Operation System Vulnerabilities Analysis Based on Code Clone Detection
Software vulnerability detection based on code clone detection technology is an important direction in the static analysis of software vulnerability. At present, the existing software vulnerability detection tools have deficie-ncies in the vulnerability detection for large-scale code sets, and lack...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Journal of Computer Engineering and Applications Beijing Co., Ltd., Science Press
2021-09-01
|
| Series: | Jisuanji kexue yu tansuo |
| Subjects: | |
| Online Access: | http://fcst.ceaj.org/CN/abstract/abstract2876.shtml |
| _version_ | 1819122752148209664 |
|---|---|
| author | WANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong |
| author_facet | WANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong |
| author_sort | WANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong |
| collection | DOAJ |
| description | Software vulnerability detection based on code clone detection technology is an important direction in the static analysis of software vulnerability. At present, the existing software vulnerability detection tools have deficie-ncies in the vulnerability detection for large-scale code sets, and lack of optimization for the vulnerability characte-ristics of the operating system. Therefore, based on the code clone detection technology, this paper proposes a method for detecting the vulnerability of the operating system. Firstly, on the basis of the general “code representation-extracting features-feature comparison” detection process, a pre-screening mechanism based on the type of operating system software package and function code size is added to exclude most irrelevant code before performing code representation. Secondly, the basic information of the function, the label sequence and the control flow path are selected to extract the code features, and the similarity between the fragile code and the code under test is compared step by step. Finally, experiments are conducted on typical open source operating systems with fragile samples obtained from the public vulnerability database. The results show that the pre-screening can effectively reduce the code size of the test subjects, and the average accuracy of the detection results reaches 84%. |
| first_indexed | 2024-12-22T06:57:27Z |
| format | Article |
| id | doaj.art-acb5bbf2ec15470f9a58bf9682a86f44 |
| institution | Directory Open Access Journal |
| issn | 1673-9418 |
| language | zho |
| last_indexed | 2024-12-22T06:57:27Z |
| publishDate | 2021-09-01 |
| publisher | Journal of Computer Engineering and Applications Beijing Co., Ltd., Science Press |
| record_format | Article |
| series | Jisuanji kexue yu tansuo |
| spelling | doaj.art-acb5bbf2ec15470f9a58bf9682a86f442022-12-21T18:34:54ZzhoJournal of Computer Engineering and Applications Beijing Co., Ltd., Science PressJisuanji kexue yu tansuo1673-94182021-09-011591619163110.3778/j.issn.1673-9418.2008083Operation System Vulnerabilities Analysis Based on Code Clone DetectionWANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong0College of Computer, National University of Defense Technology, Changsha 410073, ChinaSoftware vulnerability detection based on code clone detection technology is an important direction in the static analysis of software vulnerability. At present, the existing software vulnerability detection tools have deficie-ncies in the vulnerability detection for large-scale code sets, and lack of optimization for the vulnerability characte-ristics of the operating system. Therefore, based on the code clone detection technology, this paper proposes a method for detecting the vulnerability of the operating system. Firstly, on the basis of the general “code representation-extracting features-feature comparison” detection process, a pre-screening mechanism based on the type of operating system software package and function code size is added to exclude most irrelevant code before performing code representation. Secondly, the basic information of the function, the label sequence and the control flow path are selected to extract the code features, and the similarity between the fragile code and the code under test is compared step by step. Finally, experiments are conducted on typical open source operating systems with fragile samples obtained from the public vulnerability database. The results show that the pre-screening can effectively reduce the code size of the test subjects, and the average accuracy of the detection results reaches 84%.http://fcst.ceaj.org/CN/abstract/abstract2876.shtmlvulnerability detectioncode cloneoperating systemcode featurestatic analysis |
| spellingShingle | WANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong Operation System Vulnerabilities Analysis Based on Code Clone Detection Jisuanji kexue yu tansuo vulnerability detection code clone operating system code feature static analysis |
| title | Operation System Vulnerabilities Analysis Based on Code Clone Detection |
| title_full | Operation System Vulnerabilities Analysis Based on Code Clone Detection |
| title_fullStr | Operation System Vulnerabilities Analysis Based on Code Clone Detection |
| title_full_unstemmed | Operation System Vulnerabilities Analysis Based on Code Clone Detection |
| title_short | Operation System Vulnerabilities Analysis Based on Code Clone Detection |
| title_sort | operation system vulnerabilities analysis based on code clone detection |
| topic | vulnerability detection code clone operating system code feature static analysis |
| url | http://fcst.ceaj.org/CN/abstract/abstract2876.shtml |
| work_keys_str_mv | AT wangzherenyizhoukaiguanjianbotanyusong operationsystemvulnerabilitiesanalysisbasedoncodeclonedetection |