Table of Content

Open Access

ARTICLE

A Security Sensitive Function Mining Approach Based on Precondition Pattern Analysis

Zhongxu Yin1, *, Yiran Song2, Huiqin Chen3, Yan Cao4
1 State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, 450001, China.
2 Henan University of Animal Husbandry & Economy, Zhengzhou, 450046, China.
3 University of Michigan Transportation Research Institute, Michigan, 48109-2150, USA.
4 Zhengzhou University, Zhengzhou, 450001, China.
* Corresponding Author: Zhongxu Yin. Email: .

Computers, Materials & Continua 2020, 63(2), 1013-1029. https://doi.org/10.32604/cmc.2020.09345

Received 05 December 2019; Accepted 18 December 2019; Issue published 01 May 2020

Abstract

Security-sensitive functions are the basis for building a taint-style vulnerability model. Current approaches for extracting security-sensitive functions either don’t analyze data flow accurately, or not conducting pattern analyzing of conditions, resulting in higher false positive rate or false negative rate, which increased manual confirmation workload. In this paper, we propose a security sensitive function mining approach based on preconditon pattern analyzing. Firstly, we propose an enhanced system dependency graph analysis algorithm for precisely extracting the conditional statements which check the function parameters and conducting statistical analysis of the conditional statements for selecting candidate security sensitive functions of the target program. Then we adopt a precondition pattern mining method based on conditional statements nomalizing and clustering. Functions with fixed precondition patterns are regarded as security-sensitive functions. The experimental results on four popular open source codebases of different scales show that the approach proposed is effective in reducing the false positive rate and false negative rate for detecting security sensitive functions.

Keywords

Code mining, security sensitive function, function preconditions, singlelinkage clustering.

Cite This Article

Z. Yin, Y. Song, H. Chen and Y. Cao, "A security sensitive function mining approach based on precondition pattern analysis," Computers, Materials & Continua, vol. 63, no.2, pp. 1013–1029, 2020.



This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1171

    View

  • 923

    Download

  • 0

    Like

Share Link

WeChat scan