Finding software vulnerabilities in source code before the program gets deployed is crucial to ensure the software quality. Existing source code auditing tools for vulnerability detection generate too many false positives, and only limited types of vulnerability can be detected automatically. In this paper, we propose an extendable mechanism to reveal vulnerabilities in source code with low false positives by specifying security requirements and detecting requirement violations of the potential vulnerable sinks. The experimental results show that the proposed mechanism can detect vulnerabilities with zero false positives and indicate the extendability of the mechanism to cover more types of vulnerabilities.

A novel time-series relationship among four consecutive real-valued single-tone sinusoid samples is proposed based on their linear prediction property. In order to achieve unbiased frequency estimates for a real sinusoid in white noise, based on the proposed four-point time-series relationship, a constrained least squares cost function is minimized based on the unit-norm principle. Closed-form expressions for the variance and the asymptotic expression for the variance of the proposed frequency estimator are derived, facilitating a theoretical performance comparison with the existing three-point counterpart, called as the reformed Pisarenko harmonic decomposer (RPHD). The region of performance advantage of the proposed four-point based constrained least squares frequency estimator over the RPHD is also discussed. Computer simulations are conducted to support our theoretical development and to compare the proposed estimator performance with the RPHD as well as the Cramer-Rao lower bound (CRLB).

This letter studies the problem of cooperative spectrum sensing in wideband cognitive radio networks. Based on the basis expansion model (BEM), the problem of estimation of power spectral density (PSD) is transformed to estimation of BEM coefficients. The sparsity both in frequency domain and space domain is used to construct a sparse estimation structure. The theory of L1/2 regularization is used to solve the compressed sensing problem. Simulation results demonstrate the effectiveness of the proposed method.