Abstract: Various embodiments of the present disclosure provide methods, apparatus, systems, computing devices, computing entities, and/or the like for detecting and locating vulnerabilities in source code. The method comprises receiving one or more source code files, matching source code from the one or more source code files to one or more program slices by parsing the source code and mapping one or more portions of the source code to the one or more program slices, wherein each of the one or more program slices comprises one or more program statements associated with one or more vulnerabilities, and generating, using a predictive machine learning model, a vulnerability prediction for each of the one or more source code files, the vulnerability prediction comprising one or more locations of vulnerable code in the source code based on the matching and a vulnerability class associated with each location of vulnerable code.

Abstract: Several data breaches are occurring in organizations due to insecure handling security-sensitive data. Conventional methods utilize static analysis tools and fail to capture all security vulnerabilities. The present disclosure identifies a security vulnerability by analyzing a source code. Initially, a System Dependence Graph (SDG) associated with the source code is received. Forward slicing is performed on the SDG and a plurality of forward function nodes are obtained. A plurality of security parameters associated with the security-sensitive variable are obtained. A backward slicing is performed based on a plurality of security parameters to obtain a plurality of backward function nodes. Further, a plurality of common function nodes is obtained from the plurality of forward and the backward function nodes and utilized to generate a plurality of enumerated paths. The enumerated paths are evaluated to obtain a plurality of feasible paths and are further analyzed to identify security vulnerability.

Abstract: Several data breaches are occurring in organizations due to insecure handling security-sensitive data. Conventional methods utilize static analysis tools and fail to capture all security vulnerabilities. The present disclosure identifies a security vulnerability by analyzing a source code. Initially, a System Dependence Graph (SDG) associated with the source code is received. Forward slicing is performed on the SDG and a plurality of forward function nodes are obtained. A plurality of security parameters associated with the security-sensitive variable are obtained. A backward slicing is performed based on a plurality of security parameters to obtain a plurality of backward function nodes. Further, a plurality of common function nodes is obtained from the plurality of forward and the backward function nodes and utilized to generate a plurality of enumerated paths. The enumerated paths are evaluated to obtain a plurality of feasible paths and are further analyzed to identify security vulnerability.

Abstract: This disclosure relates generally to a method and system for extraction of SQL queries in an application. Various conventional approaches models SQL query extraction at a specific program point problem as an instance of string expression problem. Many string analysis based solutions are not scalable for large applications and those which are scalable do not account explicitly for the heap based flow. In an embodiment, the disclosed method and system utilizes a multi-criteria slicing based model which takes into account the data flowing through heap and contributing to SQL queries generation.

Abstract: This disclosure relates generally to a method and system for extraction of SQL queries in an application. Various conventional approaches models SQL query extraction at a specific program point problem as an instance of string expression problem. Many string analysis based solutions are not scalable for large applications and those which are scalable do not account explicitly for the heap based flow. In an embodiment, the disclosed method and system utilizes a multi-criteria slicing based model which takes into account the data flowing through heap and contributing to SQL queries generation.

Abstract: Identifying root cause of code smells is crucial in enabling proper and efficient software maintenance. Desired are computationally less intensive and easy to implement solutions. Embodiments herein provide a method and system for code analysis to identify causes of code smells. The method provides considerable automation during software maintenance by analyzing detected code smells of two subsequent versions of an application by categorizing the code smells, filtering significant code smells from the detected code smells, mapping the significant code smells between two versions, generating a customized PDG for the mapped functions and performing the isomorphic subgraph mapping for computing a function difference. The computed function difference provides added part of the code or removed part or region of the code of the application, which is cause of the significant added code smells, which can then be provided for manual analysis to identify the root causes for efficient software maintenance.

Abstract: Identifying root cause of code smells is crucial in enabling proper and efficient software maintenance. Desired are computationally less intensive and easy to implement solutions. Embodiments herein provide a method and system for code analysis to identify causes of code smells. The method provides considerable automation during software maintenance by analyzing detected code smells of two subsequent versions of an application by categorizing the code smells, filtering significant code smells from the detected code smells, mapping the significant code smells between two versions, generating a customized PDG for the mapped functions and performing the isomorphic subgraph mapping for computing a function difference. The computed function difference provides added part of the code or removed part or region of the code of the application, which is cause of the significant added code smells, which can then be provided for manual analysis to identify the root causes for efficient software maintenance.