Research On Source Code Analysis Method Based On Security Rule

Software security, as the inevitable demand of software in the internet age, is a higherrequirement of software quality. In recent years, with the rapid development of Internettechnology, software security situation becomes more severe. Therefore, much attentionhas been paid to software security testing for these years. However, the size of source codeincreases because the function of application software is getting more powerful, whichmakes it difficult to detect potential security vulnerabilities in the source code throughtraditional software testing methods. Moreover, the patterns of security vulnerabilities thatcan be exploited are no longer confined to the past common vulnerabilities. Therefore, thesource code analysis method, which can detect potential security vulnerabilities in thesource code based on custom security rules accurately and efficiently, has become asubject worthy of research.The source code analysis method based on security rule implements the securitytesting of source code by matching the source code with the patterns in the security rulebased on preprocessing the source code. Specifically, the source code will be transformedinto the intermediate representation(IR) through building the abstract syntax tree(AST)and traversing the AST based on the lexical and syntax analysis at first. And then controlflow graph, data flow graph and function call graph will be obtained by using dependencyanalysis techniques. Based on the source code preprocessing, security rules can bedescribed by security rule description language, and the vulnerability pattern that isabstracted as a finite state machine will be attempted to match with the IR of the sourcecode. And then the relevant variables in the source code will be bound. Meanwhile, thesecurity vulnerability state machines for each bound variable will be generated, and therelevant graph structures will be traversed while the state transitions of each securityvulnerability state machine will be tracked. When the state of security vulnerability state machine transforms into the unsafe state that defined in the security rule, the vulnerabilitydetection is completed and the reports will be generated.The experiments show that the source code analysis system based on security rule issuperior to the existing security testing tool in the simplicity of rule definition, theefficiency and accuracy of detection with the desired results in the case of the detection ofa large-scale source code.