Lecture notes in computer science, Год журнала: 2024, Номер unknown, С. 225 - 245
Опубликована: Дек. 14, 2024
Язык: Английский
Journal of King Saud University - Computer and Information Sciences, Год журнала: 2023, Номер 35(2), С. 682 - 701
Опубликована: Янв. 13, 2023
The detection of feasible paths helps to minimize the false positive rate. However, previous works did not consider feasibility program during analysis input validation vulnerabilities, which led results. They also needed validate usage proper sanitization functions for each context user input. Therefore, we proposed an enhanced static taint approach analyse source code and track tainted inputs in program. It started by examining find path variables were tracked through until sink statement, executes variables. An algorithm was built enhance analyzer handle handling PHP. evaluated with SARD datasets large-scale PHP programs. results indicated that precision detecting XSS vulnerability approximately 44% better than WAP 26% RIPS, its SQL injection about 10% 19% RIPS. Furthermore, outperformed symbolic execution studies regarding number detected vulnerabilities.
Язык: Английский
Процитировано
9
2022 IEEE Symposium on Security and Privacy (SP), Год журнала: 2024, Номер unknown, С. 166 - 184
Опубликована: Май 19, 2024
Язык: Английский
Процитировано
2
2022 IEEE Symposium on Security and Privacy (SP), Год журнала: 2023, Номер unknown, С. 1059 - 1076
Опубликована: Май 1, 2023
Taint-style vulnerabilities, such as OS command injection and path traversal, are common severe software weaknesses. There exists an inherent trade-off between analysis scalability accuracy in detecting vulnerabilities. On one hand, existing syntax-directed approaches often make compromises the on dynamic features like bracket syntax. other abstract interpretation faces issue of state explosion domain, thus leading to a problem.In this paper, we present novel approach, called FAST, scale vulnerability discovery JavaScript packages via approach that relies two new techniques, bottom-up top-down interpretation. The former abstractly interprets functions based scopes instead call sequences construct edges. Then, latter follows specific control-flow paths prunes program skip statements unrelated sink. If end-to-end data-flow is found, FAST queries satisfiability constraints along verifies exploitability reduce human efforts.We implement prototype evaluate it against real-world Node.js packages. We show able find 242 zero-day vulnerabilities NPM with 21 CVE identifiers being assigned. Our evaluation also shows can applications NodeBB popular frameworks total.js strapi finding legacy no prior works can.
Язык: Английский
Процитировано
5
Опубликована: Июль 7, 2024
Язык: Английский
Процитировано
1
arXiv (Cornell University), Год журнала: 2023, Номер unknown
Опубликована: Янв. 1, 2023
The emergence of quantum computing raises the question how to identify (security-relevant) programming errors during development. However, current static code analysis tools fail model information specific computing. In this paper, we and propose extend classical accordingly. Among such tools, Code Property Graph be very well suited for task as it can easily extended with information. For our proof concept, implemented a tool which includes from world in graph demonstrate its ability analyze source written Qiskit OpenQASM. Our brings together world, enabling across both domains. By combining all relevant into single detailed analysis, powerful facilitate tackling future challenges.
Язык: Английский
Процитировано
3
2022 IEEE International Conference on Quantum Computing and Engineering (QCE), Год журнала: 2023, Номер unknown, С. 1013 - 1019
Опубликована: Сен. 17, 2023
The emergence of quantum computing raises the question how to identify (security-relevant) programming errors during development. However, current static code analysis tools fail model information specific computing. In this paper, we and propose extend classical accordingly. Among such tools, Code Property Graph be very well suited for task as it can easily extended with information. For our proof concept, implemented a tool which includes from world in graph demonstrate its ability analyze source written Qiskit OpenQASM. Our brings together world, enabling across both domains. By combining all relevant into single detailed analysis, powerful facilitate tackling future challenges.
Язык: Английский
Процитировано
2
2022 IEEE Symposium on Security and Privacy (SP), Год журнала: 2024, Номер 2023, С. 296 - 311
Опубликована: Май 19, 2024
Язык: Английский
Процитировано
0
Lecture notes in computer science, Год журнала: 2024, Номер unknown, С. 225 - 245
Опубликована: Дек. 14, 2024
Язык: Английский
Процитировано
0