CiteSeerX — Search Results — Joogie: Infeasible Code Detection for Java.

Results 1 - 10 of 689

Extended Static Checking for Java

by Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, Raymie Stata , 2002

"... Software development and maintenance are costly endeavors. The cost can be reduced if more software defects are detected earlier in the development cycle. This paper introduces the Extended Static Checker for Java (ESC/Java), an experimental compile-time program checker that finds common programming ..."

Abstract - Cited by 638 (24 self) - Add to MetaCart

Software development and maintenance are costly endeavors. The cost can be reduced if more software defects are detected earlier in the development cycle. This paper introduces the Extended Static Checker for Java (ESC/Java), an experimental compile-time program checker that finds common

Intrusion Detection via Static Analysis

by David Wagner, Drew Dean , 2001

"... One of the primary challenges in intrusion detection is modelling typical application behavior, so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior. The resul ..."

Abstract - Cited by 352 (1 self) - Add to MetaCart

. The result is a host-based intrusion detection system with three advantages: a high degree of automation, protection against a broad class of attacks based on corrupted code, and the elimination of false alarms. We report on our experience with a prototype implementation of this technique. 1. Introduction

Type-based race detection for Java

by Cormac Flanagan, Stephen N. Freund - IN PROCEEDINGS OF THE SIGPLAN CONFERENCE ON PROGRAMMING LANGUAGE DESIGN AND IMPLEMENTATION

"... This paper presents a static race detection analysis for multithreaded Java programs. Our analysis is based on a formal type system that is capable of capturing many common synchronization patterns. These patterns include classes with internal synchronization, classes that require client-side synchr ..."

Abstract - Cited by 281 (24 self) - Add to MetaCart

This paper presents a static race detection analysis for multithreaded Java programs. Our analysis is based on a formal type system that is capable of capturing many common synchronization patterns. These patterns include classes with internal synchronization, classes that require client

banner above paper title Joogie: From Java through Jimple to Boogie

by Stephan Arlt, Martin Schäf

"... Recently, software verification is being used to prove the presence of contradictions in source code and thus reveal potential weaknesses in the code or provide assistance to the compiler optimization. Compared to verification of correctness properties, the translation from source code to logic can ..."

Abstract - Add to MetaCart

be very simple and thus easy to solve by automated theorem provers. In this paper, we present a translation of Java into logic that is suitable for proving the presence of contradictions in code. We show that the translation, which is based on the Jimple language, can be used to analyze real

Infeasible Code Detection

by Cristiano Bertolini, Martin Schäf, Pascal Schweitzer

"... Abstract. A piece of code in a computer program is infeasible if it cannot be part of any normally-terminating execution of the program. Wedevelopanalgorithm for theautomatic detectionofall infeasible code in a program. We first translate the task of determining all infeasible code into the problem ..."

Abstract - Cited by 5 (3 self) - Add to MetaCart

Abstract. A piece of code in a computer program is infeasible if it cannot be part of any normally-terminating execution of the program. Wedevelopanalgorithm for theautomatic detectionofall infeasible code in a program. We first translate the task of determining all infeasible code into the problem

Java Quality Assurance by Detecting Code Smells

by Eva Van Emden, Leon Moonen - in Proceedings of the 9th Working Conference on Reverse Engineering. IEEE Computer , 2002

"... Software inspection is a known technique for improving software quality. It involves carefully examining the code, the design, and the documentation of software and checking these for aspects that are known to be potentially problematic based on past experience. Code smells are a metaphor to describ ..."

Abstract - Cited by 151 (5 self) - Add to MetaCart

with the development of jCOSMO, a prototype code smell browser that detects and visualizes code smells in JAVA source code. Finally, we show how this tool was applied in a case study. Keywords: software inspection, quality assurance, Java, refactoring, code smells.

Jcrasher: an automatic robustness tester for java

by Christoph Csallner, Yannis Smaragdakis - Software: Practice and Experience , 2004

"... JCrasher is an automatic robustness testing tool for Java code. JCrasher examines the type information of a set of Java classes and constructs code fragments that will create instances of different types to test the behavior of public methods under random data. JCrasher attempts to detect bugs by ca ..."

Abstract - Cited by 171 (6 self) - Add to MetaCart

JCrasher is an automatic robustness testing tool for Java code. JCrasher examines the type information of a set of Java classes and constructs code fragments that will create instances of different types to test the behavior of public methods under random data. JCrasher attempts to detect bugs

Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code

by Marco Cova, Christopher Kruegel, Giovanni Vigna - In WWW 2010 , 2010

"... JavaScript is a browser scripting language that allows developers to create sophisticated client-side interfaces for web applications. However, JavaScript code is also used to carry out attacks against the user’s browser and its extensions. These attacks usually result in the download of additional ..."

Abstract - Cited by 131 (20 self) - Add to MetaCart

malware that takes complete control of the victim’s platform, and are, therefore, called “drive-by downloads. ” Unfortunately, the dynamic nature of the JavaScript language and its tight integration with the browser make it difficult to detect and block malicious JavaScript code. This paper presents a

Towards Bounded Infeasible Code Detection

by Jochen Hoenicke

"... ar ..."

Abstract - Cited by 1 (0 self) - Add to MetaCart

Abstract not found

Finding Security Vulnerabilities in Java Applications with Static Analysis

by V. Benjamin Livshits , Monica S. Lam , 2005

"... This paper proposes a static analysis technique for detecting many recently discovered application vulnerabilities such as SQL injections, cross-site scripting, and HTTP splitting attacks. These vulnerabilities stem from unchecked input, which is widely recognized as the most common source of securi ..."

Abstract - Cited by 169 (3 self) - Add to MetaCart

specification in the statically analyzed code. Results of our static analysis are presented to the user for assessment in an auditing interface integrated within Eclipse, a popular Java development environment. Our static analysis found 29 security vulnerabilities in nine large, popular open-source applications

Results 1 - 10 of 689

Tools