static analysis

Cryptographic APIs are often misused. Our dataset of 201 real-world misuses aids research & tool evaluation that aim to mitigate cryptographic API misuses.

This paper presents a static taint analysis for Go, a statically typed language with concurrent programming features like goroutines and channel communication. The analysis focuses on secure information flow to prevent vulnerabilities caused by unchecked user input, offering solutions for both context-sensitive taint analysis and channel communication in Go.

This paper presents current information flow analyses for Go applications, discussing future uses of static analysis at runtime to enhance precision and optimize checks. It focuses on unique Go features like closures and message-based communication via channels