Lathar et al., 2017 - Google Patents
Stacy-static code analysis for enhanced vulnerability detectionLathar et al., 2017
View PDF- Document ID
- 1977596375883381035
- Author
- Lathar P
- Shah R
- KG S
- Publication year
- Publication venue
- Cogent Engineering
External Links
Snippet
Computer program analysis refers to the automatic analysis of the behavior of a user defined program. An application of program analysis is to determine the quality of source code. Humans are prone to errors and, in most cases, the penalty of deploying low quality code is …
- 238000004458 analytical method 0 title abstract description 61
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3676—Test management for coverage analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3636—Software debugging by tracing the execution of the program
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/4421—Execution paradigms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/445—Programme loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/75—Structural analysis for program understanding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Salis et al. | Pycg: Practical call graph generation in python | |
| US9715593B2 (en) | Software vulnerabilities detection system and methods | |
| Ma et al. | {MPI}: Multiple perspective attack investigation with semantic aware execution partitioning | |
| Arzt et al. | Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps | |
| Coelho et al. | Unveiling exception handling bug hazards in android based on github and google code issues | |
| Wen et al. | Automatically inspecting thousands of static bug warnings with large language model: How far are we? | |
| Grichi et al. | On the impact of interlanguage dependencies in multilanguage systems empirical case study on java native interface applications (JNI) | |
| Hu et al. | A tale of two cities: How webview induces bugs to android applications | |
| Tsutano et al. | An efficient, robust, and scalable approach for analyzing interacting android apps | |
| Wang et al. | Scaling static taint analysis to industrial soa applications: A case study at alibaba | |
| Alves et al. | Prioritizing test cases for early detection of refactoring faults | |
| Ma et al. | Aladdin: Automating release of deep-link apis on android | |
| Chahar et al. | Code analysis for software and system security using open source tools | |
| Kashyap et al. | Security signature inference for javascript-based browser addons | |
| Hasan et al. | Model context protocol (mcp) at first glance: Studying the security and maintainability of mcp servers | |
| Ferrara et al. | : Backward Context-Sensitive Flow Reconstruction of Taint Analysis Results | |
| Meng et al. | WeMinT: Tainting sensitive data leaks in WeChat mini-programs | |
| Titze et al. | Apparecium: Revealing data flows in android applications | |
| Wu et al. | CydiOS: A Model-Based Testing Framework for iOS Apps | |
| US20230315862A1 (en) | Method and apparatus for identifying dynamically invoked computer code using literal values | |
| Lathar et al. | Stacy-static code analysis for enhanced vulnerability detection | |
| US20250086270A1 (en) | Large language model (llm) supply chain security | |
| Tiwari et al. | Demand-driven information flow analysis of WebView in Android hybrid apps | |
| Yan et al. | DFlow: a data flow analysis tool for C/C++ | |
| Alhanahnah et al. | autoMPI: automated multiple perspective attack investigation with semantics aware execution partitioning |