Premium
Detection of security vulnerabilities in C language applications
Author(s) -
Boudjema El Habib,
Faure Christèle,
Sassolas Mathieu,
Mokdad Lynda
Publication year - 2017
Publication title -
security and privacy
Language(s) - English
Resource type - Journals
ISSN - 2475-6725
DOI - 10.1002/spy2.8
Subject(s) - programmer , computer science , computer security , secure coding , adversary , code (set theory) , task (project management) , security bug , variety (cybernetics) , static analysis , process (computing) , software security assurance , information security , programming language , security service , engineering , set (abstract data type) , systems engineering , artificial intelligence
Security of computer systems is central in our digitalized world. Security of businesses, persons, and even governments is facing a growing threat from a wide variety of attackers. Eliminating vulnerabilities from application's code is necessary to prevent attacks. The first step toward eliminating security vulnerabilities is their detection, which can be an arduous task in large size programs. Static analysis of the code helps to automate this process, by guiding the programmer toward the potential vulnerabilities before they are discovered by an adversary. We investigate in this paper vulnerabilities that arise in C code through the calling of library functions. We define criteria to detect dangerous use of these functions, and show that the evaluation of a static analyzer implementing the proposed detection model yields a low false‐positive rate.