Abstract
Applications are one of the most used attack surfaces, and they must be secured at source code level, early in the development phase. Static Analysis Security Testing solutions, able to detect vulnerabilities in source code are limited to the most used programming languages and development frameworks. The proposed method consists of a security scanning solution based on an Intermediate Representation of source code which is loosely coupled with the programming language structure and to the data flow, preserving at the same time the security vulnerability patterns. The ability to identify vulnerable source code snippets in the Intermediate Representation of the original source code is the core idea for this research project. Using loosely coupled control flows and data flows representations of the original source code enables the development of new security scanners, which in the future will be able to evaluate applications written in new and exotic languages.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
