首页    期刊浏览 2024年12月01日 星期日
登录注册

文章基本信息

  • 标题:Stacy-static code analysis for enhanced vulnerability detection
  • 本地全文:下载
  • 作者:Pankaj Lathar ; Raunak Shah ; Srinivasa K G
  • 期刊名称:Cogent Engineering
  • 电子版ISSN:2331-1916
  • 出版年度:2017
  • 卷号:4
  • 期号:1
  • 页码:1335470
  • DOI:10.1080/23311916.2017.1335470
  • 语种:English
  • 出版社:Taylor and Francis Ltd
  • 摘要:Abstract Computer program analysis refers to the automatic analysis of the behavior of a user defined program. An application of program analysis is to determine the quality of source code. Humans are prone to errors and, in most cases, the penalty of deploying low quality code is very high for a large organization. These errors often give rise to potential security vulnerabilities in an application, which could be exploited by malicious users. In this paper, we present Stacy—a tool that statically detects potential security vulnerabilities present in input source code. Static program analysis is the examination of source code prior to its execution. Our tool attempts to predict the behavior of a program before it is deployed. Stacy uses novel techniques to detect the primary sources of vulnerability in the source code of a program and informs the developer.
  • 关键词:static analysis ; control flow graph ; uninitialized variables ; buffer overflow ; memory leaks
国家哲学社会科学文献中心版权所有