http://www.cnr.it/ontology/cnr/individuo/prodotto/ID179563
Comparing Lexical Analysis Tools for Buffer Overflow Detection in Network Software (Contributo in atti di convegno)
- Type
- Label
- Comparing Lexical Analysis Tools for Buffer Overflow Detection in Network Software (Contributo in atti di convegno) (literal)
- Anno
- 2006-01-01T00:00:00+01:00 (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#doi
- 10.1109/COMSWA.2006.1665217 (literal)
- Alternative label
L. Durante; D. Pozza; R. Sisto; A. Valenzano (2006)
Comparing Lexical Analysis Tools for Buffer Overflow Detection in Network Software
in 1st IEEE International Conference on Communication System Software and Middleware (COMSWARE 2006), New Delhi, 8-12 Gennaio 2006
(literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori
- L. Durante; D. Pozza; R. Sisto; A. Valenzano (literal)
- Pagina inizio
- Pagina fine
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#url
- http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1665217 (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#pagineTotali
- Note
- Google Scholar (literal)
- IEEE Xplore digital library (literal)
- Scopu (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni
- L. Durante; A. Valenzano: CNR-IEIIT, Istituto di Elettronica e di Ingegneria dell'Informazione e delle Telecomunicazioni, Torino, Italy
D. Pozza; R. Sisto: Dipartimento di Automatica e Informatica, Politecnico di Torino, Torino, Italy (literal)
- Titolo
- Comparing Lexical Analysis Tools for Buffer Overflow Detection in Network Software (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#isbn
- Abstract
- Many of the bugs in distributed software modules are security vulnerabilities, the most common and also the most exploited of which are buffer overflows and they typically arise in programs written in the C language. This paper, focusing on static analysis tools for detecting buffer overflows in C programs, presents a methodology for experimentally evaluating and comparing the main objective features of such tools. The proposed method is based on testing all the tools on a common set of publicly available, open source software packages, and makes use of specific metrics defined to evaluate the main tool features. In particular, the evaluation aims at quantifying how close the tool is to a complete and sound tool. Our approach has been applied for an initial evaluation of the class of static analysis tools that are based on lexical analysis, using as test cases three well known network software packages. The results obtained, illustrated and commented on in this paper, offer some interesting indications (literal)
- Editore
- Prodotto di
- Autore CNR
- Insieme di parole chiave
Incoming links:
- Prodotto
- Autore CNR di
- Editore di
- Insieme di parole chiave di
