The method and computer program, a system for determining the vulnerability of computer software applications to privilege escalation attacks

摘要

To determine the vulnerability of computer software applications to the [challenge] privilege escalation attack. It is composed [MEANS FOR SOLVING PROBLEMS] instruction classifier, to be used to identify the access restricted area candidates for instruction of computer software applications, static analyzer, and static analysis of the restricted access area candidates Te, to determine the presence or absence of conditional instructions that control the execution flow of the restricted access area candidate, by performing static analysis, conditional instruction is whether you are dependent on the data source of a computer software application determined, if neither of the data source and conditional instructions, and the like configured to specify as being vulnerable to privilege escalation attack restricted access area candidate. [Selection] Figure Figure 1