2017 IEEE Cybersecurity Development (SecDev) 2017
DOI: 10.1109/secdev.2017.12
|View full text |Cite
|
Sign up to set email alerts
|

Input Handling Done Right: Building Hardened Parsers Using Language-Theoretic Security

Prashant Anantharaman
1
,
Michael C. Millian
2
,
Sergey Bratus
3
et al.
Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(1 citation statement)
references
References 7 publications
0
1
0
Order By: Relevance
“…The authors demonstrate the feasibility of format discovery supporting formal parser enforcement, but one finding is that the authors discover vulnerabilities in the formats in use. Analysis of format specifications in diverse fields such as industrial control system network protocols, PDF, Executable Linkable Format (ELF), and data description languages have found vulnerabilities or ambiguities in the specification [2,29]. The scope of program verification is generally limited to properties of the program, not the specification.…”
Section: Applicability To Modern Systemsmentioning
confidence: 99%

An analysis of how many undiscovered vulnerabilities remain in information systems

Spring1
2023
Computers & Security
5
0
1
0
View full textAdd to dashboardCite
“…The authors demonstrate the feasibility of format discovery supporting formal parser enforcement, but one finding is that the authors discover vulnerabilities in the formats in use. Analysis of format specifications in diverse fields such as industrial control system network protocols, PDF, Executable Linkable Format (ELF), and data description languages have found vulnerabilities or ambiguities in the specification [2,29]. The scope of program verification is generally limited to properties of the program, not the specification.…”
Section: Applicability To Modern Systemsmentioning
confidence: 99%

An analysis of how many undiscovered vulnerabilities remain in information systems

Spring1
2023
Computers & Security
5
0
1
0
View full textAdd to dashboardCite

Curbing the Vulnerable Parser: Graded Modal Guardrails for Secure Input Handling

Bond,
Heimerdinger
2023
2023 IEEE Secure Development Conference (SecDev)
0
0
0
0
View full textAdd to dashboardCite

Formal Synthesis of Filter Components for Use in Security-Enhancing Architectural Transformations

Hardin1,
Slind2
2021
2021 IEEE Security and Privacy Workshops (SPW)
5
0
1
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.