A Vulnerability Static Detection Method Based on Flow Analysis

被引:0
|
作者
Zhang, Yiqiang [1 ]
Gui, Hui [1 ]
机构
[1] Zhejiang Univ Technol, Coll Comp, Hangzhou 310023, Zhejiang, Peoples R China
来源
2010 INTERNATIONAL CONFERENCE ON INFORMATION, ELECTRONIC AND COMPUTER SCIENCE, VOLS 1-3 | 2010年
关键词
static analysis; vulnerability detection; flow analysis;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The main problem of existing static vulnerability detection methods based on source code analysis is their high false positive and false negative, the main reason is lack of legally check to these data used in the program. Variable as an important component of the program, its validation is particularly important, This paper proposes a new static detection model to variables, this model combines the mature static analysis technology, and borrows the idea of data flow and control flow analysis technique in compiler, it can get contextual information, provide more accurate analysis method to the use of variables in the program.
引用
收藏
页码:592 / 595
页数:4
相关论文
共 50 条
  • [1] Code vulnerability static detection method based on graphrepresentation and MHGAT
    Cheng, Jingyun
    Wang, Buhong
    Luo, Peng
    [J]. Xi Tong Gong Cheng Yu Dian Zi Ji Shu/Systems Engineering and Electronics, 2023, 45 (05): : 1535 - 1543
  • [2] A Static Detection Method for SQL Injection Vulnerability Based on Program Transformation
    Yuan, Ye
    Lu, Yuliang
    Zhu, Kailong
    Huang, Hui
    Yu, Lu
    Zhao, Jiazhen
    [J]. APPLIED SCIENCES-BASEL, 2023, 13 (21):
  • [3] An Android Application Vulnerability Mining Method Based On Static and Dynamic Analysis
    Wang Chao
    Li Qun
    Wang XiaoHu
    Ren TianYu
    Dong JiaHan
    Guo GuangXin
    Shi EnJie
    [J]. PROCEEDINGS OF 2020 IEEE 5TH INFORMATION TECHNOLOGY AND MECHATRONICS ENGINEERING CONFERENCE (ITOEC 2020), 2020, : 599 - 603
  • [4] Static vulnerability detection based on class separation☆
    Zhang, Chunyong
    Xin, Yang
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2023, 206
  • [5] Multi-bit Data Flow Error Detection Method Based on SDC Vulnerability Analysis
    Yan, Zujia
    Zhuang, Yi
    Zheng, Weining
    Gu, Jingjing
    [J]. ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS, 2023, 22 (03)
  • [6] A Method for Software Vulnerability Detection Based on Improved Control Flow Graph
    ZHOU Minmin
    CHEN Jinfu
    LIU Yisong
    ACKAH-ARTHUR Hilary
    CHEN Shujie
    ZHANG Qingchen
    ZENG Zhifeng
    [J]. Wuhan University Journal of Natural Sciences, 2019, 24 (02) : 149 - 160
  • [7] A static comprehensive analytical method for buffer overflow vulnerability detection
    Shao Bilin
    Yan Jiafen
    Bian Genqing
    Zhao Yu
    Song Dan
    [J]. PROCEEDINGS OF THE 2016 INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND ELECTRONIC TECHNOLOGY, 2016, 48 : 151 - 155
  • [8] Efficient vulnerability detection based on an optimized rule-checking static analysis technique
    Chen, Deng
    Zhang, Yan-duo
    Wei, Wei
    Wang, Shi-xun
    Huang, Ru-bing
    Li, Xiao-lin
    Qu, Bin-bin
    Jiang, Sheng
    [J]. FRONTIERS OF INFORMATION TECHNOLOGY & ELECTRONIC ENGINEERING, 2017, 18 (03) : 332 - 345
  • [9] Efficient vulnerability detection based on an optimized rule-checking static analysis technique
    Deng Chen
    Yan-duo Zhang
    Wei Wei
    Shi-xun Wang
    Ru-bing Huang
    Xiao-lin Li
    Bin-bin Qu
    Sheng Jiang
    [J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18 : 332 - 345
  • [10] Efficient vulnerability detection based on an optimized rule-checking static analysis technique
    Deng CHEN
    Yan-duo ZHANG
    Wei WEI
    Shi-xun WANG
    Ru-bing HUANG
    Xiao-lin LI
    Bin-bin QU
    Sheng JIANG
    [J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18 (03) : 332 - 345
12345