Modeling and Discovering Vulnerabilities with Code Property Graphs

Yamaguchi, Fabian; Golde, Nico; Arp, Daniel J.; Rieck, Konrad

doi:10.1109/sp.2014.44

articleMay 1, 2014Closed access

Modeling and Discovering Vulnerabilities with Code Property Graphs

FYFabian Yamaguchi NGNico Golde DJDaniel J. Arp KRKonrad Rieck

University of Göttingen · Qualcomm (United Kingdom)

Indexed incrossref

Abstract

The vast majority of security breaches encountered today are a direct result of insecure code. Consequently, the protection of computer systems critically depends on the rigorous identification of vulnerabilities in software, a tedious and error-prone process requiring significant expertise. Unfortunately, a single flaw suffices to undermine the security of a system and thus the sheer amount of code to audit plays into the attacker's cards. In this paper, we present a method to effectively mine large amounts of source code for vulnerabilities. To this end, we introduce a novel representation of source code called a code property graph that merges concepts of classic program analysis, namely abstract syntax…

Citation impact

725

total citations

FWCI: 53.30
Percentile: 100%
References: 47

Citations per year

Authors

4

Topics & keywords

Topics

Keywords

Computer science
Source code
Control flow graph
Programming language
Abstract syntax tree
Theoretical computer science
Graph
Call graph

UN Sustainable Development Goals

Peace, Justice and strong institutions

No related works found for this paper.