all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Compositional Vulnerability Detection with Insecurity Separation Logic. (arXiv:2107.05225v4 [cs.PL] UPDATED)

Add to bookmarks
May 16, 2022, 1:20 a.m. | Toby Murray, Pengbo Yan, Gidon Ernst

cs.CR updates on arXiv.org arxiv.org

Memory-safety issues and information leakage are known to be depressingly
common. We consider the compositional static detection of these kinds of
vulnerabilities in first-order C-like programs. Existing methods often treat
one type of vulnerability (e.g. memory-safety) but not the other (e.g.
information leakage). Indeed the latter are hyper-safety violations, making
them more challenging to detect than the former. Existing leakage detection
methods like Relational Symbolic Execution treat only non-interactive programs,
avoiding the challenges raised by nondeterminism for reasoning about
information …

detection insecurity logic vulnerability vulnerability detection

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Mixtures of Gaussians are Privately Learnable with a Polynomial Number of Samples 1 day ago | arxiv.org
alpha arxiv cs.cr cs.ds +16
Image Hijacks: Adversarial Images can Control Generative Models at Runtime 1 day ago | arxiv.org
adversarial algorithm arxiv can +20
Differentially-Private Data Synthetisation for Efficient Re-Identification Risk Control 1 day ago | arxiv.org
addition arxiv can computational +21
Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments 1 day ago | arxiv.org
analysis and response apt arxiv +27
Okapi: Efficiently Safeguarding Speculative Data Accesses in Sandboxed Environments 1 day ago | arxiv.org
architecture arxiv attacks can +12
Watch Out! Simple Horizontal Class Backdoors Can Trivially Evade Defenses 1 day ago | arxiv.org
activates arxiv attacks backdoor +20
Every Breath You Don't Take: Deepfake Speech Detection Using Breath 1 day ago | arxiv.org
aid arxiv cs.cr cs.mm +16
Perturbing Attention Gives You More Bang for the Buck: Subtle Imaging Perturbations That Efficiently Fool … 1 day ago | arxiv.org
arxiv attention challenges cs.cr +13
Saving proof-of-work by hierarchical block structure 1 day ago | arxiv.org
algorithm arxiv bitcoin block +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Audit and Compliance Technical Analyst

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

ICS Cyber Threat Intelligence Analyst

@ STEMBoard | Arlington, Virginia, United States
View on infosec-jobs.com

Cyber Operations Analyst

@ Peraton | Arlington, VA, United States
View on infosec-jobs.com

Cybersecurity – Information System Security Officer (ISSO)

@ Boeing | USA - Annapolis Junction, MD
View on infosec-jobs.com

Network Security Engineer I - Weekday Afternoons

@ Deepwatch | Remote
View on infosec-jobs.com
View more jobs