Vulnerabilities Constraint Based Analysis Approach for Java Bytecode Programs

Abstract

The verification process of software is of growing importance as it helps to assure that an application is correctly built. However, an efficient verification method of implementation of an application should also reject cases of invalid data which provide valid results. Thus, we propose in this paper a constraint-based analysis technique to detect vulnerabilities in Java applications at the executable level. We propose to exploit both the information contained in the Bytecode structure of the application and the information given by the user specification. Indeed, we show how the user specifications can be used to deduce the invalid input state that put the testing method in valid post-state and then to detect some defections in the Bytecode programs.