FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases

Lerch, Johannes; Hermann, Ben; Bodden, Eric; Mezini, Mira

doi:10.1145/2635868.2635878

Cited by 26 publications

(22 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We found this to be the case while developing FlowTwist [6], a taint-flow analysis for the detection of so-called Confused Deputies in Java. In this paper we therefore contribute a design approach that effectively separates different analysis aspects and implementations that are otherwise often interwoven.…”

Section: Introductionmentioning

confidence: 91%

Design your analysis: a case study on implementation reusability of data-flow functions

Lerch

Hermann

2015

Proceedings of the 4th ACM SIGPLAN International Workshop on State of the Art in Program Analysis

Self Cite

View full text Add to dashboard Cite

The development of efficient data flow analyses is a complicated task. As requirements change and special cases have to be considered, implementations may get hard to maintain, test and reuse. We propose to design these analyses regarding the principle of separation of concerns. Therefore, in this paper we present a reference design for data flow analyses in the context of the IFDS/IDE algorithm. We conducted a case study in order to inspect the level of reuse that can be achieved with our design and found it to be helpful for the efficient development of new analyses.

show abstract

Section: Introductionmentioning

confidence: 91%

Design your analysis: a case study on implementation reusability of data-flow functions

Lerch

Hermann

2015

Proceedings of the 4th ACM SIGPLAN International Workshop on State of the Art in Program Analysis

Self Cite

View full text Add to dashboard Cite

show abstract

“…The approach is promising, but obviously requires programmers to adopt the tools; also no papers are yet available validating their effectiveness. Others, such as Near and Jackson, and Lerch et al, [31,36] have code analysis tools to detect security defects; these work but provide only limited feedback to developers.…”

Section: Techniques To Help Teams Improvementioning

confidence: 99%

I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security

Weir¹,

Rashid²,

Noble³

2017

Proceedings 2nd European Workshop on Usable Security

View full text Add to dashboard Cite

Abstract-The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need.

show abstract

“…The main static analysis tools and frameworks which can be used for security analysis of Java Web applications are FindBugs [3,13], SFlow [14], FlowTwist [21], LAPSE+ [30], TAJ [42], Andromeda [41], Indus [17], Soot [43], Joana [11], Wala [15]; for a more comprehensive list see [28].…”

Section: Related Workmentioning

confidence: 99%

“…Challenges 1 and 2 are addressed by approaches based on taint analysis [14,18,21,23,30,41,42]. However, reports generated by these approaches typically contain data-flow analysis traces and lack control-dependency information (challenge 3), which is essential for security auditing.…”

Section: Introductionmentioning

confidence: 99%

JoanAudit: a tool for auditing common injection vulnerabilities

Thomé

Shar

Bianculli

et al. 2017

Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering

View full text Add to dashboard Cite

JoanAudit is a static analysis tool to assist security auditors in auditing Web applications and Web services for common injection vulnerabilities during software development. It automatically identifies parts of the program code that are relevant for security and generates an HTML report to guide security auditors audit the source code in a scalable way. JoanAudit is configured with various security-sensitive input sources and sinks relevant to injection vulnerabilities and standard sanitization procedures that prevent these vulnerabilities. It can also automatically fix some cases of vulnerabilities in source code -cases where inputs are directly used in sinks without any form of sanitization -by using standard sanitization procedures. Our evaluation shows that by using JoanAudit, security auditors are required to inspect only 1% of the total code for auditing common injection vulnerabilities. The screen-cast demo is available at https://github.com/julianthome/joanaudit. CCS CONCEPTS• Security and privacy → Information flow control; • Software and its engineering → Automated static analysis;

show abstract

FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases

Cited by 26 publications

References 14 publications

Design your analysis: a case study on implementation reusability of data-flow functions

Design your analysis: a case study on implementation reusability of data-flow functions

I'd Like to Have an Argument, Please: Using Dialectic for Effective App Security

JoanAudit: a tool for auditing common injection vulnerabilities

Contact Info

Product

Resources

About