A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects
Software security defects have a serious impact on the software quality and reliability. It is a major hidden danger for the operation of a system that a software system has some security flaws. When the scale of the software increases, its vulnerability has becoming much more difficult to find out....
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi Limited
2014-01-01
|
| Series: | The Scientific World Journal |
| Online Access: | http://dx.doi.org/10.1155/2014/463912 |
| id |
doaj-981e2251b78a4ffeb5d62dd5239f928a |
|---|---|
| record_format |
Article |
| spelling |
doaj-981e2251b78a4ffeb5d62dd5239f928a2020-11-25T00:40:29ZengHindawi LimitedThe Scientific World Journal2356-61401537-744X2014-01-01201410.1155/2014/463912463912A Coverage and Slicing Dependencies Analysis for Seeking Software Security DefectsHui He0Dongyan Zhang1Min Liu2Weizhe Zhang3Dongmin Gao4School of Computer Science and Technology, Harbin Institute of Technology, Harbin 150001, ChinaDepartment of Computer Science and Technology, University of Science and Technology Beijing, Beijing, ChinaSchool of Computer Science and Technology, Harbin Institute of Technology, Harbin 150001, ChinaSchool of Computer Science and Technology, Harbin Institute of Technology, Harbin 150001, ChinaSchool of Computer Science and Technology, Harbin Institute of Technology, Harbin 150001, ChinaSoftware security defects have a serious impact on the software quality and reliability. It is a major hidden danger for the operation of a system that a software system has some security flaws. When the scale of the software increases, its vulnerability has becoming much more difficult to find out. Once these vulnerabilities are exploited, it may lead to great loss. In this situation, the concept of Software Assurance is carried out by some experts. And the automated fault localization technique is a part of the research of Software Assurance. Currently, automated fault localization method includes coverage based fault localization (CBFL) and program slicing. Both of the methods have their own location advantages and defects. In this paper, we have put forward a new method, named Reverse Data Dependence Analysis Model, which integrates the two methods by analyzing the program structure. On this basis, we finally proposed a new automated fault localization method. This method not only is automation lossless but also changes the basic location unit into single sentence, which makes the location effect more accurate. Through several experiments, we proved that our method is more effective. Furthermore, we analyzed the effectiveness among these existing methods and different faults.http://dx.doi.org/10.1155/2014/463912 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Hui He Dongyan Zhang Min Liu Weizhe Zhang Dongmin Gao |
| spellingShingle |
Hui He Dongyan Zhang Min Liu Weizhe Zhang Dongmin Gao A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects The Scientific World Journal |
| author_facet |
Hui He Dongyan Zhang Min Liu Weizhe Zhang Dongmin Gao |
| author_sort |
Hui He |
| title |
A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects |
| title_short |
A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects |
| title_full |
A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects |
| title_fullStr |
A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects |
| title_full_unstemmed |
A Coverage and Slicing Dependencies Analysis for Seeking Software Security Defects |
| title_sort |
coverage and slicing dependencies analysis for seeking software security defects |
| publisher |
Hindawi Limited |
| series |
The Scientific World Journal |
| issn |
2356-6140 1537-744X |
| publishDate |
2014-01-01 |
| description |
Software security defects have a serious impact on the software quality and reliability. It is a major hidden danger for the operation of a system that a software system has some security flaws. When the scale of the software increases, its vulnerability has becoming much more difficult to find out. Once these vulnerabilities are exploited, it may lead to great loss. In this situation, the concept of Software Assurance is carried out by some experts. And the automated fault localization technique is a part of the research of Software Assurance. Currently, automated fault localization method includes coverage based fault localization (CBFL) and program slicing. Both of the methods have their own location advantages and defects. In this paper, we have put forward a new method, named Reverse Data Dependence Analysis Model, which integrates the two methods by analyzing the program structure. On this basis, we finally proposed a new automated fault localization method. This method not only is automation lossless but also changes the basic location unit into single sentence, which makes the location effect more accurate. Through several experiments, we proved that our method is more effective. Furthermore, we analyzed the effectiveness among these existing methods and different faults. |
| url |
http://dx.doi.org/10.1155/2014/463912 |
| work_keys_str_mv |
AT huihe acoverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT dongyanzhang acoverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT minliu acoverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT weizhezhang acoverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT dongmingao acoverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT huihe coverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT dongyanzhang coverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT minliu coverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT weizhezhang coverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects AT dongmingao coverageandslicingdependenciesanalysisforseekingsoftwaresecuritydefects |
| _version_ |
1725289844554334208 |