Method and system for detecting open source components in mixed source software

A component detection and software technology, applied in software indicators, software maintenance/management, etc., can solve problems such as the difficulty of open source component analysis and the failure of detection efficiency to meet expectations.

Active Publication Date: 2022-02-11
PEKING UNIV
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, although there are many SCA tools that support the analysis of open source components, most of these tools analyze the open source components of the project based on the feature files of the project, while the analysis of open source components based on codes is rare, mainly because of the massive amount of open source code. It is difficult to analyze open source components, and the detection efficiency cannot meet expectations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting open source components in mixed source software
  • Method and system for detecting open source components in mixed source software
  • Method and system for detecting open source components in mixed source software

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although certain embodiments of the present disclosure are shown in the drawings, it should be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein; A more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are for exemplary purposes only, and are not intended to limit the protection scope of the present disclosure.

[0016] In the description of the embodiments of the present disclosure, the term "comprising" and its similar terms should be interpreted as an open inclusion, that is, "including but not limited to". The term "based on" should be understood as "based at least in part on". The term "one embodiment" or "the embodiment" should be read as "at least one embodi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiments disclosed in this application provide a method and system for detecting open-source components in mixed-source software. Wherein, the method includes: obtaining the source code file in the target mixed-source software, that is, obtaining the first source code file, and classifying the first source code file and performing corresponding same-source analysis; wherein, for the first source code file Source code files whose size exceeds the first threshold are subjected to homology analysis based on the Simhash algorithm; for source files whose size does not exceed the first threshold among the first source files, homology analysis is performed based on the Minhash algorithm. Compared with the existing technology, the above scheme can balance the contradiction between the efficiency requirements and the accuracy of open source component detection of mixed-source software, and obtain acceptable open source component detection results under the premise of ensuring detection efficiency.

Description

technical field [0001] The embodiments disclosed in this application mainly relate to the related technical field of open source governance and specifically relate to the technical field of software component analysis (SCA) security test subdivision, and more specifically, relate to a method and system for detecting open source components in mixed-source software. Background technique [0002] In recent years, the proportion of open source components used in software development has been increasing. The introduction of open source components can greatly improve the efficiency of software development. Today, almost all software developer entities will choose to use open source frameworks, open source libraries, open source components, etc. to simplify the development process and shorten the development cycle. However, the introduction of open source components may inevitably introduce some loopholes, causing security issues and intellectual property compliance issues. In pa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F8/77
CPCG06F8/77
Inventor 张涛陈钟
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap