TC: Small:Automata Based String Analysis for Detecting Vulnerabilities in Web Applications

TC：Small：基于自动机的字符串分析，用于检测 Web 应用程序中的漏洞

• 批准号: 0916112
• 负责人: Tevfik Bultan
• 金额: $ 35万
• 依托单位: University of California-Santa Barbara
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0916112&HistoricalAwards=false
• 关键词: TC; Small; Automata; Based; String

Web applications contain numerous vulnerabilities that can be exploitedby attackers to gain unauthorized access to confidential information andto manipulate sensitive data. Many of these vulnerabilities are due toinadequate manipulation of string variables. String analysis, a techniquethat captures the string values that a certain variable might hold at aparticular program point, can be used to identify such flaws. In thisproject, novel and precise string analysis techniques will be developedusing an automata-based approach that represents possible values of astring variable at a program point as an automaton. Techniques thatsupport path-sensitivity and that enable precise analysis of loops usingautomata-based widening operations will be developed. Basic string analysistechniques will be extended to a composite analysis where relationships amongstring variables and other types of variables can be automatically discoveredand analyzed. The precision of string analysis plays a central role forobtaining good results with static vulnerability detection tools. Theprecise string analysis techniques developed in this project will enableanalysis of programs that cannot be analyzed with existing techniques. Theresults of these improved string analysis techniques will lead to novelsoftware security solutions and detection of novel types of vulnerabilities.

Web应用程序包含许多漏洞，可以通过攻击者利用这些漏洞，以获取未经授权的访问机密信息并操纵敏感数据。这些漏洞中有许多是由于对字符串变量的操纵而造成的。字符串分析（一种技术）可以使用某个变量在公共程序点上可能存在的字符串值来识别此类缺陷。 在此项目中，新颖和精确的弦乐分析技术将通过基于自动机的方法来开发，该方法代表程序点作为自动机的可能值的可能值。 将开发基于Automata的延伸操作的技术，并且可以通过基于Automata的延伸操作来进行支持力的路径敏感性。基本的字符串分析将扩展到复合分析，其中可以自动发现变量和其他类型的变量之间的关系并分析。 字符串分析的精度通过静态脆弱性检测工具赋予了良好结果的核心角色。该项目中开发的Prowise String分析技术将使无法用现有技术分析的程序进行促进分析。这些改进的字符串分析技术的其中将导致NovelSoftware Security Solutions和新型漏洞的检测。