Skip to main content
Conference ProceedingsOPEN ACCESS

Exploit generation for information flow leaks in object-oriented programs

IFIP Advances in Information and Communication Technology (2015) 455 401-415
DOI: 10.1007/978-3-319-18467-8_27
13Citations
Citations of this article
13Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We present a method to generate automatically exploits for information flow leaks in object-oriented programs. Our approach combines self-composition and symbolic execution to compose an insecurity formula for a given information flow policy and a specification of the security level of the program locations. The insecurity formula gives then rise to a model which is used to generate input data for the exploit. A prototype tool called KEG implementing the described approach for Java programs has been developed, which generates exploits as executable JUnit tests.

Author supplied keywords

Cite

CITATION STYLE

APA

Do, Q. H., Bubel, R., & Hähnle, R. (2015). Exploit generation for information flow leaks in object-oriented programs. In IFIP Advances in Information and Communication Technology (Vol. 455, pp. 401–415). Springer New York LLC. https://doi.org/10.1007/978-3-319-18467-8_27

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free