Stacy-static code analysis for enhanced vulnerability detection

Pankaj Lathar; Raunak Shah; Srinivasa K G

doi:10.1080/23311916.2017.1335470

Cogent Engineering (Jan 2017)

Stacy-static code analysis for enhanced vulnerability detection

Pankaj Lathar,
Raunak Shah,
Srinivasa K G

Affiliations

Pankaj Lathar: CBP Government Engineering College
Raunak Shah: M.S. Ramaiah Institute of Technology
Srinivasa K G: CBP Government Engineering College

DOI: https://doi.org/10.1080/23311916.2017.1335470
Journal volume & issue: Vol. 4, no. 1

Abstract

Read online

Computer program analysis refers to the automatic analysis of the behavior of a user defined program. An application of program analysis is to determine the quality of source code. Humans are prone to errors and, in most cases, the penalty of deploying low quality code is very high for a large organization. These errors often give rise to potential security vulnerabilities in an application, which could be exploited by malicious users. In this paper, we present Stacy—a tool that statically detects potential security vulnerabilities present in input source code. Static program analysis is the examination of source code prior to its execution. Our tool attempts to predict the behavior of a program before it is deployed. Stacy uses novel techniques to detect the primary sources of vulnerability in the source code of a program and informs the developer.

Published in Cogent Engineering

ISSN: 2331-1916 (Online)
Publisher: Taylor & Francis Group
Country of publisher: United Kingdom
LCC subjects: Technology: Engineering (General). Civil engineering (General)
Website: https://www.tandfonline.com/journals/oaen

About the journal

Abstract

Keywords