DC Field | Value | Language |
---|---|---|
dc.contributor.author | Heo, Kihong | ko |
dc.contributor.author | Oh, Hakjoo | ko |
dc.contributor.author | Yi, Kwangkeun | ko |
dc.date.accessioned | 2020-11-12T02:55:27Z | - |
dc.date.available | 2020-11-12T02:55:27Z | - |
dc.date.created | 2020-11-09 | - |
dc.date.issued | 2017-05-20 | - |
dc.identifier.citation | 39th IEEE/ACM International Conference on Software Engineering, ICSE 2017, pp.519 - 529 | - |
dc.identifier.issn | 0270-5257 | - |
dc.identifier.uri | http://hdl.handle.net/10203/277252 | - |
dc.description.abstract | We present a machine-learning-based technique for selectively applying unsoundness in static analysis. Existing bug-finding static analyzers are unsound in order to be precise and scalable in practice. However, they are uniformly unsound and hence at the risk of missing a large amount of real bugs. By being sound, we can improve the detectability of the analyzer but it often suffers from a large number of false alarms. Our approach aims to strike a balance between these two approaches by selectively allowing unsoundness only when it is likely to reduce false alarms, while retaining true alarms. We use an anomaly-detection technique to learn such harmless unsoundness. We implemented our technique in two static analyzers for full C. One is for a taint analysis for detecting format-string vulnerabilities, and the other is for an interval analysis for buffer-overflow detection. The experimental results show that our approach significantly improves the recall of the original unsound analysis without sacrificing the precision. | - |
dc.language | English | - |
dc.publisher | IEEE Computer Society and ACM SIGSOFT | - |
dc.title | Machine-Learning-Guided Selectively Unsound Static Analysis | - |
dc.type | Conference | - |
dc.identifier.wosid | 000427091300046 | - |
dc.identifier.scopusid | 2-s2.0-85027716023 | - |
dc.type.rims | CONF | - |
dc.citation.beginningpage | 519 | - |
dc.citation.endingpage | 529 | - |
dc.citation.publicationname | 39th IEEE/ACM International Conference on Software Engineering, ICSE 2017 | - |
dc.identifier.conferencecountry | AG | - |
dc.identifier.conferencelocation | Buenos Aires | - |
dc.identifier.doi | 10.1109/ICSE.2017.54 | - |
dc.contributor.localauthor | Heo, Kihong | - |
dc.contributor.nonIdAuthor | Oh, Hakjoo | - |
dc.contributor.nonIdAuthor | Yi, Kwangkeun | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.