A Security Sensitive Function Mining Approach Based on Precondition Pattern Analysis

摘要

Security-sensitive functions are the basis for building a taint-style vulnerability model.Current approaches for extracting security-sensitive functions either don’t analyze data flow accurately,or not conducting pattern analyzing of conditions,resulting in higher false positive rate or false negative rate,which increased manual confirmation workload.In this paper,we propose a security sensitive function mining approach based on preconditon pattern analyzing.Firstly,we propose an enhanced system dependency graph analysis algorithm for precisely extracting the conditional statements which check the function parameters and conducting statistical analysis of the conditional statements for selecting candidate security sensitive functions of the target program.Then we adopt a precondition pattern mining method based on conditional statements nomalizing and clustering.Functions with fixed precondition patterns are regarded as security-sensitive functions.The experimental results on four popular open source codebases of different scales show that the approach proposed is effective in reducing the false positive rate and false negative rate for detecting security sensitive functions.