Integrated Approach to Detect Vulnerabilities in Source Code

Nowadays, security breaches are greatly increasing in number. This is one of the major threats that are being faced by most organisations which usually lead to a massive loss. The major cause for these breaches could potentially be the vulnerabilities in software products. Though there are many standard secure coding standards like CERT (Computer Emergency Response Team), software developers fail to utilize them and this leads to an unsecured end product. The difficulty in manual analysis of vulnerabilities in source code is what leads to the evolution of automated analysis tools. Static and dynamic analyses are the two complementary methods used to detect vulnerabilities in source code. Static analysis scans the source code without executing it but dynamic analysis tests the code by executing it. Each has its own unique pros and cons. The proposed approach helps the developers to correct the vulnerabilities in their code by an integrated approach of static and dynamic analysis for C and C++. This eliminates the pros and cons of the existing practices and helps developers in the most efficient way. It deals with common buffer overflow vulnerabilities, format string vulnerabilities and improper input validation. The whole scenario is implemented as a web application.