The number of identified integer overflow vulnerabilities has been increasing rapidly in
recent years. In this paper, we present a system, IntScope, which can automatically detect …

A large number of memory corruption vulnerabilities, eg, heap overflow and use after free
(UAF), could only be exploited in specific heap layouts via techniques like heap feng shui …

Cost analysis statically approximates the cost of programs in terms of their input data size.
This paper presents, to the best of our knowledge, the first approach to the automatic cost …

We present a modular approach to automatic complexity analysis of integer programs.
Based on a novel alternation between finding symbolic time bounds for program parts and …

This paper describes the architecture of costa, an abstract interpretation based cos t and t
ermination a nalyzer for Java bytecode. The system receives as input a bytecode program,(a …

Energy models can be constructed by characterizing the energy consumed when executing
each instruction in a processor's instruction set. This can be used to determine how much …

Human analysts must reverse engineer binary programs as a prerequisite for a number of
security tasks, such as vulnerability analysis, malware detection, and firmware re-hosting …

JNI programs are widely used thanks to the combined benefits of C and Java programs.
However, because understanding the interaction behaviors between two different …

Software vulnerabilities resulting from coding weaknesses and poor development practices
are common. Attackers can exploit these vulnerabilities and impact the security and privacy …

Randomized differential testing of compilers has had great success in finding compiler
crashes and silent miscompilations. In this paper we investigate whether we can use similar …