, Fixed(buffer) ? Result(buffer_size, user_input)? Result(buffer_size , addition)
, Fixed(buffer) ? Result(buffer_size, user_input) ? Result(buffer_size , addition) ? Unchecked(buffer_size, buffer_bounds)
, Fixed(buffer) ? Unchecked(loop_counter, counter_bounds); CopyData(buffer, user_input, loop_counter) Using the VDC editor, we can build the VDC models for each cause scenario
, Network Protocol System Passive Testing for Fault Management: A??Backward Checking Approach, pp.150-166, 2004.
DOI : 10.1016/S0950-5849(99)00039-7
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.465.1877
, Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications, 2008 IEEE Symposium on Security and Privacy (sp 2008), pp.387-401, 2008.
DOI : 10.1109/SP.2008.22
, The BINCOA Framework for Binary Code Analysis. CAV conference, pp.165-170, 2011.
URL : https://hal.archives-ouvertes.fr/hal-01006499
, A passive testing approach based on invariants: application to the WAP, Computer Networks, vol.48, issue.2, pp.247-266
DOI : 10.1016/j.comnet.2004.09.009
, New approaches for passive testing using an Extended Finite State Machine specification, Information and Software Technology, vol.45, issue.12, pp.837-852, 2003.
DOI : 10.1016/S0950-5849(03)00063-6
, An Enhanced Passive Testing Approach for Network Protocols, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06), pp.169-169, 2006.
DOI : 10.1109/ICNICONSMCL.2006.50
, Dynamic taint propagation: Finding vulnerabilities without attacking, Information Security Technical Report, vol.13, issue.1, pp.33-39, 2008.
DOI : 10.1016/j.istr.2008.02.003
, Vulnerability Testing of Software System using Fault Injection, Proceedings of the International Conference on Dependable Systems and Networks Workshop on Dependability Versis Malicious Faults, 2000.
, Verification, Validation, and Evaluation in Information Security Risk Management, IEEE Security & Privacy Magazine, vol.9, issue.2, pp.58-65, 2011.
DOI : 10.1109/MSP.2010.117
, Model-Checking for Software Vulnerabilities Detection with Multi-Language Support, 2008 Sixth Annual Conference on Privacy, Security and Trust, pp.133-142, 2008.
DOI : 10.1109/PST.2008.21
, Inside the windows security push, IEEE Symposium on Security & Privacy, pp.57-61, 2003.
DOI : 10.1109/MSECP.2003.1176996
, Analysis of Software Vulnerability, ISP 06: Proceedings of the 5th WSEAS International Conference on Information Security and Privacy, pp.218-223, 2006.
, Passive testing and applications to network management, Proceedings 1997 International Conference on Network Protocols, 1997.
DOI : 10.1109/ICNP.1997.643699
, Security Rules Specification and Analysis Based on Passive Testing, IEEE GLOBECOM 2008, 2008 IEEE Global Telecommunications Conference, 2008.
DOI : 10.1109/GLOCOM.2008.ECP.400
URL : https://hal.archives-ouvertes.fr/hal-01378696
, Fault identification in networks by passive testing, Proceedings. 34th Annual Simulation Symposium, pp.277-284, 2001.
DOI : 10.1109/SIMSYM.2001.922142
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.78.3821
, Processes to Produce Secure Software, Task Force on Security Across the Software Development Lifecycle, 2004.
, Application penetration testing, IEEE Symposium on Security & Privacy, pp.66-69, 2005.
DOI : 10.1109/MSP.2005.3
, Automated Detection of Code Vulnerabilities Based on Program Analysis and Model Checking, 2008 Eighth IEEE International Working Conference on Source Code Analysis and Manipulation, pp.165-173, 2008.
DOI : 10.1109/SCAM.2008.24