Improving security using extensible lightweight static analysis

被引:181
|
作者
Evans, D [1 ]
Larochelle, D [1 ]
机构
[1] Univ Virginia, Sch Engn & Appl Sci, Dept Comp Sci, Charlottesville, VA 22904 USA
来源
IEEE SOFTWARE | 2002年 / 19卷 / 01期
基金
美国国家航空航天局; 美国国家科学基金会;
关键词
Authentication protocols - Legacy code - Lightweight static analysis;
D O I
10.1109/52.976940
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
By David Evans and David Larochelle, pp. 42-51. Most security attacks exploit instances of well-known classes of implementation flaws. Developers could detect and eliminate many of these flaws before deploying the software, yet these problems persist with disturbing frequency-not because the security community doesn't sufficiently understand them but because techniques for preventing them have not been integrated into the software development process. This article describes an extensible tool that uses lightweight static analysis to detect common security vulnerabilities (including buffer overflows and format string vulnerabilities).
引用
收藏
页码:42 / +
页数:11
相关论文
共 50 条
  • [31] Semiclosed-form solution for static nonlinear analysis of extensible cables
    M. T. A. Chaudhary
    Mechanics of Solids, 2014, 49 : 468 - 476
  • [32] Semiclosed-Form Solution for Static Nonlinear Analysis of Extensible Cables
    Chaudhary, M. T. A.
    MECHANICS OF SOLIDS, 2014, 49 (04) : 468 - 476
  • [33] Security Analysis of Lightweight IoT Cipher: Chaskey
    Dwivedi, Ashutosh Dhar
    CRYPTOGRAPHY, 2020, 4 (03) : 1 - 10
  • [34] Security Analysis of Lightweight Block Cipher ESF
    Yin J.
    Ma C.
    Song J.
    Zeng G.
    Ma C.
    1600, Science Press (54): : 2224 - 2231
  • [35] An extensible lightweight framework for distributed telemetry of microservices
    Otero, Manuel
    Garcia, Jose Maria
    Fernandez, Pablo
    SUSTAINABLE COMPUTING-INFORMATICS & SYSTEMS, 2025, 46
  • [36] Lightweight DSL for Describing Extensible Transition Systems
    Umatani, Seiji
    39TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2024, 2024, : 1122 - 1131
  • [37] An extensible and lightweight architecture for adaptive server applications
    Gorton, Ian
    Liu, Yan
    Trivedi, Nihar
    SOFTWARE-PRACTICE & EXPERIENCE, 2008, 38 (08): : 853 - 883
  • [38] Pillar: A Versatile and Extensible Lightweight Markup Language
    Arloing, Thibault
    Dubois, Yann
    Ducasse, Stephane
    Cassou, Damien
    PROCEEDINGS OF THE 11TH EDITION OF THE INTERNATIONAL WORKSHOP ON SMALLTALK TECHNOLOGIES, (IWST 2016), 2016,
  • [39] An Extensible and Lightweight Modular Ontology for Programming Education
    Grevisse, Christian
    Botev, Jean
    Rothkugel, Steffen
    ADVANCES IN COMPUTING, CCC 2017, 2017, 735 : 358 - 371
  • [40] Static analysis for the π-calculus with applications to security
    Bodei, C
    Degano, P
    Nielson, F
    Nielson, HR
    INFORMATION AND COMPUTATION, 2001, 168 (01) : 68 - 92
12345