Lexical analysis in source code analysis

doi:10.7523/j.issn.2095-6134.2009.3.016

›› 2009, Vol. 26 ›› Issue (3): 408-414.DOI: 10.7523/j.issn.2095-6134.2009.3.016

• Research Articles • Previous Articles Next Articles

Lexical analysis in source code analysis

XIAO Feng^1,2, ZHANG Yu-Qing²

1. Key Lab of Computer Networks and Information Security of Ministry of Education, Xidian University, Xi'an 710071, China;
2. National Computer Network Intrusion Protection Center, Graduate University of the Chinese Academy of Sciences, Beijing 100049, China

Received:2008-06-28 Revised:2008-11-06 Online:2009-05-15

Abstract

Abstract:

Source code analysis means detecting and correcting the security vulnerabilities of these software in time during the coding stage, and lexical analysis is one of the important techniques in it. In this paper, we manage to detailedly analyze the implement process of lexical analysis, improve dangerous function database, optimize the method of features analysis,and particularly introduce Bayesian theory to the lexical analysis. In addition, a lexical analysis tool SSCAN is designed and implemented successfully, which is proved to have higher integrity and accuracy than mainstream open-source lexical analysis software Flawfinder and Rats by several tests.

Key words: source code analysis, lexical analysis, features analysis, Bayesian theory

CLC Number:

TP309

XIAO Feng, ZHANG Yu-Qing. Lexical analysis in source code analysis[J]. , 2009, 26(3): 408-414.

Lexical analysis in source code analysis

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 1

Recommended Articles

Metrics

Comments