CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12714 > Article
Paper
26 June 2023 Optimize value-flow analysis based static vulnerability detection by solver rating
Luohui Chen, Yong Tang, Min Zhou, Shuning Wei, Wenchuan Sun
Author Affiliations +
Proceedings Volume 12714, International Conference on Computer Network Security and Software Engineering (CNSSE 2023); 127140K (2023) https://doi.org/10.1117/12.2683173
Event: Third International Conference on Computer Network Security and Software Engineering (CNSSE 2023), 2023, Sanya, China
Abstract
Program static analysis is of great value of source code software vulnerability detection, but it is often limited by scalability bottlenecks. Constraint solvers are inefficient due to complex program dependencies on millions of lines of program source code. A single solver is difficult to get the balance between the accuracy and the time cost. This paper discusses the program dependence and constraint solving of static value-flow analysis, and specifically implements a solver rating system based on static taint analysis, which selects the most efficient solver for program dependence of critical path to reduce the false-positives and time cost of static vulnerability detection. Through testing for Juliet test sets and several real-world projects, we found that the overall performance of the system was better than other single SMT solvers or default scheduling strategies.
© (2023) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Luohui Chen, Yong Tang, Min Zhou, Shuning Wei, and Wenchuan Sun "Optimize value-flow analysis based static vulnerability detection by solver rating", Proc. SPIE 12714, International Conference on Computer Network Security and Software Engineering (CNSSE 2023), 127140K (26 June 2023); https://doi.org/10.1117/12.2683173
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 7 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Analytical research
Data storage
Feature extraction
Information security
Machine learning
Security technologies
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top