A method for detecting code security vulnerability based on variables tracking with validated-tree

作     者：Zhefei ZHANG Qinghua ZHENG Xiaohong GUAN Qing WANG Tuo WANG 

作者机构：MOE Key Lab for Intelligent and Network SecurityXi’an Jiaotong UniversityXi’an 710049China State Key Laboratory for Manufacturing Systems EngineeringXi’an Jiaotong UniversityXi’an 710049China Center for Intelligent and Networked SystemsDepartment of AutomationTsinghua UniversityBeijing 100084China 

出 版 物：《Frontiers of Electrical and Electronic Engineering in China》 (中国电气与电子工程前沿（英文版）)

年 卷 期：2008年第3卷第2期

页      面：162-166页

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：supported by the National Natural Science Foundation of China (Grant No.60574087) the Hi-Tech Research and Development Program of China (Nos.2007AA01Z475,2007AA01Z480,2007AA01Z464) the 111 International Collaboration Program of China 

主　　题：vulnerability detection database security SQL injection 

摘      要：SQL injection poses a major threat to the application level security of the database and there is no systematic solution to these *** from traditional run time security strategies such as IDS and fire-wall,this paper focuses on the solution at the outset;it presents a method to find vulnerabilities by analyzing the source *** concept of validated tree is developed to track variables referenced by database operations in *** checking whether these variables are influenced by outside inputs,the database operations are proved to be secure or *** method has advantages of high accuracy and efficiency as well as low costs,and it is universal to any type of web application *** is implemented by the software code vulnerabilities of SQL injection detector(CVSID).The validity and efficiency are demonstrated with an example.