Computer Science ›› 2019, Vol. 46 ›› Issue (7): 126-132.doi: 10.11896/j.issn.1002-137X.2019.07.020
• Software & Database Technology • Previous Articles Next Articles
LIU Qiang1,2,KUANG Xiao-hui1,3,CHEN Hua1,LI Xiang1,LI Guang-ke3
CLC Number:
[1]WU S Z,GUO T,DONG G W,et al.Software vulnerability analyses:A road map .Journal of Tsinghua University (Science and Technology),2012,52(10):1309-1319.(in Chinese) 吴世忠,郭涛,董国伟,等.软件漏洞分析技术进展[J].清华大学学报(自然科学版),2012,52(10):1309-1319. [2]WIJAYASEKARA D,MANIC M,WRIGHT J,et al.Mining bug databases for unidentified software vulnerabilities[C]∥2012 5th International Conference on Human System Interactions (HSI).IEEE,2012. [3]NEUHAUS S,ZIMMERMANN T,HOLLER C,et al.Predicting vulnerable software components[C]∥Proceedings of the 14th ACM Conference on Computer and Communications Security.ACM,2007. [4]WEISER M.Program slicing∥Proceedings of the 5th International Conference on Software Engineering.IEEE Press,1981:439-449. [5]KOREL B,LASKI J.Dynamic program slicing.Information processing letters,1988,29(3):155-163. [6]GALLAGHER K B,LYLE J R.Using program slicing in software maintenance.IEEE Transactions on Software Enginee-ring,1991,17(8):751-761. [7]HIERONS R,HARMAN M,DANICIC S.Using program sli- cing to assist in the detection of equivalent mutants.Software Testing Verification and Reliability,1999,9(4):233-262. [8]VENKATESH G A.The semantic approach to program slicing∥ACM SIGPLAN Notices.ACM,1991,26(6):107-119. [9]FIELD J,RAMALINGAM G,TIP F.Parametric program sli- cing∥Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages.ACM,1995:379-392. [10]CANFORA G,CIMITILE A,DE LUCIA A.Conditioned program slicing.Information and Software Technology,1998,40(11-12):595-607. [11]AGRAWAL H,DEMILLO R A,SPAFFORD E H.Debugging with dynamic slicing and backtracking.Software:Practice and Experience,1993,23(6):589-616. [12]OTTENSTEIN K J,OTTENSTEIN L M.The program depen- dence graph in a software development environment∥ACM Sigplan Notices.ACM,1984,19(5):177-184. [13]DANICIC S,HARMAN M,SIVAGURUNATHAN Y.A parallel algorithm for static program slicing.Information Proces-sing Letters,1995,56(6):307-313. [14]BERGERETTI J F,CARR B A.Information-flow and data-flow analysis of while-programs.ACM Transactions on Programming Languages and Systems (TOPLAS),1985,7(1):37-61. [15]ZHANG X J.Program slicing technology research and slicing scheme design .Chengdu:University of Electronic Science and Technology,2017.(in Chinese) 张新杰.程序切片技术研究及切片方案设计.成都:电子科技大学,2017. [16]XU B,QIAN J,ZHANG X,et al.A brief survey of program slicing.ACM SIGSOFT Software Engineering Notes,2005,30(2):1-36. [17]TIP F.A survey of program slicing techniques.Centrum voor Wiskunde en Informatica,1994. [18]李必信.程序切片技术及其应用.北京:科学出版社,2006. [19]Wisconsin Program-Slicing Project.The Wisconsin Program-Slicing Tool,Version 1.0.1[OL].http://www.cs.wisc.edu/wpis/slicing_tool. [20]BALAKRISHNAN G,GRUIAN R,REPS T,et al.CodeSurfer/x86-A platform for analyzing x86 executables∥International Conference on Compiler Construction.Springer,Berlin,Heidelberg,2005:250-254. [21]CUOQ P,KIRCHNER F,KOSMATOV N,et al.Framac∥International Conference on Software Engineering and Formal Methods.Springer,Berlin,Heidelberg,2012:233-247. [22]SCHWARTZ-NARBONNE D,OH C,SCHF M,et al.VERMEER:A tool for tracing and explaining faulty C programs∥2015 IEEE/ACM 37th IEEE International Conference on Software Engineering (ICSE).IEEE,2015:737-740. [23]ALOMARI H W,COLLARD M L,MALETIC J I,et al.srcSlice:very efficient and scalable forward static slicing.Journal of Software:Evolution and Process,2014,26(11):931-961. [24]NEWMAN C D,SAGE T,COLLARD M L,et al.srcSlice:a tool for efficient static forward slicing∥IEEE/ACM Internatio-nal Conference on Software Engineering Companion (ICSE-C).IEEE,2016:621-624. [25]LI R Q,ZENG G B.Slice Abstract Extraction in Program Source Code and Its Application in Search.Information Technology & Network Security,2018,37(3):122-125.(in Chinese) 李润青,曾国荪.程序源代码中的切片摘要提取及在搜索中的应用.信息技术与网络安全,2018,37(3):122-125. [26]FENG Q,WANG M,ZHANG M,et al.Extracting conditional formulas for cross-platform bug search[C]∥ASIACCS.2017. [27]YAMAGUCHI F,FELIX L,KONRAD R.Vulnerability extra- polation:Assisted discovery of vulnerabilities using machine learning[C]∥Proceedings of the 5th USENIX Conference on Offensive Technologies.USENIX Association,2011. [28]YAMAGUCHI F,MARKUS L,KONRAD R.Generalized vulnerability extrapolation using abstract syntax trees[C]∥Proceedings of the 28th Annual Computer Security Applications Conference.ACM,2012. [29]YAMAGUCHI F,et al.Chucky:exposing missing checks in source code for vulnerability discovery[C]∥Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security.ACM,2013. [30]YAMAGUCHI F,MAIER A,GASCON H,et al.Automatic inference of search patterns for taint-style vulnerabilities∥2015 IEEE Symposium on Security and Privacy (SP).IEEE,2015:797-812. [31]XU X,LIU C,FENG Q,et al.Neural Network-based Graph Embedding for Cross-Platform Binary Code Similarity Detection∥Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security.ACM,2017:363-376. [32]GAN S T,QIN X J,CHEN Z N,et al.Software vulnerability code clone detection method based on characteristic metrics[J].Journal of Software,2015,26(2):348-363 (in Chinese). 甘水滔,秦晓军,陈左宁,等.一种基于特征矩阵的软件脆弱性代码克隆检测方法.软件学报,2015,26(2):348-363. [33]https://samate.nist.gov/SRD/testsuites/juliet/Juliet_Test_Sui-te_v1.3_for_C_Cpp.zip. |
[1] | ZHU Rui-chao,QIAN Wen-hua,PU Yuan-yuan, XU Dan. Texture Synthesis Based on Self-similarity Matching [J]. Computer Science, 2018, 45(6A): 215-219. |
[2] | KUANG Xiao-hui, LI Jin and ZHAO Gang. Multilayer Topology Structural Vulnerability Analysis Algorithm for Large-scale Distributed System [J]. Computer Science, 2016, 43(8): 26-29. |
[3] | JIANG Wei-wei, LIU Guang-jie and DAI Yue-wei. Design of Modbus TCP Industrial Control Network Protocol Abnormal Data Detection Rules Based on Snort [J]. Computer Science, 2015, 42(11): 212-216. |
[4] | YANG Chao,LIU Wen-qing,ZHANG Wei and CHEN Yun-fang. Utilization Pattern Based Android Root Vulnerability Analysis [J]. Computer Science, 2014, 41(Z6): 343-346. |
[5] | ZHANG Ying-chun and WANG Shu-liang. Critical Components Identification of Power Infrastructure Systems Based on Complex Network Theory [J]. Computer Science, 2014, 41(5): 275-279. |
[6] | . Research on Vulnerability Analysis Framework for Large-scale Distributed System [J]. Computer Science, 2012, 39(6): 58-60. |
[7] | WANG Tong-Tong, HAN Wen-Bao, WANG Hang (University of Information Engineering, Zhengzhou 450002). [J]. Computer Science, 2007, 34(9): 287-289. |
|