A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
Andromeda: Accurate and Scalable Security Analysis of Web Applications
[chapter]
2013
Lecture Notes in Computer Science
Security auditing of industry-scale software systems mandates automation. Static taint analysis enables deep and exhaustive tracking of suspicious data flows for detection of potential leakage and integrity violations, such as cross-site scripting (XSS), SQL injection (SQLi) and log forging. Research in this area has taken two directions: program slicing and type systems. Both of these approaches suffer from a high rate of false findings, which limits the usability of analysis tools based on
doi:10.1007/978-3-642-37057-1_15
fatcat:vzvyutcwwreaviyips3rd4zlsm