Programming Logic Modeling and Cross-Program Defect Detection Method for Object-Oriented Code

摘要

Code defects can lead to software vulnerability and even produce vulnerability risks. Existing research shows that the code detection technology with text analysis can judge whether object-oriented code files are defective to some extent. However, these detection techniques are mainly based on text features and have weak detection capabilities across programs. Compared with the uncertainty of the code and text caused by the developer's personalization, the programming language has a stricter logical specification, which reflects the rules and requirements of the language itself and the developer's potential way of thinking. This article replaces text analysis with programming logic modeling, breaks through the limitation of code text analysis solely relying on the probability of sentence/word occurrence in the code, and proposes an object-oriented language programming logic construction method based on method constraint relationships, selecting features through hypothesis testing ideas, and construct support vector machine classifier to detect class files with defects and reduce the impact of personalized programming on detection methods. In the experiment, some representative Android applications were selected to test and compare the proposed methods. In terms of the accuracy of code defect detection, through cross validation, the proposed method and the existing leading methods all reach an average of more than 90%. In the aspect of cross program detection, the method proposed in this paper is superior to the other two leading methods in accuracy, recall and Fl value.