Modeling and Visualizing Security Properties of Code using Dependence Graphs∗
نویسنده
چکیده
In this paper we discuss the problem of modeling security properties, including what we call the dual modeling problem, and ranking of potential vulnerabilities. The discussion is based on the results of a brief survey of eight existing static analysis tools and our own experience. We propose dependence graphs decorated with type and range information as a generic way of modeling security properties of code. These models can be used to characterize both good and bad programming practice as shown by our examples. They can also be used to visually explain code properties to the programmer. Finally, they can be used for pattern matching in static security analysis of code.
منابع مشابه
Based Software Security Assessments 1 Schedule 3 Pattern Matching Security Properties of Code using Dependence Graphs
In recent years researchers have presented several tools for statically checking security properties of C code. But they all (currently) focus on one or two categories of security properties each. We have proposed dependence graphs decorated with type-cast and range information as a more generic formalism allowing both for visual communication with the programmer and static analysis checking se...
متن کاملPattern Matching Security Properties of Code using Dependence Graphs
In recent years researchers have presented several tools for statically checking security properties of C code. But they all (currently) focus on one or two categories of security properties each. We have proposed dependence graphs decorated with type-cast and range information as a more generic formalism allowing both for visual communication with the programmer and static analysis checking se...
متن کاملEvaluation of social livability components and their interpretive structural modeling, case study: Qaen city
Introduction In the current century, known as the century of cities, a significant part of the world's population lives in cities and the trend of increasing urbanization continues. In such circumstances, the important question is to what extent cities are suitable places for human life. Hence, the concept of urban livability and livable city has become one of the most widely used concepts in...
متن کاملJ-Viz: Sibling-First Recursive Graph Drawing for Visualizing Java Bytecode
We describe a graph visualization tool for visualizing Java bytecode. Our tool, which we call J-Viz, visualizes connected directed graphs according to a canonical node ordering, which we call the siblingfirst recursive (SFR) numbering. The particular graphs we consider are derived from applying Shiver’s k-CFA framework to Java bytecode, and our visualizer includes helpful links between the node...
متن کاملInformation Flow Control with System Dependence Graphs - Improving Modularity, Scalability and Precision for Object Oriented Languages
This work is concerned with the field of static program analysis —in particular with analyses aimed to guarantee certain security properties of programs, like confidentiality and integrity. Our approach uses socalled dependence graphs to capture the program behavior as well as the information flow between the individual program points. Using this technique, we can guarantee for example that a p...
متن کامل