Static analysis technology is used to find programming errors before run time. Unlike dynamic analysis technique which looks at the application state while it is being executed, static analysis technique does not require the application to be executed. In this paper, we classify security vulnerability patterns in source code and design a model to express various security vulnerability patterns by making use of pushdown automata. On the basis of the model, it is possible to find a security vulnerability by making use of Abstract Syntax Tree (AST) based pattern matching technique in parsing level.-© Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Kang, H., Kim, K., Hong, S., & Lee, D. H. (2006). A model for security vulnerability pattern. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3982 LNCS, pp. 385–394). Springer Verlag. https://doi.org/10.1007/11751595_42
Mendeley helps you to discover research relevant for your work.