2015. Adrian Herrera, Ben Cheney (@cheneyben). See PDF online, tweet.

This paper is about malware detection, not about defect detection.

1 JMD uses combination of (1) symbolic execution, (2) instrumentation and (3) dynamic analysis. They use Java PathFinder and AspectJ. Number of vulnerabilities increases from 2001 to 2013. The most common delivery for exploits is a Java applet (read about!). Application is executed under sandbox. There is a problem: malware can evade detection by remaining dormant until trigger is met, solution: alternative paths exploration (using SE). 2 Tool works with Java bytecode. There is no native code deterctors. (see later).

Sergey Vartanov, 2007–2020