Static Analysis for Security
نویسندگان
چکیده
source-code security analysis with static analysis tools. Since ITS4's release in early 2000 (www.cigital.com/its4/), the idea of detecting security problems through source code has come of age. ITS4 is extremely simple—the tool basically scans through a file looking for syntactic matches based on several simple " rules " that might indicate possible security vulnera-bilities (for example, use of str-cpy() should be avoided). Much better approaches exist. Programmers make little mistakes all the time—a missing semicolon here, an extra parenthesis there. Most of the time, these gaffes are inconsequential; the compiler notes the error, the programmer fixes the code, and the development process continues. This quick cycle of feedback and response stands in sharp contrast to what happens with most security vulner-abilities, which can lie dormant (sometimes for years) before discovery. The longer a vulnerability lies dormant, the more expensive it can be to fix, and adding insult to injury, the programming community has a long history of repeating the same security-related mistakes. The promise of static analysis is to identify many common coding problems automatically before a program is released. Static analysis tools examine the text of a program statically, without attempting to execute it. Theoretically , they can examine either a pro-gram's source code or a compiled form of the program to equal benefit , although the problem of decoding the latter can be difficult. We'll focus on source code analysis here because that's where the most mature technology exists. Manual auditing, a form of static analysis, is very time-consuming , and to do it effectively, human code auditors must first know what security vulnerabilities look like before they can rigorously examine the code. Static analysis tools compare favorably to manual audits because they're faster, which means they can evaluate programs much more frequently, and they encapsulate security knowledge in a way that doesn't require the tool operator to have the same level of security expertise as a human auditor. Just as a programmer can rely on a compiler to consistently enforce the finer points of language syntax, the operator of a good static analysis tool can successfully apply that tool without being aware of the finer points of security bugs. Testing for security vulnerabili-ties is complicated by the fact that they often exist in hard-to-reach states or crop up in unusual circumstances. Static analysis tools can peer into more of a program's dark corners with less fuss than …
منابع مشابه
Static Security Constrained Generation Scheduling Using Sensitivity Characteristics of Neural Network
This paper proposes a novel approach for generation scheduling using sensitivitycharacteristic of a Security Analyzer Neural Network (SANN) for improving static securityof power system. In this paper, the potential overloading at the post contingency steadystateassociated with each line outage is proposed as a security index which is used forevaluation and enhancement of system static security....
متن کاملThe Need for Fourth Generation Static Analysis Tools for Security – From Bugs to Flaws
This paper discusses some of the limitations of the current (third) generation static code analyzers for security available on the market today and gives reasons for the plateau in their usefulness to a code reviewer. We further describe some of the characteristics of the next generation static analysis technology that will enable a new quantum leap in the space of static analysis with tools th...
متن کاملStatic Analysis Tools for Security: A Comparative Evaluation
Static analysis tools check the software for potential vulnerabilities and hence software security is improved with their usage. They prevent a wide range of difficulties those one can face at a later stage, in case, the flaws are not detected at an early stage in Software Development Life Cycle. For static analysis, a number of static analysis tools are available nowadays, which include both c...
متن کاملSecurity Audit using Extended Static Checking: Is It Cost-effective Yet?
This paper describes our experience of doing variation analysis of known security vulnerabilities in C++ projects including core operating system and browser COM components, using an extended static checker HAVOC-LITE. We describe the extensions made to the tool to be applicable on such large components, along with our experience of using an extended static checker in the large. We argue that t...
متن کاملCollaborative Security Code-Review Towards Aiding Developers Ensure Software-Security
Humans make mistakes, and software programmers are no exception. Software vulnerabilities are discovered everyday; close to 8,000 vulnerabilities were reported in 2014, and almost 2,500 were reported in the first four months of 2015 [9]. Microsoft Security Response Centre defines software vulnerabilities as a security exposure that results from a product weakness that the product developer did ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEEE Security & Privacy
دوره 2 شماره
صفحات -
تاریخ انتشار 2004