通信工程、自动化技术 |
|
|
|
|
基于静态信息流跟踪的输入验证漏洞检测方法 |
万志远, 周波 |
浙江大学 计算机科学与技术学院,浙江 杭州 310027 |
|
Static information flow tracking based approach to detect input validation vulnerabilities |
WAN Zhi-yuan, ZHOU Bo |
College of Computer Science and Technology, Zhejiang University, Hangzhou 310027, China |
[1] CHESS B, WEST J. Secure programming with static analysis [M]. Boston: Wesley, 2007.
[2] DENNING P J. Certification of programs for secure information flow [J]. Communications of the ACM, 1977, 20(7): 504-513.
[3] SHANKAR U, TALWAR K, FOSTER J, et al. Detecting format string vulnerabilities with type qualifiers [C]∥ Proceedings of 10th USENIX Security Symposium. Berkeley: USENIX, 2001.
[4] MYERS A. JFlow: practical mostly-static information flow control [C]∥ Proceedings of the ACM Symposium on Principles of Programming Languages. New York: ACM, 1999.
[5] LIVSHITS B, LAM M. Finding security vulnerabilities in Java applications with static analysis [C]∥ Proceedings of 14th USENIX Security Symposium. Baltimore: USENIX, 2005.
[6] TRIPP O, PISTOIA M, FINK S J, et al. TAJ: effective taint analysis of web applications [C]∥ Proceedings of ACM Conference on Programming Language Design and Implementation. Dublin: ACM, 2009.
[7] OWASP Top 10. 2014-03-21. https:∥www.owasp.org/index.php/Top_10_2013-Top_10.
[8] KILDALL G A. A unified approach to global program optimization [C]∥ Proceedings of the ACM Symposium on Principles of Programming Languages. New York: ACM, 1973.
[9] GRTZER G. Lattice theory: first concepts and distributive lattices [M]. San Francisco: Freeman, 1971.
[10] 张鸣华.半格基础上的数据流分析[J].计算机学报,1980(04): 309-320.
ZHANG Ming-hua. Dataflow analysis with semi-lattice [J]. Chinese Journal of Computers, 1980(04): 309-320.
[11] RAMALINGAM G. The undecidability of aliasing [J]. ACM Transactions on Programming Languages and Systems, 1994, 16(5): 1467-1471.
[12] ANDERSEN L O. Program analysis and specialization for the C programming language [D]. Denmark: University of Copenhagen, 1994.
[13] BRAVENBOER M, SMARAGDAKIS Y. Strictly declarative specication of sophisticated points-to analyses [C]∥ Proceedings of the 24th ACM SIGPLAN Conference on Object Oriented Programming Systems Languages and Applications. New York: ACM, 2009.
[14] FindBugsTM-Find Bugs in Java Programs. 2014-03-21. http:∥findbugs.sourceforge.net/.
[15] Stanford SecuriBench. 2014-03-21. http:∥suif.stanford.edu/~livshits/securibench/.
[16] ANDREW W A, JENS P. Modern compiler implementation in Java [M]. Cambridge: Cambridge University Press, 2002.
[17] VOLPANO D, IRVINE C, SMITH G. A sound type system for secure flow analysis [J]. Journal of Computer Security, 1996, 4(2/3): 167-187.
[18] FOSTER J, FAEHNDRICH M, AIKEN A. A theory of type qualifiers [C]∥ Proceedings of ACM Conference on Programming Language Design and Implementation. New York: ACM, 1999.
[19] HUANG Y, YU F, HANG C, et al. Securing web application code by static analysis and runtime protection [C]∥ Proceedings of the 12th International World Wide Web Conference. New York: ACM, 2004.
[20] PISTOIA M, FLYNN R J, KOVED L, et al. Interprocedural analysis for privileged code placement and tainted variable detection [C]∥ Proceedings of the 19th European Conference on Object-Oriented Programming. Glasgow: Springer, 2005.
[21] GUARNIERI S, PISTOIA M, TRIPP O, et al. Saving the world wide web from vulnerable JavaScript [C]∥ Proceedings of the 20th International Symposium on Software Testing and Analysis. New York: ACM, 2011.
[22] SRIDHARAN M, ARTZI S, PISTOIA M, et al. F4F: taint analysis of framework-based web applications [C]∥ Proceedings of the 2011 ACM International Conference on Object Oriented Programming Systems Languages and Applications. New York: ACM, 2011.
[23] JOVANOVIC N, KRUEGEL C, KIRDA E. Pixy: a static analysis tool for detecting web application vulnerabilities [C]∥ Proceedings of IEEE Symposium on Security and Privacy. Berkeley/Oakland: IEEE, 2006.
[24] 黄强,曾庆凯.基于信息流策略的污点传播分析及动态验证[J].软件学报,2011, 22(9): 20362048.
HUANG Qiang, ZENG Qing-kai. Taint propagation analysis and dynamic verification with information flow policy [J]. Journal of Software, 2011, 22(9): 2036-2048.
[25] WHALEY J, LAM M. Cloning-based context-sensitive pointer alias analysis using binary decision diagrams [C]∥ Proceedings of ACM Conference on Programming Language Design and Implementation. New York: ACM, 2004. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|