Secure software development: leveraging application call graphs to detect security vulnerabilities
The inconsistency in software development standards frequently leads to vulnerabilities that can jeopardize an application’s cryptographic integrity. This situation can result in incomplete or flawed encryption processes. Vulnerabilities may manifest as missing, bypassed, or improperly executed encr...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
PeerJ Inc.
2025-01-01
|
| Series: | PeerJ Computer Science |
| Subjects: | |
| Online Access: | https://peerj.com/articles/cs-2641.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832587217227218944 |
|---|---|
| author | Lei Yan Guanghuai Zhao Xiaohui Li Pengxuan Sun |
| author_facet | Lei Yan Guanghuai Zhao Xiaohui Li Pengxuan Sun |
| author_sort | Lei Yan |
| collection | DOAJ |
| description | The inconsistency in software development standards frequently leads to vulnerabilities that can jeopardize an application’s cryptographic integrity. This situation can result in incomplete or flawed encryption processes. Vulnerabilities may manifest as missing, bypassed, or improperly executed encryption functions or the absence of critical cryptographic mechanisms, which eventually weaken security goals. This article introduces a thorough method for detecting vulnerabilities using dynamic and static analysis, focusing on a cryptographic function dominance tree. This strategy systematically minimizes the likelihood of integrity breaches in cryptographic applications. A layered and modular model is developed to maintain integrity by mapping the entire flow of cryptographic function calls across various components. The cryptographic function call graph and dominance tree are extracted and subsequently analyzed using an integrated dynamic and static technique. The extracted information undergoes strict evaluation against the anticipated function call sequence in the relevant cryptographic module to identify and localize potential security issues. Experimental findings demonstrate that the proposed method considerably enhances the accuracy and comprehensiveness of vulnerability detection in cryptographic applications, improving implementation security and resilience against misuse vulnerabilities. |
| format | Article |
| id | doaj-art-63b9d917d6ba409b9d1adfd0a1804024 |
| institution | Kabale University |
| issn | 2376-5992 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | PeerJ Inc. |
| record_format | Article |
| series | PeerJ Computer Science |
| spelling | doaj-art-63b9d917d6ba409b9d1adfd0a18040242025-01-24T15:05:10ZengPeerJ Inc.PeerJ Computer Science2376-59922025-01-0111e264110.7717/peerj-cs.2641Secure software development: leveraging application call graphs to detect security vulnerabilitiesLei Yan0Guanghuai Zhao1Xiaohui Li2Pengxuan Sun3State Grid Beijing Electric Power Company, Beijing, ChinaState Grid Beijing Electric Power Company, Beijing, ChinaState Grid Beijing Electric Power Company, Beijing, ChinaThe Faculty of Information Technology, Beijing University of Technology, Beijing, ChinaThe inconsistency in software development standards frequently leads to vulnerabilities that can jeopardize an application’s cryptographic integrity. This situation can result in incomplete or flawed encryption processes. Vulnerabilities may manifest as missing, bypassed, or improperly executed encryption functions or the absence of critical cryptographic mechanisms, which eventually weaken security goals. This article introduces a thorough method for detecting vulnerabilities using dynamic and static analysis, focusing on a cryptographic function dominance tree. This strategy systematically minimizes the likelihood of integrity breaches in cryptographic applications. A layered and modular model is developed to maintain integrity by mapping the entire flow of cryptographic function calls across various components. The cryptographic function call graph and dominance tree are extracted and subsequently analyzed using an integrated dynamic and static technique. The extracted information undergoes strict evaluation against the anticipated function call sequence in the relevant cryptographic module to identify and localize potential security issues. Experimental findings demonstrate that the proposed method considerably enhances the accuracy and comprehensiveness of vulnerability detection in cryptographic applications, improving implementation security and resilience against misuse vulnerabilities.https://peerj.com/articles/cs-2641.pdfNetwork securitySecure software developmentAuthenticationIntrusion detectionSecurity vulnerabilitiesData protection |
| spellingShingle | Lei Yan Guanghuai Zhao Xiaohui Li Pengxuan Sun Secure software development: leveraging application call graphs to detect security vulnerabilities PeerJ Computer Science Network security Secure software development Authentication Intrusion detection Security vulnerabilities Data protection |
| title | Secure software development: leveraging application call graphs to detect security vulnerabilities |
| title_full | Secure software development: leveraging application call graphs to detect security vulnerabilities |
| title_fullStr | Secure software development: leveraging application call graphs to detect security vulnerabilities |
| title_full_unstemmed | Secure software development: leveraging application call graphs to detect security vulnerabilities |
| title_short | Secure software development: leveraging application call graphs to detect security vulnerabilities |
| title_sort | secure software development leveraging application call graphs to detect security vulnerabilities |
| topic | Network security Secure software development Authentication Intrusion detection Security vulnerabilities Data protection |
| url | https://peerj.com/articles/cs-2641.pdf |
| work_keys_str_mv | AT leiyan securesoftwaredevelopmentleveragingapplicationcallgraphstodetectsecurityvulnerabilities AT guanghuaizhao securesoftwaredevelopmentleveragingapplicationcallgraphstodetectsecurityvulnerabilities AT xiaohuili securesoftwaredevelopmentleveragingapplicationcallgraphstodetectsecurityvulnerabilities AT pengxuansun securesoftwaredevelopmentleveragingapplicationcallgraphstodetectsecurityvulnerabilities |