• LIFT

  • Referenced in 3 articles [sw20596]
  • vulnerabilities. Prior work shows that information flow tracking (also referred to as taint analysis...
  • Mythril

  • Referenced in 0 articles [sw37686]
  • security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built ... solving and taint analysis to detect a variety of security vulnerabilities. It’s also used ... tools and techniques) in the MythX security analysis platform...
  • BackFlow

  • Referenced in 1 article [sw34336]
  • flow reconstruction of taint analysis results. Taint analysis detects if data coming from a source ... detect injection vulnerabilities in real world software. A main drawback of static analysis is that...
  • DTA++

  • Referenced in 2 articles [sw33315]
  • with targeted control-flow propagation. Dynamic taint analysis (DTA) is a powerful technique for, among ... sensitive in- formation. However, it is vulnerable to false negative er- rors caused by implicit ... propose DTA++, an enhancement to dynamic taint analysis that additionally propagates taint along...
  • GDSL

  • Referenced in 3 articles [sw13118]
  • giving semantics to machine language. The static analysis of executable programs has gained importance ... audit larger and larger programs for security vulnerabilities or safety violations. The basis for analyzing...
  • CryptDB

  • Referenced in 16 articles [sw27061]
  • Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs ... user who is not logged in. An analysis of a trace of 126 million...
  • AMASIVE

  • Referenced in 1 article [sw07680]
  • named AMASIVE (adaptable modular autonomous side-channel vulnerability evaluator), which supports the designer in implementing ... analysis and the evaluation of a given cryptographic design in regard to application-specific vulnerabilities...
  • CyGraph

  • Referenced in 1 article [sw22314]
  • vulnerability paths. It also includes dependencies among mission requirements and network assets, for analysis ... support and situational awareness. It prioritizes exposed vulnerabilities, mapped to potential threats, in the context...
  • DEEPSEC

  • Referenced in 1 article [sw41286]
  • Security Analysis of Deep Learning Model. Deep learning (DL) models are inherently vulnerable to adversarial...
  • Moat

  • Referenced in 1 article [sw23080]
  • measurement, remote attestation, and cryptographic sealing. However, vulnerabilities in the application itself, such ... analysis) for proving that an enclave program running on SGX does not contain a vulnerability...
  • SecGraph

  • Referenced in 1 article [sw38364]
  • utility, and evaluate the data’s vulnerability against modern De-Anonymization (DA) attacks. In addition ... SecGraph enables researchers to conduct fair analysis and evaluation of existing and newly developed anonymization/DA ... state-of-the-art anonymization schemes are vulnerable to several or all of the modern...
  • PhoneyC

  • Referenced in 1 article [sw37387]
  • broad, poorly defended space filled with vulner-able clients. Just as honeypots enabled deep research ... rather an emulated client. By using dynamic analysis, PhoneyC is able to remove the obfuscation ... many malicious pages. Furthermore, PhoneyC emulates specific vulnerabilities to pinpoint the attack vector. PhoneyC...
  • PolySpace

  • Referenced in 1 article [sw31196]
  • PolySpace design verifier. Polyspace® static code analysis products use formal methods to prove the absence ... They include checkers for coding rules, security vulnerabilities, code metrics, and hundreds of additional classes...
  • SGS

  • Referenced in 1 article [sw38855]
  • potential bottleneck, and adversaries can exploit this vulnerability to launch distributed denial-of-service (DDoS ... Existing solutions are fundamentally based forged traffic analysis, increasing computational cost and being prone...
  • SmartCheck

  • Referenced in 0 articles [sw37692]
  • SmartCheck: static analysis of ethereum smart contracts. Ethereum is a major blockchain-based platform ... pace of development in this field. Automated vulnerability detection tools, which help detect potentially problematic ... Solidity and implement SmartCheck - an extensible static analysis tool that detects them1. SmartCheck translates Solidity ... current state of knowledge on Solidity vulnerabilities and shows significant improvements over alternatives. SmartCheck...
  • MemShield

  • Referenced in 1 article [sw37367]
  • software memory encryption. Cryptographic algorithm implementations are vulnerable to Cold Boot attacks, which consist ... related works, the implementation, the security analysis, and the performances of MemShield...
  • Cujo

  • Referenced in 1 article [sw37812]
  • called drive-by downloads---attacks exploiting vulnerabilities in web browsers and their extensions for unnoticeably ... obfuscation in these attacks, static code analysis is largely ineffective in practice. While dynamic analysis...
  • Angelix

  • Referenced in 2 articles [sw26887]
  • methods and semantics-based methods. Our semantic analysis based repair tool Angelix synthesizes repairs based ... patch for the well-known Heartbleed vulnerability...
  • CoChecker

  • Referenced in 1 article [sw13316]
  • help developers check whether their applications are vulnerable to these attacks. In this paper ... privilege escalation attacks using static taint analysis. We propose to build a call graph...
  • Slither

  • Referenced in 0 articles [sw37688]
  • application of commonly used program analysis techniques like dataflow and taint tracking. Our framework ... main use cases: (1) automated detection of vulnerabilities, (2) automated detection of code optimization opportunities ... fast, accurate, and outperforms other static analysis tools at finding issues in Ethereum smart contracts...