Advanced search
Publication Cover
Cogent Engineering Volume 4, 2017 - Issue 1
Submit an article Journal homepage
1,752
Views
4
CrossRef citations to date
0
Altmetric
Research Article

Stacy-static code analysis for enhanced vulnerability detection

Pankaj LatharDepartment of Information Technology, CBP Government Engineering College, New Delhi, IndiaCorrespondence[email protected]
View further author information
,
Raunak ShahComputer Science and Engineering, M.S. Ramaiah Institute of Technology, Bangalore, IndiaView further author information
&
Srinivasa K GDepartment of Information Technology, CBP Government Engineering College, New Delhi, IndiaView further author information
|
Gautam SrivastavaBrandon University, Canada
(Reviewing Editor)
Article: 1335470 | Received 05 Feb 2017, Accepted 17 May 2017, Published online: 07 Jun 2017

References

  • Aiken, A., Bugrara, S., Dillig, I., Dillig, T., Hawkins, P., & Hackett, B. (2007). An overview of the saturn project. In Proceedings of the Workshop on Program Analysis for Software Tools and Engineering (pp. 43–48).
  • Ball, T. (December, 1993). The concept of dynamic analysis: ACM letters on programming languages and systems.
  • Cherem, S., Princehouse, L., & Rugina, R. (2007). Practical memory leak detection using guarded value-flow analysis. New York, USA. In Proceedings of the 28th ACM SIGPLAN Conference on Programming Language Design and Implementation.
  • Chess, B., & West, J. (2007). Secure programming with static analysis. Upper Saddle River, NJ: Pearson Education.
  • Cowan, C., Pu, C., Maier, D., Hinton, H., Bakke, P., Beattie, S., … Zhang, Q. (January, 1998). Automatic detection and prevention of buffer-overflow attacks. In Proceedings of the 7th USENIX Security Symposium.
  • Dahn, C., & Mancoridis, S. (2003). Using program transformation to secure C programs against buffer overflows. In WCRE ‘03 Proceedings of the 10th Working Conference on Reverse Engineering.
  • Evans, D., Guttag, J., Horning, J., & Tan, Y. M. (1994). LCLint: A tool for using specifications to check code. In: ACM SIGSOFT Symposium on Foundations of Software Engineering (pp. 87–96).
  • Heine, D. L., & Lam, M. S. (2003, June). A practical flow-sensitive and context-sensitive C and C++ memory leak detector. In Proceedings of the ACM Conference on Program Language Design and Implementation, San Diego, CA.
  • Heine, D. L., & Lam, M. S. (2006, May). Static detection of leaks in polymorphic containers. In Proceeding of the International Conference on Software Engineering, Shanghai, China.
  • Jana, A., & Naik, R. (2012, October). Precise detection of uninitialized variables using dynamic analysis - Extending to aggregate and vector types. In 2012 19th Working Conference on Reverse Engineering, Kingston, ON.
  • Larochelle, D., & Evans, D. (2001, August). Statically detecting likely buffer overflow vulnerabilities. In Proceedings of the 10th USENIX Security Symposium.
  • Nguyen, T. V. N., Irigoin, F., Ancourt, C., & Coelho, F. (2002). Automatic detection of uninitialized variables. International Conference on Supercomputing, Ecole des Mines de Paris.
  • Orlovich, M., & Rugina, R. (2000). Memory leak analysis by contradiction. In: Proceedings of the 2000 International Conference on Compiler Construction, Berlin, Germany.
  • Söderberg, E., Ekman, T., Hedin, G., & Magnusson, E. (2013). Extensible intraprocedural flow analysis at the abstract syntax tree level. Science of Computer Programming, 78, 1809–1827.10.1016/j.scico.2012.02.002
  • Xie, Y., & Aiken, A. (2005, September). Context- and path-sensitive memory leak detection. In ACM SIGSOFT Symposium on the Foundations of Software Engineering, Lisbon, Portugal.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.