Robust Graph Based Static Code Analysis
Download Robust Graph Based Static Code Analysis PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Robust Graph Based Static Code Analysis book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Robust Graph-Based Static Code Analysis
Bachelor Thesis from the year 2019 in the subject Computer Science - IT-Security, grade: 1,0, Technical University of Munich (Fakultät für Informatik), language: English, abstract: The topic of this thesis is to develop a graph-based static analysis framework for Java code that tolerates incomplete or non-compiling source code. For this purpose, the concept of Code Property Graphs (CPGs) is to be researched and extended, in order to provide information about more complex erroneous patterns in Java source code. Additionally, an evaluation of the resulting graph model is to be performed, by searching for cryptographic vulnerabilities in publicly available Java projects. This evaluation needs to show, whether this graph-based analysis approach is capable of finding security issues in Java code, and how feasible the analysis is from a performance point of view. Automatic code analysis is a widely used technique to find and eliminate errors in software projects. Instead of executing the program and verify that its behavior is correct, as dynamic analysis does it, static analysis is applied on its source code. Here, we search for suspicious patterns that are likely to indicate erroneous behavior. A special type of software bugs are those errors, that lead to security vulnerabilities. In this case, attackers may be able to undermine fundamental security aspects, by exfiltrating sensitive user data from server applications or assume control over the machine running the program in question. Security vulnerabilities in the code can have drastic consequences, which is why it is important to identify them as fast as possible and fix them immediately afterwards. This thesis extends the concept of Code Property Graphs (CPGs), which has been proposed for static analysis of C/C++ code, to be applied on programs and incomplete code snippets written in Java. Unifying Abstract Syntax Trees (ASTs), Control Flow Graphs (CFGs) and Data Flow Graphs (DFGs) in a single datastructure, this approach enables searching for vulnerabilities whose code patterns are spread out across the boundaries of single methods and classes. These patterns are identified using the graph query language cypher, which is provided by the graph database Neo4j. In an evaluation run on 100 public repositories on GitHub using cryptography, 135 findings of cryptographic API misuse have been identified using this technique. These include the use of insecure algorithms, like the Data Encryption Standard (DES) or Electronic Code Book mode (ECB), and hardcoded passwords that are used for encryption purposes. This thesis has been created in cooperation with Fraunhofer AISEC
Knowledge Graph-Based Methods for Automated Driving
The global race to develop and deploy automated vehicles is still hindered by significant challenges, with the related complexities requiring multidisciplinary research approaches. Knowledge Graph-Based Methods for Automated Driving offers sought-after, specialized know-how for a wide range of readers both in academia and industry on the use of graphs as knowledge representation techniques which, compared to other relational models, provide a number of advantages for data-driven applications like automated driving tasks. The machine learning pipeline presented in this volume incorporates a variety of auxiliary information, including logic rules, ontology-informed workflows, simulation outcomes, differential equations, and human input, with the resulting operational framework being more reliable, secure, efficient as well as sustainable. Case studies and other practical discussions exemplify these methods' promising and exciting prospects for the maturation of scalable solutions with potential to transform transport and logistics worldwide. - Systematically covers knowledge graphs for automated driving processes - Includes real-life case studies, facilitating an understanding of current challenges - Analyzes the impact of various technological aspects related to automation across a range of transport modes, networks, and infrastructures
Graph-Based Representations in Pattern Recognition
This book constitutes the refereed proceedings of the 14th IAPR-TC-15 International Workshop on Graph-Based Representations in Pattern Recognition, GbRPR 2025, held in Caen, France, in June 2025. The 25 full papers presented here were carefully reviewed and selected from 33 submissions. They are organized as per the following topical sections: Cybersecurity based on Graph models; Graph based bioinformatics; Graph similarities and graph patterns; GNN: shortcomings and solutions; Graph learning and computer vision.