Information Systems Technology

• Information Systems Technology Home ›
• Publications ›
• Staff Biographies ›
• Speech Corpora ›
• Computer Network Operations Corpora ›
• DARPA Intrusion Detection Evaluation ›
• Software Tools ›

Software Security Analysis

Kratkiewicz, K. Evaluating Static Analysis Tools for Detecting Buffer Overflows in C Code. Master's Thesis, Harvard University, Cambridge, Massachusetts, March 2005.
(Text Abstract) (Full Thesis)

Kratkiewicz, K., Lippmann, R. A Taxonomy of Buffer Overflows for Evaluating Static and Dynamic Software Testing Tools. Proceedings of Workshop on Software Security Assurance Tools, Techniques, and Metrics, NIST Special Publication 500-265, Eds. P. E. Black, M. Kass and E. Fong, National Institute of Standards and Technology, Pages 44–51, 2005.
(Full Paper)

Kratkiewicz, K., Lippmann, R., Using a Diagnostic Corpus of C Programs to Evaluate Buffer Overflow Detection by Static Analysis Tools, BUGS05 Workshop on the Evaluation of Software Defect Detection Tools, Chicago, Illinois, 2005.
(Full Paper)

Kratkiewicz, K., Lippmann, R., Using a Diagnostic Corpus of C Programs to Evaluate Buffer Overflow Detection by Static Analysis Tools.  Proceedings of Defining the State of the Art in Software Security Tools Workshop, NIST Special Publication 500-264, Eds. P. E. Black and E. Fong, National Institute of Standards and Technology, Pages 102–111, 2005.
(Full Paper)

Leek, T., Lippmann, R., Zitser, M., Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open-Source Code, Foundations of Software Engineering, Newport Beach, California, 31 October – 5 November 2004.
(Full Paper)

Leek, T., Lippmann, R., Zitser, M., Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open-Source Code. Foundations of Software Engineering, Newport Beach, California, 31 October – 5 November 2004.
(Full Paper)

Schechter, S., Ozment, A., Milk or Wine: Does Software Security Improve with Age? USENIX Security 2006, Vancouver, British Columbia, 31 July 2006.
(Full Paper)

Schechter, S., Ozment, A., The Security of Open BSD: Milk or Wine? ";login," published by Usenix: the Advanced Computing Systems, Berkeley, California, 23 December 2006.
(Full Paper)

Zhivich, M. A., Leek, T., Lippmann, R. P., Dynamic Buffer Overflow Detection Tools. Workshop on Defining the State of the Art in Software Security Tools, Gaithersburg, Maryland, August 10, 2005.
(Full Paper)

Zhivich, M. A., Leek, T., Lippmann, R. P., Dynamic Buffer Overflow Detection, Workshop on the Evaluation of Software Defect Detection Tools, Chicago, Illinois, June 12, 2005.
(Full Paper)

Zhivich, M. A., Leek, T., Lippmann, R. P., Dynamic Buffer Overflow Detection Tools, Proceedings of Defining the State of the Art in Software Security Tools Workshop, NIST Special Publication 500-264, Eds. P. Black and E. Fong, National Institute of Standards and Technology, Pages 95–101, August 10, 2005.
(Full Paper)

Zitser, M., Lippmann, R.P., and Leek, T., Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open Source Code, Proceedings ACM Sigsoft 2004/FSE Foundations of Software Engineering Conference, 2004.
(Text Abstract) (Full Paper)

Zitser, M., Lippmann, R.P., and Leek, T., Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open Source Code, Proceedings ACM Sigsoft 2004/FSE Foundations of Software Engineering Conference, 2004.
(Text Abstract) (Full Paper)

 

To apply for a position, visit Employment Opportunities and select 06-62 Information Systems Technology in the Group drop-down box.

top of page