Litcius/Paper detail

An Enhanced Static Taint Analysis Approach to Detect Input Validation Vulnerability

Abdalla Wasef Marashdih, Zarul Fitri Zaaba, Khaled Suwais

2023Journal of King Saud University - Computer and Information Sciences18 citationsDOIOpen Access PDF

Abstract

The detection of feasible paths helps to minimize the false positive rate. However, the previous works did not consider the feasibility of the program paths during the analysis detection of input validation vulnerabilities, which led to false positive results. They also needed to validate the usage of the proper sanitization functions for each context of the user input. Therefore, we proposed an enhanced static taint analysis approach to analyse the source code and track the tainted inputs in the program. It started by examining the source code to find the feasibility of each path in the program. The tainted variables were tracked through the analysis until the sink statement, which executes the tainted variables. An algorithm was built to enhance the static analyzer to handle the variables handling functions in PHP. The proposed approach was evaluated with SARD datasets and large-scale PHP programs. The results indicated that the precision in detecting XSS vulnerability was approximately 44% better than WAP and 26% better than RIPS, and its precision in detecting SQL injection was about 10% better than WAP and 19% better than RIPS. Furthermore, the proposed approach outperformed previous symbolic execution studies regarding the number of detected vulnerabilities.

Topics & Concepts

Taint checkingComputer scienceStatic analysisCross-site scriptingSQL injectionSource codeVulnerability (computing)Data miningContext (archaeology)Statement (logic)Code (set theory)Program analysisProgramming languageComputer securitySoftwareInformation retrievalSet (abstract data type)Search engineWeb serviceWeb application securityWeb developmentWeb search queryBiologyPaleontologyPolitical scienceLawQuery by ExampleWeb Application Security VulnerabilitiesSecurity and Verification in ComputingSoftware Engineering Research
An Enhanced Static Taint Analysis Approach to Detect Input Validation Vulnerability | Litcius