A scalable and accurate hybrid vulnerability analysis framework

Software security assurance is an important process in software development that protects the sensitive data and resources contained in and controlled by the software. Addressing security vulnerabilities at an early phase could decrease the cost of addressing them in later stages by two orders of magnitude. In order to detect vulnerabilities in Web services and Web applications in a scalable and accurate manner, we aim at developing a hybrid vulnerability analysis framework which combines program analysis, symbolic execution and machine learning. We use program analysis to identify potential vulnerable execution branches within the source code for the purpose of guiding the symbolic execution along the potentially vulnerable execution paths. We also propose scalable constraint solving techniques for vulnerability analysis. To further enhance scalability and accuracy, we also apply machine learning by incorporating predictors for identifying potentially vulnerable paths of the program based on known vulnerable cases.