Title :
Applying Dataflow Analysis to Detecting Software Vulnerability
Author :
Kim, Hyunha ; Choi, Tae-Hyoung ; Jung, Seung-Cheol ; Kim, Hyoung-Cheol ; Lee, Oukseh ; Doh, Kyung-Goo
Author_Institution :
Dept. of Comput. Sci. & Eng., Hanyang Univ., Seoul
Abstract :
In this paper, we propose a software vulnerability checker which takes rules describing vulnerability patterns and a source program as input and detects locations and paths of the patterns in the program. Simple and flow patterns for vulnerabilities are described as rules in the specification language we designed. The lightweight control and data flow analysis is necessary to detect flow patterns. Newly discovered vulnerability patterns can easily be added to the existing rules. We implement the detector in three parts: a pattern matcher which finds locations of vulnerabilities in source program, a flow graph constructor which extracts the control flow and data flow from the program, and a flow analyzer which finds program´s vulnerable execution paths.
Keywords :
data flow analysis; data flow graphs; object-oriented methods; pattern matching; software maintenance; software reliability; specification languages; dataflow analysis; flow graph constructor; flow pattern design; lightweight control; pattern matcher; program vulnerable execution path; software vulnerability checker; source program; specification language; Computer science; Data analysis; Detectors; Engines; Flow graphs; Information analysis; Pattern analysis; Pattern matching; Specification languages; Testing; Dataflow Analysis; Software Vulnerability; Static Analysis;
Conference_Titel :
Advanced Communication Technology, 2008. ICACT 2008. 10th International Conference on
Conference_Location :
Gangwon-Do
Print_ISBN :
978-89-5519-136-3
DOI :
10.1109/ICACT.2008.4493756
