Applying dataflow analysis to detecting software vulnerability
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Hyunha | - |
dc.contributor.author | Choi, Tae hyoung | - |
dc.contributor.author | Jung, Seung cheol | - |
dc.contributor.author | Kim, Hyoung cheol | - |
dc.contributor.author | Lee, Oukseh | - |
dc.contributor.author | Doh, Kyung-Goo | - |
dc.date.accessioned | 2021-06-23T18:03:20Z | - |
dc.date.available | 2021-06-23T18:03:20Z | - |
dc.date.created | 2021-02-18 | - |
dc.date.issued | 2008-02 | - |
dc.identifier.issn | 1738-9445 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/erica/handle/2021.sw.erica/42663 | - |
dc.description.abstract | In this paper, we propose a software vulnerability checker which takes rules describing vulnerability patterns and a source program as input and detects locations and paths of the patterns in the program. Simple and flow patterns for vulnerabilities are described as rules in the specification language we designed. The lightweight control and data flow analysis is necessary to detect flow patterns. Newly discovered vulnerability patterns can easily be added to the existing rules. We implement the detector in three parts: a pattern matcher which finds locations of vulnerabilities in source program, a flow graph constructor which extracts the control flow and data flow from the program, and a flow analyzer which finds program’s vulnerable execution paths. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.title | Applying dataflow analysis to detecting software vulnerability | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Doh, Kyung-Goo | - |
dc.identifier.doi | 10.1109/ICACT.2008.4493756 | - |
dc.identifier.scopusid | 2-s2.0-44249118596 | - |
dc.identifier.wosid | 000254974600048 | - |
dc.identifier.bibliographicCitation | International Conference on Advanced Communication Technology, ICACT, pp.255 - 258 | - |
dc.relation.isPartOf | International Conference on Advanced Communication Technology, ICACT | - |
dc.citation.title | International Conference on Advanced Communication Technology, ICACT | - |
dc.citation.startPage | 255 | - |
dc.citation.endPage | 258 | - |
dc.type.rims | ART | - |
dc.description.journalClass | 3 | - |
dc.description.isOpenAccess | N | - |
dc.description.journalRegisteredClass | other | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Software Engineering | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Theory & Methods | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Dataflow analysis | - |
dc.subject.keywordAuthor | Software vulnerability | - |
dc.subject.keywordAuthor | Static analysis | - |
dc.identifier.url | https://ieeexplore.ieee.org/document/4493756/ | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
55 Hanyangdeahak-ro, Sangnok-gu, Ansan, Gyeonggi-do, 15588, Korea+82-31-400-4269 sweetbrain@hanyang.ac.kr
COPYRIGHT © 2021 HANYANG UNIVERSITY. ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.