Static code analysis with parse tree
The project focuses on developing a static code analyser which processes source code into relational graphs and analyse relationships between entities of the source code to discover potential vulnerabilities. By analysing patch files, the analyser can serve as an automated tool in assisting the disc...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/74021 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | The project focuses on developing a static code analyser which processes source code into relational graphs and analyse relationships between entities of the source code to discover potential vulnerabilities. By analysing patch files, the analyser can serve as an automated tool in assisting the discovery of vulnerabilities. Because of changes in open-sourced libraries that are frequently integrated into enterprises’ software, the analyser can inform developers when their usages of the libraries might become broken due to the patches. In the future, machine learning can be integrated into the project, allowing the analyser to categorise threat levels accruing to certain parts of the source code that are affected by changes. This will allow developers to focus on their core products, rather than being slowed down by the miscellaneous task of tracking changes in the libraries they are using to ensure the security of their products. |
|---|