Title :
Code based software security vulnerability analyzing and detecting based on similar characteristic
Author :
An, Xifeng ; Li, Weihua ; Pan, Wei
Author_Institution :
Coll. of Comput. Sci., Northwestern Polytech. Univ., China
Abstract :
Through comprehensive analysis of software security vulnerability, a novel vulnerability detecting method based on similar characteristic is proposed in this paper. The method aims at C Code security detection. Based on Case-based Reasoning technology, the method performs similarity matching between security characteristic of source code and the characteristic of known security vulnerabilities, and calculates the similarity to determine if the code has security vulnerabilities. The experiments demonstrate that the presented method can effectively improve the veracity and efficiency of vulnerability detection. And it solves the problems that current detecting methods based on rule-matching cannot rapidly and accurately handle the large-scale legacy software and structure-complicated software. Furthermore, the definition and selection of threshold also improves the adaptability and agility of detecting method.
Keywords :
security of data; software maintenance; C code security detection; case-based reasoning technology; code based software security vulnerability; legacy software; similarity matching; source code; structure-complicated software; vulnerability detection; Application software; Buffer overflow; Computer security; Information security; Intelligent systems; Knowledge engineering; Large-scale systems; Operating systems; Software maintenance; Software systems;
Conference_Titel :
Intelligent System and Knowledge Engineering, 2008. ISKE 2008. 3rd International Conference on
Conference_Location :
Xiamen
Print_ISBN :
978-1-4244-2196-1
Electronic_ISBN :
978-1-4244-2197-8
DOI :
10.1109/ISKE.2008.4730998
