%0 Journal Article %A LU Xin-dai %A MIAO Si-wei %A SHI Zhi-qiang %A WANG Si-qi %A ZHANG Xiao-ling %T Static Vulnerability Detection Technology for the Embedded Firmware Web Code Based on D-S Evidence Theory %D 2019 %R 10.13190/j.jbupt.2018-212 %J Journal of Beijing University of Posts and Telecommunications %P 91-99 %V 42 %N 5 %X Currently, vulnerabilities mining and detection for firmware mainly include dynamic analysis which based on virtual simulation and static auditing which based on reverse engineering. These techniques may have low simulation rate and high false positive rate. Proposing a method based on multi-dimensional features for detection of firmware web vulnerabilities. This method can detect common Web vulnerabilities in firmware effectively and lower the false positive rate by using multi-dimensional features, multi-level preprocessing and vulnerabilities reasoning models based on D-S evidence theory. %U https://journal.bupt.edu.cn/EN/10.13190/j.jbupt.2018-212