{"id":"https://openalex.org/W4200610177","doi":"https://doi.org/10.1134/s0361768821060037","title":"Searching for Taint Vulnerabilities with Svace Static Analysis Tool","display_name":"Searching for Taint Vulnerabilities with Svace Static Analysis Tool","publication_year":2021,"publication_date":"2021-11-01","ids":{"openalex":"https://openalex.org/W4200610177","doi":"https://doi.org/10.1134/s0361768821060037"},"language":"en","primary_location":{"id":"doi:10.1134/s0361768821060037","is_oa":false,"landing_page_url":"https://doi.org/10.1134/s0361768821060037","pdf_url":null,"source":{"id":"https://openalex.org/S150218641","display_name":"Programming and Computer Software","issn_l":"0361-7688","issn":["0361-7688","1608-3261"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320267","host_organization_name":"Pleiades Publishing","host_organization_lineage":["https://openalex.org/P4310320267","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Pleiades Publishing","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Programming and Computer Software","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016025096","display_name":"Alexey Borodin","orcid":"https://orcid.org/0000-0003-3183-9821"},"institutions":[{"id":"https://openalex.org/I4210101868","display_name":"Institute for System Programming","ror":"https://ror.org/017ef8252","country_code":"RU","type":"facility","lineage":["https://openalex.org/I1313323035","https://openalex.org/I4210101868","https://openalex.org/I4210124601"]}],"countries":["RU"],"is_corresponding":true,"raw_author_name":"A. E. Borodin","raw_affiliation_strings":["Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018923136","display_name":"Alexey Vyacheslavovich Goremykin","orcid":"https://orcid.org/0000-0002-9054-0152"},"institutions":[{"id":"https://openalex.org/I19880235","display_name":"Lomonosov Moscow State University","ror":"https://ror.org/010pmpe69","country_code":"RU","type":"education","lineage":["https://openalex.org/I19880235"]},{"id":"https://openalex.org/I4210101868","display_name":"Institute for System Programming","ror":"https://ror.org/017ef8252","country_code":"RU","type":"facility","lineage":["https://openalex.org/I1313323035","https://openalex.org/I4210101868","https://openalex.org/I4210124601"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"A. V. Goremykin","raw_affiliation_strings":["Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia","Moscow State University, 119991, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]},{"raw_affiliation_string":"Moscow State University, 119991, Moscow, Russia","institution_ids":["https://openalex.org/I19880235"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101806938","display_name":"Sergey Vartanov","orcid":"https://orcid.org/0000-0003-3786-2248"},"institutions":[{"id":"https://openalex.org/I4210101868","display_name":"Institute for System Programming","ror":"https://ror.org/017ef8252","country_code":"RU","type":"facility","lineage":["https://openalex.org/I1313323035","https://openalex.org/I4210101868","https://openalex.org/I4210124601"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"S. P. Vartanov","raw_affiliation_strings":["Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5065191857","display_name":"Andrey Belevantsev","orcid":"https://orcid.org/0000-0003-2817-0397"},"institutions":[{"id":"https://openalex.org/I19880235","display_name":"Lomonosov Moscow State University","ror":"https://ror.org/010pmpe69","country_code":"RU","type":"education","lineage":["https://openalex.org/I19880235"]},{"id":"https://openalex.org/I4210101868","display_name":"Institute for System Programming","ror":"https://ror.org/017ef8252","country_code":"RU","type":"facility","lineage":["https://openalex.org/I1313323035","https://openalex.org/I4210101868","https://openalex.org/I4210124601"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"A. A. Belevantsev","raw_affiliation_strings":["Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia","Moscow State University, 119991, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"Ivannikov Institute for System Programming, Russian Academy of Sciences, ul. Solzhenitsyna 25, 109004, Moscow, Russia","institution_ids":["https://openalex.org/I4210101868"]},{"raw_affiliation_string":"Moscow State University, 119991, Moscow, Russia","institution_ids":["https://openalex.org/I19880235"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5016025096"],"corresponding_institution_ids":["https://openalex.org/I4210101868"],"apc_list":null,"apc_paid":null,"fwci":0.4197,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.70994406,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":"47","issue":"6","first_page":"466","last_page":"481"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.6691761016845703},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6289330124855042},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.47951915860176086},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2815587520599365},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.11185559630393982}],"concepts":[{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.6691761016845703},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6289330124855042},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.47951915860176086},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2815587520599365},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.11185559630393982}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1134/s0361768821060037","is_oa":false,"landing_page_url":"https://doi.org/10.1134/s0361768821060037","pdf_url":null,"source":{"id":"https://openalex.org/S150218641","display_name":"Programming and Computer Software","issn_l":"0361-7688","issn":["0361-7688","1608-3261"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310320267","host_organization_name":"Pleiades Publishing","host_organization_lineage":["https://openalex.org/P4310320267","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Pleiades Publishing","Springer Nature"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Programming and Computer Software","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/10","score":0.47999998927116394,"display_name":"Reduced inequalities"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W2020841721","https://openalex.org/W2046699259","https://openalex.org/W2084974764","https://openalex.org/W2139668965","https://openalex.org/W2140021378","https://openalex.org/W2158798798","https://openalex.org/W2313162456","https://openalex.org/W2346126440","https://openalex.org/W2562826479","https://openalex.org/W2737936389","https://openalex.org/W2911898107","https://openalex.org/W2914203055","https://openalex.org/W3004911069","https://openalex.org/W4240399292"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2029684113","https://openalex.org/W2060629665","https://openalex.org/W3154138117","https://openalex.org/W2063408151","https://openalex.org/W3144105599","https://openalex.org/W999383042","https://openalex.org/W2343071821","https://openalex.org/W2390279801","https://openalex.org/W2893160992"],"abstract_inverted_index":{"This":[0],"paper":[1],"is":[2,38,64,100,137,141,144,162,193,199,291],"dedicated":[3],"to":[4,65,102,126,147,179,206,252,300],"finding":[5],"taint-based":[6],"errors":[7,15,69],"in":[8],"the":[9,54,57,88,103,127,132,190,221,235,238,245,286,288],"source":[10],"code":[11],"of":[12,20,56,90,209,228,237,244,255,264,274,306],"programs,":[13],"i.e.,":[14],"caused":[16],"by":[17,30],"unsafe":[18],"use":[19],"data":[21,211,233],"from":[22,131,234,298],"external":[23],"sources,":[24],"which":[25,99,143],"could":[26],"potentially":[27],"be":[28,60,177],"modified":[29,92],"a":[31,41,91,94,110,135,303],"malefactor.":[32],"The":[33,43,62,107,151,201,213,224,248,293],"interprocedural":[34],"static":[35],"analyzer":[36,44,108,202],"Svace":[37,85],"used":[39,146,178],"as":[40,67,70,217,240,242,257],"basis.":[42],"searches":[45],"for":[46,184,277],"both":[47,154],"program":[48,58],"defects":[49,208],"and":[50,76,113,157,262,280],"suspicious":[51],"points":[52],"where":[53],"logic":[55],"may":[59],"corrupted.":[61],"goal":[63],"find":[66,207],"many":[68],"possible":[71,275],"at":[72,170],"an":[73,197],"acceptable":[74],"speed":[75,156],"low":[77],"false":[78,294,307],"positive":[79],"rate":[80,296],"(<20\u201335%).":[81],"For":[82],"this":[83,120,188],"purpose,":[84],"builds,":[86],"with":[87,167,302],"help":[89],"compiler,":[93],"low-level":[95],"typed":[96],"intermediate":[97],"representation,":[98],"input":[101],"main":[104,246],"SvEng":[105],"analyzer.":[106],"constructs":[109],"call":[111,128,149],"graph":[112],"then":[114,145],"carries":[115],"out":[116,181],"summary-based":[117],"analysis.":[118],"In":[119,187],"analysis,":[121],"functions":[122,230,265],"are":[123,215,226,250,282],"traversed":[124],"according":[125],"graph,":[129],"starting":[130],"leaves.":[133],"Once":[134],"function":[136],"analyzed,":[138],"its":[139],"summary":[140],"created,":[142],"analyze":[148],"instructions.":[150],"analysis":[152,161],"has":[153,203],"high":[155],"good":[158],"scalability.":[159],"Intraprocedural":[160],"based":[163,219],"on":[164,220],"symbolic":[165],"execution":[166],"state":[168],"merging":[169],"join":[171],"points.":[172],"An":[173],"SMT":[174,191],"solver":[175,192],"can":[176],"filter":[180],"infeasible":[182],"paths":[183],"some":[185],"checkers.":[186],"case,":[189],"called":[194],"only":[195],"if":[196],"error":[198],"suspected.":[200],"been":[204],"extended":[205],"tainted":[210,278],"use.":[212],"checkers":[214],"implemented":[216],"plugins":[218],"source\u2013sink":[222],"scheme.":[223],"sources":[225],"calls":[227,263],"library":[229],"that":[231,266,271],"receive":[232],"outside":[236],"program,":[239],"well":[241],"arguments":[243],"function.":[247],"sinks":[249],"accesses":[251],"arrays,":[253],"uses":[254],"variables":[256],"steps":[258],"or":[259],"loop":[260],"boundaries,":[261],"require":[267],"checked":[268],"arguments.":[269],"Checkers":[270],"cover":[272],"most":[273],"vulnerabilities":[276],"integers":[279],"strings":[281],"implemented.":[283],"To":[284],"assess":[285],"coverage,":[287],"Juliet":[289],"project":[290],"used.":[292],"negative":[295],"ranges":[297],"46.31%":[299],"81.17%":[301],"small":[304],"number":[305],"positives.":[308]},"counts_by_year":[{"year":2022,"cited_by_count":3}],"updated_date":"2026-04-02T13:48:15.688549","created_date":"2025-10-10T00:00:00"}