###
Journal of Software:2015.26(2):348-363

一种基于特征矩阵的软件脆弱性代码克隆检测方法
甘水滔,秦晓军,陈左宁,王林章
(数学工程与先进计算国家重点实验室无锡江南计算技术研究所, 江苏 无锡 214083;计算机软件新技术国家重点实验室南京大学, 江苏 南京 210023)
Software Vulnerability Code Clone Detection Method Based on Characteristic Metrics
GAN Shui-Tao,QIN Xiao-Jun,CHEN Zuo-Ning,WANG Lin-Zhang
(State Key Laboratory of Mathematical Engineering and Advanced Computing Jiangnan Institute of Computing Technique, Wuxi 214083, China;State Key Laboratory for Novel Software Technology Nanjing University, Nanjing 210023, China)
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 3750   Download 3258
Received:July 09, 2014    Revised:October 31, 2014
> 中文摘要: 提出了一种基于特征矩阵的软件代码克隆检测方法.在此基础上,实现了针对多类脆弱性的检测模型.基于对脆弱代码的语法和语义特征分析,从语法分析树抽取特定的关键节点类型描述不同的脆弱性类型,将4种基本克隆类型细化拓展到更多类,通过遍历代码片段对应的语法分析树中关键节点的数量,构造对应的特征矩阵.从公开漏洞数据库中抽取部分实例作为基本知识库,通过对代码进行基于多种克隆类型的聚类计算,达到了从被测软件代码中检测脆弱代码的目的.与基于单一特征向量的检测方法相比,对脆弱性特征的描述更加精确,更具有针对性,并且弥补了形式化检测方法在脆弱性类型覆盖能力上的不足.在对android-kernel代码的测试中发现了9个脆弱性.对不同规模软件代码的测试结果表明,该方法的时间开销和被测代码规模成线性关系.
Abstract:This article proposes a clone detection method based on a program characteristic metrics. Though analyzing the syntax and semantic characteristics of vulnerabilities, this detection method abstracts certain key nodes which describe different forms of vulnerability type from syntax parser tree, and expands four basic types of code clone to auxiliary classes. The characteristic metrics of the code then is finalized by obtaining the number of key nodes which are calculated via scanning corresponding code segment in the syntax parser tree. The clone detection based on a characteristic metrics creates basic knowledge base by extracting partial instances of open vulnerability database, and precisely locates the vulnerability codes by performing cluster calculation on the same codes responding to multiple types of code clone. Comparing with the detection method based on single characteristic vector, the proposed method produces more precise description about vulnerability. This detection method also offers a remedy to the drawbacks of formal detection method on its vulnerability type covering ability. Nine vulnerabilities are detected in an android-kernel system test. Testing on software of different code sizes shows that the performance of this method is linear with the size of the code.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(91318301, 61170066, 6147179) 国家自然科学基金(91318301, 61170066, 6147179)
Foundation items:
Reference text:

甘水滔,秦晓军,陈左宁,王林章.一种基于特征矩阵的软件脆弱性代码克隆检测方法.软件学报,2015,26(2):348-363

GAN Shui-Tao,QIN Xiao-Jun,CHEN Zuo-Ning,WANG Lin-Zhang.Software Vulnerability Code Clone Detection Method Based on Characteristic Metrics.Journal of Software,2015,26(2):348-363