计算机科学
编码(集合论)
背景(考古学)
投票
计算机安全
程序设计语言
集合(抽象数据类型)
政治学
生物
政治
古生物学
法学
作者
Dinghao Liu,Qiushi Wu,Shouling Ji,Kangjie Lu,Zhenguang Liu,Jianhai Chen,Qinming He
标识
DOI:10.1145/3460120.3485373
摘要
Missing a security operation such as a bound check has been a major cause of security-critical bugs. Automatically checking whether the code misses a security operation in large programs is challenging since it has to understand whether the security operation is indeed necessary in the context. Recent methods typically employ cross-checking to identify deviations as security bugs, which collects functionally similar program slices and infers missed security operations through majority-voting. An inherent limitation of such approaches is that they heavily rely on a substantial number of similar code pieces to enable cross-checking. In practice, many code pieces are unique, and thus we may be unable to find adequate similar code snippets to utilize cross-checking.
科研通智能强力驱动
Strongly Powered by AbleSci AI