. Building Secure Software, First Edition, 2001.
- (2001) Building Secure Software
- Viega, J.¹

4
- 56249103596
- CA-2001-35 CERT Advisory.
- CA-2001-35 CERT Advisory.

5
- 56249141260
- CA-2003-10 CERT Advisory.
- CA-2003-10 CERT Advisory.

6
- 56249111475
- MS04-025 Microsoft Security Bulletin
- MS04-025 Microsoft Security Bulletin.

7
- 85011293817
- LCLint: A tool for using specifications to check code
- David Evans, John Guttag, James Horning, and Yang Meng Tan. LCLint: A tool for using specifications to check code. In Proceedings of the ACM SIGSOFT '94 Symposium on the Foundations of Software Engineering, pages 87-96, 1994.
- (1994) Proceedings of the ACM SIGSOFT '94 Symposium on the Foundations of Software Engineering , pp. 87-96
- Evans, D.¹ Guttag, J.² Horning, J.³ Yang, M.⁴

8
- 34247099396
- Modular checking for buffer overflows in the large
- Brian Hackett, Manuvir Das, Daniel Wang, and Zhe Yang. Modular checking for buffer overflows in the large. In ICSE, 2006.
- (2006) ICSE
- Hackett, B.¹ Das, M.² Wang, D.³ Yang, Z.⁴

9
- 65349145047
- Using programmerwritten compiler extensions to catch security holes
- May, Oakland, California
- K. Ashcraft and D. Engler. Using programmerwritten compiler extensions to catch security holes, May 2002. In IEEE Symposium on Security and Privacy, Oakland, California.
- (2002) IEEE Symposium on Security and Privacy
- Ashcraft, K.¹ Engler, D.²

10
- 84905494891
- Improving computer security using extended static checking
- B. Chess. Improving computer security using extended static checking. In IEEE Symposium on Security and Privacy,, 2002.
- (2002) IEEE Symposium on Security and Privacy
- Chess, B.¹

11
- 0036147522
- Improving security using extensible lightweight static analysis
- 2002
- David Evans and David Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, 19(1):42-51, /2002.
- IEEE Software , vol.19 , Issue.1 , pp. 42-51
- Evans, D.¹ Larochelle, D.²

12
- 14844302134
- MECA: An extensible, expressive system and language for statically checking security properties
- Junfeng Yang, Ted Kremenek, Yichen Xie, and Dawson Engler. MECA: an extensible, expressive system and language for statically checking security properties. In 10th ACM Conference on Computer and Communications Security, 2003.
- (2003) 10th ACM Conference on Computer and Communications Security
- Yang, J.¹ Kremenek, T.² Xie, Y.³ Engler, D.⁴

13
- 3042669120
- Righting software
- Jim Larus et.al. Righting software. In IEEE SOFTWARE published by IEEE Computer Society, 2004.
- (2004) IEEE SOFTWARE published by IEEE Computer Society
- Larus, J.¹

14
- 0033688092
- A static analyzer for finding dynamic programming errors
- William R. Bush, Jonathan D. Pincus, and David J. Sielaff. A static analyzer for finding dynamic programming errors. Software - Practice and Experience, 30(7):775-802, 2000.
- (2000) Software - Practice and Experience , vol.30 , Issue.7 , pp. 775-802
- Bush, W.R.¹ Pincus, J.D.² Sielaff, D.J.³

15
- 1442339050
- From symptom to cause: Localizing errors in counterexample traces
- Thomas Ball, Mayur Naik, and Sriram K. Rajamani. From symptom to cause: localizing errors in counterexample traces. SIGPLAN Not., 38(1):97-105, 2003.
- (2003) SIGPLAN Not , vol.38 , Issue.1 , pp. 97-105
- Ball, T.¹ Naik, M.² Rajamani, S.K.³

16
- 84894630000
- Automatically validating temporal safety properties of interfaces
- New York, NY, USA, Springer-Verlag New York, Inc
- Thomas Ball and Sriram K. Rajamani. Automatically validating temporal safety properties of interfaces. In SPIN '01: Proceedings of the 8th international SPIN workshop on Model checking of software, pages 103-122, New York, NY, USA, 2001. Springer-Verlag New York, Inc.
- (2001) SPIN '01: Proceedings of the 8th international SPIN workshop on Model checking of software , pp. 103-122
- Ball, T.¹ Rajamani, S.K.²

17
- 0036040604
- ESP: Path-sensitive program verification in polynomial time
- New York, NY, USA, ACM Press
- Manuvir Das, Sorin Lerner, and Mark Seigle. ESP: path-sensitive program verification in polynomial time. In PLDI '02: Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation, pages 57-68, New York, NY, USA, 2002. ACM Press.
- (2002) PLDI '02: Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation , pp. 57-68
- Das, M.¹ Lerner, S.² Seigle, M.³

18
- 85035003357
- Automatic discovery of linear restraints between variables of a program
- Patrick Cousot and Nicholas Halbwachs. Automatic discovery of linear restraints between variables of a program. In 5th Annual ACM Symposium on Principle of Programming Languages, 1978.
- (1978) 5th Annual ACM Symposium on Principle of Programming Languages
- Cousot, P.¹ Halbwachs, N.²

19
- 85025830822
- A class of polynomially solvable range constraints for interval analysis without widenings and narrowings
- Zhendong Su and David Wagner. A class of polynomially solvable range constraints for interval analysis without widenings and narrowings. In TACAS, 2004.
- (2004) TACAS
- Su, Z.¹ Wagner, D.²

20
- 85081874807
- A first step towards automated detection of buffer overrun vulnerabilities
- David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium, 2000.
- (2000) Network and Distributed System Security Symposium
- Wagner, D.¹ Foster, J.S.² Brewer, E.A.³ Aiken, A.⁴

21
- 8344266081
- Precise and efficient static array bound checking for large embedded c programs
- Arnaud Venet and Guillaume Brat. Precise and efficient static array bound checking for large embedded c programs. In PLDI, 2004.
- (2004) PLDI
- Venet, A.¹ Brat, G.²

22
- 3142582577
- Vinod Ganapathy et.al. Buffer overrun detection using linear programming and static analysis. In CCS03, 2003.
- Vinod Ganapathy et.al. Buffer overrun detection using linear programming and static analysis. In CCS03, 2003.

23
- 0033686834
- Calculating sized types
- Wei-Ngan Chin and Siau-Cheng Khoo. Calculating sized types. In Partial Evaluation and Semantic-Based Program Manipulation, pages 62-72, 2000.
- (2000) Partial Evaluation and Semantic-Based Program Manipulation , pp. 62-72
- Chin, W.-N.¹ Khoo, S.-C.²

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.