A Hybrid Approach to Detecting Security Defects in Programs

  title={A Hybrid Approach to Detecting Security Defects in Programs},
  author={Lian Yu and Jun Zhou and Yue Yi and Jianchu Fan and Qianxiang Wang},
  journal={2009 Ninth International Conference on Quality Software},
Static analysis works well at checking defects that clearly map to source code constructs. Model checking can find defects of deadlocks and routing loops that are not easily detected by static analysis, but faces the problem of state explosion. This paper proposes a hybrid approach to detecting security defects in programs. Fuzzy Inference System is used to infer selection among the two detection approaches. A cluster algorithm is developed to divide a large system into several clusters in… CONTINUE READING