Java program static analysis method based on control flow analysis and data flow analysis

A technology of data flow analysis and static analysis, applied in the field of detection and analysis, can solve problems affecting the accuracy of analysis results, false positives, false negatives, etc., and achieve the effects of improving integrity and accuracy, fast execution speed, and strong scalability

Active Publication Date: 2016-05-25
XIDIAN UNIV
View PDF3 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this kind of static analysis has certain limitations. It only speculates on possible problems in the results of program operation during the analysis, and false positives or false positives may occur, which will affect the accuracy of the analysis results.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Java program static analysis method based on control flow analysis and data flow analysis
  • Java program static analysis method based on control flow analysis and data flow analysis
  • Java program static analysis method based on control flow analysis and data flow analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The present invention will be further described below in conjunction with the accompanying drawings.

[0050] refer to figure 1 , the realization steps of the present invention are as follows:

[0051]Step 1, convert Java language into Jimple language.

[0052] Currently, there are many intermediate representation forms of the Java language, including: Baf, Shimple, Grimp, and Jimple. Among them, the Jimple language is the intermediate representation form closest to the Java bytecode. This example uses Soot, the only intermediate language conversion tool currently, to convert The Java source code is converted into the representation form of the Jimple language, and then based on the splitting of the data rules of the Jimple language, and according to the execution logic of the program, an abstract syntax tree is established to generate a control flow graph.

[0053] Step 2, the Java program analysis problem is abstracted into an inter-procedural distributed subset pro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a Java program static analysis method based on control flow analysis and data flow analysis, so as to mainly solve the problem of a low analysis accuracy rate of the conventional static analysis method. The implementation steps of the method are as follows: 1. transforming a Java source program into an intermediate expression form of a Jimple language; 2. abstracting a Java program static analysis problem into an interprocedural distributive subset IFDS problem; 3. defining an interface class of a solver of the interprocedural distributive subset IFDS problem; 4. by means of a data flow functional function FlowFunctions<N,D,M> in a solver class interface, setting a data flow analysis rule; and 5. running the interprocedural distributive subset IFDS problem, and performing data flow analysis on the basis of a control flow graph, so as to obtain an analysis result. The method disclosed by the present invention improves integrity and accuracy of static analysis, and the method is high in analysis efficiency and strong in extensibility and can be used for performing analysis on programs in a relatively large system scale.

Description

technical field [0001] The invention relates to the field of computer security, and further relates to a detection and analysis method, which can be used for static detection of programs in the Java language environment and realizes the analysis of Java programs. Background technique [0002] Java language, as a representative language of software development, occupies a major share of the market with its unique advantages. The Java language is an object-oriented programming language developed by SUN Corporation of the United States. It has better versatility, efficiency, cross-platform and security than C and C++ languages. Developers using the Java language can greatly improve the efficiency of software development, but at the same time, with the gradual increase in the size and complexity of software program codes, the detection of program codes will become more and more difficult, which also makes people search The vulnerability process faces greater challenges. [000...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
CPCG06F11/3688
Inventor 王旭杨超孙聪马建峰纪倩张邦元金方圆张鹏
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap