A Source Code Review Method for Discovering Security Flaws Efficiently
Authors
Cheng Zhou, Weiwei Li, Yong Li, Chen Wang
Corresponding Author
Cheng Zhou
Available Online November 2015.
- DOI
- 10.2991/icectt-15.2015.79How to use a DOI?
- Keywords
- sources codes, security flaws, code review, reference tree
- Abstract
Currently code review or white-box security detecting is widely used to parse the source codes and discover security vulnerabilities. In this paper we illustrate a more accurate code security review method based on the reference tree with security properties which made of all manipulable entries in source codes. This method in this paper can greatly reduce false positives and provides a better solution for automated secure reviewing on source codes by only checking the exploitable security flaws.
- Copyright
- © 2015, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Cheng Zhou AU - Weiwei Li AU - Yong Li AU - Chen Wang PY - 2015/11 DA - 2015/11 TI - A Source Code Review Method for Discovering Security Flaws Efficiently BT - Proceedings of the 2015 International Conference on Electromechanical Control Technology and Transportation PB - Atlantis Press SP - 414 EP - 419 SN - 2352-5401 UR - https://doi.org/10.2991/icectt-15.2015.79 DO - 10.2991/icectt-15.2015.79 ID - Zhou2015/11 ER -