Static Analysis of Java Source Code to Generate Security-Relevant Behavior Model Based on Extended Pushdown Automaton

2009 ◽  
Author(s):  
Xudong Zheng ◽  
Jinglei Ren ◽  
Xiaojuan Zheng ◽  
Yonglong Wei ◽  
Chen Sun
Keyword(s):  
Static Analysis ◽  
Source Code ◽  
Behavior Model ◽  
Pushdown Automaton ◽  
Model Based

Is Static Analysis Able to Identify Unnecessary Source Code?

2020 ◽  
Vol 29 (1) ◽  
pp. 1-23
Author(s):  
Roman Haas ◽  
Rainer Niedermayr ◽  
Tobias Roehm ◽  
Sven Apel
Keyword(s):  
Static Analysis ◽  
Source Code

scholarly journals Consumer Behavior Model Based on Integration of Food Safety and Health Consciousness in Padang City

2021 ◽  
Vol 13 (1) ◽  
pp. 212-216
Author(s):  
Skunda Diliarosta ◽  
Arief Muttaqiin ◽  
Rehani Ramadhani
Keyword(s):  
Consumer Behavior ◽  
Food Safety ◽  
Behavior Model ◽  
Model Based ◽  
Health Consciousness ◽  
Safety And Health

scholarly journals Means of integrating static source security analysis technology into the software development environment

2020 ◽  
Author(s):  
N. V. Goryuk ◽  
Keyword(s):  
Software Development ◽  
Static Analysis ◽  
Software Security ◽  
Source Code ◽  
Security Analysis ◽  
Development Environment ◽  
Static Source ◽  
Software Development Environment ◽  
Further Development ◽  
Code Development

The article investigates automation methods and means of integration of static source security analysis technology. The process of software security analysis, which is implemented by the technology of static analysis of the source code, is studied, and the methods of solving the problem of automation and integration of the technology into the source code development environment are offered. The perspective direction of further development of the technology of static analysis of the source code is established.

scholarly journals Evaluation of SQL Injection Vulnerability Detection Tools

2019 ◽  
Vol 9 (1) ◽  
pp. 1747-1751
Keyword(s):  
Static Analysis ◽  
Web Applications ◽  
Source Code ◽  
False Negative ◽  
Vulnerability Detection ◽  
Sql Injection ◽  
User Input ◽  
Root Cause ◽  
Analysis Tools ◽  
Free Open Source

SQL injection vulnerabilities have been predominant on database-driven web applications since almost one decade. Exploiting such vulnerabilities enables attackers to gain unauthorized access to the back-end databases by altering the original SQL statements through manipulating user input. Testing web applications for identifying SQL injection vulnerabilities before deployment is essential to get rid of them. However, checking such vulnerabilities by hand is very tedious, difficult, and time-consuming. Web vulnerability static analysis tools are software tools for automatically identifying the root cause of SQL injection vulnerabilities in web applications source code. In this paper, we test and evaluate three free/open source static analysis tools using eight web applications with numerous known vulnerabilities, primarily for false negative rates. The evaluation results were compared and analysed, and they indicate a need to improve the tools.

Sign in / Sign up

Export Citation Format

Share Document