Security issues can be leveraged when input parameters are not checked. These missing checks can lead an application to an unexpected state where an attacker can get access to assets. The tool Chucky-ng aims at detecting such missing checks in source code. Such source codes are the only input required for ChuckyJava. Since it is sensible to the identifier names used in these source codes, we want to normalize them in order to improve its efficiency. To achieve this, we propose an algorithm which works in four steps. It renames constant, parameter, variable and method names. We evaluate the impact of this renaming on two different experiments. Since our results are concluding, we show the benefits of using our tool. Moreover, we suggest another new way to improve Chucky-ng.
CITATION STYLE
Ouairy, L., Le-Bouder, H., & Lanet, J. L. (2019). Normalization of java source codes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11359 LNCS, pp. 29–40). Springer Verlag. https://doi.org/10.1007/978-3-030-12942-2_4
Mendeley helps you to discover research relevant for your work.