Survey on static software vulnerability detection for source code
Static software vulnerability detection is mainly divided into two types according to different analysis objects:vulnerability detection for binary code and vulnerability detection for source code.Because the source codecontains more semantic information,it is more favored by code auditors.The exist...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2019-02-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2019001 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Static software vulnerability detection is mainly divided into two types according to different analysis objects:vulnerability detection for binary code and vulnerability detection for source code.Because the source codecontains more semantic information,it is more favored by code auditors.The existing vulnerability detection research works for source code are summarized from four aspects:code similarity-based vulnerability detection,symbolic execution-based vulnerability detection,rule-based vulnerability detection,and machine learning-based vulnerability detection.The vulnerability detection system based on source code similarity and the intelligent software vulnerability detection system for source code are taken as two examples to introduce the process of vulnerability detection in detail. |
|---|---|
| ISSN: | 2096-109X |