Open AccessProceedings Article
Finding security vulnerabilities in java applications with static analysis
V. Benjamin Livshits,Monica S. Lam +1 more
- pp 18-18
Reads0
Chats0
TLDR
This paper proposes a static analysis technique for detecting many recently discovered application vulnerabilities such as SQL injections, cross-site scripting, and HTTP splitting attacks based on a scalable and precise points-to analysis.Abstract:
This paper proposes a static analysis technique for detecting many recently discovered application vulnerabilities such as SQL injections, cross-site scripting, and HTTP splitting attacks. These vulnerabilities stem from unchecked input, which is widely recognized as the most common source of security vulnerabilities in Web applications. We propose a static analysis approach based on a scalable and precise points-to analysis. In our system, user-provided specifications of vulnerabilities are automatically translated into static analyzers. Our approach finds all vulnerabilities matching a specification in the statically analyzed code. Results of our static analysis are presented to the user for assessment in an auditing interface integrated within Eclipse, a popular Java development environment.
Our static analysis found 29 security vulnerabilities in nine large, popular open-source applications, with two of the vulnerabilities residing in widely-used Java libraries. In fact, all but one application in our benchmark suite had at least one vulnerability. Context sensitivity, combined with improved object naming, proved instrumental in keeping the number of false positives low. Our approach yielded very few false positives in our experiments: in fact, only one of our benchmarks suffered from false alarms.read more
Citations
More filters
Proceedings ArticleDOI
CryptDB: protecting confidentiality with encrypted query processing
TL;DR: The evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL.
Proceedings Article
A study of android application security
TL;DR: A horizontal study of popular free Android applications uncovered pervasive use/misuse of personal/ phone identifiers, and deep penetration of advertising and analytics networks, but did not find evidence of malware or exploitable vulnerabilities in the studied applications.
Proceedings ArticleDOI
Analyzing inter-application communication in Android
TL;DR: This work examines Android application interaction and identifies security risks in application components and provides a tool, ComDroid, that detects application communication vulnerabilities and found 34 exploitable vulnerabilities.
Proceedings ArticleDOI
CHEX: statically vetting Android apps for component hijacking vulnerabilities
TL;DR: This paper proposes CHEX, a static analysis method to automatically vet Android apps for component hijacking vulnerabilities, and prototyped CHEX based on Dalysis, a generic static analysis framework that was built to support many types of analysis on Android app bytecode.
Proceedings ArticleDOI
The essence of command injection attacks in web applications
Zhendong Su,Gary Wassermann +1 more
TL;DR: This paper presents the first formal definition of command injection attacks in the context of web applications, and gives a sound and complete algorithm for preventing them based on context-free grammars and compiler parsing techniques.
References
More filters
Proceedings ArticleDOI
Cloning-based context-sensitive pointer alias analysis using binary decision diagrams
John Whaley,Monica S. Lam +1 more
TL;DR: This paper presents the first scalable context-sensitive, inclusion-based pointer alias analysis for Java programs, and develops a system called bddbddb that automatically translates Datalog programs into highly efficient BDD implementations.
Book
Writing Secure Code
TL;DR: The first book that focuses on programming secure applications in general instead of covering security for just the Web developer, network administrator, or IT professional is as mentioned in this paper, which provides software designers, architects, developers, and testers the training, theory, and techniques they need to ensure security.
Proceedings ArticleDOI
Finding application errors and security flaws using PQL: a program query language
TL;DR: This paper presents a language called PQL (Program Query Language) that allows programmers to express such questions easily in an application-specific context and develops both static and dynamic techniques to find solutions to PQL queries.
Journal ArticleDOI
A static analyzer for finding dynamic programming errors
TL;DR: A compile‐time analyzer that detects these dynamic errors in large, real‐world programs, and provides valuable contextual information to the programmer who needs to understand and repair the defects.
Proceedings Article
Detecting format string vulnerabilities with type qualifiers
TL;DR: A new system for automatically detecting format string security vulnerabilities in C programs using a constraint-based type-inference engine and new techniques for presenting the results of such an analysis to the user in a form that makes bugs easier to find and to fix are presented.