METHOD AND SYSTEM FOR IDENTIFYING SECURITY VULNERABILITIES

Several data breaches are occurring in organizations due to insecure handling security-sensitive data. Conventional methods utilize static analysis tools and fail to capture all security vulnerabilities. The present disclosure identifies a security vulnerability by analyzing a source code. Initially...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Tupasamudre, Harshal, Lodha, Sachin Premsukh, Sahu, Monika, Vidhani, Kumar Mansukhlal
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Several data breaches are occurring in organizations due to insecure handling security-sensitive data. Conventional methods utilize static analysis tools and fail to capture all security vulnerabilities. The present disclosure identifies a security vulnerability by analyzing a source code. Initially, a System Dependence Graph (SDG) associated with the source code is received. Forward slicing is performed on the SDG and a plurality of forward function nodes are obtained. A plurality of security parameters associated with the security-sensitive variable are obtained. A backward slicing is performed based on a plurality of security parameters to obtain a plurality of backward function nodes. Further, a plurality of common function nodes is obtained from the plurality of forward and the backward function nodes and utilized to generate a plurality of enumerated paths. The enumerated paths are evaluated to obtain a plurality of feasible paths and are further analyzed to identify security vulnerability.