1 Hit in 2.4 sec

FlowTwist: efficient context-sensitive inside-out taint analysis for large codebases

Johannes Lerch, Ben Hermann, Eric Bodden, Mira Mezini
<span title="">2014</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="" style="color: black;">Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering - FSE 2014</a> </i> &nbsp;
This inside-out analysis requires a careful, context-sensitive coordination of both a backward and a forward taint analysis.  ...  In this work we thus present FlowTwist, a novel taintanalysis approach that works inside-out, i.e., tracks data flows from potentially vulnerable calls to the outer level of the API which the attacker  ...  To validate our hypothesis that the inside-out approach is faster and scales better for large codebases than a pure forward taint analysis, we apply both analyses to the confuseddeputy problem.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="">doi:10.1145/2635868.2635878</a> <a target="_blank" rel="external noopener" href="">dblp:conf/sigsoft/LerchHBM14</a> <a target="_blank" rel="external noopener" href="">fatcat:rnqajudkcnb5rbwiisnaqwujoy</a> </span>
<a target="_blank" rel="noopener" href="" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href=""> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> </button> </a>