Code based software security vulnerability analyzing and detecting based on similar characteristic

Through comprehensive analysis of software security vulnerability, a novel vulnerability detecting method based on similar characteristic is proposed in this paper. The method aims at C Code security detection. Based on Case-based Reasoning technology, the method performs similarity matching between security characteristic of source code and the characteristic of known security vulnerabilities, and calculates the similarity to determine if the code has security vulnerabilities. The experiments demonstrate that the presented method can effectively improve the veracity and efficiency of vulnerability detection. And it solves the problems that current detecting methods based on rule-matching cannot rapidly and accurately handle the large-scale legacy software and structure-complicated software. Furthermore, the definition and selection of threshold also improves the adaptability and agility of detecting method.