CODE REPAIR USING ERROR-CHECKING MACROS AS SIGNALS OF VULNERABILITIES

CODE REPAIR USING ERROR-CHECKING MACROS AS SIGNALS OF VULNERABILITIES

A source code repair system detects a potential software vulnerability of a source code program of a codebase by utilizing error-checking macros as signals of the potential software vulnerability. A machine learning classifier identifies expressions used as an argument in an error-checking macro in...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: ZILOUCHIAN MOGHADDAM, ROSHANAK, SIVARAMAN, KALPATHY SITARAMAN, SUNDARESAN, NEELAKANTAN, CHAN, AARON YUEIU
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A source code repair system detects a potential software vulnerability of a source code program of a codebase by utilizing error-checking macros as signals of the potential software vulnerability. A machine learning classifier identifies expressions used as an argument in an error-checking macro in a software program to be a potential software vulnerability. Upon the classifier model classifying an expression as a potential software vulnerability, the system searches for other uses of the expression in the codebase. The prevalence of an expression in the codebase and the frequency of the methods containing the expression are used to filter out false positives.