• DocumentCode
    2105538
  • Title

    A comparative study on software vulnerability static analysis techniques and tools

  • Author

    Li, Peng ; Cui, Baojiang

  • Author_Institution
    Inst. of Electr. & Inf. Eng., Beijing Inst. of Civil Eng. & Archit., Beijing, China
  • fYear
    2010
  • fDate
    17-19 Dec. 2010
  • Firstpage
    521
  • Lastpage
    524
  • Abstract
    Using static analysis tools can detect software vulnerabilities, which is important for improving the security of software. Static analysis technology has developed rapidly, but the comparison and evaluation of static analysis techniques and tools are not much. This paper focuses on software vulnerability static analysis techniques and tools. First we discuss the commonly-used static analysis techniques and tools, and compare these tools in a technical perspective, and then we analyze the characteristics of these tools through the experiment, finally, combining dynamic analysis, we propose an efficient software vulnerability detection method.
  • Keywords
    program diagnostics; security of data; software reliability; software tools; dynamic analysis; software security; software vulnerability detection; software vulnerability static analysis; static analysis tool; Analytical models; Databases; Java; Security; Semantics; Software; Testing; Software Security; Static Analysis; Static Analysis Tools; Vulnerability;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on
  • Conference_Location
    Beijing
  • Print_ISBN
    978-1-4244-6942-0
  • Type

    conf

  • DOI
    10.1109/ICITIS.2010.5689543
  • Filename
    5689543
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2105538