Learn More
Most security attacks exploit instances of well-known classes of implementation flaws. Many of these flaws could be detected and eliminated before software is deployed. These problems continue to be present with disturbing frequency, not because they are not sufficiently understood by the security community, but because techniques for preventing them have(More)
Buffer overflow attacks may be today's single most important security threat. This paper presents a new approach to mitigating buffer overflow vulnerabilities by detecting likely vulnerabilities through an analysis of the program source code. Our approach exploits information provided in semantic comments and uses lightweight and efficient static analyses.(More)
At the heart of aspect-oriented programming is the exposure of certain phenomena in the execution of one set of program elements to behavioral modifications specified by other elements. The phenomena are join points. The modifying elements are aspects. The problem that we address is that current aspect-oriented languages do not provide adequate means to(More)
Secure shell (SSH) can safely be called one of the rare successes in which a more secure technology has largely replaced a less secure but entrenched tool: telnet. We perform a market analysis to determine how and why SSH succeeded despite the existence of an entrenched legacy tool while similar technologies such as secure file transfer protocols have been(More)
Identifying topics in news, tracking their temporal dynamics , and understanding how different media sources cover them have important theoretical and practical implications for journalism researchers, producers, and consumers. The explosive growth of online news sources, however, suggests that scalable approaches to topical analysis are needed. We(More)
This Article proposes a novel and provocative analysis of judicial opinions that are published without indicating individual authorship. Our approach provides an unbiased, quantitative, and computer scientific answer to a problem that has long plagued legal commentators. United States courts publish a shocking number of judicial opinions without divulging(More)
Evans was the primary designed and developer of LCLint. John Guttag and Jim Horning had the original idea for a static checking tool for detecting inconsistencies between LCL specifications and their C implementations. They provided valuable advice on its functionality and design and were instrumental in its development. Much of Splint's development has(More)
  • 1