CogniCrypt is a very performant tool, however there are some cases where the results generated by the analysis can be improved. Inherently a static analysis cannot “know” runtime values, however this poses the question of the amount of benefit that runtime values can provide to an analysis, especially in an application security context. This session presents recent and ongoing work on introducing dynamic elements to CogniCrypt’s analysis by utilizing a novel representation of analysis input and running in a novel environment. This work focuses on a collaboration between CogniCrypt and the Eclipse open source project, OpenJ9.

Tue 16 Jul

panathon-2019-papers
13:30 - 15:00: Panathon 2019 - Dynamic CogniCrypt – Static Failures and Dynamic Successes at Epernay
panathon-2019-papers13:30 - 15:00
Demonstration
Kristen NewburyUniversity of Alberta