检索结果-内蒙古大学图书馆

作者： Athos Coimbra Ribeiro University of Sao Paulo

学位级别：硕士

While there is a wide variety of both open source and proprietary source code static analyzers available in the market, each of them usually performs better in a small set of problems, making it hard to choose one single tool to rely on when examining a program. Combining the analysis of different tools may reduce the number of false negatives, but yields a corresponding increase in the number of false positives (which is already high for many tools). An interesting solution, then, is to filter these results to identify the issues least likely to be false positives. This work presents kiskadee, a system to support the usage of static analysis during software development by providing carefully ranked static analysis reports. First, it runs multiple static analyzers on the source code. Then, using a classification model, the potential bugs detected by the static analyzers are ranked based on their importance, with critical flaws ranked first, and potential false positives ranked last. To train kiskadee's classification model, we post-analyze the reports generated by three tools on synthetic test cases provided by the US National Institute of Standards and Technology. To make our technique as general as possible, we limit our data to the reports themselves, excluding other information such as change histories or code metrics. The features extracted from these reports are used to train a set of decision trees using AdaBoost to create a stronger classifier, achieving 0.8 classification accuracy (the combined false positive rate from the used tools was 0.61). Finally, we use this classifier to rank static analyzer alarms based on the probability of a given alarm being an actual bug. Our experimental results show that, on average, when inspecting warnings ranked by kiskadee, one hits 5. 2 times less false positives before each bug than when using a randomly sorted warning list.

关键词： source code static analysis Software quality Software engineering

来源：评论

学校读者我要写书评

暂无评论

The Software Industry's "Clean Water Act" Alternative

引用

IEEE SECURITY & PRIVACY 2012年第3期10卷 24-31页

作者： Martin, Robert A. Christey, Steven M. MITRE Informat & Comp Technol Div Mclean VA USA MITRE Secur & Informat Operat Div Mclean VA USA

With water, we trust that qualities harmful to its intended use aren"t present. To avoid a regulatory solution to problems with contaminants that endanger software"s intended use, the industry needs to implement processes and technical methods for examining software for the contaminants that are most dangerous given its intended use. By finding systematic and verifiable ways to identify remove, and verify contaminated software, software providers can improve customers" confidence in systems and possibly avoid regulatory solutions.

关键词： source code static analysis Vulnerability Severity Security Weakness Risk Risk Management Software Flaws Design Mistakes Coding Errors Security Mistakes code Assessment Application Security Operational Impact Prioritization

来源：评论

学校读者我要写书评

暂无评论

Combining static analysis and dynamic symbolic execution in a toolchain to detect fault injection vulnerabilities

引用

JOURNAL OF CRYPTOGRAPHIC ENGINEERING 2024年第1期14卷 147-164页

作者： Lacombe, Guilhem Feliot, David Boespflug, Etienne Potet, Marie-Laure Univ Grenoble Alpes Grenoble France CEA LETI CESTI Grenoble France Verimag Grenoble France

Certification through auditing allows to ensure that critical embedded systems are secure. This entails reviewing their critical components and checking for dangerous execution paths. This latter task requires the use of specialized tools which allow to explore and replay executions but are also difficult to use effectively within the context of the audit, where time and knowledge of the code are limited. Fault analysis is especially tricky as the attacker may actively influence execution, rendering some common methods unusable and increasing the number of possible execution paths exponentially. In this work, we present a new method which mitigates these issues by reducing the number of fault injection points considered to only the most relevant ones relatively to some security properties. We use fast and robust static analysis to detect injection points and assert their impactfulness. A more precise dynamic/symbolic method is then employed to validate attack paths. This way the insight required to find attacks is reduced and dynamic methods can better scale to realistically sized programs. Our method is implemented into a toolchain based on Frama-C and KLEE and validated on WooKey, a case study proposed by the National Cybersecurity Agency of France.

关键词： Fault injection robustness evaluation source code static analysis Symbolic execution WooKey bootloader use-case

来源：评论

学校读者我要写书评

暂无评论

Detecting and Removing Web Application Vulnerabilities with static analysis and Data Mining

引用

IEEE TRANSACTIONS ON RELIABILITY 2016年第1期65卷 54-69页

作者： Medeiros, Iberia Neves, Nuno Correia, Miguel Univ Lisbon Fac Ciencias LaSIGE P-1699 Lisbon Portugal Univ Lisbon Inst Super Tecn INESC ID P-1699 Lisbon Portugal Univ Lisbon Inst Super Tecn P-1699 Lisbon Portugal INESC ID P-1699 Lisbon Portugal

6Although a large research effort on web application security has been going on for more than a decade, the security of web applications continues to be a challenging problem. An important part of that problem derives from vulnerable source code, often written in unsafe languages like PHP. source code static analysis tools are a solution to find vulnerabilities, but they tend to generate false positives, and require considerable effort for programmers to manually fix the code. We explore the use of a combination of methods to discover vulnerabilities in source code with fewer false positives. We combine taint analysis, which finds candidate vulnerabilities, with data mining, to predict the existence of false positives. This approach brings together two approaches that are apparently orthogonal: humans coding the knowledge about vulnerabilities (for taint analysis), joined with the seemingly orthogonal approach of automatically obtaining that knowledge (with machine learning, for data mining). Given this enhanced form of detection, we propose doing automatic code correction by inserting fixes in the source code. Our approach was implemented in the WAP tool, and an experimental evaluation was performed with a large set of PHP applications. Our tool found 388 vulnerabilities in 1.4 million lines of code. Its accuracy and precision were approximately 5% better than PhpMinerII's and 45% better than Pixy's.

关键词： Automatic protection data mining false positives input validation vulnerabilities software security source code static analysis web applications

来源：评论

学校读者我要写书评

暂无评论

Ranking Warnings from Multiple source code static Analyzers via Ensemble Learning 19

Ranking Warnings from Multiple Source Code Static Analyzers ...

引用

15th International Symposium on Open Collaboration (OpenSym)

作者： Ribeiro, Athos Meirelles, Paulo Lago, Nelson Kon, Fabio Univ Sao Paulo FLOSS Competence Ctr Sao Paulo Brazil Univ Fed Sao Paulo Sao Paulo Brazil

ISBN: (纸本)9781450363198

关键词： source code static analysis Vulnerability warnings Free Software Open source Software

来源：评论

学校读者我要写书评

暂无评论

Deriving Coupling Metrics from Call Graphs

Deriving Coupling Metrics from Call Graphs

引用

10th IEEE Working Conference on source code analysis and Manipulation (SCAM)

作者： Allier, Simon Vaucher, Stephane Dufour, Bruno Sahraoui, Houari Univ Bretagne Sud VALORIA Lorient France Univ Montreal DIRO Montreal PQ Canada

ISBN: (纸本)9780769541785

Coupling metrics play an important role in empirical software engineering research as well as in industrial measurement programs. The existing coupling metrics have usually been defined in a way that they can be computed from a static analysis of the source code. However, modern programs extensively use dynamic language features such as polymorphism and dynamic class loading that are difficult to capture by static analysis. Consequently, the derived metric values might not accurately reflect the state of a program. In this paper, we express existing definitions of coupling metrics using call graphs. We then compare the results of four different call graph construction algorithms with standard tool implementations of these metrics in an empirical study. Our results show important variations in coupling between standard and call graph-based calculations due to the support of dynamic features.

关键词： call graph construction algorithm call graphs call graphs coupling coupling metrics dynamic class loading dynamic language features empirical study graph theory industrial measurement program metrics polymorphism program diagnostics software engineering software metrics software quality source code static analysis

来源：评论

学校读者我要写书评

暂无评论

A Study on Low Complexity Models to Predict Flaws in the Linux source code 12

A Study on Low Complexity Models to Predict Flaws in the Lin...

引用

12th Iberian Conference on Information Systems and Technologies (CISTI)

作者： Kanashiro, Lucas Ribeiro, Athos Silva, David Meirelles, Paulo Terceiro, Antonio Univ Sao Paulo FLOSS Competence Ctr Sao Paulo Brazil Univ Brasilia UnB Fac Gama Brasilia DF Brazil Linaro Ltd QA Serv Team Curitiba Parana Brazil

ISBN: (纸本)9781509050475

Due to the constant evolution of technology, each day brings new programming languages, development paradigms, and ways of evaluating processes. This is no different with source code metrics, where there is always new metric classes. To use a software metric to support decisions, it is necessary to understand how to perform the metric collection, calculation, interpretation, and analysis. The tasks of collecting and calculating source code metrics are most often automated, but how should we monitor them during the software development cycle? Our research aims to assist the software engineer to monitor metrics of vulnerability threats present in the source code through a reference prediction model, considering that real world software have non-functional security requirements, which implies the need to know how to monitor these requirements during the software development cycle. As a first result, this paper presents an empirical study on the evolution of the Linux project. Based on static analysis data, we propose low complexity models to study flaws in the Linux source code. About 391 versions of the project were analyzed by mining the official Linux repository using an approach that can be reproduced to perform similar studies. Our results show that it is possible to predict the number of warnings triggered by a static analyzer for a given software project revision as long as the software is continuously monitored.

关键词： source code static analysis source code Metrics Common Weakness Enumeration Prediction Linux

来源：评论

学校读者我要写书评

暂无评论

IMPROVING VULNERABILITY DETECTION OF WAP

IMPROVING VULNERABILITY DETECTION OF WAP

引用

作者： Miguel Amorim Fale Universidade de Lisboa

学位级别：硕士

For over two decades, the web has been evolving from a simple set of hypermedia documents to a complex ecosystem of web applications that are supported by various frameworks. This paradigm shift has been promoting a series of practices that lead to an increasing number of vulnerabilities, which can compromise the security of web appli- cations. One of the main contributing factors lies in vulnerable source code, written in unsafe languages such as PHP. In order to mitigate the problem, a large research effort on web application security has occurred over the past years. source code static analysis tools perform the task of finding program vulnerabilities in an automated fashion. These tools offer superior code coverage, easier integration into the application development cycle, and do not require the actual code to be executed. They instead perform source code analysis, looking for poten- tial bugs while inspecting the program code. However, the analysis performed by these tools depends on their knowledge of the classes of vulnerabilities and the implementation of analysis techniques, such as taint analysis. This means that, on one hand, the tools only search for vulnerabilities in the source code that they hold knowledge of, being unable to find other kinds of problems. On the other hand, the tools may generate false positives and false negatives, due to the limitations and incompleteness of implemented analysis techniques. One of such tools is the Web Application Protection (WAP). The main objective of this dissertation is to identify problems with WAP and improve its vulnerability detec- tion capabilities, when processing open source PHP code. Four static analysis tools - WAP, Pixy, phpSAFE and RIPS - are evaluated against a set of WordPress plugins that are known to be vulnerable, in order to collect examples of incorrect processing of the tools which lead, for instance, to false negatives. Additionally, we define and evaluate several use cases for a common foun

关键词： source code static analysis input validation vulnerabilities circular dependencies web application security software security

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：