Research And Implements On Static Detection Technology For Source-oriented Software Vulnerability

With the advent of information society and the popularization of software applications, more security problems of computer are arising from software vulnerabilities which user concern. Many software security problem is caused by software vulnerabilities. Static analysis of source-oriented software vulnerabilities have already been a research focus of information security in recent years. The static detection of Source-oriented software vulnerability have a significant meaning in software testing, vulnerability mining and vulnerability analysis.The core problem of vulnerability static detection is how to describe these vulnerabilities and how to detect them. Based on this problem, we proposed a static analysis model for software vulnerability to describe and detect software vulnerabilities. Firstly, a detailed study on several common vulnerabilities from the cause, consequences, and the preventive measure of vulnerabilities are used to summarize the characteristics of these vulnerabilities; secondly, formula description is used to describe vulnerabilities' attributes and dependency relationship by predicate logic; then, a quintuple is used to describe and detect vulnerability with vulnerability initial nodes, program state space, vulnerability syntax rules, vulnerability preconditions and post-conditions by generic formula description. Then, we proposed a new program intermediate representation called Vulnerability Executable Path Set which used to take place of traditional path analysis in order to reduce the program state space. After all, a static detection framework based on Vulnerability Executable Path Set is given and solve vulnerability relation nodes with vulnerability syntax rule which we definite on Vulnerability Executable Path Set. Lastly, detect vulnerabilities in the vulnerability relation nodes by the vulnerability discrimination rules we defined in defect patterns.The experimental analysis on 6 open source projects have verified the correctness and feasibility of the formal description model and static detection framework, and the experiment result also show that our method is fit for many types of vulnerabilities. This model which used to define and detect vulnerabilities in this paper provides a good theoretical basis for software Vulnerability. The Vulnerability Executable Path Set is an intermediate representation in program optimization which can improve the efficiency of vulnerability detect in software testing and vulnerability mining.