Zobrazit v EDS

Code Analysis with Static Application Security Testing for Python Program.

Uloženo v:
Podrobná bibliografie
Název: Code Analysis with Static Application Security Testing for Python Program.
Autoři: Ma, Li, Yang, Huihong, Xu, Jianxiong, Yang, Zexian, Lao, Qidi, Yuan, Dong
Zdroj: Journal of Signal Processing Systems for Signal, Image & Video Technology; Nov2022, Vol. 94 Issue 11, p1169-1182, 14p
Abstrakt: With the increasing popularity of Python for project development, code security and quality have become severe issues for the past few years. The cost of these coding vulnerabilities is hard to estimate and even more costly to fix once the product is released. Besides, the code security audit is inefficient only by manual work, which generally requires tool cooperation. Thus, a Python auditing tool based on Static Application Security Testing (SAST) was developed by integrating multiple technologies. Firstly, the tool preprocesses the code to be detected into the Abstract Syntax Tree (AST) and performs security analysis by studying the context of the AST and combining it with data flow relationships to determine the existence of vulnerabilities and code security by whether security rules are hit or not. Secondly, to enhance the vulnerabilities detection ability, the tool was designed with plug-in architecture, which allows users to redevelop or rewrite specific rules quickly and easily based on this architecture. Experiments have shown that the SAST technology is fast, efficient, and does not need to configure the environment of code running. [ABSTRACT FROM AUTHOR]
Copyright of Journal of Signal Processing Systems for Signal, Image & Video Technology is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Databáze: Complementary Index
Popis
Abstrakt:With the increasing popularity of Python for project development, code security and quality have become severe issues for the past few years. The cost of these coding vulnerabilities is hard to estimate and even more costly to fix once the product is released. Besides, the code security audit is inefficient only by manual work, which generally requires tool cooperation. Thus, a Python auditing tool based on Static Application Security Testing (SAST) was developed by integrating multiple technologies. Firstly, the tool preprocesses the code to be detected into the Abstract Syntax Tree (AST) and performs security analysis by studying the context of the AST and combining it with data flow relationships to determine the existence of vulnerabilities and code security by whether security rules are hit or not. Secondly, to enhance the vulnerabilities detection ability, the tool was designed with plug-in architecture, which allows users to redevelop or rewrite specific rules quickly and easily based on this architecture. Experiments have shown that the SAST technology is fast, efficient, and does not need to configure the environment of code running. [ABSTRACT FROM AUTHOR]
ISSN:19398018
DOI:10.1007/s11265-022-01740-z