期刊
JOURNAL OF SYSTEMS AND SOFTWARE
卷 208, 期 -, 页码 -出版社
ELSEVIER SCIENCE INC
DOI: 10.1016/j.jss.2023.111902
关键词
Vulnerability; Security; Static analysis; Manual audits; Petri nets
This paper presents an approach that combines static analysis tools and manual audits to effectively detect various types of security vulnerabilities. By using a special Petri net representation, the proposed method is able to assist in the detection of taint-style vulnerabilities.
Detecting security vulnerabilities is a crucial part in secure software development. Many static analysis tools have proved to be effective in finding vulnerabilities, but generally there are some complex and subtle vulnerabilities that can escape from detection. Manual audits are a complementary approach to using tools. Unfortunately, most manual analyses are tedious and error prone. To benefit from both the tools and manual audits, some approaches incorporate the auditor's expertise into a static analysis tool during vulnerability discovery. Following this strategy, this paper presents a representation of source code called a vulnerability net, which is a special Petri net that integrates with data dependence graphs and control flow graphs. The combined repre-sentation can facilitate the detection of taint-style vulnerabilities such as buffer overflows and injection vul-nerabilities. We test the proposed approach on Securibench Micro and demonstrate that it has the capability to identify a variety of vulnerabilities while keeping the rates of false negatives and positives low.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据