The article addresses current issues of software protection against malicious code and the detection of its manifestations during development and operation. It notes that modern methods of software analysis, particularly static and dynamic analysis, have both advantages and significant limitations, including a high number of false positives, low efficiency against polymorphic threats, and high computational resource requirements. As an optimal solution, the use of hybrid analysis is proposed, which combines the strengths of different approaches to improve the accuracy of vulnerability detection and reduce the number of erroneous results. The work presents a mathematical model for vulnerability detection based on symbolic execution and combined code analysis, as well as developed algorithms for constructing a reduced program path graph, calculating distance metrics to potentially dangerous code sections, and implementing directed dynamic symbolic execution. The methodology of vulnerability warning classification involves dividing them into three categories: confirmed, unconfirmed, and requiring additional inspection. This approach significantly reduces the complexity of analysis, improves the reliability of results, and automates the process of detecting potentially dangerous code. Particular attention is given to the formalization of concepts related to constraints on program path execution, symbolic conditions, and safety predicates. The obtained results demonstrate the effectiveness of hybrid analysis when working with large-scale projects where both speed and accuracy in threat detection are critical. The capabilities of the modular architecture of the hybrid analysis tool are examined, ensuring flexibility in expanding functionality and integrating new methods. An analysis of key software vulnerability metrics is conducted, which can be used to assess software security. Directions for further research are proposed, particularly improving symbolic execution algorithms to account for indirect dependencies and anti-analysis mechanisms. The research findings can be applied in the development of new systems and the modernization of existing code analysis tools aimed at enhancing software security.
Лаптєв et al. (Fri,) studied this question.