Data driven vulnerability detection method based on semantics analysis

With the maturitg of computer technology and the application of Internet in different fields,information security is becoming more and more important.Different kinds of software vulnerability may be used by computer viruses and Trojan horses to cause different kinds of problems.Data-driven vulnerability is one of the most common and most likely to be used vulnerabilities in all of the vulnerabilities.However,the static detection now is not thorough and still has some flaws.This paper proposes a static detection algorithm based on semantic analysis to detect data-driven vulnerability.The algorithm defines lexical elements and syntax elements,and implements the detection of the semantic level for the vulnerability based on the analysis of lexical elements and syntax elements.Compared to the traditional static detection which uses the principles of a compiler,the new static detection makes a more accurate detection for data-driven vulnerability.In the end,a static detection system is designed and implemented,and is proved valid by experiment.