Abstract
Tool like Flawfinder, used to identify a security flaw in a source code, is too expensive to be procured for usage but it can also be accessed on public cloud as a software as a service. Since there is possibility of inside attackers in cloud service, to unveil the logical possessions out of the source code, there is a need to transform the source code by altering the semantics. In this paper, we have introduced a novel method to identify the core logical blocks of any C source code. It mainly consists of two steps: (i) source code entity identification (ii) dependency identification. The entities are identified based on programming language constructs like variables, simple entities and control structures. Variable dependency is in deep analyzed by generating a dependency graph using Neo4j graph database software. This graph is further traversed and weighted matrix of the variable dependencies is created from which the core logical blocks could be identified. Algorithms are designed for the above two steps. Cyclomatic complexity analysis and Time complexity analysis are carried out and experimentations are conducted to verify the same.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Flawfinder: Source Code Analysis Tool for detecting security flaws. https://www.dwheeler.com/flawfinder/
Klockwork: Source Code Analysis Tool for Security & Reliability. http://www.klocwork.com/
Why Source Code Disclosure is dangerous?
Wyseur, B.: White-Box Cryptography. Ph.D. thesis, Katholieke Universiteit Leuven, Belgium (2009)
D-Anna, L., Matt, B., Reisse, A., Van Vleck, T., Schwab, S., LeBlanc, P.: Self-protecting mobile agents obfuscation report Final report. Technical report 03-015, Network Associates Laboratories, June 2003
The Tigress C Diversifier/Obfuscator. http://tigress.cs.arizona.edu/
Xu, H., Zhou, Y., Kang, Y., Lyu, M.R.: On Secure and Usable Program Obfuscation: A Survey, arXiv:1710.01139v1, Cornell University Library (2017). https://arxiv.org/pdf/1710.01139.pdf
Cai, Z., Zhao, L., Wang, X., Yang, X., Qin, J., Yin, K.: A pattern-based code transformation approach for cloud application migration. In: IEEE International Conference on Cloud Computing, pp. 33–40 (2015)
Rahman, A., Cordy, J.R.: Pattern analysis of TXL programs. In: IEEE International Conference on Software Analysis, Evolution and Reengineering, pp. 37–43 (2016)
Doxygen: Generate documentation from source code http://www.stack.nl/~dimitri/doxygen/
Sadar, A., Panicker J, V.: DocTool – A Tool for Visualizing Software Projects using Graph Database, IEEE (2015). 978-1-4673-7948-9
Sadi, M.S., Halder, L., Saha, S.: Variable dependency analysis of a computer program. In: IEEE International Conference on Electrical Information and Communication Technology (EICT), pp 1–5 (2013)
Fox, C., Harman, M., Hassoun, Y.: Variable Dependence Analysis Technical report: TR-10-0, Elsevier (2010)
NeO4j: Graph Platform for Connected Data. https://neo4j.com/
McCabe, T.J.: A complexity measure. IEEE Trans. Software Eng. 2(4), 308–320 (1976)
C Source Codes. https://people.sc.fsu.edu/~jburkardt/c_src/c_src.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Ahire, P., Abraham, J. (2020). Perceive Core Logical Blocks of a C Program Automatically for Source Code Transformations. In: Abraham, A., Cherukuri, A.K., Melin, P., Gandhi, N. (eds) Intelligent Systems Design and Applications. ISDA 2018 2018. Advances in Intelligent Systems and Computing, vol 940. Springer, Cham. https://doi.org/10.1007/978-3-030-16657-1_36
Download citation
DOI: https://doi.org/10.1007/978-3-030-16657-1_36
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16656-4
Online ISBN: 978-3-030-16657-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)