Abstract
The security defect detection technology based on source code usually makes use of static analysis methods to detect security vulnerabilities in the test software, which does not consider the runtime information of program execution and the interaction information with the program runtime surrounding environment, so the security defect detection technology based on source code usually results in higher false positive rate. The binary program vulnerability detection methods based upon dynamic analysis usually have lower false positive rate, but their effectiveness depends entirely on test case generation, the detection efficiency of dynamic analysis based on binary program is lower. Moreover, the research of source code vulnerability detection technique and binary executable vulnerability detection technique are essentially fragmented, without considering the relationship between the two classes of methods. In order to improve the efficiency for source code and binary executables vulnerability detection, we presents a collaborative analysis method for vulnerability detection of source code and binary executables based upon the unified defect mode set, meanwhile, we verify the effectiveness of our method using a concrete example in this paper.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
