Now showing items 1-4 of 4

    • Automatic Discovery of API-Level Vulnerabilities 

      Ganapathy, Vinod; Seshia, Sanjit A.; Jha, Somesh; Reps, Thomas W.; Bryant, Randal E. (University of Wisconsin-Madison Department of Computer Sciences, 2004)
      A system is vulnerable to an API-level attack if its security can be compromised by invoking an allowed sequence of operations from its API. We present a formal framework to model and analyze APIs, and develop an automatic ...
    • Buffer Overrun Detection Using Linear Programming and Static Analysis 

      Ganapathy, Vinod; Jha, Somesh; Chandler, David; Melski, David; Vitek, David (University of Wisconsin-Madison Department of Computer Sciences, 2003)
      This paper addresses the issue of identifiing buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a scalable analysis based on modeling C string manipulations as a linear program. We also ...
    • Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis 

      Ganapathy, Vinod; King, Dave; Jaeger, Trent; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2006)
      We present an approach based on concept analysis to retrofit legacy servers with mechanisms for authorization policy enforcement. Our approach is based upon the observation that security-sensitive operations are characterized ...
    • Retrofitting Legacy Code for Authorization Policy Enforcement 

      Ganapathy, Vinod; Jaeger, Trent; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2005)
      Researchers have long argued that the best way to construct a secure system is to proactively integrate security into the design of the system. However, this tenet is rarely followed because of economic and practical ...