期刊文献+

基于控制流切片的代码安全缺陷检测方法

Method to detect vulnerary based on control flow slices
下载PDF
导出
摘要 为轻松获得程序的可能执行路径,进而实现程序变量的状态跟踪,提出了一种C/C++源代码控制流提取算法,通过该模型获取控制流切片,产生局部控制流图,将数据流异常检测与安全子集检测相结合,弥补了单独使用安全子集方法无法跟踪数据流的不足,增强代码安全隐患的挖掘能力。利用控制流图化简,排除部分不可达控制流信息,提高跟踪效率。通过对3个Linux内核源文件的检测,验证了该方法不仅可以检测出违反安全子集的代码安全隐患,同时对代码数据流异常检测提供支持,准确率达94.9%。 To acquire the execution paths from the C/C++ source codes to track program variables and to mine capabilities of code security risks,a control flow Abstraction algorithm of C/C++ source code is proposed to feasibly obtain control flow slices and generate local control flow graph.The data flow anomaly detection and the security subset detection is combined with this model,and the data flow analysis is extended to process and modules to lay the foundation for inter-procedural exception analysis.A simplification method for control flow is used to exclude un–reached control flow information and reduce the number of data flow tracking paths so as to improve the tracking efficiency.Finally,some experimental results show that the model can not only detect violations of safe subset,but also implement data flow anomaly detection.Its accuracy rate is more than 90%.
出处 《计算机工程与设计》 CSCD 北大核心 2012年第6期2265-2271,2304,共8页 Computer Engineering and Design
基金 国家自然科学基金项目(91018003) 中央高校基本科研业务费专项基金项目(1600-852007 1600-893321)
关键词 代码异常 控制流分析 数据流分析 安全子集 控制流化简 code exception control flow analysis data flow analysis security subset control flow simplification
  • 相关文献

参考文献11

二级参考文献94

  • 1R Hastings,B Joyee.Pufify:Fast detection of memory leaks and access errors[C].In:Proceedings of the Winter USENIX Conference, 1999:125-136. 被引量:1
  • 2M Sagiv, T Reps, R Wilhelm.Solving shape-snalysis problems in language with destructive updating[C].In:Symposium on Principles of Programming Languages,St Petersburg Beach,FL,1996-01. 被引量:1
  • 3W Landi,B G Ryder.Safe approximate algorithm for interprocedural pointer aliasing[J].ACM SIGPLAN Notices,1992;27(7):235-248. 被引量:1
  • 4R P Wilson,M S Lain.Efficient context-sensitive pointer analysis for C program[C].In : Proceedings of the ACM SIGPLAN' 95 Conference on Programming Language Design and Implementation ( PLDI ), LaJolla, California, 1995 : 18-21. 被引量:1
  • 5P Fradet,R Caugne,D L Metayer.Static detection of pointer errors: An axiomatisation and a checking algorithm[C].In:H R Nielson ed.Programming Languages and Systems-ESOP'96,6th European Symposium on Programming,volume 1058 of LNCS,Linkoping,Sweden,Springer, 1996-04 : 22-24. 被引量:1
  • 6R Ghiya,L Hendren.Putting pointer analysis to work[C].In: Symposium on Principles of Programming Languages, 1998-01. 被引量:1
  • 7Bernhard Scholz , Johann Blieberger, Thomas Fahringer. Symbolic pointer analysis for detecting memory leaks[J].Real Time Systems Journal, 2002. 被引量:1
  • 8M Emami,R Ghiya,L J Hendren.Context-sensitive interprocedural points-to analysis in the presence of function pointers[J],ACM SIGPLAN Notices, 1994;29(6):242-256. 被引量:1
  • 9W R Bush,J D Pincus,D J Sielaff, A static analyzer for finding dynamic programming errors [ J]. Software - Practiceand Experience, 2000;30(7) :775-802. 被引量:1
  • 10唐发根,钱红兵.Ada软件数据流分析方法及其实现[J].北京航空航天大学学报,1997,23(1):25-29. 被引量:1

共引文献76

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部