Logo des Repositoriums

Auflistung nach Autor:in "Howar, Falk"

1 - 2 von 2
  • Konferenzbeitrag
    Data-Driven Design and Evaluation of SMT Meta-Solving Strategies
    (Software Engineering 2022, 2022) Mues, Malte; Howar, Falk
    The 36th IEEE/ACM International Conference on Automated Software Engineering (2021) accepted the paper ‘Data-Driven Design and Evaluation of SMT Meta-Solving Strategies: Balancing Performance, Accuracy, and Cost’ [MH21a] and selected it for an ACM SIGSOFT Distinguished Paper Award. The paper presents four generally applicable patterns for the combination of multiple SMT decision procedures in a meta-solving strategy and demonstrates how a meta-solving strategy for string constraints can be developed in a data-driven approach based on these patterns: The paper cleans up and merges existing collections of SMT benchmarks in string theory solving to evaluate and compare derived meta-solving strategies. Notably, we can demonstrate on the available data that commonly used strategies as earliest returning SMT solver do not always return the most reliable result if all available SMT solvers are combined. Instead, cross-checking strategies work slightly better at moderate overhead.
  • ConferencePaper
    Jaint: A Framework for User-Defined Dynamic Taint-Analyses based on Dynamic Symbolic Execution of Java Programs
    (Software Engineering 2021, 2021) Mues, Malte; Schallau, Till; Howar, Falk
    We summarize the paper "Jaint: A Framework for User-Defined Dynamic Taint-Analyses Based on Dynamic Symbolic Execution of Java Programs", published at the sixteenth international conference on integrated formal methods in November 2020. Reliable and scalable methods for security analyses of Java applications are an important enabler for a secure digital infrastructure. In this paper, we present a security analysis that integrates dynamic symbolic execution and dynamic multi-colored taint analysis of Java programs, combining the precision of dynamic analysis with the exhaustive exploration of symbolic execution. We implement the approach in the Jaint tool, based on Jdart, a dynamic symbolic execution engine for Java PathFinder, and evaluate its performance by comparing precision and runtimes to other research tools on the OWASP benchmark set. The paper also presents a domain-specific language for taint analyses that is more expressive than the source and sink specifications found in publicly available tools and enables precise, CWE-specific specification of undesired data flows. This summary presents Jaint’s language and the evaluation.