Fig 2 - uploaded by Abdalla Wasef Marashdih
Content may be subject to copyright.
![PHP Source Code and the Infeasible Paths in CFG Figure 2 shows that the static analysis begins by analysing the PHP source code and creating the source code's control flow graph so that the program's data flow can be determined. The PHP source code begins with the initialisation of the two variables found in line 2 and 3 ($x = 20 and $y = 40). Then, a condition specified in line 4 will check if ($x < 20) and ($y > 60). The statement in line 6 (echo $x + $y) is implemented if the condition is true. It then ends at line 8 (echo $y-$x). However, if the statement presented in line 6 (echo $x + $y) is an infeasible statement, there will be no probability for the given condition to be true at all. Thus, every path that has the line 6 implementation will be considered an infeasible path. Infeasible paths can exist because of several reasons [13], one of which is the existence of dead code, which means that it is not possible to implement a certain sentence within the code. Consequently, they result into unimplementable paths because accessibility for this data does not exist. Another cause of infeasible paths is the conflicting clauses that are contained within certain paths, such as: (A <= 10 && B > 20 || C == 40). Infeasible paths may also be present as a result of the existence of correlated conditional statements in terms of a given variable (which is considered as one of the main reasons for the absence of access in the programs [14, 15]). To enhance the results of the static analysis, one should remove infeasible paths from the entire path of the control flow graph [3, 13, 16, 17]. One can define the infeasible path as any path that is not executable under any test cases [13]. Conversely, Ball, T. and Balakrishnan, et al. [16,17] stated that developers need to distinguish these infeasible paths from the other paths of the entire control flow graph. The following section will provide a description of the detection of infeasible paths as well as the methods that were used to identify these infeasible paths.](profile/Abdalla-Wasef-Marashdih/publication/330936934/figure/fig2/AS:723736399454209@1549563612920/PHP-Source-Code-and-the-Infeasible-Paths-in-CFG-Figure-2-shows-that-the-static-analysis.jpg)
PHP Source Code and the Infeasible Paths in CFG Figure 2 shows that the static analysis begins by analysing the PHP source code and creating the source code's control flow graph so that the program's data flow can be determined. The PHP source code begins with the initialisation of the two variables found in line 2 and 3 ($x = 20 and $y = 40). Then, a condition specified in line 4 will check if ($x < 20) and ($y > 60). The statement in line 6 (echo $x + $y) is implemented if the condition is true. It then ends at line 8 (echo $y-$x). However, if the statement presented in line 6 (echo $x + $y) is an infeasible statement, there will be no probability for the given condition to be true at all. Thus, every path that has the line 6 implementation will be considered an infeasible path. Infeasible paths can exist because of several reasons [13], one of which is the existence of dead code, which means that it is not possible to implement a certain sentence within the code. Consequently, they result into unimplementable paths because accessibility for this data does not exist. Another cause of infeasible paths is the conflicting clauses that are contained within certain paths, such as: (A <= 10 && B > 20 || C == 40). Infeasible paths may also be present as a result of the existence of correlated conditional statements in terms of a given variable (which is considered as one of the main reasons for the absence of access in the programs [14, 15]). To enhance the results of the static analysis, one should remove infeasible paths from the entire path of the control flow graph [3, 13, 16, 17]. One can define the infeasible path as any path that is not executable under any test cases [13]. Conversely, Ball, T. and Balakrishnan, et al. [16,17] stated that developers need to distinguish these infeasible paths from the other paths of the entire control flow graph. The following section will provide a description of the detection of infeasible paths as well as the methods that were used to identify these infeasible paths.
Source publication
Static analysis is valuable because it imparts the ability to examine all program paths. However, many of these paths are classified as infeasible paths, which signify that these paths will fail to execute. In static analysis, these paths will lead to results that are high false positive. Because static analysis has a vital part in the detection of...
Context in source publication
Context 1
... can define the infeasible path as any path within the CFG that is not executable under any input values or any test cases [13,16]. Figure 2 illustrates an example of the PHP source code with its control flow graph and shows how some paths end up being clas- sified as infeasible paths. . However, if the state- ment presented in line 6 (echo $x + $y) is an infeasible statement, there will be no probability for the given condition to be true at all. ...
Citations
... Those algorithms use a certain adjustment of randomization and local search. A good solution for difficult optimization problems can be found in a reasonable time, but in general, there is no guarantee of finding optimal solutions (Almufti, 2018;Marqas et al., 2020;Marashdih et al., 2018). In the fields of computer science, mathematical optimizations, and engineering's, the term "metaheuristic" represents a higher-level procedure or heuristic designed to search, find, generate, or select a heuristics, that may provide a good solution to an optimization problem, especially for the large problems such as (NP-hard problem) or in case of limit, incomplete or imperfect information Saban et al., 2018;Yahya et al., 2020). ...
ARTICLEINFO The complexity of real-world problems motivated researchers to innovate efficient problem-solving techniques. Generally natural Inspired, Bio Inspired, Metaheuristics based on evolutionary computation and swarm intelligence algorithms have been frequently used for solving complex, real-world optimization and Non-deterministic polynomial hard (NP-Hard) problems because of their ability to adjust to a variety of conditions. This paper describes Grey Wolf Optimizer (GWO) as a Swarm Based metaheuristic algorithm inspired by the leadership hierarchy and hunting behavior of the grey wolves for solving complex and real-world optimization problems. Since the appearance of GWO many modifications for improving the performance of the algorithm and have been applied to various applications in several fields. At the end of this paper, the improvements are listed.
... Static analysis has the potential to observe every possible path in an application through scrutiny of the source code. However, covering all web application paths during testing leads a false positive result [2,3]. False positives are results that are safe but are reported to be vulnerabilities, and thus, execution would not occur, despite the type of user input. ...
Static analysis is one of the techniques used today to analyze source codes and minimize the issue of software vulnerability. Static analysis has the ability to observe all possible software paths in an application through the scrutiny of a web application’s source code. Among those paths, some may be considered feasible paths, which refer to any paths that the test cases can execute. The detection of feasible paths in the results of a static analysis helps to minimize the false positive rate. However, the detection of feasible paths can be challenging, especially for programs that have multiple conditions in the same branch. The aim is to ensure that each feasible path is detected only once (not duplicated). This paper proposes an approach based on minimal static single assignment (MSSA) form and symbolic execution to detect feasible paths. The proposed approach starts by converting the source code into an abstract syntax tree (AST), followed by converting the AST to minimal SSA representation, which helps to decrease the number of instructions in the SSA form. An algorithm was built to examine all of the instructions of the SSA form, identify whole paths in the source code, and extract constraints along each path. A path weight method (PWM) is proposed in this work to avoid detecting duplicated feasible paths. The satisfiability modulo theory (SMT) solver was used to check the satisfiability of each path condition. The proposed approach was tested on seven well-known test programs that have been used in related studies and 10 large scale programs. The experimental results indicate that the proposed method (PWM) can avoid detecting duplicated feasible paths, and the proposed approach reduced the time required for generating the paths compared to that in related studies.
The detection of feasible paths helps to minimize the false positive rate. However, the previous works did not consider the feasibility of the program paths during the analysis detection of input validation vulnerabilities, which led to false positive results. They also needed to validate the usage of the proper sanitization functions for each context of the user input. Therefore, we proposed an enhanced static taint analysis approach to analyse the source code and track the tainted inputs in the program. It started by examining the source code to find the feasibility of each path in the program. The tainted variables were tracked through the analysis until the sink statement, which executes the tainted variables. An algorithm was built to enhance the static analyzer to handle the variables handling functions in PHP. The proposed approach was evaluated with SARD datasets and large-scale PHP programs. The results indicated that the precision in detecting XSS vulnerability was approximately 44% better than WAP and 26% better than RIPS, and its precision in detecting SQL injection was about 10% better than WAP and 19% better than RIPS. Furthermore, the proposed approach outperformed previous symbolic execution studies regarding the number of detected vulnerabilities.
Current networking technologies, as well as the ready availability of large quantities of data and knowledge on the Internet-based Infosphere, offer tremendous opportunities for providing more abundant and reliable information to decision makers and decision support systems. The use of the Internet has increased at a breakneck pace. Some prevailing features of the Infosphere, however, have hindered successful use of the Internet by humans or decision support machine systems. To begin with, the information available on the internet is disorganized, multi-modal, and spread around the globe on server pages. Second, every day, the number and variety of data sources and services grows dramatically. In addition, the availability, type, and dependability of information services are all changing all the time. Third, the same piece of knowledge can be obtained from a number of different sources. Fourth, due to the complex existence of information sources and possible information updating and maintenance issues, information is vague and probably incorrect. As a result, collecting, filtering, evaluating, and using information in problem solving is becoming increasingly difficult for a human or computer device. As a consequence, identifying information sources, accessing, filtering, and incorporating data in support of decision-making, as well as managing information retrieval and problem-solving efforts of information sources and decision-making processes, has become a critical challenge. To fix this issue, the idea of "Intelligent Software Agents" has been suggested. Although a precise definition of an intelligent agent is still a work in progress, the current working definition is that Intelligent Software Agents are programs that act on behalf of their human users to perform laborious information gathering tasks such as locating and accessing information from various on-line information sources, resolving inconsistencies in the retrieved information, filtering out irrelevant data.
