Tags:machine learning, software and application security, software security engineering and source code vulnerability
Abstract:
Source code became one of the backbones for business and personal processes, with significant growth rate. As applications are one of the most used attack surfaces against individuals and organizations from all sectors, their intrinsic vulnerability arising from the supporting source code must be reduced by design. Currently there are technology providers and open communities which provide Static Analysis Security Testing (SAST) solutions, able to detect vulnerabilities in code written in the most used programming languages and development frameworks. The proposed method consists of a security scanning solution based on an Intermediate Representation of source code which is loosely coupled with the programming language structure and to the data flow, preserving at the same time the security vulnerability patterns. The ability to identify vulnerable source code snippets in the Intermediate Representation of the original source code, is core idea for this research project. Using loosely coupled control flows and data flows representations of the original source code enables the development of new security scanners, which can in the future evaluate applications written in new and exotic languages.
Source code vulnerabilities detection using loosely coupled data and control flows