Static analysis works well at checking defects that clearly map to source code constructs. Model checking can find defects of deadlocks and routing loops that are not easily detected by static ...analysis, but faces the problem of state explosion. This paper proposes a hybrid approach to detecting security defects in programs. Fuzzy inference system is used to infer selection among the two detection approaches. A cluster algorithm is developed to divide a large system into several clusters in order to apply model checking. Ontology based static analysis employs logic reasoning to intelligently detect the defects. We also put forwards strategies to improve performance of the static analysis. At last, we perform experiments to evaluate the accuracy and performance of the hybrid approach.
Business Intelligence Recovery from Legacy Code Jian Kang; Jianjun Pu; Jianchu Huang ...
2008 32nd Annual IEEE International Computer Software and Applications Conference,
2008-July
Conference Proceeding
The paper introduces a concept, BI (business intelligence) recovery, in software reverse engineering research. It is named to alternate "business asset", because we discover the abstract knowledge ...along with reverse engineering result could generate new wisdom. And this new wisdom could be taken into account in program understanding. The main difficulty in extracting program structure from program code is we are lacking the knowledge of business intelligence, which is complementary to program code. Here, we propose our research method and solution to solve this issue.