loading...
 This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Improving Security Using Extensible Lightweight Static Analysis
January/February 2002 (vol. 19 no. 1)
pp. 42-51
ASCII Text
x 
 
David Evans, David Larochelle, "Improving Security Using Extensible Lightweight Static Analysis," IEEE Software, vol. 19, no. 1, pp. 42-51, January/February, 2002.
 
 
BibTex
x
 
@article{ 10.1109/52.976940,
author = {David Evans and David Larochelle},
title = {Improving Security Using Extensible Lightweight Static Analysis},
journal ={IEEE Software},
volume = {19},
number = {1},
issn = {0740-7459},
year = {2002},
pages = {42-51},
doi = {http://doi.ieeecomputersociety.org/10.1109/52.976940},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - MGZN
JO - IEEE Software
TI - Improving Security Using Extensible Lightweight Static Analysis
IS - 1
SN - 0740-7459
SP42
EP51
EPD - 42-51
A1 - David Evans,
A1 - David Larochelle,
PY - 2002
VL - 19
JA - IEEE Software
ER -
 

Most security attacks exploit in-stances of well-known classes of implementation flaws. Developers could detect and eliminate many of these flaws before deploying the software, yet these problems persist with disturbing frequency-not be-cause the security community doesn't sufficiently understand them but because techniques for preventing them have not been integrated into the software development process. This article describes an extensible tool that uses lightweight static analysis to detect common security vulnerabilities (including buffer overflows and format string vulnerabilities).

Citation:
David Evans, David Larochelle, "Improving Security Using Extensible Lightweight Static Analysis," IEEE Software, vol. 19, no. 1, pp. 42-51, Jan./Feb. 2002, doi:10.1109/52.976940
Usage of this product signifies your acceptance of the Terms of Use.