Improving security analysis rule set by relationship identification.

Improving security analysis rule set by relationship identification.

연구 분야: Analysis

학회: 2024 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)

Rule-based systems such as Semgrep are important to detect security breaches by using static code analysis. Taking inspiration from research identifying relationships in energy consumption rules we present a tool (RIT) to enhance rule set development. Our tool allows Semgrep users to check rule bases, discern relationships, and mitigate redundancy within a rule set. It addresses the intricate interpretation of Semgrep-defined syntax to unveil diverse relationships like Equality, Inclusion, and Overlapping. Leveraging Semgrep’s pattern matching, the tool helps create patterns when forming rules. Experimental results show that the tool improves the relevance of rule sets and reduces execution time, offering substantial advantages in code security checking.