24 0

Applying dataflow analysis to detecting software vulnerability

Title
Applying dataflow analysis to detecting software vulnerability
Author
도경구
Keywords
Dataflow analysis; Software vulnerability; Static analysis
Issue Date
2008-02
Publisher
IEEE
Citation
2008 10th International Conference on Advanced Communication Technology, Page. 255-258
Abstract
In this paper, we propose a software vulnerability checker which takes rules describing vulnerability patterns and a source program as input and detects locations and paths of the patterns in the program. Simple and flow patterns for vulnerabilities are described as rules in the specification language we designed. The lightweight control and data flow analysis is necessary to detect flow patterns. Newly discovered vulnerability patterns can easily be added to the existing rules. We implement the detector in three parts: a pattern matcher which finds locations of vulnerabilities in source program, a flow graph constructor which extracts the control flow and data flow from the program, and a flow analyzer which finds program’s vulnerable execution paths.
URI
https://ieeexplore.ieee.org/document/4493756http://repository.hanyang.ac.kr/handle/20.500.11754/104319
ISSN
1738-9445
DOI
10.1109/ICACT.2008.4493756
Appears in Collections:
COLLEGE OF COMPUTING[E] > COMPUTER SCIENCE(소프트웨어학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE