2019 Proceeding- Program Chairs:
- Piotr Mardziel,
- Niki Vazou
It is our great pleasure to welcome you to the 14th ACM SIGSAC Workshop on Programming Languages and Analysis for Security (PLAS 2019), co-located with the 26th ACM Conference on Computer and Communications Security (ACM CCS 2019). Over its 14 years PLAS has provided a forum for exploring and evaluating the use of programming language and program analysis techniques for promoting security in the complete range of software systems, from compilers to machine learnt models.
Proceeding Downloads
Are All Firewall Systems Equally Powerful?
Firewalls are a fundamental tool for managing and protecting computer networks. They not only permit specifying which packets are allowed to enter a network, but also how these packets are modified by translating IP addresses and performing port ...
Unacceptable Behavior: Robust PDF Malware Detection Using Abstract Interpretation
The popularity of the PDF format and the rich JavaScript environment that PDF viewers offer make PDF documents an attractive attack vector for malware developers. PDF documents present a serious threat to the security of organizations because most users ...
High-Level Cryptographic Abstractions
The interfaces exposed by commonly used cryptographic libraries are clumsy, complicated, and assume an understanding of cryptographic algorithms. The challenge is to design high-level abstractions that require minimum knowledge and effort to use while ...
An Empirical Study of Information Flows in Real-World JavaScript
Information flow analysis prevents secret or untrusted data from flowing into public or trusted sinks. Existing mechanisms cover a wide array of options, ranging from lightweight taint analysis to heavyweight information flow control that also considers ...
Simple Noninterference by Normalization
Information-flow control (IFC) languages ensure programs preserve the confidentiality of sensitive data. Noninterference, the desired security property of such languages, states that public outputs of programs must not depend on sensitive inputs. In ...