Software application unauthorized risk detection method, electronic equipment and storage medium

Software application unauthorized risk detection method, electronic equipment and storage medium

One or more embodiments of the present specification provide a software application unauthorized risk detection method, an electronic device and a storage medium, which can comprehensively and accurately detect logical vulnerabilities of unauthorized behavior classes. The method comprises steps of o...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CHEN MIAO, WANG SENMIAO, LI WENMIN, QIN SUJUAN, ZENG XINGYU, TU TENGFEI, ZHANG HUA, WANG HUAWEI, ZHAO CHUNHUI, WEN QIAOYAN, SHI YIJIE, CUI DONG, GAO FEI, QIN JIAWEI
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:One or more embodiments of the present specification provide a software application unauthorized risk detection method, an electronic device and a storage medium, which can comprehensively and accurately detect logical vulnerabilities of unauthorized behavior classes. The method comprises steps of obtaining and analyzing a source code of a to-be-detected software program, determining an authorityverification related code and an action range, and generating an authority range mapping table; according to the authority range mapping table, authority verification logic instrumentation being carried out on the source code, an instrumentation intermediate representation code being generated, and a corresponding information flow graph being determined; and performing unauthorized risk path detection by using the information flow graph, and determining an unauthorized risk path. The electronic device includes a memory, a processor, and a computer program stored on the memory and operable on the processor to implement