Blog Archives

ESEC/FSE 2019 – DISCOVER: Detecting Algorithmic Complexity Vulnerabilities

Abstract: Algorithmic Complexity Vulnerabilities (ACV) are a class of vulnerabilities that enable Denial of Service attacks. ACVs stem from asymmetric consumption of resources due to complex loop termination logic, recursion, and/or resource intensive library APIs. Completely automated detection of ACVs is intractable and it calls for tools that assist human analysts. We present DISCOVER, a […]

Categories: Papers, Upcoming