Program Defect Detection Using Sensitive Slice Semantics with Control Flow Variable Dependency

Chenghua Tang; Huoli Shuai; Mengmeng Yang

doi:10.2174/0126662558321267240726093228

ISSN: 2666-2558
E-ISSN: 2666-2566

Program Defect Detection Using Sensitive Slice Semantics with Control Flow Variable Dependency
Authors: Chenghua Tang¹, Huoli Shuai¹ and Mengmeng Yang²
View Affiliations Hide Affiliations

¹ Guangxi Key Laboratory of Trusted Software, Guilin University of Electronic Technology, Guilin, China ; ² Data61, Commonwealth Scientific and Industrial Research Organization, Melbourne, Australia
Source: Recent Advances in Computer Science and Communications, Volume 18, Issue 4, Jun 2025, E010824232550
DOI: https://doi.org/10.2174/0126662558321267240726093228
- Received: 04 Apr 2024
- Accepted: 12 Jun 2024
- Available online: 01 Aug 2024

Abstract

In order to improve the efficiency of program slicing, eliminate the interference of irrelevant statements on defect detection, and solve the program of incomplete slicing or overly sensitive slice contours to dependencies, an inter-process slicing method based on control flow variable dependency graph (CFVDG) is proposed. The results show that compared with the SDG and DFG, the proportion of node reduction to the number of lines of code on datasets such as schedule is 42.7% and 3.7% on average.

Background

Slicing technology focuses on data association behavior and is suitable for variable dependency analysis in tight defect contexts.

Methods

By constructing a control flow variable dependency graph(CFVDG), performing slicing and semantic analysis and understanding, finally applied to detect defection.

Results

Compared with the slicing methods based on SDG and DFG, the consumption of time and space has decreased.

Conclusion

The experimental results show that this method can improve the precision of defect detection and reduce the false alarm rate, while reasonably and effectively shortening the time for graph construction and slicing, and reducing the consumption of edge storage space.

Article metrics loading...

/content/journals/rascs/10.2174/0126662558321267240726093228

2024-08-01

2025-12-11

From This Site

/content/journals/rascs/10.2174/0126662558321267240726093228

dcterms_title,dcterms_subject,pub_keyword

-contentType:Contributor -contentType:Concept -contentType:Institution

10

5

Full text loading...

References

SunW. TangY. WeiS. ChenL. Vulnerability verification with the assistance of directed symbolic execution2023 International Conference on Cryptography, Network Security, and Communication Technology (CNSCT 2023), vol. 12641, 2023 Changsha, China.10.1117/12.2678965
[Google Scholar]
LiZ. ZouD. XuS. ChenZ. ZhuY. JinH. Vuldeelocator: A deep learning-based fine-grained vulnerability detector.IEEE Trans. Depend. Secure Comput.20221942821283710.1109/TDSC.2021.3076142
[Google Scholar]
Al-MekhlafiZ.G. Al-ShareedaM.A. ManickamS. MohammedB.A. AlreshidiA. AlazmiM. AlshudukhiJ.S. AlsaffarM. RassemT.H. Efficient authentication scheme for 5G-enabled vehicular networks using fog computing.Sensors (Basel)2023237354310.3390/s2307354337050601
[Google Scholar]
MohammedB.A. Al-ShareedaM.A. AlsadhanA.A. Al-MekhlafiZ.G. SallamA.A. Al-QatabB.A. AlshammariM.T. AlaybaA.M. Efficient blockchain-based pseudonym authentication scheme supporting revocation for 5G-assisted vehicular fog computing.IEEE Access202412330893309910.1109/ACCESS.2024.3372390
[Google Scholar]
JinZ. LiuF. LiG. Program comprehension: Present and future.J. Softw.201930111012610.13328/j.cnki.jos.005643
[Google Scholar]
GalindoC. PérezS. SilvaJ. Program slicing of Java programs.J. Logic. Algebraic Methods. Program.202313010082610.1016/j.jlamp.2022.100826
[Google Scholar]
ZhaoJ. GuoS. MuD. DouBiGRU-A: Software defect detection algorithm based on attention mechanism and double BiGRU.Comput. Secur.202111110245910.1016/j.cose.2021.102459
[Google Scholar]
NarayananA. ChandramohanM. ChenL. LiuY. A multi-view context-aware approach to Android malware detection and malicious code localization.Empir. Softw. Eng.20182331222127410.1007/s10664‑017‑9539‑8
[Google Scholar]
PrasannaK.K. SanyalA. KarkareA. PadhiS. A static slicing method for functional programs and its incremental version.28th International Conference on Compiler Construction (CC 2019), 2019pp. 53-64 Washington, USA.
[Google Scholar]
SinghJ. PandaS. KhilarP.M. MohapatraD.P. A graph-based dynamic slicing of distributed aspect-oriented software.Softw. Eng. Notes20164121810.1145/2894784.2894791
[Google Scholar]
YanQ. LiY. WuY. ZhouJ. DFlow: A data flow analysis tool for C/C++.IEEJ Trans. Electr. Electron. Eng.202116121635164110.1002/tee.23467
[Google Scholar]
MoonenL. YazdanshenasA.R. Analyzing and visualizing information flow in heterogeneous component-based software systems.Inf. Softw. Technol.201677345510.1016/j.infsof.2016.05.002
[Google Scholar]
TabarA.H. BubelR. HahnleR. Automatic loop invariant generation for data dependence analysis2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE), 2022 Pittsburgh, PA, USA.10.1145/3524482.3527649
[Google Scholar]
NorouziM. IliasQ. JannesariA. WolfF. Accelerating data-dependence profiling with static hints.25th International European Conference on Parallel and Distributed Computing (Euro-Par 2019), vol. 11725, 2019pp. 17-28 Göttingen, Germany.10.1007/978‑3‑030‑29400‑7_2
[Google Scholar]
ChenQ. ChengK. ZhengY. ZhuH. SunL. Function-level data dependence graph and its application in static vulnerability analysis.J. Softw.202031113421343510.13328/j.cnki.jos.005833
[Google Scholar]
YinX. LuB. CaiR. ZhuX. YangQ. LiuS. Memory copy function identification technique with control flow and data flow analysis.J. Comp. Res. Devel.2023602326340
[Google Scholar]
LiW. ZhouM. HuangH. Program understanding and requirement validation based on accurate value flow graph.10th International Workshop on Computer Science and Engineering (WCSE 2020), 2020pp. 474-484 Shanghai, China.10.18178/wcse.2020.06.069
[Google Scholar]
DevkotaS. AschwandenP. KunenA. LegendreM. IsaacsK.E. CcNav: Understanding compiler optimizations in binary code.arXiv:2009009562021
[Google Scholar]
HuJ. ChenJ. AliS. LiuB. ChenJ. ZhangC. YangJ. A detection approach for vulnerability exploiter based on the features of the exploiter.Secur. Commun. Netw.20212021111410.1155/2021/5581274
[Google Scholar]
ZhangJ. LiuZ. HuX. XiaX. LiS. Vulnerability detection by learning from syntax-based execution paths of code.IEEE Trans. Softw. Eng.20234984196421210.1109/TSE.2023.3286586
[Google Scholar]
CuiL. HaoZ. JiaoY. FeiH. YunX. Vuldetector: Detecting vulnerabilities using weighted feature graph comparison.IEEE Trans. Inf. Forensics Security2021162004201710.1109/TIFS.2020.3047756
[Google Scholar]
LuS. ZuoZ. WangL. Progress in parallelization of static program analysis.J. Softw.20203151243125410.13328/j.cnki.jos.005950
[Google Scholar]
YangW. GaoM. JiangT. A malicious code static detection framework based on multi-feature ensemble learning.J Comp Res Devel20215851021103410.7544/issn1000‑1239.2021.20200912
[Google Scholar]
LeeT. ChoiB. ShinY. KwakJ. Automatic malware mutant detection and group classification based on the n-gram and clustering coefficient.J. Supercomput.20187483489350310.1007/s11227‑015‑1594‑6
[Google Scholar]
KadiyalaS.P. KartheekA. TramT.H. Program behavior analysis and clustering using performance counters.2020 Workshop on Dynamic and Novel Advances in Machine Learning and Intelligent Cyber Security (DYNAMICS 2020)17 October 2022202010.1145/3477997.3478011
[Google Scholar]
AlonY. DavidC. Using graph neural networks for program termination.arXiv:220714648202210.1145/3540250.3549095
[Google Scholar]
ZhuR. YuanL. LiX. GaoM. CaiW. A neural network architecture for program understanding inspired by human behaviors.60th Annual Meeting of the Association for Computational Linguistics (ACL 2022), vol. 1, 2022pp. 5142-5153 Dublin, Ireland.10.18653/v1/2022.acl‑long.353
[Google Scholar]
DuanX. WuJ. LuoT. YangM. WuY. Vulnerability mining method based on code property graph and attention BiLSTM.J. Softw.202031113404342010.13328/j.cnki.jos.006061
[Google Scholar]
MeilongS. HeP. XiaoH. LiH. ZengC. An approach to semantic and structural features learning for software defect prediction.Math. Probl. Eng.2020202011310.1155/2020/6038619
[Google Scholar]
AmtoftT. BanerjeeA. A theory of slicing for imperative probabilistic programs.ACM Trans. Program. Lang. Syst.202042217110.1145/3372895
[Google Scholar]
SahuM. MohapatraD.P. Computing dynamic slices of concurrent feature-oriented programs.Arab. J. Sci. Eng.201944119471949710.1007/s13369‑019‑04091‑3
[Google Scholar]
LeeS. BinkleyD. FeldtR. GoldN. YooS. Observation-based approximate dependency modeling and its use for program slicing.J. Syst. Softw.202117911098810.1016/j.jss.2021.110988
[Google Scholar]
LuK. PakkiA. WuQ. Detecting missing-check bugs via semantic and context-aware criticalness and constraints inferences.2019Available From: https://www-users.cse.umn.edu/~kjlu/ papers/crix.pdf
AzimT. AlaviA. NeamtiuI. GuptaR. Dynamic slicing for android.41st IEEE/ACM International Conference on Software Engineering (ICSE 2019), 2019pp. 1154-1164 Montreal, QC, Canada.10.1109/ICSE.2019.00118
[Google Scholar]
LiX. OrsoA. More accurate dynamic slicing for better supporting software debugging.13th IEEE International Conference on Software Testing, Verification and Validation (ICST 2020), 2020pp. 28-38 Porto, Portugal.10.1109/ICST46399.2020.00014
[Google Scholar]
PakkiA. LuK. Exaggerated error handling hurts! an in-depth study and context-aware detection.27th ACM SIGSAC Conference on Computer and Communications Security (CCS 2020), 2020 pp. 1203-1218.10.1145/3372297.3417256
[Google Scholar]
LuluW. BixinL. XianglongK. Type slicing: An accurate object oriented slicing based on sub-statement level dependence graph.Inf. Softw. Technol.202012710636910.1016/j.infsof.2020.106369
[Google Scholar]
ZhangY.Z. SymPas: Symbolic program slicing.J. Comput. Sci. Technol.202136239741810.1007/s11390‑020‑9754‑4
[Google Scholar]
AhmadiM. FarkhaniR.M. WilliamsR. LuL. Finding bugs using your own code: Detecting functionally-similar yet inconsistent code.2021Available From: https:// www.longlu.org/publication/ fics/fics.pdf
AlomariH.W. StephanM. Clone detection through srcClone: A program slicing based approachJ Syst Softw202118411111510.1016/j.jss.2021.111115
[Google Scholar]
GalindoC. PérezS. SilvaJ. Exception-sensitive program slicing.J Logic Algebraic Methods Program202313010083210.1016/j.jlamp.2022.100832
[Google Scholar]
LiangZ. ChangJ. ShenW. YaoC. WangL. ECIA: Elaborate change impact analysis based on sub-statement level dependency graph.23rd IEEE International Conference on Software Quality, Reliability, and Security Companion (QRS-C 2023), 2023pp. 471-480 Chiang Mai, Thailand.10.1109/QRS‑C60940.2023.00032
[Google Scholar]
JanaA. HalderR. ChakiN. CortesiA. Policy-Based Slicing of Hibernate Query Language.Lect. Notes Comput. Sci.2015933926728110.1007/978‑3‑319‑24369‑6_22
[Google Scholar]
ZhengW. JiangY. SuX. VulSPG: Vulnerability detection based on slice property graph representation learning.arXiv:2109.02527202110.1109/ISSRE52982.2021.00054
[Google Scholar]
MohantyS.R. BeheraP.K. MohapatraD.P. Dynamic graph based slicing for object-oriented programs.Int. J. Comput. Trends Tech.201528313514310.14445/22312803/IJCTT‑V28P125
[Google Scholar]
Software-artifact infrastructure repository.2023Available From: https://sir.csc.ncsu.edu/php/previewfiles.php
NISTTest suites.2023Available From: https://samate.nist.gov/SRD/testsuite.php
WuH. ZhangZ. WangS. LeiY. LinB. QinY. ZhangH. MaoX. Peculiar: Smart contract vulnerability detection based on crucial data flow graph and pre-training techniques32nd IEEE International Symposium on Software Reliability Engineering (ISSRE 2021)2021pp. 378-389 Wuhan, China.10.1109/ISSRE52982.2021.00047
[Google Scholar]

/content/journals/rascs/10.2174/0126662558321267240726093228

Program Defect Detection Using Sensitive Slice Semantics with Control Flow Variable Dependency

Recent Advances in Computer Science and Communications 18, E010824232550 (2025); https://doi.org/10.2174/0126662558321267240726093228

/content/journals/rascs/10.2174/0126662558321267240726093228

Data & Media loading...

Article Type: Research Article

Keyword(s): code slicing; constraint rules; context sensitive; control flow; defect characteristics; Variable dependency

Program Defect Detection Using Sensitive Slice Semantics with Control Flow Variable Dependency

Abstract

From This Site

Most Read This Month

Most Cited Most Cited RSS feed

Key Issues in Software Reliability Growth Models

Remaining Useful Life Prediction of Lithium-ion Batteries Using Multiple Kernel Extreme Learning Machine

An Ensemble of Bacterial Foraging, Genetic, Ant Colony and Particle Swarm Approach EB-GAP: A Load Balancing Approach in Cloud Computing

ROUGE-SS: A New ROUGE Variant for the Evaluation of Text Summarization

Container Elasticity: Based on Response Time using Docker

Research on Monitoring System of Daily Statistical Indexes Through Big Data

An Analog Circuit Fault Diagnosis Approach Based on Wavelet-based Fractal Analysis and Multiple Kernel SVM

SkyViewSentinel: A Deep Learning-Driven Military Object Detection Application for Remote-Sensing Satellite Images

Biofuels Policy as the Indian Strategy to Achieve the 2030 Sustainable Development Goal 7: Targets, Progress, and Barriers

Revolutionizing Agriculture: A Comprehensive Review of IoT Farming Technologies