Search For:

Displaying 1-43 out of 43 total
Abstracting runtime heaps for program understanding
Found in: IEEE Transactions on Software Engineering
By M. Marron,C. Sanchez, Zhendong Su,M. Fahndrich
Issue Date:June 2013
pp. 774-786
Modern programming environments provide extensive support for inspecting, analyzing, and testing programs based on the algorithmic structure of a program. Unfortunately, support for inspecting and understanding runtime data structures during execution is t...
 
Modeling High-Level Behavior Patterns for Precise Similarity Analysis of Software
Found in: Data Mining, IEEE International Conference on
By Taeho Kwon,Zhendong Su
Issue Date:December 2011
pp. 1134-1139
The analysis of software similarity has many applications such as detecting code clones, software plagiarism, code theft, and polymorphic malware. Because often source code is unavailable and code obfuscation is used to avoid detection, there has been much...
 
Automatic Detection of Unsafe Dynamic Component Loadings
Found in: IEEE Transactions on Software Engineering
By Taeho Kwon,Zhendong Su
Issue Date:March 2012
pp. 293-313
Dynamic loading of software components (e.g., libraries or modules) is a widely used mechanism for an improved system modularity and flexibility. Correct component resolution is critical for reliable and secure software execution. However, programming mist...
 
Online inference and enforcement of temporal properties
Found in: Software Engineering, International Conference on
By Mark Gabel,Zhendong Su
Issue Date:May 2010
pp. 15-24
The interfaces of software components are often paired with specifications or protocols that prescribe correct and safe usage. An important class of these specifications consists of temporal safety properties over function or method call sequences. Because...
 
Has the bug really been fixed?
Found in: Software Engineering, International Conference on
By Zhongxian Gu,Earl T. Barr,David J. Hamilton,Zhendong Su
Issue Date:May 2010
pp. 55-64
Software has bugs, and fixing those bugs pervades the software engineering process. It is folklore that bug fixes are often buggy themselves, resulting in bad fixes, either failing to fix a bug or creating new bugs. To confirm this folklore, we explored bu...
 
Static Validation of C Preprocessor Macros
Found in: Automated Software Engineering, International Conference on
By Andreas Saebjoernsen, Lingxiao Jiang, Daniel Quinlan, Zhendong Su
Issue Date:November 2009
pp. 149-160
The widely used C preprocessor (CPP) is generally considered a source of difficulty for understanding and maintaining C/C++ programs. The main reason for this difficulty is CPP's purely lexical semantics, i.e., its treatment of both input and output as tok...
 
Static detection of cross-site scripting vulnerabilities
Found in: Software Engineering, International Conference on
By Gary Wassermann, Zhendong Su
Issue Date:May 2008
pp. 171-180
Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. In cross-site scripting (XSS), an attacker exploits the trust a web client (browser) has for a trusted server ...
 
Symbolic mining of temporal specifications
Found in: Software Engineering, International Conference on
By Mark Gabel, Zhendong Su
Issue Date:May 2008
pp. 51-60
Program specifications are important in many phases of the software development process, but they are often omitted or incomplete. An important class of specifications takes the form of temporal properties that prescribe proper usage of components of a sof...
 
Scalable detection of semantic clones
Found in: Software Engineering, International Conference on
By Mark Gabel, Lingxiao Jiang, Zhendong Su
Issue Date:May 2008
pp. 321-330
Several techniques have been developed for identifying similar code fragments in programs. These similar fragments, referred to as code clones, can be used to identify redundant code, locate bugs, or gain insight into program design. Existing scalable appr...
 
Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms
Found in: Computer Security Applications Conference, Annual
By Matthew Van Gundy, Hao Chen, Zhendong Su, Giovanni Vigna
Issue Date:December 2007
pp. 74-85
To combat the rapid infection rate of today's Internet worms, signatures for novel worms must be generated soon after an outbreak. This is especially critical in the case of polymorphic worms, whose binary representa- tion changes frequently during the inf...
 
DECKARD: Scalable and Accurate Tree-Based Detection of Code Clones
Found in: Software Engineering, International Conference on
By Lingxiao Jiang, Ghassan Misherghi, Zhendong Su, Stephane Glondu
Issue Date:May 2007
pp. 96-105
Detecting code clones has many software engineering applications. Existing approaches either do not scale to large code bases or are not robust against minor code modifications. In this paper, we present an efficient algorithm for identifying similar subtr...
 
Back to the Future: A Framework for Automatic Malware Removal and System Repair
Found in: Computer Security Applications Conference, Annual
By Francis Hsu, Hao Chen, Thomas Ristenpart, Jason Li, Zhendong Su
Issue Date:December 2006
pp. 257-268
Malware, software with malicious intent, has emerged as a widely-spread threat to system security. It is difficult to detect malware reliably because new and polymorphic malware programs appear frequently. It is also difficult to remove malware and repair ...
 
FIREMAN: A Toolkit for FIREwall Modeling and ANalysis
Found in: Security and Privacy, IEEE Symposium on
By Lihua Yuan, Jianning Mai, Zhendong Su, Hao Chen, Chen-Nee Chuah, Prasant Mohapatra
Issue Date:May 2006
pp. 199-213
Security concerns are becoming increasingly critical in networked systems. Firewalls provide important defense for network security. However, misconfigurations in firewalls are very common and significantly weaken the desired security. This paper introduce...
 
Osprey: a practical type system for validating dimensional unit correctness of C programs
Found in: Software Engineering, International Conference on
By Zhendong Su, Lingxiao Jiang
Issue Date:May 2006
pp. 262-271
Misuse of measurement units is a common source of errors in scientific applications, but standard type systems do not prevent such errors. Dimensional analysis in physics can be used to manually detect such errors in physical equations. It is, however, not...
 
HDD: hierarchical delta debugging
Found in: Software Engineering, International Conference on
By Zhendong Su, Ghassan Misherghi
Issue Date:May 2006
pp. 142-151
Inputs causing a program to fail are usually large and often contain information irrelevant to the failure. It thus helps debugging to simplify program inputs. The Delta Debugging algorithm is a general technique applicable to minimizing all failure-induci...
 
JDBC Checker: A Static Analysis Tool for SQL/JDBC Applications
Found in: Software Engineering, International Conference on
By Carl Gould, Zhendong Su, Premkumar Devanbu
Issue Date:May 2004
pp. 697-698
No summary available.
   
Steering symbolic execution to less traveled paths
Found in: Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications (OOPSLA '13)
By Xuandong Li, You Li, Zhendong Su, Linzhang Wang
Issue Date:October 2013
pp. 19-32
Symbolic execution is a promising testing and analysis methodology. It systematically explores a program's execution space and can generate test cases with high coverage. One significant practical challenge for symbolic execution is how to effectively expl...
     
Detecting API documentation errors
Found in: Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications (OOPSLA '13)
By Hao Zhong, Zhendong Su
Issue Date:October 2013
pp. 803-816
When programmers encounter an unfamiliar API library, they often need to refer to its documentations, tutorials, or discussions on development forums to learn its proper usage. These API documents contain valuable information, but may also mislead programm...
     
Fast algorithms for Dyck-CFL-reachability with applications to alias analysis
Found in: Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation (PLDI '13)
By Hao Yuan, Michael R. Lyu, Qirun Zhang, Zhendong Su
Issue Date:June 2013
pp. 435-446
The context-free language (CFL) reachability problem is a well-known fundamental formulation in program analysis. In practice, many program analyses, especially pointer analyses, adopt a restricted version of CFL-reachability, Dyck-CFL-reachability, and co...
     
Automatic detection of floating-point exceptions
Found in: Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages (POPL '13)
By Earl T. Barr, Thanh Vo, Vu Le, Zhendong Su
Issue Date:January 2013
pp. 549-560
It is well-known that floating-point exceptions can be disastrous and writing exception-free numerical programs is very difficult. Thus, it is important to automatically detect such errors. In this paper, we present Ariadne, a practical symbolic execution ...
     
Detecting and analyzing insecure component usage
Found in: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering (FSE '12)
By Taeho Kwon, Zhendong Su
Issue Date:November 2012
pp. 1-11
Software is commonly built from reusable components that provide desired functionalities. Although component reuse significantly improves software productivity, insecure component usage can lead to security vulnerabilities in client applications. For examp...
     
Testing mined specifications
Found in: Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering (FSE '12)
By Mark Gabel, Zhendong Su
Issue Date:November 2012
pp. 1-11
Specifications are necessary for nearly every software engineering task, but they are often missing or incomplete. "Specification mining" is a line of research promising to solve this problem through automated tools that infer specifications directly from ...
     
Reusing debugging knowledge via trace-based bug search
Found in: Proceedings of the ACM international conference on Object oriented programming systems languages and applications (OOPSLA '12)
By Drew Schleck, Earl T. Barr, Zhendong Su, Zhongxian Gu
Issue Date:October 2012
pp. 927-942
Some bugs, among the millions that exist, are similar to each other. One bug-fixing tactic is to search for similar bugs that have been reported and resolved in the past. A fix for a similar bug can help a developer understand a bug, or even directly fix i...
     
Liberating the programmer with prorogued programming
Found in: Proceedings of the ACM international symposium on New ideas, new paradigms, and reflections on programming and software (Onward! '12)
By Earl T. Barr, Mehrdad Afshari, Zhendong Su
Issue Date:October 2012
pp. 11-26
Programming is the process of expressing and refining ideas in a programming language. Ideally, we want our programming language to flexibly fit our natural thought process. Language innovations, such as procedural abstraction, object and aspect orientatio...
     
BQL: capturing and reusing debugging knowledge
Found in: Proceeding of the 33rd international conference on Software engineering (ICSE '11)
By Earl T. Barr, Zhendong Su, Zhongxian Gu
Issue Date:May 2011
pp. 1001-1003
When fixing a bug, a programmer tends to search for similar bugs that have been resolved in the past. A fix for a similar bug may help him fix his bug or at least understand his bug. We designed and implemented the Bug Query Language (BQL) and its accompan...
     
A study of the uniqueness of source code
Found in: Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering (FSE '10)
By Mark Gabel, Zhendong Su
Issue Date:November 2010
pp. 147-156
This paper presents the results of the first study of the uniqueness of source code. We define the uniqueness of a unit of source code with respect to the entire body of written software, which we approximate with a corpus of 420 million lines of source co...
     
Scalable and systematic detection of buggy inconsistencies in source code
Found in: Proceedings of the ACM international conference on Object oriented programming systems languages and applications (OOPSLA '10)
By Junfeng Yang, Mark Gabel, Moises Goldszmidt, Yuan Yu, Zhendong Su
Issue Date:October 2010
pp. 175-190
Software developers often duplicate source code to replicate functionality. This practice can hinder the maintenance of a software project: bugs may arise when two identical code segments are edited inconsistently. This paper presents DejaVu, a highly scal...
     
Perturbing numerical calculations for statistical analysis of floating-point program (in)stability
Found in: Proceedings of the 19th international symposium on Software testing and analysis (ISSTA '10)
By Earl Barr, Enyi Tang, Xuandong Li, Zhendong Su
Issue Date:July 2010
pp. 131-142
Writing reliable software is difficult. It becomes even more difficult when writing scientific software involving floating-point numbers. Computers provide numbers with limited precision; when confronted with a real whose precision exceeds that limit, they...
     
Automatic detection of unsafe component loadings
Found in: Proceedings of the 19th international symposium on Software testing and analysis (ISSTA '10)
By Taeho Kwon, Zhendong Su
Issue Date:July 2010
pp. 107-118
Dynamic loading of software components (e.g., libraries or modules) is a widely used mechanism for improved system modularity and flexibility. Correct component resolution is critical for reliable and secure software execution, however, programming mistake...
     
Automatic mining of functionally equivalent code fragments via random testing
Found in: Proceedings of the eighteenth international symposium on Software testing and analysis (ISSTA '09)
By Lingxiao Jiang, Zhendong Su
Issue Date:July 2009
pp. 5-6
Similar code may exist in large software projects due to some common software engineering practices, such as copying and pasting code and n-version programming. Although previous work has studied syntactic equivalence and small-scale, coarse-grained progra...
     
Javert: fully automatic mining of general temporal properties from dynamic traces
Found in: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering (SIGSOFT '08/FSE-16)
By Mark Gabel, Zhendong Su
Issue Date:November 2008
pp. 1-2
Program specifications are important for many tasks during software design, development, and maintenance. Among these, temporal specifications are particularly useful. They express formal correctness requirements of an application's ordering of specific ac...
     
Profile-guided program simplification for effective testing and analysis
Found in: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering (SIGSOFT '08/FSE-16)
By Lingxiao Jiang, Zhendong Su
Issue Date:November 2008
pp. 1-2
Many testing and analysis techniques have been developed for inhouse use. Although they are effective at discovering defects before a program is deployed, these techniques are often limited due to the complexity of real-world code and thus miss program fau...
     
Dynamic test input generation for web applications
Found in: Proceedings of the 2008 international symposium on Software testing and analysis (ISSTA '08)
By Ajay Chander, Dachuan Yu, Dinakar Dhurjati, Gary Wassermann, Hiroshi Inamura, Zhendong Su
Issue Date:July 2008
pp. 119-120
Web applications routinely handle sensitive data, and many people rely on them to support various daily activities, so errors can have severe and broad-reaching consequences. Unlike most desktop applications, many web applications are written in scripting ...
     
Scalable detection of semantic clones
Found in: Proceedings of the 13th international conference on Software engineering (ICSE '08)
By Lingxiao Jiang, Mark Gabel, Zhendong Su
Issue Date:May 2008
pp. 1-1
Several techniques have been developed for identifying similar code fragments in programs. These similar fragments, referred to as code clones, can be used to identify redundant code, locate bugs, or gain insight into program design. Existing scalable appr...
     
Static detection of cross-site scripting vulnerabilities
Found in: Proceedings of the 13th international conference on Software engineering (ICSE '08)
By Gary Wassermann, Zhendong Su
Issue Date:May 2008
pp. 1-1
Web applications support many of our daily activities, but they often have security problems, and their accessibility makes them easy to exploit. In cross-site scripting (XSS), an attacker exploits the trust a web client (browser) has for a trusted server ...
     
Symbolic mining of temporal specifications
Found in: Proceedings of the 13th international conference on Software engineering (ICSE '08)
By Mark Gabel, Zhendong Su
Issue Date:May 2008
pp. 1-1
Program specifications are important in many phases of the software development process, but they are often omitted or incomplete. An important class of specifications takes the form of temporal properties that prescribe proper usage of components of a sof...
     
Context-based detection of clone-related bugs
Found in: Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering (ESEC-FSE '07)
By Edwin Chiu, Lingxiao Jiang, Zhendong Su
Issue Date:September 2007
pp. 55-64
Studies show that programs contain much similar code, commonly known as clones. One of the main reasons for introducing clones is programmers' tendency to copy and paste code to quickly duplicate functionality. We commonly believe that clones can make prog...
     
Sound and precise analysis of web applications for injection vulnerabilities
Found in: Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation (PLDI '07)
By Gary Wassermann, Zhendong Su
Issue Date:June 2007
pp. 32-41
Web applications are popular targets of security attacks. One common type of such attacks is SQL injection, where an attacker exploits faulty application code to execute maliciously crafted database queries. Bothstatic and dynamic approaches have been prop...
     
Temporal search: detecting hidden malware timebombs with virtual machines
Found in: Proceedings of the 12th international conference on Architectural support for programming languages and operating systems (ASPLOS-XII)
By Daniela A. S. de Oliveira, Frederic T. Chong, Gary Wassermann, Jedidiah R. Crandall, S. Felix Wu, Zhendong Su
Issue Date:October 2006
pp. 109-es
Worms, viruses, and other malware can be ticking bombs counting down to a specific time, when they might, for example, delete files or download new instructions from a public web server. We propose a novel virtual-machine-based analysis technique to automa...
     
Osprey: a practical type system for validating dimensional unit correctness of C programs
Found in: Proceeding of the 28th international conference on Software engineering (ICSE '06)
By Lingxiao Jiang, Zhendong Su
Issue Date:May 2006
pp. 262-271
Misuse of measurement units is a common source of errors in scientific applications, but standard type systems do not prevent such errors. Dimensional analysis in physics can be used to manually detect such errors in physical equations. It is, however, not...
     
The essence of command injection attacks in web applications
Found in: Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages (POPL'06)
By Gary Wassermann, Zhendong Su
Issue Date:January 2006
pp. 372-382
Web applications typically interact with a back-end database to retrieve persistent data and then present the data to the user as dynamically generated output, such as HTML web pages. However, this interaction is commonly done through a low-level API by dy...
     
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Found in: Proceedings of the 12th ACM conference on Computer and communications security (CCS '05)
By Jedidiah R. Crandall, S. Felix Wu, Zhendong Su
Issue Date:November 2005
pp. 235-248
Vulnerabilities that allow worms to hijack the control flow of each host that they spread to are typically discovered months before the worm outbreak, but are also typically discovered by third party researchers. A determined attacker could discover vulner...
     
The first-order theory of subtyping constraints
Found in: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages (POPL '02)
By Alexander Aiken, Joachim Niehren, Ralf Treinen, Tim Priesnitz, Zhendong Su
Issue Date:January 2002
pp. 390-402
We investigate the first-order of subtyping constraints. We show that the first-order theory of non-structural subtyping is undecidable, and we show that in the case where all constructors are either unary or nullary, the first-order theory is decidable fo...
     
 1