How Effective are Smart Contract Analysis Tools? Evaluating Smart Contract Static Analysis Tools Using Bug Injection [PDF]
International Symposium on Software Testing and Analysis, 2020 Security attacks targeting smart contracts have been on the rise, which have led to financial loss and erosion of trust. Therefore, it is important to enable developers to discover security vulnerabilities in smart contracts before deployment.
Akca Sefa +9 more
core +2 more sources
Static Analysis of Information Systems for IoT Cyber Security: A Survey of Machine Learning Approaches. [PDF]
Sensors (Basel), 2022 Ensuring security for modern IoT systems requires the use of complex methods to analyze their software. One of the most in-demand methods that has repeatedly been proven to be effective is static analysis.
Kotenko I, Izrailov K, Buinevich M.
europepmc +2 more sources
A Critical Comparison on Six Static Analysis Tools: Detection, Agreement, and Precision [PDF]
Journal of Systems and Software, 2021 Background. Developers use Automated Static Analysis Tools (ASATs) to control for potential quality issues in source code, including defects and technical debt. Tool vendors have devised quite a number of tools, which makes it harder for practitioners to
Valentina Lenarduzzi +3 more
semanticscholar +1 more source
Assisting Static Analysis with Large Language Models: A ChatGPT Experiment
ESEC/SIGSOFT FSE, 2023 Recent advances of Large Language Models (LLMs), e.g., ChatGPT, exhibited strong capabilities of comprehending and responding to questions across a variety of domains. Surprisingly, ChatGPT even possesses a strong understanding of program code.
Haonan Li, Yu Hao, Zhiyun Qian
semanticscholar +1 more source
eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts [PDF]
Conference on Computer and Communications Security, 2020 Ethereum has emerged as the most popular smart contract platform, with hundreds of thousands of contracts stored on the blockchain and covering diverse application scenarios, such as auctions, trading platforms, or elections.
Clara Schneidewind +3 more
semanticscholar +1 more source
Slither: A Static Analysis Framework for Smart Contracts [PDF]
International Workshop on Emerging Trends in Software Engineering for Blockchain, 2019 This paper describes Slither, a static analysis framework designed to provide rich information about Ethereum smart contracts. It works by converting Solidity smart contracts into an intermediate representation called SlithIR.
Josselin Feist +2 more
semanticscholar +1 more source
Static analysis for dummies: experiencing LiSA
SOAP@PLDI, 2021 Semantics-based static analysis requires a significant theoretical background before being able to design and implement a new analysis. Unfortunately, the development of even a toy static analyzer from scratch requires to implement an infrastructure ...
Pietro Ferrara +3 more
semanticscholar +1 more source
Optimizing IoT Web Fuzzing by Firmware Infomation Mining
Applied Sciences, 2022 IoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient.
Yifei Gao +5 more
doaj +1 more source
Evaluation of the challenges and opportunities of Artificial Intelligence applied in current Latin American Education with the help of Neutrosophic SWOT and Neutrosophic Cognitive Maps [PDF]
Neutrosophic Sets and SystemsArtificial intelligence (AI) has revolutionized many areas, including education, by improving teaching methods and addressing challenges such as equity of access, data privacy, quality of algorithms, and adaptation of traditional education systems.
Katia N. Flores Ledesma +7 more
doaj +1 more source
Heap Abstractions for Static Analysis [PDF]
, 2015 Heap data is potentially unbounded and seemingly arbitrary. As a consequence, unlike stack and static memory, heap memory cannot be abstracted directly in terms of a fixed set of source variable names appearing in the program being analysed.
Kanvar, Vini, Khedker, Uday P.
core +1 more source