Mining Important Functions in Software Network by Node Vulnerability

Abstract

Abstract Given that analysis on the vulnerability of functions is helpful to the detection and improvement of software security, this paper aims to propose an efficient methods to identify the vulnerable nodes (ITVN) in different software by the interdependence of functions. First, the dynamic software execution process was constructed as Software Execution Dependency Network (SEDN) based on Complex network theory. Second, by analyzing the dependency relationship among functions, the algorithm calVulAndScoOfNodes (CVSN) was designed to compute the vulnerability and the affected scope of each node for further analysis. Third, in order to measure the functions vulnerability in the whole software network, the algorithm calVulDegreeOfNodes (CVDN) was put forward to calculate the vulnerable degree of each node. Finally, the Vulnerable Nodes in different software were obtained by ITVN. Experimental results show that the vulnerable nodes selected as important nodes are well-reasoned in software network by testing different software, and the measures are effective for evaluating nodes vulnerability.