"Smoothly shaded images in computer graphics have almost attained the goal of realism".
- Haruyama and Barsky, "Using Stochastic Modeling for Texture Generation," 1984
Crap, what am I supposed to do now?!
ESSoS 2009
To understand the effect of code complexity on static analysis, thirty-five format string vulnerabilities were studied. We analyzed two code samples for each vulnerability, one containing the vulnerability and one in which the vulnerability was fixed. We examined the effect of code complexity on the quality of static analysis results, including successful detection and false positive rates. Static analysis detected 63% of the format string vulnerabilities, with detection rates decreasing with increasing code complexity. When the tool failed to detect a bug, it was for one of two reasons: the absence of security rules specifying the vulnerable function or the presence of a bug in the static analysis tool. Complex code is more likely to contain complicated code constructs and obscure format string functions, resulting in lower detection rates.
[PDF] and the shorter version [PDF]
Recipient of the Greg Mellen Memorial Cryptology Scholarship award
Cryptologia, October 2007
When attacking the German Enigma cipher machine during the 1930s, the Polish mathematician Marian Rejewski developed a catalog of disjoint cycles of permutations generated by Enigma indicators. By comparing patterns that resulted from message indicators with his catalog, Rejewski was able to determine the ground settings. Well, not quite--the mapping from the disjoint cycles to the ground settings is not one-to-one. Rejewski's catalog no longer exists. This article reports on the output of a program that "recreates" the catalog and answers the question "How far from being one-to-one is the mapping?"
[PDF]
- Haruyama and Barsky, "Using Stochastic Modeling for Texture Generation," 1984
Crap, what am I supposed to do now?!
Measuring the Effect of Code Complexity on Static Analysis Results
ESSoS 2009
To understand the effect of code complexity on static analysis, thirty-five format string vulnerabilities were studied. We analyzed two code samples for each vulnerability, one containing the vulnerability and one in which the vulnerability was fixed. We examined the effect of code complexity on the quality of static analysis results, including successful detection and false positive rates. Static analysis detected 63% of the format string vulnerabilities, with detection rates decreasing with increasing code complexity. When the tool failed to detect a bug, it was for one of two reasons: the absence of security rules specifying the vulnerable function or the presence of a bug in the static analysis tool. Complex code is more likely to contain complicated code constructs and obscure format string functions, resulting in lower detection rates.
[PDF] and the shorter version [PDF]
Rejewski's Catalog
Recipient of the Greg Mellen Memorial Cryptology Scholarship award
Cryptologia, October 2007
When attacking the German Enigma cipher machine during the 1930s, the Polish mathematician Marian Rejewski developed a catalog of disjoint cycles of permutations generated by Enigma indicators. By comparing patterns that resulted from message indicators with his catalog, Rejewski was able to determine the ground settings. Well, not quite--the mapping from the disjoint cycles to the ground settings is not one-to-one. Rejewski's catalog no longer exists. This article reports on the output of a program that "recreates" the catalog and answers the question "How far from being one-to-one is the mapping?"
[PDF]