Andromeda: Accurate and Scalable Security Analysis of Web Applications

Tripp, Omer; Pistoia, Marco; Cousot, Patrick; Cousot, Radhia; Guarnieri, Salvatore

doi:10.1007/978-3-642-37057-1_15

Cited by 105 publications

(90 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…PiOS [16] uses program slicing and reachability analysis to detect the possible privacy leaks in iOS apps. TAJ [43] and Andromeda [42] uses the same taint analysis technique to identify privacy leaks in web applications.…”

Section: Related Workmentioning

confidence: 99%

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

Bartel

Bissyandé³

et al. 2015

2015 IEEE/ACM 37th IEEE International Conference on Software Engineering

390

360

View full text Add to dashboard Cite

Abstract-Shake Them All is a popular "Wallpaper" application exceeding millions of downloads on Google Play. At installation, this application is given permission to (1) access the Internet (for updating wallpapers) and (2) use the device microphone (to change background following noise changes). With these permissions, the application could silently record user conversations and upload them remotely. To give more confidence about how Shake Them All actually processes what it records, it is necessary to build a precise analysis tool that tracks the flow of any sensitive data from its source point to any sink, especially if those are in different components.Since Android applications may leak private data carelessly or maliciously, we propose IccTA, a static taint analyzer to detect privacy leaks among components in Android applications. IccTA goes beyond state-of-the-art approaches by supporting intercomponent detection. By propagating context information among components, IccTA improves the precision of the analysis. IccTA outperforms existing tools on two benchmarks for ICC-leak detectors: DroidBench and ICC-Bench. Moreover, our approach detects 534 ICC leaks in 108 apps from MalGenome and 2,395 ICC leaks in 337 apps in a set of 15,000 Google Play apps.

show abstract

Section: Related Workmentioning

confidence: 99%

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

Bartel

Bissyandé³

et al. 2015

2015 IEEE/ACM 37th IEEE International Conference on Software Engineering

390

360

View full text Add to dashboard Cite

show abstract

“…Much more sophisticated abstractions exist, in which facts can, for instance, model aliasing through sets of access paths [25] or even the abstract typestate of combinations of multiple objects [13]. The IFDS framework itself, however, is oblivious to the concrete abstraction being used; the abstraction is a free parameter to the framework.…”

Section: Overview Of the Ifds Frameworkmentioning

confidence: 99%

“…Tripp et al [25] efficiently update data-flow results by replacing the whole-program control-flow graph and pointer analysis with local information computed on demand during the taint propagation. This removes the need of recomputing these data structures when the target changes.…”

Section: Related Workmentioning

confidence: 99%

Reviser: efficiently updating IDE-/IFDS-based data-flow analyses in response to incremental program changes

Arzt

Bodden

2014

Proceedings of the 36th International Conference on Software Engineering

View full text Add to dashboard Cite

Most application code evolves incrementally, and especially so when being maintained after the applications have been deployed. Yet, most data-flow analyses do not take advantage of this fact. Instead they require clients to recompute the entire analysis even if little code has changed-a time consuming undertaking, especially with large libraries or when running static analyses often, e.g., on a continuous-integration server.In this work, we present Reviser, a novel approach for automatically and efficiently updating inter-procedural dataflow analysis results in response to incremental program changes. Reviser follows a clear-and-propagate philosophy, aiming at clearing and recomputing analysis information only where required, thereby greatly reducing the required computational effort. The Reviser algorithm is formulated as an extension to the IDE framework for Inter-procedural Finite Distributed Environment problems and automatically updates arbitrary IDE-based analyses.We have implemented Reviser as an open-source extension to the Heros IFDS/IDE solver and the Soot program-analysis framework. An evaluation of Reviser on various client analyses and target programs shows performance gains of up to 80% in comparison to a full recomputation. The experiments also show Reviser to compute the same results as a full recomputation on all instances tested.

show abstract

“…Approaches based on taint analysis [13], [14], [15], [16], [17], [18] and symbolic execution [19], [20] help identify and locate potential vulnerabilities in program code, and thus, could help with the auditor's tasks. Though none of these approaches, except for the work reported in [16], seems to explicitly address XMLi and XPathi, they could be adapted to detect these vulnerabilities.…”

Section: Introductionmentioning

confidence: 99%

“…We define a specific security slicing approach for the auditing of security vulnerabilities in program source code. Like taint analysis, our approach also uses static program analysis techniques, which are known to be scalable [17]. However, our analysis additionally extracts control-dependency information, which is often important for security auditing of input validation and sanitization procedures.…”

Section: Introductionmentioning

confidence: 99%

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities

Thomé

Shar

Briand

2015

2015 IEEE 26th International Symposium on Software Reliability Engineering (ISSRE)

View full text Add to dashboard Cite

Abstract-XML, XPath, and SQL injection vulnerabilities are among the most common and serious security issues for Web applications and Web services. Thus, it is important for security auditors to ensure that the implemented code is, to the extent possible, free from these vulnerabilities before deployment. Although existing taint analysis approaches could automatically detect potential vulnerabilities in source code, they tend to generate many false warnings. Furthermore, the produced traces, i.e. dataflow paths from input sources to security-sensitive operations, tend to be incomplete or to contain a great deal of irrelevant information. Therefore, it is difficult to identify real vulnerabilities and determine their causes. One suitable approach to support security auditing is to compute a program slice for each security-sensitive operation, since it would contain all the information required for performing security audits (Soundness). A limitation, however, is that such slices may also contain information that is irrelevant to security (Precision), thus raising scalability issues for security audits. In this paper, we propose an approach to assist security auditors by defining and experimenting with pruning techniques to reduce original program slices to what we refer to as security slices, which contain sound and precise information. To evaluate the proposed pruning mechanism by using a number of open source benchmarks, we compared our security slices with the slices generated by a state-of-the-art program slicing tool. On average, our security slices are 80% smaller than the original slices, thus suggesting significant reduction in auditing costs.

show abstract

Andromeda: Accurate and Scalable Security Analysis of Web Applications

Cited by 105 publications

References 43 publications

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

IccTA: Detecting Inter-Component Privacy Leaks in Android Apps

Reviser: efficiently updating IDE-/IFDS-based data-flow analyses in response to incremental program changes

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities

Contact Info

Product

Resources

About