Integrating Static Analysis Tools for Improving Operating System Security

Ashish Joshi, Kanak Tewari, Vivek Kumar, Dibyahash Bordoloi

Journal Title:International Journal of Computer Science and Mobile Computing - IJCSMC
Abstract

Static analysis approach is widely used for detecting vulnerabilities within the code before the execution. C/C++ programming languages consist of highest number of vulnerabilities of which buffer overflow is the highest rated. Of all static analysis tools available none has enabled to detect all the vulnerabilities. Hence, we have proposed an integrated approach using two open-source static analysis tools: Flawfinder and Cppcheck for developing a new static analysis tool.

Download