Spectrum-based Security Bug Localization by Analyzing Error Propagation

Software security bug is one of the key threats to the security of software systems. Isolating security bugs that may be potential security bugs is important. We formalize a program error propagation based model (PEP), which used to be applied to locate integer bug and our contribution are as follows: We formulate a theory model based on the mechanism of how the security bug triggers the program error propagation and propose a security bug localization approach by applying spectrum-based fault-localization (SFL) technique, a novel method to locate software fault to alleviate false negative and false positive problem. Our experimental results show that：1)Our model is more effective than present ones to locate nearly 97% integer bug and buffer overflow which are the main security bugs by examining 50% codes on average; 2) Compared with the traditional techniques, SFL can find 100% of integer bugs and buffer overflow so it is a promising, technology roadmap to reduce false negative and false positive for locating security bugs.