Code Based Software Security Vulnerability Analyzing and Detecting Based on Similar Characteristic
Through comprehensive analysis of softwaresecurity vulnerability,a novel vulnerability detectingmethod based on similar characteristic is proposed inthis paper.The method aims at C Code securitydetection.Based on Case-based Reasoning technology,the method performs similarity matching betweensecurity characteristic of source code and thecharacteristic of known security vulnerabilities,andcalculates the similarity to determine if the code hassecurity vulnerabilities.The experiments demonstratethat the presented method can effectively improve theveracity and efficiency of vulnerability detection.Andit solves the problems that current detecting methodsbased on rule-matching cannot rapidly and accuratelyhandle the large-scale legacy software and structure-complicated software.Furthermore,the definition andselection of threshold also improves the adaptabilityand agility of detecting method
Xifeng An Weihua Li Wei Pan
College of Computer Science Northwestern Polytechnical University,China
国际会议
厦门
英文
584-589
2008-11-17(万方平台首次上网日期,不代表论文的发表时间)