Taint propagation path analysis based on program dependency

科研成果: 书/报告/会议事项章节会议稿件同行评审

1 引用 (Scopus)

摘要

Taint propagation path analysis is an important pre-processing part to software vulnerability detection. This paper presents a static taint propagation path analysis method based on program dependency. After transforming the source code to the SSA (Static Single Assignment) form, we make a program dependency analysis, which consists of data dependency analysis within basic blocks, control dependency analysis between basic blocks, and Phi function dependency analysis. In particular, the branch control variables calculation from control dependency analysis and Phi function dependency analysis can transform the dependency between basic blocks into dependency between variables. As a result, we obtain the global program variable dependency graph, based on which, we can further find taint propagation paths through marking tainted data.We have implemented the method on the LLVM (Low Level Virtual Machine) compiler, and the experiment results show its validity.

源语言英语
主期刊名Future Communication, Information and Computer Science - Proceedings of the International Conference on Future Communication, Information and Computer Science, FCICS 2014
编辑Dawei Zheng
出版商CRC Press/Balkema
159-164
页数6
ISBN(印刷版)9781138026537
DOI
出版状态已出版 - 2015
活动International Conference on Future Communication, Information and Computer Science, FCICS 2014 - Beijing, 中国
期限: 22 5月 201423 5月 2014

出版系列

姓名Future Communication, Information and Computer Science - Proceedings of the International Conference on Future Communication, Information and Computer Science, FCICS 2014

会议

会议International Conference on Future Communication, Information and Computer Science, FCICS 2014
国家/地区中国
Beijing
时期22/05/1423/05/14

指纹

探究 'Taint propagation path analysis based on program dependency' 的科研主题。它们共同构成独一无二的指纹。

引用此